PIN, Preparedness, Gemini Protocol, UpCloud, OVH, Matrix, Units

1. A Security Professional's Adventure with a Digital Sauna Lock - As a responsible for security compliance, I recently encountered an interesting situation with our building's digital sauna control system. We had just been joking at work about people choosing ridiculously simple PINs like 0000 or 1234. - This got me thinking about our sauna's digital access system. Out of curiosity, I decided to test its security. After two standard attempts with common weak PINs mentioned earlier, I noticed something about the keypad layout: It was presented as two lines on the touch screen: ['01234', '56789']. This layout sparked an idea. On my third attempt, I tried the most obvious sequence based on the keypad design: 0123. To no one's surprise and as mild disappointment, the control panel greeted me with a bright green "OK" symbol. - The irony wasn't lost on me - here was a digital security system using possibly the most predictable PIN based on its own interface design. It perfectly exemplified why we emphasize the importance of proper access control configuration. - Even with sophisticated digital security systems in place, they're only as strong as their weakest link - often the human element in setting up default credentials.

2. Out of curiosity I did read all citizen security and preparedness (prepper) documentation for Nordic Countries (Finland, Sweden, Norway, Denmark). All of the guides cover the same key topics, but from slightly different aspect. Topics covered: Basic Supplies, Communication, Heat & Light, Health & Hygiene, Documentation, Tools, Duration, Safety, Community

3. Gemini Protocol (@ geminiprotocol.net) is web getting ridiculously bloated? Here's the fix. Let's bring the simplified protocol and format for delivering actual content, just like Gopher.

4. About UpCloud, I thought what negative I could have to say about them. Well, worst I can come up with, is that their control panel search function was slightly broken. It should search by server name and domain name, but one of those searches was provably broken for a while and they denied it when I filed a report. Yet, it's been fixed since. Another funny story is that I complained about TOTP not working. They said it's ok. It took me a while to implement my own TOTP server side code and realize that my phones clock was actually off. I had turned auto sync off, due to time zone differences. But in hindsight, auto clock sync, and auto timezone aren't the same thing so shame on me. I guess we're at tie / par situation. I don't have anything negative to say about them, after using the service for 10 years and to be honest, that's highest kind of recommendation that you could get. Because as you've seen my posts, I can be really brutal if and when I'm not happy about something. - gg

5. Someone immediately asked in chat, what about other service providers. Well, with OVH, the SBG situation was bad, as we all know, yet they did offer reasonable refund. But it was still really hairy situation. My almost autistic and holistic personal stake about backups being maintained up to date saved me. And some other hosting options they provided did seriously suck. How VPS resources could be so ridiculously over sold that even TCP sessions time out? And about Contabo? Yeah, they do suck for sure (in terms of persistent high performance and high reliability), but to be honest, you'll get what you'll pay for. If you just check what you get for the price, it's awesome. What if there's some downtime? Uh oh, don't worry, it'll get resolved or not, at some point in future. If it won't activate your own DRP and restore the systems to another provider.

6. Completed yearly Matrix protocol client side e2ee key renewal. But as usual, the UX of this process IS bad. Some aspects make me again wonder, if it's intentionally that bad, or if they're just so s..pid that they can't figure any sane way to do it. - Duh! - Another thing is that Element X doesn't even support encryption key verification, which is well, how to say it, major bummer or ultra SuXXoR! - I just connected client, and it complains that key backup is out of sync. No option to sync it and it should be up to date. How to confirm? kw: UX issues.

7. Units, it always causes wonderful feeling of confusion. Some use 512 byte sectors, some use 4096 byte sectors, some use KB (1000 bytes) and some use MB (1000000  bytes) and then we can have M which could be MiB or not and in some cases size is 213 blocks / clusters, which could be like 4096 bytes, or something else. When dealing with this stuff, units are often also misleadingly marked, requiring extreme focus and often testing to figure things out. Ooh. How about 433 pages? Yeah, of course we use 8192 byte pages, or any other page size! Check! Or maybe 1024 byte blocks? - Got sick'n'tired about this. - So, I'll be using using hectobits (@ Wikipedia) (hb) in future for the sake of entropy. - Haha, XKCD (@ Wikipedia) tier stuff.

2025-08-03