Ubuntu, FIDO2, SSH, OPSEC, Darknet, Donations, SMR, Nginx
It's nice to say that Ubuntu 18.04 -> 20.04 update messed up very very little things on primary workstation. I didn't get annoyed by it at all. But Micros*it update f-ked up absolutely everything, so that fixing this mess takes hours every morning and pisses people totally off. But see the last post, bit later when I upgraded rest of systems, ha ha.
Microsoft Outlook passwordless FIDO2 (@ Wikipedia) / WebAuthn (@ Wikipedia) support sucks. It seems to generate resident keys which then fail after key generation giving bs error message. It's filling up the HSMs (@ Wikipedia) key storage with unusable junk keys. Good job Microsoft! "Something went wrong", that's pretty well said.
It seems highly likely that the FF problems, are related to Windows user account problems after 2004 update. - Thanks Microsoft
SSH security? I'm wondering if this is intentional feature made to weaken security? "Warning: Permanently added the ED25519 host key for IP address 'IP-info' to the list of known hosts." - No fingerprint or Visual Host Key (VisualHostKey) image is being shown. Only when the key is already on the list, then the key is shown... "Host key fingerprint is SHA256:1234567890123456789012345678901234567890123 +--[ED25519 256]--+". Why the key and "visual key" is omitted in the first case? Is it done on purpose, so that the user wouldn't realize if the connection is malicious?
Thought about deep slow breathing. I think I'll have to try that one day. These things are so frustrating, that there has to be something else to focus on. One friend also suggested laughing yoga. That sounds like ultimate option if ICT stuff feels too complex at sometime in future. (Just kidding!)
Read very long book about OPSEC (@ Wikipedia) and Internet anonymity. Good stuff. OPSEC is hard, it's likely things are going to fail, sooner or later.
After latest Firefox update, it's also ridiculously slow. Often opening sites or starting video streams takes tens of seconds and pages fail to load completely. This is just so great. Sigh!
Darknet Diaries Ep 68 Triton (@ darknetdiaries.com). Such a classic. Ignoring security alerts, misconfiguration, laziness and so on. Worth of listening. Security as usual. That's why I use automation and checklists. Primary security systems insecure, and so on. Great show, good story, recommended. Also the is really nice: Ep 69: Human Hacker (@ darknetdiaries.com).
Donated money to: Archive.org, GnuPG, LibreOffice, Wikipedia.
Purchased my first SMR (@ Wikipedia) drive Toshiba MQ04. Some claim, SMR isn't any slower, but in this case it's very very clear, it's very slow. After writing around 10 GB to drive, the writing speed drops to around 10 MB/s range, and I/O latencies go through the roof. Single disk I/O operation can take around 15 seconds at times. Which makes everything feel extremely sluggish.
Even after latest system updates, Nginx Web Server is still broken. It prefers AES over CHACHA20 even with servers which do not have AES-NI or provide corresponding AES acceleration technologies. This leads to clearly suboptimal server performance due to CPU encryption limitations. Sigh. Yes, I have configured OpenSSL options with PrioritizeChaCha option.
So frustrating. With server, the networking is totally failing Ubuntu 20.04, DNS broken, IPv6, broken, some services won't start, some mounts fail... Sigh... Remains to be seen how many months resolving these issues take. It's so nice to wake-up every Sunday and start with random pointless bug related troubleshooting because systems have crashed during the night. Yawn... I think this isn't a great way to start a day. Oh joy, some of the mounting issues cause syslog to miss critical parts. So I don't know why the mounting, nor networking, nor service starts failed, because it's not being logged. Yam! - Once again reminds me of the rule of keeping as simple as possible, because every single thing you'll do, causes you trouble later, when updates change something, something is deprecated or so. Everything needs constant maintenance to operate. If you can completely avoid doing something, do so, it's a good idea after all. - This is actually pretty universal, complexity is expensive to maintain.