Blog‎ > ‎

LXD, Ricochet, OB, RNN, IPv6, ECC, Logjam, Rlite, UnQlite, ChaCha20, Dedup, Ceetah, Bots, 464XLAT

posted May 31, 2015, 3:36 AM by Sami Lehtinen   [ updated May 31, 2015, 3:37 AM ]
Summer vacation weekly post is bit longer than usual.
  • Checked out LXD - It's faster than LXC or OpenVZ vs KVM - And finally a good comparison what it is all about -  - Finally we say Linux Containers
  • Checked out Ricochet - Anonymous metadata-resistant instant messaging that just works
  • Reported a few bugs I found from OpenBazaar project.
  • Fixed over 5000 lines of my old experimental Python 3 code, where I updated whitespace for 1000+ lines to meet PEP8.
  • Great article about unresonable effectiviness of Recurrent Neural Networks (RNN) - KW: Recurrent Neural Networks (RNN) - Long Short-Term Memory (LSTM) - Convolutional neural network
  • Another article about unreasonable effectiviness of Character-level Language Models
  • Just did read article about writing unmaintainable code. - But in reality, it's really marginal part of users who have to deal with code, and so I don't see real point making an effort writing unmaintainable code. Unmaintainability - naming variables? Just write 'prototype code' whatever comes into mind and go with it, there's no need for extra effort. Usually it's writing maintainable code which requires effort. What's more important? Of course runtime error handling. That's what the end users might have to deal with from time to time. Especially when changing system configuration or whenever something changes. Also using generic error handler can save a lot of time. I'm sure you know how annoying and time consuming it is to handle all exceptions and give proper indicative error messages which even might guide to the user to the actual source of the problem and even hint how to fix the problem. That takes lot of your time and also saves lot of end users time. If you want to save your time and waste users time, just use this great generic Python handler. I assume you'll get the point quickly and porting this excellent handler to other languages is trivial. The article also forgot to mention awesomeness of unicode. It provides lot of great variable names like: ڔ ڕ ږ and ϒ ϓ ϔ or maybe you prefer these? ն մ վ և կ Վ Մ Կ of course it should be obvious that all of those are separate characters.  But my personal favorite might be these  ু ূ ৃ ৄ of course the problem here is that after using these unicode characters at least find and replace is going to compared, instead of using always just single letter variables. Back to the topic, here's the 'catastrophic failure' project dump page.
  • Excellent post about Native Mobile Apps versus Mobile Web Sites. - I fully agree that websites should not try to emulate native experience, those are inherently different and trying to imitate something poorly is just poor experience. The quote starting "You destroy basic usability" is just excellent, yes, that's what I'm thinking too. But support for all platforms is just great. I'm also wondering why so many mobile sites are absolutely full of cruft making site loading a lot slower than it would have to be. Also 99,9%+ of apps are junk and I don't have slightest interest installing those. If I can occasionally visit their website which isn't too full of junk, that's great. KW: UX, Mobile, Apps, Applications, Software development, website design, frameworks.
  • I tried to pay my summer vacation trip using credit card. Yet the sites credit card payment system didn't work at all, I didn't even get to the point where I should give my credit card number, their SSL cert was broken and that wasn't the only problem and so on. I really wonder how online stores and services can really afford this kind of super crappy experience. I wonder if they realize at all how much money they're losing? I've seen this happening over and over again and I'm pretty sure this isn't going to be the last time.
  • Ext4 encryption - Native disk encryption for Linux? Without eCryptfs or dm-crypt. Cipher mode: AES-256-XTS, AES-256-CBC+CTS, F2FS flash-oriented filesystem.
  • Elliptic curve cryptography finite field and discrete logarithms - Excellent stuff in the Gentle Introduction to ECC series of posts. Also see: Cloud Flares ECC primer.
  • Rust for Python Programmers - A great article about Rust and Python differences and how to get quickly familiar with Rust if you're alrady an Python programmer.
  • Studied topics of Peer-to-peer lending - and Crowdfunding
  • - Ready secure configurations for many apps like Dovecot, Apache, Ninx, MySQL, Postfix, Exim, PostgreSQL, OpenSSH
  • Logjam - TLS vunerability explained by CloudFlare and another example how abundant serious bugs are.
  • UnQLite - is a in-process software library which implements a self-contained, serverless, zero-configuration, transactional NoSQL database engine. UnQLite is a document store database similar to MongoDB, Redis, CouchDB etc. as well a standard Key/Value store similar to BerkeleyDB, LevelDB, etc.
  • Rlite - Self-contained, serverless, zero-configuration, transactional redis-compatible database engine. rlite is to Redis what SQLite is to SQL.
  • ChaCha20 Cipher @ RFC7539 and Salsa20 - Only quick check, fast quite simple ciphers. Great option for AES. I just wonder why GCM is often ONLY available with AES, it should be of course possible to use it with any other cipher too, it's not AES specific.
