ECC DDR, OBET, NDA, SimpleX, OVH, Signet

1. Error Correction Code (ECC) in DDR Memories (@ Synopsys) That's very nice article. kw: Side-band ECC, Inline ECC, On-die ECC, Link-ECC, DDR5, LPDDR5, DRAM

2. OBET: On-the-Fly Byte-Level Error Tracking for Correcting and Detecting Faults in Unreliable DRAM Systems (@ ncbi.nlm.nih.gov) - Also interesting, how DDR5 can be made as reliable as DDR4 by using error correction. kw: DRAM, DDR5, on-die ECC.

3. NDA - Sometimes I really wonder what those are for. Why? Well, first you'll need to sign extremely tight NDA and then basically all the information you'll get, is from their public web site. Makes me wonder what the motive really behind that is. Can't go into details, but in general that often feels just utterly ridiculous. - I guess it's just the industry standard. - Maybe it's the same everywhere. Legal department requires massive strict perpetual NDA and then the people actually executing and working on the practical stuff, couldn't give a s$1t about that at all. - We have this TOP SECRET classified technology. You know that anyone can access this public information by going to the address blueprints.darpa.example.org - Lol. Well, that's not that different from globally accessible public buckets on AWS/S3, source on GitHub, or any other similar case.

4. SimpleX SMP delivery / XFTP retrieval relays (@ GitHub) design looks good to me. As well as their plan for IP address protecting proxies (@ GitHub) - Masking user IP from rest of the servers. kw: SimpleX, Tor, privacy, security, self-hosting

5. One of my OVH servers was subject to abuse report, which was clearly completely bogus report. I replied to the report and never got any reply. Afaik, that's very bad customer service and abuse management. At least they should have clearly reported the progress of that case and if and when it's closed and with what conclusion. - Standard helldesk ops, we do something and we don't even know what we're doing.

6. Uniqueness Scope, I just cant stop hating obvious and trivial things, especially when combined with fools. It's an endless source of constant trouble. Yes, my cars license plate number should be 1. Why? Well, this is my first car of this specific make, model and color, which I'm personally registering today. So, why it wouldn't be 1?

7. A Touch of Pwn - (@ blackwinghq.com) - Somehow this doesn't surprise me. But very nice to see that they bothered to actually execute the attack and document it.

8. France is banning unofficial chat apps. Yet, Matrix is nicely on the official chat platforms / apps list.

9. Signet App (@ signet.app)- Application for encrypting and decrypting data, with out of band key exchange. Doing out of band key exchange is nice, because it means that the attacker doesn't even have the public keys to attack. They'll need to go straight for the symmetric crypto. Free app, encrypted data can then be passed forward securely with any preferred method like: email, WhatsApp, Signal, Telegram, Matrix, USB-stick in mail, you name it.

10. Opinion corridor (@ Wikipedia) - Had a long discussion about the subject in underground forums about chilling effect (@ Wikipedia) and self-censorship (@ Wikipedia) and this wasn't covered there yet. This also highlights why encrypted and anonymous communication channels are required. Because you might not want to discuss everything publicly. Related to Overton window (@ Wikipedia), which is very true. This is exactly the point when people push a single thing to single direction, won't realize it's not a good idea.

2024-10-06