Firmware Fonts, Tor, FIDO2, SimpleX

1. Font can be changed, they claimed. - Always the same story. One device had sub-optimal font mappings for ÖÄÅöäå characters. Actually the reason seems to be that in the ROM file they don't have separate font for Scandinavian characters for different font sizes. It's likely that they'll use the large font characters also for small fonts, where other than Scandinavian characters are using of course the smaller font. That causes the Scandinavian characters to be out of alignment and just funny. I told them that we'll need to get that font issue fixed. They said, it's impossible. F that. I've heard incompetent engineers saying that stuff earlier. I downloaded the ROM image from the device, and as you might guess, the fonts are bit-mapped in the ROM. I just replaced the large characters with small characters and added ¨ pixels to those. Now the font is fixed and I've got my own ROM image with fixed fonts. At the same time, it's lovely and infuriating. I'm doing stuff like this all the time. Because they people whom have the tools and sources and "the right way" of doing things. Won't do or claim it's impossible. Then I'll do some really hacky strange reverse engineering solution, which works perfectly. - Uh oh, job done, been there and done that. Now I just flash the device with my own ROM image and that's it. Luckily they didn't have signatures nor compression with that ROM.

2. Configured some of the hidden services to be secured already on Tor-service layer, with improved security utilizing authorized_clients and ClientOnionAuthDir. kw: Tor (@ Wikipedia)

3. Passkeys are huge win for FIDO2 keys. I personally would say that FIDO2 is way better than Passkeys from security perspective, but if passkeys is what it takes to get wide spread FIDO2 adoption, then it's great way to move things forward. I personally won't be using passkeys, or maybe if I do, for some low security sites. But in general, I don't have anything bad to say about the technology, of course assuming that everyone realizes the down sides of passkeys vs FIDO2 HSM keys. kw: webauthn, passkeys, passkey, HSM (@ Wikipedia)

4. How can I use URI link? This is just as the previous issue. Some apps share all kind of links, but where the app offers option to consume those links? I've seen so many apps which do not have an option for that at all. Crap'o'software! Same thing btw. applies to app specific QR codes. kw: URI (@ Wikipedia)

5. One way for implementing multi device support for encrypted queue based platform like SimpleX. Using message queues between the devices to synchronize data. That wouldn't require any server side changes and could be implemented on client side alone. Then it wouldn't matter which device reads the primary queues first, because it would then forward the messages to other your devices. This would work transparently with N+1 device. And wouldn't require master device. Only extra logic on client side, to forward received messages, receive messages from "sync" queue and finally optional back-fill option, to retrieve messages which haven't been received via sync queue. Either due to technical issues or device being new. Not the most efficient way of implementing it, but would work well (?) with SimpleX ideology. In this case it would be multi-master sync. All devices / sessions being equal. - Yet that works perfectly in theory. In reality this can cause horrible out of sync issues, in case all devices are offline, then one comes online for a short while. Receives messages and then is lost so sea, before sending the messages out to other devices.

6. Some friends complained about SimpleX consuming too much energy on mobile etc. So, I wrote a very light web-client and Matrix bridge for SimpleX. Now it can be accessed in ultra light matter using any web-browser, even with very cheap legacy and burner devices and or tor-browser. I'm happy with it and friends we as well.

7. Friend had some issues with SimpleX XMP / XFTP server upgrade processes. Installed and demonstrated both setups, with bubblewrap (bwrap) and Docker. Both work, but are slightly different to maintain. With bubblewrap, you can easily just replace the pre-compiled binary with another. But with Docker you'll need to download new container, stop service and restart it with a new container version. Yet with Docker you can also use the version of build-image which builds whole docker package from source, allowing using "the bleeding edge source" latest version, which isn't even released yet. Pros and Cons. For most of people, I think Docker is bit overkill in these situations. kw: Docker (@ Wikipedia)

2024-04-07