Dead μops, Matrix, Charging, Containers, Identity, Backup, SQL

  1. I See Dead μops: Leaking Secrets via Intel/AMDMicro-Op Caches ( PDF @ virginia.edu ). This is wonderful, treasure trove which just keeps giving. Yet the underlying reason is the same, caching and changing timings. This is something which is usually totally overlooked. But in some cases it does matter.

  2. With Matrix / Element now login process is broken. It seems that you've logged in, but then it shows you're not logged in, but when you press login button, you're actually logged in. Mind blown, awesome process guys. I really can't recommend such a bad quality software for anyone outside tech industry. Techies can deal with this s*t but normal users just get lost in the process. - Actually now it seems that the login was completed, but key exchange wasn't. So now my messages aren't available in decrypted format, only as encrypted blobs, in the encrypted chats. Probably all of my friends are also seeing big red exclamation sign warning about me having new unauthenticated login. - Meh! Btw. I DID complete login with key exchange just seconds ago. And confirmed it at both ends being successful. Yet the security tab of my user account says, I've got all of my session verified. Boom again. - Redoing the key exchange and session cross signing fixed the issue. So it just means that the process messes up the client / user / encryption state at some point. I've had these issues several times, and also friends complain about same kind of problems all the time.

  3. Quick charging is joke. Why there's no standard for USB quick charging. Or yeah, there probably are several standards. Whole point is that every device needs it's own Quick Charger (TM) to work, even if there another quick charger available with ample power. But because it's not devices own charger, it won't utilize the quick charging feature. Not forgetting that the charger itself isn't probably enough, you'll also need special quick charging cable.

  4. Containers at the edge: it’s not what you think, or maybe it is (@ Cloudflare Blog ) - This is something which I like. I'm old school guy and often horrified by the overhead of many "modern solutions" and how poorly those perform in terms of efficiency. As example, simple binary monolith versus swarm of microservices communicating over HTTPS or some message broker. Phew. Containers are lighter than full virtual machines, but the amount of overhead is still considerable, just as Cloudflare mentions. It's just like multiprocessing vs multi-threading, even with Pythons GIL, multi-threading often (not always) make sense. Lean and mean and get the stuff done. Inter process, container, or system or even network communication latencies, etc. - Reminds me about my complaining about implementing and using COM interface, but in that case it is / was a service / method which got invoked a few times per day not even hourly and not latency sensitive. That's why I thought doing COM interface was unnecessary.

  5. Once again long pointless discussion about identity management. Some people just don't get the point of separated identities. That's probably the reason why most programs got so bad identity management features. Well designed programs provide free unlimited identities created at well and easily linkable with contacts / groups. Badly designed programs usually provide a single identity for user profiling and tracking (just like Signal does). Proper identity management with privacy features also provide pretty good anonymity (even if platform wouldn't support anonymity directly). Because a new identity can be used for every action and the old ones deleted / recycled / discarded as needed. - Funny thing is that Pretty Good Privacy / PGP aka Gnu Privacy Guard (GPG) already supported these features out of the box ages ago. Yet for many new privacy platforms these are "new and surprising things". Good email clients and as example BitMessage supported these features beautifully.

  6. Today's fun. Backup software integrity issues, once again. Backup tests ok, but restore fails. How's that possible? Yes, you've probably guessed it, it's Duplicati.

  7. SQL Server type casting issues, nobody seems to understand nor know how it works. (In this case, I'm sure many know, but nobody's knowing it is present.) But based on quick kitchen psychology, it seems that data in the database is converted to query type, and not vice versa. Ok, that's clear. Yet, users don't understand that the data in the database itself can break query. It's extra annoying that implicit silent conversion is allowed to happen, until it fails due to out of range error, booby trapping the code. For reference: Data type conversion (Database Engine) (@ microsoft.com ).

2022-08-07