Cloudflare, Authentication, Bcachefs, Messaging

1. After the info leak problem, reconfigured my systems to the sane configuration. Cloudflare is now being used as CDN (@ Wikipedia) for domains with completely public content. All content which isn't completely public is now using different domain and without Cloudflare or even their DNS. Of course everyone knows this, but it took that little problem to get the kick and fix the setup.

2. Tunnel any TCP service over Cloudflare (@iq.thc.org) - More or less cursed solutions. Anything over anything tunneling concepts. This time tunneling TCP over HTTPS WebSockets using Cloudflare. Nice solution, eh.

3. Authentication discussion is never ending. Basic Auth is what it is. But are there better options. While looking for modern light, simple and powerful authentication option I found out WebAuthn_proxy (@ GitHub) It seemed like an excellent option for what I were looking for. Adding secure authentication to resource, without needing to implement anything like OAuth2 / JWT / OpenID Connect OIDC (@ Wikipedia) or such stuff. I'm sure people implementing login solutions know that it can be a handful. As example, if you're not really experienced with this stuff, configuring Authentik out of box and getting it to work with all of your web apps can be quite an painful experience. - Now when WebAuthn / Passkeys is going forward from ultra nerds only category, this might be actually become an viable option. I personally really like WebAuthn, because it's secure and independent technology.

4. bcachefs (@ bcachefs.org) - First of all, I really love their website. It's contains stuff you want to know, and no bs. Perfect site design, compared to most of extremely badly designed websites. Feature list is nice, everything I wanted. When it's stable, I want to see benchmarks. But for now this is enough. I don't use non-stable file systems, so everything I'm going to say, is that it looks promising so far.

5. Messaging - Briar, Cwtch, Session, Signal, Matrix vs SimpleX. Uh, too much discussion about the topic. Different services, work for different use cases and have different trade-offs of course. There's no single perfect solution. 

6. How can I use QR Code? This is an interesting usability issue, I've encountered this with many other programs as well. When I've got the image of the QR code, how can I use it in the application. As example in this case SimpleX Chat fails. You can't add contact from QR Code which is a file or image on phone, or image on desktop clipboard or so. Classic bad engineering / design problem, with providing users with bad UX. I have this code, but no way to actually do anything with it, the app that generates QR codes, doesn't accept QR codes as input. Some apps like Signal and WhatsApp allow you to read QR Code with camera, but what if the QR Code is in file? As example someone sent you a QR code over chat as image. - Fail.

7. Helped a friend to debug totally crazy Matrix federation problems. User is in the room, even if they left. They see posts in the room, but they can't post to the room or join the room. - Legendary. - The infamous infinite state machine (?).

8. Had a long discussion about friend, how to develop a quick'n'dirty Matrix - SimpleX bridge. Well, as in good old coding spirit, we decided to write parallel implementations. He used Java and wrote a version which reads data directly from SimpleX database, and writes to Matrix API directly. As well as reads Matrix API directly and then uses SimpleX-CLI to post messages to SimpleX side. - My version was slightly different. Using Python3, I launched two subprocesses with stdout / stdin pipe's and then used python select to find out when new messages are received, slightly modify and filter the content on row basis as necessary. And then pipe it into SimpleX-CLI or launch parallel Matrix-Commander to send messages. - Both implementations seem to be working nice and well. Now you can access SimpleX chats using Matrix UI. But why? Well, because SimpleX app is quite inefficient, it's better to run it on server. And of course for efficient push notifications. And finally but not least important reason. Proper battle station and keyboard are so much nicer to use than crappy mobile devices.

9. KryptEY (@ GitHub) - Encrypting / Decrypting keyboard with Singal Double Ratchet Protocol encryption for Android. Yeah, who would have thought about encrypting keyboard, cough Enigma, and other similar devices before and after it. Like The Cipher Typewriter.

10. SimpleX Chat v5.1 is out (@ simplex.chat) - Crazy amount of new great features. This is quite awesome (secure) chat app! - Best thing of SimpleX is it's development speed. Many apps are so dead in water.

2024-04-14