Blog‎ > ‎

QRcode, Privacy Shield, Crypto, Python3, RTC, Zeronet, SSH, BigData, GoingDark, CyberCrime, IPv6

posted Jun 27, 2016, 10:18 PM by Sami Lehtinen   [ updated Jun 27, 2016, 10:19 PM ]
  • Had a long silly discussion about 'Encrypted QR codes'. Well QR codes are just data. It's up to you what kind of data you're storing, and how it's being obfuscated, encrypted, signed and verified, etc.
  • Checked out EU-US Privacy Shield at general level.
  • Excellent article Breaking homegrown crypto - Yes, that's why you shouldn't build your own, even if it sounds like really good idea at times. Eh. - Yet once again, as long as the encrypted payload is short enough compared to the random key, so it remains nearly OTP, it doesn't matter. But that illusion breaks very quickly when key entropy or length is being reduced.
  • Still got blog backlog for almost two years. Maybe I'll need to make a mega dump post during summer or some vacation when I got time for that. (I'm actually doing that right now)
  • Cinia finally announced that 144 Tbit/s fiber is now commercially available between Helsinki and Frankfurt.
  • Even Microsoft says Python 3 rocks.
  • Linux prefers UTC RTC and Windows prefers Local Time. Yet I prefer always UTC, because it's so easy to miserably fail doing stuff when you don't realize some logs use different time zone or something like that. UTC only please and Unix timestamps (Unix time, POSIX time, Epoch time).
  • Quickly checked out zeronet.io. It's an interesting concept, but no time to dig deeper. Shortly: Anonymous, Offline, Peer-to-Peer, Simple. Own domains, No hosting, No passwords, Dynamic Content. Sounds like a paranoid hacker nerd dream. Quite Sweet? Of course utilizing popular: Bitcoin cryptography and BitTorrent network.
  • Nice article SSH Best practices. Yep, nothing new there. But very good read if you don't feel like knowing it all already.
  • Dark Side of Big Data. - An excellent article. These are good questions. Is big data liability or asset? What if data leaks and/or is being abused, etc.
  • Excellent related reading: Going dark: online privacy and anonymity for normal people.
  • Looking for a data center place in Finland? Here's a site and maps for you.
  • Online Cyber Crime Preventation and awareness by Europol. Nothing new there either, but if you're not familiar with the topic, just go and check it out. Maybe you'll learn something useful.
  • Reported Bottle.py web framework issue when setting cookies with redirect (303) response with uWSGI. Report here. Yet this problem doesn't arise when using Bottle.py's internal dev web server. Therefore I don't know if the root cause is on uWSGI's or Bottle.py's side. Unfortunately I weren't interested enough to debug that. I think it worked with older uWSGI & Bottle.py but when I upgraded both something went awry.
  • Helped a friend who had serious IPv6 issues. Ha, he had the same MLD issue I were running earlier into. When using neighborhood discovery everything worked, but when router updated it's MAC / IP mapping tables using MLD it failed and router started to tell that there's no route. Yet it seems that ICMP things like ping can still trigger neighborhood discovery and after that TCP / UDP starts to work again. All this can be fixed using either of two methods. First, change router to use neighborhood discovery instead of MLD and or allow MLD on all clients so those respond to requests properly.