BoringSSL, Duplicati, NTFS, CC-CSA, RAG, Passkeys, PSQL 17

1. Chrome and BoringSSL now supports ML-KEM PQ cryptography (@ security.googleblog.com). Nice! kw: hybrid post-quantum key exchange, HTTPS, TLS, Kyber

2. Telegram banned in Ukraine for security related work, shocking? Shouldn't be. Even if it wouldn't have been banned, I don't know who's in their right mind would have still used it on devices which need to handle anything classified anything else than public. Like internal, restricted, confidential or whatever is the lowest security classification in the organizational system. Most of software, services, apps, devices and tools should be used only for public data.

3. Telegram announced that they'll be sharing phone number and IP addresses with authorities when requested. Well, not surprising at all. I think the most surprising thing about this is that someone is surprised about it. Hilarious. Correctly designed privacy platforms do not collect any sensitive data, so we can share absolutely everything we have, and you won't gain anything from it. Want bunch of random blobs? You don't even know, if we delivered the real or made-up update, because most likely it won't make any difference.

4. Duplicati, thought about the programmings flaws it had. It was amazing how accurate my profile of the problems were. When I said, I'm sure that there are at least thee different kind of types overlapping here causing the corruption of backups. Now all of those have been addressed. - Yay!

5. Tested Linux Kernel's NTFS implementation after distribution upgrade performance wise, and it's now good. I'll be using NTFS as primary file system when there's a need to have storage which is usable with Windows & Linux systems. Earlier I mostly used exFAT but NTFS is way safer in metadata integrity sense.

6. Credit Card Strong Customer Authentication (CC-SCA) (@ Wikipedia) - Duh! I just found out that some US services still don't support SCA and European credit cards which require SCA and it can't be even disabled, get automatically declined because charge fails. Freaking awesome, not. Well, they'll have to implement SCA if they want my money. Some business cards do offer option to disable SCA for a short time, to allow cards to be used with non SCA compatible services.

7. Credit Card (@ Wikipedia) payments and shopping. You.com AI service. This is so classic, I would want to buy their services, but they keep declining my payments. Excellent. This is exactly what is so wrong with many handy online services, those are broken and won't work. I've got similar issues with a few online stores. I would want to buy stuff, but they don't want to sell. I guess their business si going too well. - Shut up and take my money...

8. AI Retrieval-Augmented Generation (RAG) (@ Wikipedia) - A nice way to integrate fresh data from different systems and data sources to LLMs reasoning and processing capabilities.

9. Matrix Synapse server got finally the sliding sync support. This means that Element X mobile client can now be used with the server(s) without additional protocol translation proxy module. My first impression of Element X is that it's very simple, and fast chat client. I don't yet know if I like it. I've got full Element as backup, at least for a while.

10. Passkeys (FIDO2, WebAuthn, User Authentication) are called Pääsyavaimet (Apple) and Avainkoodit (Google) and Salasanaton todentaminen (Microsoft) in Finnish. Are there other commonly used names?

11. Email (SMTP) is broken, extremely brittle, and unreliable. It shouldn't be used for anything that is even remotely meaningful. kw: messaging, communication, security, system

12. PostgreSQL 17 Released (@ Wikipedia) - The performance improvement with vacuum is impressive. Downtime caused by database maintenance has been one of the long lasting issue with PostgreSQL bringing some production systems down for extended time. JSON path expressions, nice. Yup, something I've been thinking about. Allow indexing JSON directly, without needing to duplicate some of the JSON fields in the SQL table structure for indexing reasons.

13. Something not so different? I bought full paid access to OpenAI, Gemini, and Claude just to figure out which one I like. The o1 preview is awesome, but it's total overkill for most tasks.

2025-03-16