Tools, Duplicati, OpenBazaar, SQL, Shopping, GCP, matrix, DNSSEC, SSL

  • Know your tools, I just noticed that with 7-zip encrypting with command line password like -p="test" guess what the actual password being used is, if you use that kind of command line? test, "test", ="test". No of course not. It's of course =test ... Sigh... Well, at least there's password, but it's not just as what you probably expected. AFAIK, this works differently on Windows. Hmm. Yet another example, why you shouldn't assume anything, and test everything, always, on every platform and environment. - Yep, colleagues with more shell experience than me, said that it's the expected outcome from that. But I didn't know that. Every platform and environment and shell, uses different rules and you should know those very well.
  • The statement above reminded my about Duplicati path handling. It's also extremely painful. Should the paths be like \\ and when to use ** instead of * or maybe \* and so on. Some paths are ok with \\ but others aren't, etc. Like source path is ok with \\ but exclude path isn't. If I remember correctly, that with Windows platform. With Linux it's of course much more clear when you can use /. But naturally and of course that one won't work with Windows properly, and so on. Should multiple source statements used or single source + includes, etc. That just leads to complex trial and error process. And as we well know, even if it seems to be working, it doesn't mean it would be done correctly. Sigh. It could still be totally insecure or break down when certain types of paths are included, etc.
  • It seems that OpenBazaar-Go server leaks sockets / file handles. "socket: too many open files". Python is actually pretty good at cleaning up sockets & files. But I'm not sure if Go is that good. I rarely close sockets / files, and it hasn't been a problem so far. I only do it manually, in case, I'm going to do with the file something after the fsync & close. Is that bad? I don't know, as I mentioned, never had a problem with leaking sockets or files, so far. When just the scope of the variable assignment is correct, so GC can handle it.
  • Leaking SQL cursors can be pretty bad problem. I've had that problem a few times. But usually when I encounter some problematic pattern. It's easy to learn that it's not a good pattern and fix it and avoid it in the future.
  • Web shopping. I wonder why retailers are competing about worst possible user experience. One promises free shipping, but the final bill includes extra costs for shipping. And another payment integration is simply failing and just hangs, without any error messages. I guess they're making so much money they just don't care about customers or user experience. I wish I would be in the same situation. It's kind of ridiculous that Ebay and PayPal, same company right? Can't get their s*t to work. Interestingly ebay.co.uk worked, when ebay.com failed. Interesting. Because both used same(?) interface for PayPal payments.
  • Choosing the right compute option in Google Compute Platform (GCP): a decision tree. Nice post. When even same cloud provides so many competing alternatives, it's important to make a right choise of features to use for your specific application needs.
  • Matrix.org - Studied the federated message relay pubsub network architecture and APIs. Having something like Matrix would be nice. I mean there are just so many similar proprietary implementations. But generic platform would be nice. Yet, so many services run already on cloud, providing direct API from their servers. So what's the bonus for relaying messages through Matrix. That's the question.
  • Namecheap DNS DNSSEC fail, AGAIN. So, lovely. I just can't stop loving companies which give you utterl BS and don't fix the root cause. I guess it's the norm. That's why I actually do love companies which do not do things according the 'best practice' with seems to be pretty horrible. When DNSSEC stops working with Namecheap DNS, their ultimate problem resolution was that you need to turn it off and on again. I don't even bother telling what I think about such engineers. - Just blah!
  • Let's Encrypt Wildcard Certificate support. This is awesome news, even if I don't personally have any use for it. But I think I've got a few servers which would benefit from this arrangement, making configuration much simpler. Especially older Windows IIS servers do not support SNI, which sucks. Yet Windows Server 2016 and it's IIS does work properly with SNI and multiple certificates and domains.

2018-09-16