WebShop, Python38, HC, WG, Auth, RDC, OpenSK, Neuron

1. Did I mention online shopping user experience? They're working really hard to annoy customers as much as possible. That's just so awesome. Frustration, rage, bogus charges, system failures, etc. If I create a website which just shows you x-rated images and loops FU audio-clip, it's still much more user friendly than many web shops. Because then you can just like quickly and efficiently conclude that's nice, I'll just close this page. Without wasting hour or two of my time on it. I personally think the time waster is much ruder and more offending approach. I tried three different browsers on three different operating systems and three different payment methods, and their system still fails. That's just so amazing! Truly great job! Even their customer service didn't know why it doesn't work.)

2. After upgrading production environments to Python 3.8.1 I used the PEP 572 := walrus operator for the very first time in production code which is already pushed into production. It was so nice. I saved 50% of lines for the required if statement.

3. Designing Headers for HTTP Compression. Nice post, I've had same thoughts about HPACK. And especially with QPACK it's important to use the headers which already exist in the static reference tables if possible.

4. Replaced many older OpenVPN (@ Wikipedia) setups with WireGuard (@ Wikipedia). So much joy what a trivial task. That's something I really like. I've also provide option for some users to use SSTP (@ Wikipedia), because it's just so easy to use with Windows even for absolute n00b users.

5. Electronic locking, again totally legendary. First system allowed any key to access all areas, when it was fixed, nobody got anywhere anymore. That was then fixed by leaving all doors open for extended period persistently, without requiring any key at all. I really just can't stop loving this stuff. This reminds me about the DNA's (Finnish ISP) firewall / SMTP / authentication / spam / RBL case which I wrote earlier about. Utter and absolute incompetence and stupidity.

6. More complaints about Remote Desktop Hanging constantly when UDP is enabled. Sigh. It's so badly implemented and it's really annoying. kw: RDP, RDS, RDC, MSTSC, Windows, Fail

7. Using simple and generic tools for code validation. In one web chat I did read something I might not have wanted to hear. They said that they use URL addresses in the QR code, and if it returns 200, it's valid. Wait? What? Nooo! This is because they're using some embedded validation hardware, as cheap and simple as possible. It just reads QR code, makes HTTP request to the address in QR code, and if it returns 200, it's good. Yeah, I might have some ideas about abuse. Just wondering, if people really ever check what's in the QR codes. I would have personally preferred option, where the URL part is fixed, and the QR code is read, then there's some light validation, like it's alphanumeric and length is X and only then, the request is made to the predefined server to validate the code. But sure, the former way is simpler. Because don't need to setup anything. Just create QR codes with URLs. Ehh. Security through obscurity. It's good as long as nobody knows. And sure, it's better than "static QR codes" which are used by some systems. Because at least this prevents using the authentic code several times, because the server can return something else than 200, if the code has been already used. And sure, that's something I kind of like, simple and powerful. Yet it leaves system open for abuse.

8. OpenSK - Nice! More open source security key solutions, this time one from Google. Including support for FIDO U2F (@ Wikipedia) and FIDO2 (@ Wikipedia). Yet it doesn't provide open source hardware option.

9. Dealt with some integration using Neuron ESB (@ Neuron ESB). Well, basically just formatting stuff and passing it into queue. Pretty simple. I guess this tool is bit overkill for this technically simple simple matter. Yet it also provides possibilities to convert messages and receive messages using different transports easily.

10. Something different? - Airborne Networking (@ Wikipedia) and Global Information Grid (@ Wikipedia).

11. Numbers, not bullets? Why not, it's easier to refer to a number in a post, than Nth entry without number. 2021 improvement while posting.

2021-01-10