Logic, Config, Quantum Break, You.com, Element

1. I know, I'm annoying guy, when I require some sane logic, and that stuff wouldn't be seriously broken. Luckily 99% of people don't miss logic or correct functionality, or bother to mention lack of it.

2. Error messages, today I improved one of my own projects. When I figured out that unexpected error handling (uh oh, actually lack of it) happened when essential configuration file was missing. Program resumed operation surprisingly far before it triggered strange error in unexpected place. I immediately felt ashamed, because the program didn't give clear and user understandable error message. But flashed user with a truncated stack trace and whining about database connection object being Null. I actually thought that complete lack of configuration file would trigger file not found exception when loading the config. But that's not the case. Now I validate the configuration file content before the program resumes. But it seems that they're working to fix these issues. Matrix development is just so slow, that it'll probably takes years. Just like the data hygiene discussions, which have been open for ages. And there was a solution, which got rolled back and now there hasn't been a solution for years. - TL;DR; ? Matrix causes now and will cause headache even in future.

3. The Chinese Have Not Broken Modern Encryption Systems with a Quantum Computer (@ forbes.com) - Not surprising at all. My comment based on the initial news was: "I can break RSA-4096 with paper and pen. But it's classified and I can't tell any details how I do it."

4. NIST IR 8547 "Transition to Post-Quantum Cryptography Standards" bans many traditional public key algorithms because those are insecure. Surprising or not? Not really? There's been so much talk about Post-Quantum encryption and the risks are known and technology is progressing. Well, exact details are still being evaluated by the experts, but this gives clear indication what's going to happen, sooner or later anyway. Better to be prepared now. These old public key algorithms are currently known to be vulnerable to quantum computers using the Shor's algorithm (@ Wikipedia). And post-quantum cryptography (PQC) (@ Wikipedia) instead of it. 

5. You.com and web interfaces. I'm still wondering where these so called developers come from. Login process is totally broken. After you click logout, you're still logged in and even the sign-in button is broken. In the settings page the option to disable privacy mode doesn't activate the save button. Ok, I assume on of switches do not require pressing save, but then the save button is at wrong location. It's at the end of the form. If it's about the personalization prompt, then the should be right below the input field, not at the end of the form. Etc. Now problem is that if you flip a few switches and then try to save, the save button is disabled. And the image generation page issues I've mentioned earlier etc. - Sign. I guess they don't eat their own dog food. So many small "stupid" flaws clearly indicate that. Making users wondering what kind of major flaws they've got hidden, because they don't clearly pay any attention to details. - It doesn't always mean that, but it still unfortunately very often does. - Some key cookies expire, and aren't properly refreshed, they've been fixing this lame flaw for several months, etc. 

6. Element X - Elements encryption gets totally freaking effed up if you don't use the cross-sign option to login. And then, take the next wild guess. Does Element X support cross signing?! Well, of course it doesn't! Then people praise how great client it is, even if totally and absolutely mandatory security features are totally broken. Yet, of course it does work fine, if you never use any encrypted chats. But if you're looking for completely unencrypted chat with juicy metadata why to use Matrix / Element at all?

2025-05-18