Dead drops, Postgres, SaaS, Cybersecurity, SMR, SSH, RAID, MFP

1. A friend showed me quite interesting device: Solar Powered IoT Bluetooth Low Energy (BLE) Device with substantial storage capacity. This is pretty perfect dead drop, because WiFi dead drops require power or battery. But BLE devices got so low power requirements, that solar panel is enough. Now the device can be dropped basically anywhere where there's light. No other connections required. As example, it's trivial to drop those in public spaces. If light isn't available, BLE device can be powered for years with small battery. Off the net, just walk by, encrypted communication. Phone just syncs latest group / private posts from the device while passing by.

2. Secure Messaging: Choosing a chat app (was linked to a source which is now gone). A great list of different more or less secure messaging apps and related backgrond & technical analysis.

3. Waiting for PostgreSQL 14 – SEARCH and CYCLE clauses (@ depesz.com) - This is why I can't stop loving PostgreSQL.

4. Interesting post about SaaS pricing, why it's a bad idea to provide a free plan for users. (Yet another site, which is gone before my post is out)

5. Year 2020 cybersecurity review. What has happened and what they're expecting to happen in 2021. Good reading. I did't know that all .fi domains got free secondary anycast DNS from Traficom. That's nice!

6. Got seriously frustrated with SMR drive while updating lots of small files to it, it's 90% slower than normal. Then it got only 50% slower. And finally the backlog of random writes was emptied.

7. Weekend fun: Configuring A-B-C tunneling using SSH so that B is jump host and direct tunnel between A-C is created using A's identity. All configuration is in config file so that ssh C is enough to get logged in. C-B is using #reverse tunnel. No need to open firewalls.

8. Did massive data migration from old servers to new servers. Yet can't provide more details. Now everything is 100% SSD backed and running fast. Also reconfigured everything to get rid of age old cruft which was lingering on some systems. It often feels like nobody wants to do the cleanup. My personal approach is that when I setup new system, I'll only configure what's now necessary, and if required archive the old stuff. There's no point of moving all the junk to the new environment, it's ugly!

9. Studied Synology Hybrid RAID (@ nascompares.com) and how it differs from other traditional solutions. Of course many operating systems also offer many kind of storage pooling like LVM or Dynamic Disk.

10. Watched The Dissident documentary. Nothing new in it. But once again, it clearly shows why does, opsec, comsec and infosec matter so much.

11. Quickly studied 802.11w Management Frame Protection MFP (@ Wikipedia). Yes, of course it's enabled and active.

12. Totally awesome debug story: Uncovering a 24-year-old bug in the Linux Kernel. (@ engineering.skroutz.gr)

13. Microsoft Office, bleep bleep bleep. No more comments. Still broken, and they haven't fixed it. What a nightmare. Probably the single thing which most bleeps me off everyday. I've lost several days probably at least a full week to the Office quality software.

14. Many people say you should encrypt data. But at the very same time, they forget the reality. Encryption is absolutely huge data loss risk for several reasons. Therefore people whom recommend encrypting information should think twice before doing that. - Nobody seems to know why Windows randomly changes EFS key's it's using. That's huge risk and hazard. - Also backing up the key(s) is blocked by Windows, it says that keys can't be backed up. Only sane solution is not to encrypt data, because otherwise you can lose all access to data at any random time. - In general and in most of cases data encryption is a very bad idea.

15. Oh god, I so much hate Excel because it just loves to mangle my data. Sigh! - Yet I believe strongly that I'm not the only one enjoying from this feature. Never Excel CSV, yet now news for most of tech people.

16. Sometimes my mind is kind of blown, when people don't get that streaming or downloading isn't any different. Sure, you can stream very fast and save the data -> downloading. You can download in smallish chunks and play those chunks immediate -> streaming. There is no difference, none at all. Boom...

2022-04-17