Chrome, Liblzma, PSQL, Security, ECC, Static, Waitress

1.  Anyone surprised that Google collected lots of information about Incognito users and didn't want to delete the data? - I'm not. People should remember what's the business model of Google. Ref: Chrome Incognito (@ wired.com)

2. A nice post about liblzma SSH backdoor by Harry Sintonen (@ infosec.exchange) - Yet as mentioned, the backdoor was quite complex. It remains to be seen what kind of fallout will follow. At least it was caught quite quickly and didn't manage to deeply infiltrate most of stable Linux distributions. - Another great question is, how many similar kind of wide open backdoors are planted around, that we just don't know about. As we know, there are very competent teams constantly working on actively backdooring everything.

3. PostgeSQL data and performance optimization. Obvious basics were mentioned: Memory locality, CPU registers, RAM memory performance and storage latency, page size, and so on.  SSD vs SSD performance differences. Caching, cache lines and cache size. RAM is slow, ~250 clock cycles wasted for main RAM access. Unaligned data causing issues and padding. data page layout. Table Row layout. TOAST attributes. Great examples how important field organization and order is, that unnecessary data padding can be avoided when storing data. Just re-arranging a few fields can lead to 25% savings with table like with 6 column table. Disk storage will be reduced, memory and cache utilization will be improved, latency is reduced and over all performance is improved.

4. Great post about one project migrating grom MongoDB to PostgreSQL (@ infisical.com). I sometimes prefer 1 - 3 data storage options depending on different data types. As example, I don't want to always push BLOBs to database, I might use secondary storage for those, and just add references to the main database. Yes, there's some slight work to make sure those are synced, but generally that's not a problem. Then I just run cleanup task, which deletes all blobs older than N which aren't referenced by the transactional BLOB index in true database. If there are situations where partial blobs or junk is left, that'll clean it up.

5. Platform Engineering For Dummies - Platform operations, Platform as a product, Self-service for developers; kw: IDP, CI, Workflow & Orchestration tools, Requirements and Solutions.

6. Finished reading "Security Engineering: A Guide to Building Dependable Distributed Systems" on my Kindle. So much great stuff. I made extensive notes about it while reading, but I won't be sharing those because it wouldn't fair use anymore. Same policy applied to several other Ebooks I've read.

7. Elliptic Curve Cryptography (ECC) for the purposes of online identity. kw: secret key, public key, key pair acknowledge a statement 

8. Someone complained in urban legend style, that chair is making display to flicker. I've got slightly different case, where my HDMI screen blanks often when there's something white at top of the screen. I guess it might be again digital signal quality issue. When my right most UHD HDMI screen is almost completely filled with white content, it might blank out. Also interestingly it might have something to do with air humidity. Because it happens more often during winter than summer. - Don't ask me why, but I guess it's got something to do with the HDMI bandwidth being maxed out, and cable connectors and cable protection and so on. When the screen banks out, I can often restore the image by moving the window on the screen down just by a few pixel rows o that the back background is visible at the top of the screen. 

9. Checked out Python Waitress (@ devdungeon.com), I might use it next time when I need light WSGI solution. Light and simple way to implement standalone web services. uWSGI seems overkill for many very light internal web services.

2024-12-15