Filezilla IPv6, CSP, Projects, Citizen eMail, Serverless, Tor

  • Moar crappy code. If IPv6 address is given without brackets [] to Filezilla Client, it says "Invalid port given. The port has to be a value from 1 to 65535.". Well, my port number is 22. I think the error message is example of the bs some applications are pushing to users to mislead them. How about showing a tip that IPv6 address should be in brackets? Or not requiring the brackets in the very first place, when there's clear host field. DNS name can't contain : so it should be pretty obvious it's IPv6 address.
  • Integration project iteration and development speed vary drastically. I just finished one SAP integration in three days. I wrote code based on specification best I could and then we run about 5 iterations with test data set, and I immediately fixed all reported issues and updated software and rerun the data set. All it too from specification to production was three days. When there's the right team to start with.
  • IoT_Reaper overview - Nice overview. But as far as I can see, that's just like any other program. Nothing special there. This one just happens to be a worm exploiting unpatched IoT devices. And results are exactly what you would expect from that. Because nobody bothers to upgrade firmware / software for their IoT stuff.
  • Had some discussion with colleagues about SMR drives. They claim those are useless. I said those have been working very well for incremental backups, where the drive content is overwritten less than once / year. Even in those cases, the new data is stored on arrival on normal drives and then asynchronously moved to SMR drives. So even if backups run during during night, there's full 24 hours per days for those to be moved to SMR storage. Haven't seen any problems with that approach. It's just so unfortunate that there's lot of program code which is inherently very inefficient and doesn't optimize storage output and so on. If you're using flash drive with large erase block size and poor random write performance, this becomes also very evident. When writing quite trivial set of data starts taking more than 15 minutes, instead of a few seconds, you'll know that there's something wrong with the write patterns.
  • Content Security Policy and related Referrer Policy. Quite relaxed referrer policy added: "Referrer-Policy: strict-origin-when-cross-origin".
  • Someone made interesting document "Cluster Allocation Strategies of the ExFAT", but unfortunately the content doesn't seem to be freely available. Sigh.
  • Making key decisions. Sometimes it's ridiculous how people assume that something would become ready, when they actively refuse to make key decisions. Like you're doing bathroom renovation and actively refuse to tell what kind of tiles you want. Well, there are about two options. Either you'll tell, or we'll make the decision. And if we make the decision, you'll pay for it, and if you want it to be changed later, you'll pay more for it. So how about not trying to evade key questions and giving the answers?
  • National secure citizen email project is getting forward. And should be usable before Xmas 2017. You can opt for email notifications or use specific secure email app to receive the messages. To access the secure email you can use your strong electronic identification codes, bank ID, European ID-card or mobile authentication.
  • The Register said, what I've been thinking. "Lambda and serverless is one of the worst forms of proprietary lock-in we've ever sent". Yes. That's exactly why I'm using dedicated / VPS boxes for some of my projects. No matter what happens, I can launch new instance on "any" provider or even my own hardware in short time if required. All options are open and platform is very quickly deployed, in case it needs to move.
  • Tor: Next Generation Onion Services. Nice, very nice indeed. Also see: Tor Rendezvous Specification - Version 3. I like the new HSDir format, which ciphers away service descriptors, using client authorization. Making it easier and safer to create hidden, hidden services, hah. Usage of ed25519 and x25119 and SHA-3 and SHAKE-256 are also nice improvements. Well written document, I liked the samples about HSDir periods and when keys are republished and how clients know which key is the right one, etc. The addition of hidden service control port is also nice.

2019-03-10