Matrix, Teams, Spam (GPG), fsync, LUKS
Even more Matrix bugs, again, Android App state is broken, it can receive messages, but can't send any. There's retry button, you can press it as much as you like, it never does anything else than waits for a good while. But in the Rick'n'Morty style ... I think I've got it. They've hired Cenobites (yes, I also know the original reference context of course) to write the code, and the ultimate purpose is to make the users to suffer as much as possible, but making the app as frustrating to use as possible? App needs to be just so broken, people would like to use it, but it needs to be so broken, it's constant suffering. I think I've said this about many other programs and platforms as well. It needs to be balanced. - Yet another bug, the message authentication codes (MAC) are failing in some situations and signatures can't be verified. Even in cases, where it's absolutely clear, that the signature verification should be successful. Aah, what software quality? Can we eat quality?
Microsoft Teams, it seems that when you post something to chat in offline mode, the text parts are stored and sent when network connection is available, but if the message contains mixed content, ie image and text, the image is lost. Haha, so classic, even more quality. It's just wonderful how these two Teams (pun intended) manage to make such a delightful user experience.
Tested Fractal, native Matrix client for Linux. Liked it, it's very welcome that there will be more clients. Yet many clients aren't that good, and it's huge problem when technology like Matrix and it's clients like Element are being developed all the time, for the alternate projects to follow up. It would be awesome if tails Pidgin setup would include a Matrix plugin.
In long spam prevention discussion I brought again the point up, that I haven't ever received encrypted spam, even if all information is publicly available. I've got two addresses, one which requires that message is encrypted to my key, and second address which requires that the message is signed with a key I trust. But the first check is the primary spam prevention measure. Someone asked how I'm able to do that, just: "gpg --no-keyring --keyid-format=long --list-packets " and then you can verify that your sub encryption key and or public keyid / full fingerprint are present using procmail. Actually for that light pre-check you don't even need the actual keys on the server pre-screening the actual messages. It was one of my requirements, I want to be able to filter messages, without using my actual keys for that. And that does the job perfectly. Of course full proper validation is done later, if the message passes the pre-screening.
Someone said that fsync syncs whole file, no that's not true. I immediately expected that it was disinformation, because it would mean bad performance for operations like single database file, which contains everything in a single file. As expected this is good old stuff: "sync_file_range", and it allows to fsync range of bytes, as expected. So you can write to file, and just fsync part of it. Of course in general, I don't do that, I'll just use multiple files if required and then fsync the journal / state files if and when required, leaving temp files out of the sync operation.
Lots of tuning with one system which utilizes LUKS volumes a lot. System crashed and it was necessary to fsck all the volumes which were mounted during the crash. Luckily none of the volumes got actually corrupted or had any file system issues. Thank you, ext4 journaling.
Checked out Revolt.Chat (@ revolt.chat ). Awesome Mattermost / Slack clone, naturally free and open source and free to self-host. It doesn't do federation like Matrix, but it's totally excellent for closed active communities. Of course when bot support is ready, it allows bridging using bots, if necessary. But that's not the main use case.
ProtonMail got busted from Logging Users IP addresses and giving those to law enforcement, even if they say, they don't maintain logs. Interesting. Classic trap, no logs means, well, that we do have logs, but we restrict your access to the logs (?!?). But is that no logs then, no?