Tor, Jsonnet, Google, Duplicati, UI, DevSec, PQShield, WPA3

• How bandwidth scanners monitor the Tor network. kw: CollectTor, sbws, Torflow, directory and bandwidth authority, tor network.
• Studied Jsonnet and Dhall-lang. More configuration languages. Currently I don't have any project which would require such a complex nested and or templated data. In most of projects trivial and simple keyword replacement and or ini / json configuration files are more than enough to get the job done.
• Read a few articles about Google's mobile phone tracking. No news I guess. From technical perspective it has been obvious that all phones can be cross correlated from the databases. Which phones intersect where, where phones are charged and kept nightly and so on. No news. All this data has been recorded for decades, as long as cell phones have existed. For data analytics people, it's trivial to generate all kind of results and expectations as well as forecast / predictions based on this data. That's also one reason, why you shouldn't ever use burner at your home, nor especially carry it with you when you've got another identifiable phones on you. Yet of course this allows narrowing potential suspects down by looking for phones which for some reason got a typical usage pattern, ie left at home, instead of being carried by the user around. Also all other technologies which track you might record information about your location and reveal the normal phone versus burner relation if you're being investigated.
• Duplicati restore / backup performance discussion with different volumes & storage access patterns & command-line options.
• Noticed interesting UI event flow block. It seems that Windows telnet application won't close it's window as long as it isn't visible. In one batch job I opened probably around 200 such windows. After starting to wonder why the windows are still open, those started closing really fast when revealed under other windows. And all of those didn't close at once, because windows were hidden under multiple other windows. But instantly when revealed those started to close fast. - Interesting.
• Studied dev-sec.io system hardening framework, providing server hardening automation. Even if those aren't directly applicable to some environments, that's still a good list of "basic concepts and things" which need to be done. From time to time, it's important to check instructions and configurations, that everything is done in a right and secure way. Or even better, configure automatic configuration monitoring. The site currently contains good basic security configuration information (including verifying the configuration files (!)) for following systems: MySQL, PortgreSQL, Apahce, Nginx, SSH, SSL/TLS, Docker, K8S, Linux (Ubuntu, Debian, RHEL, CentOS, Oracle, OpenSuse), Windows and it works with Ansible, Chef and Puppet as well, which is really nice.
• Studied PQShield, SNEIK (SNEIKEN, SNEIKHA) out of curiosity. Clearly more lightweight sponge construction based authenticated ciphers are coming. Yet that's designed for lightweight hardware and leaving superscalar optimization out. Well, IoT devices are going to need something like that. The PQShield is focusing on post-quantum encryption @ Wikipedia. As well as NIST Post-Quantum Cryptography (PQC) project page. Without forgetting the NIST Lightweight cryptography project.
• There are already Vulnearbilities being found in the WPA3 Wi-Fi Encryption / Security Protocol @ Wikipedia. As example downgrade attacks and weaknesses in the WPA3 Dragonfly. Which uses the Simultaneous Authentication of Equals (SAE). Allowing password recovery, what? Uh. But these attackas are against the WPA3-Personal mode, yet which naturally will be the most popular network authentication / encryption mode for home users and private individuals. It seems that brute-forcing passwords (at least weak ones!) isn't that hard after all and is actually affordable.

2020-06-14