2FA/MFA, TRIM, DFSR, BranchCache, Matrix, HAS, Spaceplate

  1. Two-Step, Multi-Step, Two-Factor 2FA / MFA and so on authentication (@ Wikipedia). Classic funny topic. Just a few thoughts after talking with friends. I'm wondering why people don't make bigger difference with Two-Factors versus Two-Step authentication, those security properties are different. Actually some sites use now three step authentication. First confirm username, then confirm password and finally confirm the token. This is bad, because each step is independently validated, and attacker knows that the information is correct. Instead if the authentication would be done in one step, where you'll have to provide correct user ID, correct password and correct authentication token, then you wouldn't get each factor independently validated. Which would provide much better security. I think the background of Two-Step verification comes from user-friendliness and old solutions where the code was sent to the user. With modern solutions where user generates the token, it's much safer to require all information at once.

  2. SSD USB TRIM, can't be done, everyone seems to say. I haven't ever gotten "why it can't be done". Because everyone just keeps claiming that it can't be done. All of those claims which are all the time repeated are totally unfounded. After quick checking, my thoughts got confirmed, I've tested it and it works beautifully. Enabling TRIM on Extrenal SSD (@ jeffgeerling.com). Yet it comes with some (found) warnings.

  3. Configured replication between three different servers using the Distributed File System Replication (DFSR) (@ Microsoft).

  4. For one smaller office, configured BranchCache using Distributed Cache Mode between workstations at the smaller office.

  5. Hard drive capacities are increasing all the time. Ultra-high-density hard drives made with graphene store ten times more data (@ phys.org) - Interesting to see when SSDs will be actually cheaper than HDD space. kw: HDD, COC, HAMR

  6. Very nice post about Matrix (data) retention policies (@ brendan.abolivier.bzh). Implemented with latest Synapse and working as designed, if enabled. I also asked on Twitter for encryption key management feature (@ Twitter). "It would be so nice if Element client would honor Matrix data retention policy and automatically remove expired encryption keys and messages." Yet, later it has been found that using data retention policy will corrupt DAG and some data models, so many home servers have disabled it. DUH!

  7. Reported DNS problems to one ISP with their authoritative servers. Sometimes it's annoying to know too much. It would be just easier to say, duh, it's broken than start debugging what's broken, where and why. Fastly CDN outage was also awesome experience, so many things broken.

  8. Galileo High Accuracy Service (HAS) (@ gsc-europa.eu) Galileo's accuracy is now globally better than 20 centimeters, that's pretty nice. Way better than GPS. It seems that HAS is further development of EGNOS (@ Wikipedia) and SBAS (@ Wikipedia). kw: Satellite Navigation (GNSS / PNT) (@ Wikipedia), EU

  9. Got totally enraged by IIS once again, even simplest things won't work. Phew, it's always ultra frustrating to deal with IIS.

  10. Something different? Spaceplate (@ phys.org) Amazing optical space compressor. Allowing space to be compressed into smaller space for optical purposes. Yet the article is really disappointing, because they don't go into technical details how this is exactly being done. kw: light, optics, photonics, science, physics, meta-lens, meta-surface, propagation

2022-09-11