Starlink, Matrix, Auth, Briar, SSH, PDDB
Starlink (@ Wikipedia) / SpaceX launching polar orbit satellites with laser links. Awesome. This allows areas like well, Finland getting served. The original fleet did have 53 degree (or similar) inclination which did mean that it's not great for Finnish users, if available at all. Because even southern parts of Finland are around latitude 60 North.
Let's home new Matrix Sync protocol improves latency. Currently it's quite annoying to wait for messages to come, especially on mobile. It's clear that there's no shortcut to sync "priorty messages" like the ones, which user is actively waiting for. Instead in order (?) message sync takes some times tens of seconds or more. Especially if there are large / active channels, which end up blocking priority traffic for some private chat or so.
I'm tired of authentication discussion. Personally I say again it again, that in many cases password authentication is much better than publicly trusted certificate authentication. Pushing public certs everywhere is just bad and also insecure approach. But many seem to completely disregard the security aspects. But I guess I'm done now with this stuff, it's all so utterly pointless. It's pretty similar to the 2FA secures everything, and then you'll use something stupidly weak like six numbers for 2FA. - Phew ...
And even more problems with IIS, it seems to break down every now and then without warning. On top of that, errors and logs are usually so bad, it's totally useless. Just takes a lot of time to check and second guess everything.
Very first impression of Briar Mailbox (@ pleroma.envs.net) - Hmm? First impression: I were more thinking version which could be easily hosted on Linux server and have potentially open registration. Of course the mailbox receives some minimal metadata of messages being received and forwarded and timing information, but that should be all. I could run one, if such application would exist. But sure, it's better and safer, if everyone runs their own mailbox. Yet it's not always practical. Also it would be a nice option to allow multi-user usage.
FE80::1 is a Perfectly Valid IPv6 Default Gateway Address (@ blogs.infoblox.com) - Nice blog post about the link local addressing. Ref: Stable SLAAC IID method (RFC 8064) (@ rfc-editor.org).
Matrix version v1.2 with new restricted rooms (@ matrix.org). It's nice that Matrix protocol develops, but it also puts pressure on all client / bot / other software developers to keep up with constantly changing requirements. Which is at times painful if you've done some light hobby project.
Watched Matrix FOSDEM talks, about Pinecone routing (P2P Matrix), Future of Synapse, how to make client sync faster and so on. I've thought some of those aspects, but it seems that the case is usual. Lack of development resources, coming up with ideas how to improve it, isn't hard. But it's good to hear that aspects are considered and being worked on.
Played with SSH / WireGuard / X-forwarding and found out interesting issues. Like programs from remote X session break local VLC video acceleration. So much quality code everywhere... Video freezes when remote frame buffer sends data and doesn't resume, without restarting local app. Works until more data is coming over X-forwarding.
Preparing for IPv6 only servers, tested configuring Nginx HTTPS reverse proxy using map, upstream with proxy_pass with ssl_preread server options. Worked beautifully. Now there can be one dual stack proxy server handling traffic for legacy IPv4 clients, which then relays it to IPv6 only back end servers. Wondering if anyone is going to sell this as a service. Yet of course Cloudflare already does this for free, with bit different setup. But this is solution which anyone can setup alone, without need of Cloudflare or similar service provider. One dual stacked proxy is enough.
Bunnie Huang’s Plausibly Deniable DataBase (PDDB) (@ bunniestudios.com) - An interesting concept. Yes, knowing that the data exists but is encrypted could put some pressure on you in bad situations.