Matrix, Sphinkx, WG, Hetzner, pwnat, RPi, Status.im

  1. Matrix more bugs, yet minimal impact. Reported: - When last message isn't available, room is shown as unread. - https://github.com/vector-im/element-web/issues/18141 - (@ GitHub).

  2. Transmission queue feature totally sucks. How about storing the queue order and state with all the details, when client is closed? And even when the state changes in any meaningful way. Because the Transmission BT client doesn't store queue state and order properly, which is extremely annoying. I've confirmed it several times. When stuff is in queue, client is closed and restarted, even if the sort order on screen is the queue order, it's totally messed up, and the queue is re-ordered to some initial order. If I re-order the queue to my preferences, close client (gracefully!) and restart it, queue is messes again. Duh!

  3. Sphinx Mix Network Cryptographic Packet Format Specification (@ katzenpost.mixnetworks.org ) - I liked the design, it's time for more good Mixnets to come out and hopefully gain some popularity. Tor is strongly over presented and it's drawbacks are well known.

  4. Investigated some complex data integrity issues, and found out that basic cross checks were missing. Cross checks are usually totally useless, those just re-check that something what is logic and should be in place, is like it's supposed to be. When things are working correctly, those are waste of resources. But when things aren't working correctly, then it's essential to have these cross checks that help to catch the integrity issues as early as possible.

  5. Checked out Keyoxide open source decentralized identity verification platform.

  6. While debugging some retro stuff I had to remind my self how SMTP AUTH LOGIN method works, base64 "encryption", funny. Quite similar to basic authentication.

  7. Update: NYM Platform (@ nymtech.net ) Anonymity Network for the "The Next Generation Of Privacy Infrastructure" seems to be answering many of the issues mentioned earlier in the privacy preserving chat app discussion. These pretty much follows the concepts I were thinking about, including designs of Loopix and Panoramix.

  8. Link to the two earlier posts + Update those links with this stuff.

  9. Wrote a WireGuard (@ Wikipedia) vanity key generator for friends, now it's easy to generate keys which are easily identifiable without additional documentation. Meaning it generates WireGuard public keys with a specific prefix and or suffix.

  10. I'm mostly Linux guy, but some times I'll do generic Windows tasks, because those have something I'm good at it. This time I created and reviewed code signing (@ Wikipedia) procedures for one project. After all it was surprisingly simple and easy. Generally I sign stuff with SSH or GPG. But this time it was using Microsoft Authenticode. I immediately ignored the old SDK crypto stuff and went straight for the modern PowerShell approach. Using generally trusted CA root. See: Set-AuthenticodeSignature (@ learn.microsoft.com), Get-AuthenticodeSignature, SignerCertificate: ... Status: Valid, Hash: sha256 with time-stamping.

  11. Long long lovely discussions about IPv4 address pricing with Hetzner. Still laughing about the discussions, some people seem just so stuck with IPv4, nor they understand why IPv6 is needed. Duh!

  12. pwnat (@ samy.pl ) - Very nice hackery! - Even more ways working around pains of CGNAT / NAT. Very nice indeed. Of course not optimum solution, but one which works, when there are no other options. Yet, this doesn't take into account situations when CGNAT is using bit pool of out going addresses, which probably is one of the cases where it fails. Because NAT can be implemented and configured in so many different ways. But totally lovely, when it works.

  13. Been helping some friends to setup Raspberry pies with lot of custom setup and other friends trying to learn Node.js and to use HubSpot extensions. It's always as fun and horrible to see how hard it is and how much trouble and what kind of mistakes they do. Well, that's what the learning usually is. I'm at the same time cringing, frustrated and partially laughing, that fail, yep, everyone tries that at least once, but it doesn't work that way. Running commands in wrong paths, etc, because not enough familiar with CLI and so on, messing up SSH keys, and the list goes on. But it's nice to see that learning some things is always as hard, for everyone.

  14. Move to next post: Status.im (@ status.im ) quite interesting project, yet I generally dislike the integration of crypto wallet. Otherwise I've got no opinion, yet it says decentralized and encrypted, which could mean without specific details basically anything.

2022-10-23