Shadowserver, Eavesdropping, BBRv2, BTFS, Tunneling, Disater Recovery

  1. Shadowserver.org (@ shadowserver.org ) spotted their scan from logs. Looks interesting organization, I'll have to create an account to receive reports.

  2. In one case they required all data deliveries to be signed, so those can be verified before further processing. The tool they chose was the OpenSSL (@ OpenSSL ). Ok, that's fine, when it's scripted. but in general if someone says OpenPGP (@ Wikipedia ) is hard to use, I would say that the OpenSSL is even slightly more awkward. Sure you'll get the job done, but it takes a while before you're fluent with OpenSSL. And that's only generating keys, exporting keys, and verifying signatures. We always talk about narrow sector guys, maybe there's OpenSSL guru, who's only job is to deal with OpenSSL.

  3. "Hard Drive of Hearing: Disks that Eavesdrop with a Synthesized Microphone" an "Lamphone: Real-Time Passive Sound Recovery from Light Bulb Vibrations" - All kind of interesting technology proxies. Next question of course is, if that data can be recovered using optics, what about very high frequency radio transmissions? With those even Doppler effect could be enough to leak audio (?). No links, you'll find the original PDF documents very easily.

  4. Nice slide presentation about BBR v2 A Model-based Congestion COntrol Performance Optimizations (@ datatracker.ietf.org ). Drop-in replacement for Reno, CUBIC, DCTCP. Including suitable coexistence behavior Reno, CUBIC. I really like the pacing improvements with shared BDP and ECN based adaption. Btw. There are links in the presentatio nto IETF 104 slides and video as well as IETF 105 slides and video. Measuring max_bw, min_rtt, max_inflight, max_aggregation is also pretty nice.

  5. Read way too long discussion about information freedom and different platforms. Email, Twitter, Matrix, Slack, Teams, RSS and so on. What are the pros and cons with every service. But the ultimate truth is, I still don't get why other than email services ask for email address. It shouldn't be necessary for using more advanced services. It's like when you get a credit card, you'll have to pay member ship fee, which can be only paid in cash. Eh, what?

  6. BTFS (BitTorrent File System) - Allows you to mount BitTorrent (@ Wikipedia ) files or Magnet links Magnet URI scheme (@ Wikipedia ) as a file system using the Fuse. Not really surprising, Just like I've said so many times, anything over anything. When required basics are met, then anything can be transformed into something else. And even if the requirements aren't met, it might still be possible to as example algorithmically reconstruct something, so it is accessible as something which it initially isn't. Layer of abstraction allows all this, and more.

  7. Funny how many layers of tunneling there can be at times. It's just that protocols over or encapsulated inside other protocols. Helped a friend to setup own ASN and transit, but because he's using specific kind of network which is strictly firewalled, there's all kind of trick required to work around that. First there's the local "tunnel" which authenticates uses and encrypts traffic. Then there's GRE tunnel to data center, which encapsulates IPv6 traffic and then there's tunnel to the service provider which actually handles the traffic. And needless to say, he didn't get any IPv4 addresses with reasonable prices, so it's IPv6 ASN only. Only problem with these solutions is that every extra layer and hop, lowers the reliability of the solution. When something goes wrong, then boom. It's a big job to trouble shoot it. Of course it's lot worse if some of the hardware being used breaks down. Re-configuring probably new different hardware for the same job can be really tedious job, even if you would have configuration dumps and proper documentation how it was earlier working. - But hey, that's a good hobby. Why? Why not? I did it, because I can.

  8. Summer training, how to deal with everything, when primary systems are gone, and you're only dealing with the disaster recovery / emergency "digital football" which is the recovery / backup / relocation pack which is being used in case of emergency. And I'm glad to say, everything is working great.

  9. Small side note, if anyone is nerdy enough to wonder why these pages at times got a text box for header and separate box for content and at times everything is in the same text container, the reason is Google Sites. I'm just creating the pages using default template, and it seems that they can't decide how they want the sites to behave by default. On top of that, document saving failed once again. Just so typical, we create reliable cloud services, well, which aren't that reliable after all, and there's random data loss.

2021-08-08