Matrix, Keys, Facebook, IPv6, XML, Teams, SHA-256, Java, Finvoice, TLS, ECN

  1. It's pretty clear, that I'm not the only one having the issue with Riot (Element / Matrix) E2EE olm/megolm encryption session key delivery. Yet I've complained about the same problem several times. So even that earlier discussion might be related to my complains. But the case isn't so special, that it wouldn't be a problem for as example users with Tails / Tor, etc. Yet I'm using Riot with my real name and identity, I've got nothing to hide. Riot-Web issue #4104 (@ GitHub).

  2. Tested keys.pub service. Currently it's bit annoying because there's no easy way to use the service, without installing custom client code. Which generally annoys me. Why that's necessary if service is such, it could be well used without any custom code. This is something, I'll use VMs for with isolated networking.

  3. Facebook redesign (@ Engineering.fb.com ) - How they changed the site technically to modernize it. Performance, UX, tech stack, etc. Yes, it's make sense. It's awesome that they've got so much resources and expertise to put into these things. Article didn't talk anything about HTTP/2, H2 streams, etc. Which are next step of optimization, how streams are prioritized etc. So the article was quite light from that perspective.

  4. Spotted massive IPv6 network scans from 240e:f7:4f01::/36 (AS58461 China Telecom HangZhou IDC) they're pinging every IPv6 address and sending SYN to every port / IP combination on my IPv6 / 48 network. Naturally I dropped the routing from their network. I'm just wondering if they'll restart the scan from alternate ASN / network. I even bothered to send email about this, after watching the situation persist for days. Let's see if they say anything. They're also UDP scanning, and sending proper L2TP probes.

  5. Python / XML trap. It seems that if you set field value to 1,. You'll need to set it to str(1) or '1' to actually set value of one. Classic fail, I most likely knew that but forgot while making quick changes to old project. The value is silently dropped without error message.

  6. Way to go, MS Teams is broken, can't login: AADSTS135021: Invalid UserHandle prefix. Well, that's not unexpected. It seems that their pile of sss .... software (?) is broken in so many ways.

  7. SHA-256 animated (@ GitHub) - This great presentation. It clearly and visually shows how the bits are mixed up for the end-result. Of course there's nothing new. Yet, usually you'll start to grasp the details only when you're writing your own implementation from scratch. There are so many levels of understanding. And even if you've written a working implementation from scratch, do you still understand how it really works from the mathematical perspective. So even if you've "done it", it doesn't mean you would truly understand why it works like it does. kw: Hash, digest

  8. I don't get how anyone is using Java anymore. Opening one KVM connection usin JNLP took two hours. And I've even coded Java. For most of people, using Java is total show stopper. I created new VM to deal with that s*t. Nobody wants to touch it even with long pole. Even after two hours it kept failing. So happy it didn't matter. Keep your Java KVM / IPMS.

  9. Enjoyed working with invoicing integration following the: "SFS-EN 16931-1:2017 + A1:2019" and "CEN/TS 16931-2:2017" "Finvoice 3.0" standard. The amount of documentation is nice, several hundreds of pages. Figuring out exactly what needs to be done, isn't so easy after all. This falls just in the category of "complex standards" which I'm not particularly fond of. Standard to solve everything, makes the standard hard for everyone, even when working with simpler use cases. The XSD file alone is 1700 rows. kw: UN/CEFACT XML, UN/EDIFACT / OASIS UBL, ISO 20022 (@ Wikipedia).

  10. Finnish Institute of Meteorology fixed their web site's cipher suites and TLS versio support, after I complained it being inadequate TLS1.0 / DHE-AES-CBC. Now they finally support TLS 1.2 / ECDHE-AES-GCM. I couldn't anymore load their site with my browser, because I've disabled weak protocols.

  11. While debugging slow network traffic, I found out that using ECN (@ Wikipedia) is much more common than I thought. I still miss the good old Source Quench (SQ) ICMP (@ Wikipedia) packets.

  12. Something different? Aerostat (@ Wikipedia).

2021-05-30