  • Noticed that SeznamBot/3.2 (Seznam @ Wikipedia)is using IPv6 protocol address 2a02:598:2:0:0:0:0:1032 to crawl websites. As far as I know, that's the first bot ever I've seen using IPv6 when IPv4 and IPv6 both are available. kw: robots.txt / SEO / bots
  • Friends warned me about spam on all kind of projects. I had to tell them that I'm aware about that problem. Not just junk posts, put PURE spam. Generate by swarms of bots. I know that, because I've had to close down some of my test projects because fighting spam efficiently might require more resources than everything else together. I want to avoid CAPTCHAs as long as possible, because complex registration makes site usability much worse.
  • OpenDedup - Checked out the project as follow up to the log compression (deduplicating long messages) and compresing those efficiently. Yet this project is larger and heavier than what I needed when deduplicating logs. Yet I'll keep this one in mind, if I need serious deduplication at some point.
  • NVM Express - SATA is slow for fastest SSD disks and PCIe disks are usually expensive. Does NVM Express, NVMe, or Non-Volatile Memory Host Controller Interface Specification (NVMHCI) replace it?
  • I wonder if there's a way to transfer user profile easily between GNU Social hubs? Because Load Average is so out-dated I might like to move my profile to other hub? Is there a simply way of doing that? Afaik, there should be.
  • I'm glad to notice that 7-Zip is now running at Digital Ocean and Filezilla at Hetzner. I can't honestly recommend anyone to download anything from malware sites like SourceForge. I'm actually so glad that I made a donation to 7-Zip project.
  • I once dropped a camera, it seemed like being broken, but I wasn't sure. Actually it seemed to operate quite normally, but the display was blank all the time. How do I know if the camera works or not, without the display working? My solution was to take two photos, one of clear sky and another of complex patterns. Because the photo of complex patterns took longer to process & save, I knew the camera was working. If the image processing and saving would have taken about same time, I would know that the image is totally out of focus or the image sensor has been damaged. So I continued to take photos, even if the screen wasn't working. Also my conclusions turned out to be right later.
  • Checked out CloudFlare CDN Knowledge Base and CORS @ Wikipedia
  • Reminded my self about Linux File Descriptors
  • LclBd is now using uWSGI with backlog multiple processes and multi-threading including offload threads. As well as HTTP router to allow clustered backends and load balancing (if ever required). Site is also using CloudFlare, but not because it would require additional caching due to performance reasons. Primary reason is to provide better performance for mobile users via lower round trip times (RTT) if packet loss occurs with their mobile data connection.
  • During summer when you use everything using mobile you'll get new views how well sites are designed. Some are slow some totally broken and some try to offer some BS app which nobody wants to install. It's easy to see which sites fail and which ones rock.
  • Imgur image upload from device failed multiple times, even if other image hosting sites are working perfectly. So much fail!
  • Found two separate bugs from Dolphin Browser. It's just awesome how many buggy applications are out there.
  • Checked out hosting company VersaWeb - They seem to provide really cheap dedicated servers. Unfortunately all of their Cloud servers were sold out. Due to bad website design even the prices weren't visible for soldout services. Bandwidth seem to be really cheap too. Not as cheap as it's at OVH but ridiculously cheap if you compare to Amazon or Google. There's huge variance in the pricing, how much does the bandwidth costs depending where you buy it from.
  • About creating new social networks, even if the market is clearly full: Often it seems that these platforms will find their own (small) circle of people using it. Just like millions of different web forums have done so far. Creating one can be also great opportunity to learn how to build things, even if it's not intended to make revenue directly. That's one of the reasons why I wrote one more experimental project. Just to see how it works out. It might get other users or might not, I don't really care. I'm also often annoyed by the fact how heavy many sites are. Is it really so hard to keep to the bare essentials? Isn't Google+ even considered being a "ghost town" on modern "popular site" standards?
  • Alternative Redis-Like Databases with Python - Excellent post about new Redis like databases which can be easily used with Python.
  • Learning Robots - This is real stuff, not some BS 'smart' things which many companies are selling. When system truly learns you don't need to program it at all. So 'learning' statistical component isn't just a small part of program, it's the whole program and it doesn't need to be written. Only the goal needs to be set, which tells if an attempt is a success or not and if it is better than some other attempt. Like training a dog, u know. Try until it works and then give reward, repeat, maybe bigger reward for better performance or no reward until the performance is better than last time.
  • OVH 'ping bump', Around 50 ms is normal from Finland:
    64 bytes from vps: icmp_seq=3584 ttl=53 time=44.6 ms
    64 bytes from vps: icmp_seq=3585 ttl=53 time=199 ms
    64 bytes from vps: icmp_seq=3586 ttl=53 time=223 ms
    64 bytes from vps: icmp_seq=3587 ttl=53 time=1364 ms
    64 bytes from vps: icmp_seq=3588 ttl=53 time=359 ms
    64 bytes from vps: icmp_seq=3589 ttl=53 time=12766 ms !
