SNI, Otlook, FTP, NDP, SMF, IO Latency, Infiltration, Tor, Microsoft

  • Had long discussions with colleagues about the SNI and if it's a security issue or not. AFAIK, it isn't. Monitoring sites visited is even easier, if every site got it's own IPv4 address. So in that sense SNI doesn't undermine privacy at all. Yet compare to multi-domain cert, it is worse. But on the other hand often using multi-domain cert doesn't still allow you to disable SNI. So in that sense using multi-domain cert doesn't provide any extra security / privacy anyways. ESNI (Encrypted SNI) is very welcomed improvement.
  • Miraculously Microsoft Outlook has been working lately Ok. I just wanted to say that, because I've posted so many negative thoughts. Currently I'm not having any major issues with Outlook. Which is exactly as things should always be.
  • I asked if it's possible to add integrity check and or to switching from plain-text FTP to HTTPS using valid cert Answer was that it's almost impossibly complex and hard. Yep, for some people some stuff is hard and for others it's trivial. Been there and done that.
  • "ARP for IPv6" on Windows 10 - netsh interface ipv6 show neighbors - Just to see if MAC addresses can be mapped successfully to IPv6 addresses using Neighborhood Discovery Protocol (NDP).
  • Studied differences between OS1 and OS2 single mode fibers (SMF). And difference between blue (UPC) and green (APC) connectors and tight-buffered vs loose-tube design. + CWDM, SWDM, DWDM and FWDM.
  • The server disk latency limit question seems to be really hard. I were quite sure, at least some people would know the reason for it. But I've asked on multiple platforms and environments and nobody seems to know the reason. My guess it's either bad driver code, windows level bug. It might be related to the virtualization environment, and be virtio bug or it can be NTFS protection mechanism which triggers when latency gets "too high". But nobody knows which one it is, and what the 'too high' is. Even if the issue is seen live on multiple hosting platforms. Quite interesting and at the same time extremely annoying and depressing. Yet another issue which could be troubleshooted for extended periods, without any guarantee of any results because the problem stack is so deep. Finding out the issue might take a month and even so it would be a guess. I guess it might be possible to repeat this with Virtual Box, or maybe not. Who knows. I don't know. Maybe some disk latency / error simulation tools could help, etc. But all that would require a lot of time, without any guaranteed results. Even if the issue would be found, it doesn't mean it would help getting it fixed at all. - Windows Server, Disk Dead, VirtIO
  • Read long article about red team. Their mission is to infiltrate target organization and steal information. They said it's pretty much guaranteed they will be successful. That's a good contrast to the post I made a few days ago, where some companies believed that their systems are secure. How it can be? Our systems are secure, but attacker is guaranteed to be successful? Hmm, interesting.
  • Thoroughly and thoughtfully read two very interesting articles: Internet Censorship in Cuba and Crypto Wars in Britain. Who knows what kind of future EU will have. I think we've got one of the most liberal "Internets" right now. But future is uncertain. Also the news about China real name and identity policy to post content to net were quite interesting. Of course certain group of people is always able to circumvent all kind of restrictions. But it makes things slow, possibly expensive and in some cases even very dangerous, depending what kind of technologies are required.
  • Microsoft tries to mislead consumers once again. This isn't acceptable way to announce pricing: "Total 19.99 EUR/yr + applicable taxes ". Prices should always be announced including taxes for consumers. So that's probably on purpose misleading. This is about Outlook Premium. Btw. Tutanota is still cheaper, and it's a very nice option. - They also added new useless features to Outlook user interface. - Only good thing is that now the premium price starts to approach level which I'm willing to pay for custom domain support & add free, etc.

2018-12-09