SWSAF, Certbot, LoRaWan, GRPC, f-Strings, UDF, TER

  • I wrote about thoughts regarding Secure Wireless Store and Forward (SWSAF) - Technologies used: Mobile Application (Android for now), Server (Small light Linux), maybe server ass App bit later, Elliptic Curve Cryptography (ECC), End 2 End Encryption (E2EE), WiFi, Bluetooth, Dead drop. Somebody contacted me and I've been checking the source, designing features and implementation on high level as well as testing the application. This is pretty much what I asked for. What it does? Well, it's basically wireless encrypted secure dead drop. Allowing secure communication of the peers. Why? Aren't there secure Internet Apps? Sure there are, but those usually leak very easy to monitor (for some parties) meta data. In this case, it's enough that the people in the group pass by the dead drops vicinity every now and then. When dead drop is in range, data is automatically synchronized. Works well and was fun thing to think about and implement. Allows secure communication between parties whom doesn't seem to have any connections. Application also implements public key ratcheting, new key is generated randomly when connecting dead drop. Yet it's impossible to say when old keys can be destroyed, time can be defined in days. In this case, it's required to obtain fresh keys before messages can be sent to the recipient which public key is too old. ECC keys consume so little storage, it doesn't matter if there's bunch of private keys to be stored. Some people asked if it would be possible to create network, with Tor mesh connectivity. Sure, but that's out of scope, for now. Whole point was to keep it relatively simple, easy to understand and minimizing the attack surface. Yet contrary to how Briar works, in this case no meeting is required to setup the keys. Because often the whole point of using dead drops is to limit exposure.
  • Configured Let's Encrypt Certbot and Python SimpleHTTP server on one server, awesome. It was surprisingly pleasant task. Just reading documentation, few tests and it all worked out without being ... Well, what lot's of stuff way too often is.
  • Cayanne LoRaWAN device marketplace - Nice list of all kind of sensors and IoT stuff available with LoRaWAN connectivity.
  • Yet another Remote Procedure Call protocol GRPC @ Wikipedia.
  • Reminded my self about Python's f-Strings. Yet nothing new in this article. That's how I've been doing it for quite a while. I'm usually using latest released Python version. In the post the usage of \ escapes was bit confusing. If you wnt to use double quotes, why wouldn't ou just place those outside the expression. And if you're using standard string, why you would want to use it in the expression. That sample could have been better. The problem was clear, but the example used for it, didn't make any sense.
  • Excellent intro into: UDF file system format. It goes into naming conventions. Is it free space bitmap or allocation bitmap or unallocated space bitmap. Also Single Allocation Descriptors used with files where dta is "embedded withing FE /EFE block". In some cases it's called inlining (ext4, NTFS), in this case it's called embedding. Yet it seems that exFAT has widely replaced UDF. Especially now when it's possible to license it.
  • It's similar to mutual funds which do not report operational costs at all, which are still directly deducted from the valuation. Fees often do not include some operational costs like trading expenses, etc. As example in Finland most of mutual funds do not report Total Expense Ratio (TER) at all. In Sweden it's called TKA.
  • Something different: Energy returned on energy invested (EROEI). This is classic. In many cases there's new energy innovations, which are mostly scams. Those won't account total overall EROEI value and overall costs and resources invested in the project. As well as all the equipment, used to manufacture the equipment required by the equipment being manufactured. When someone claims that something is 100% renewable, it's almost guaranteed to be a scam and disinformation.

2019-11-24