    64 bytes from vps: icmp_seq=3590 ttl=53 time=11921 ms !
    64 bytes from vps: icmp_seq=3592 ttl=53 time=10045 ms !
    64 bytes from vps: icmp_seq=3591 ttl=53 time=11053 ms !
    64 bytes from vps: icmp_seq=3593 ttl=53 time=9054 ms
    64 bytes from vps: icmp_seq=3594 ttl=53 time=8046 ms
    64 bytes from vps: icmp_seq=3595 ttl=53 time=7081 ms
    64 bytes from vps: icmp_seq=3596 ttl=53 time=6073 ms
    64 bytes from vps: icmp_seq=3597 ttl=53 time=5066 ms
    64 bytes from vps: icmp_seq=3602 ttl=53 time=54.1 ms
    64 bytes from vps: icmp_seq=3598 ttl=53 time=4079 ms
    64 bytes from vps: icmp_seq=3599 ttl=53 time=3071 ms
    64 bytes from vps: icmp_seq=3603 ttl=53 time=52.5 ms
    64 bytes from vps: icmp_seq=3604 ttl=53 time=44.9 ms
    Most interesting part is that any packets didn't get lost, reply came just bit slowly. Ehh...
  • Optimizing your Python programs for speed - Nothing new I could say. 
  • ITU ICT Facts & Figures [PDF] - Less than 50% of people are using the Internet. There's a great potential for growth.
  • MIT Ceetah - Jumping over obstacles - It's great how robotics is finally advacing. Robotics + Neural Networks (real ones) will get these things far in the future.
  • What's the point of 'fake followers'? I've got two type of followers here. Somewhat nerdy ICT professionals, programming, data centers, ML, AI, robotics, DB, software developers. And then I got the second type, usually young girls posting celebrity junk and viral cute kitten videos. I don't just personally see what's the benefit / point for those fake profiles to follow me? It's also really unlikely that I would follow them back. So what's the gain, how they're making out money from that?
  • Yep, if something is really important, it shouldn't use #internet in the first place. But I have to admit that #netneutrality is really hard concept. Because we all know that even if there should be #neutrality and #equality with many things, that won't be happening anytime soon, if ever. Also in some sense neutrality and equality are discrimination against something else. Some people suggest quotas for quality, but that's discrimination against the people which are on the 'wrong side of the quota'. Even if they would be better suited for the task. Also often people thinking only one side of a problem, haven't formed a complete picture about what it really means what they're supporting. Or they're only incorrectly supporting the cause partially and promoting only that part.
  • Just random thought dump from my comments to one other discussion. This kind of very limited biased thinking is clearly visible with #pirates and many other 'one thing only matters to us' groups.
  • How are these 'killer bots' different from mines? If there is a 'no go' zone, everything moving or living in that zone will be targeted. I'm sure it can be clearly announced so you know you're taking our changes if you decide to enter the zone. Bot could also tase you and wait for backup, if that's more appropriate approach in the situation.
  • GitTorrent a decentralized GitHub - Lacks access control, issues, discussions, wiki, pull requests, comments. Technically it's quite similar how Freenet works, especially the DHT / Key handling part with immutable and mutable keys. All the questions of "distributed consensus" are way too familiar to me.
  • 464XLAT - 464XLAT in mobile networks strategic white paper - IPv6 only could be here much faster than you think. When IPv6 makes breakthrough, who wants to maintain any legacy IPv4 networks? #cgnat #464xlat #clat #mobilenetworks #ipv6migration #dualstack #ipv6only #nat64 #cgnat64 related keyword acronyms: KW: 3GPP 3rd Generation Partnership Project, ALG Application Layer Gateway, CAPEX Capital Expenses, CG-NAT Carrier Grade–Network Address Translation, CLAT Customer-side translator (XLAT), DNS Domain Name System, EPC Evolved Packet Core, E-UTRA Evolved-UMTS Terrestrial Radio Access, FTP File Transfer Protocol, GGSN Gateway GPRS Support Node, GPRS General Packet Radio Service, IPFIX IP Flow Information eXport, LTE Long Term Evolution, MNO Mobile Network Operator, OPEX Operational Expenses, PD Prefix Delegation, PDP Packet Data Protocol, PGW Packet Gateway, PLAT Provider-side translator (XLAT), PPTP Point-to-Point Tunneling Protocol, RA Router Advertisement, RS Router Solicitation, RTSP Real Time Streaming Protocol, SAE System Architecture Evolution, SGSN Serving GPRS Support Node, SIP Session Initiation Protocol, SLAAC Stateless Address Auto-Configuration, SNMP Simple Network Management Protocol, UE User Equipment, UMTS Universal Mobile Telecommunications System