HiddenVM, 103, Caller Auth, Brush Pass, FIDO2

1. HiddenVM (@ github.com) - This is something I like. Having encrypted virtual machine with your real stuff inside Tails the Amnesic OS. When system is powered down everything disappears and system looks clean, until you'll remount the encrypted volumes and launch your real VMs. Also supports for decoy VM's which you can launch, so it looks that you're plausibly using the system for something sane.

2. 103 Early Hints (@ nitropack.io) - Nothing new, but as said, web optimization is deep stuff, yet early hints is something which is quite trivial to understand why it's beneficial. One alternative to the HTTP/2 (H2) server push feature (@ Wikipedia), which I personally didn't like too much, because in many cases it would require the recipient to cancel the streams actively sending unnecessary data. Unless, it's so that the server knows if the client needs the streams or not. Also see Cloudflare's Early Hints documentation (@ developers.cloudflare.com). I've got it enabled, but didn't observer any 103 responses, but it's probably due to dynamic caching. I've also enabled and configured some early hints for my own server(s) for the front / landing pages.

3. Wrote a script which checks drive I/O status every 10 minutes, and if there's no I/O during that periods, it shuts down the drive. I've seen so many newer SATA drives having power management completely broken. WD, Seagate, Toshiba, etc. I don't know why they're making drives with broken firmware.

4. Helped in design and implementation of a caller authentication portal. In case you'll receive a call, and you're unsure if it's authentic, you can verify the caller using the authentication portal. You'll go to the official website, and then enter the verification code given by the caller, and the portal tells you if the call is authentic. This is in place to prevent different kind of support call scams (@ Wikipedia). Of course the same effect could be achieved by doing it in reverse. Leaving support ticket with authentication code and then waiting for the call, or calling directly the support. But in this way, it's possible to authenticate the caller on spot when necessary. 

5. For previous point, but why? I hate how many companies sales departments call and then start asking all kind of questions. How do I even know, if the call is authentic and often they don't have any good way to do that. When this is done by outsourced call centers, then it's extra lame, because you can't even send the verification code to official company email address or something like that.

6. Brush pass (@ Wikipedia) with cellphones (or look-a-like objects) is one working method of exchanging information, just to say. Suits modern world better than newspaper or briefcase.

7. After Ubuntu distribution upgrade to 22.04 my WebAuthn FIDO2 (@ Wikipedia) devices stopped working with Firefox & Chromium. Hmm, maybe snapd (@ Wikipedia) sandboxing is the problem? Sigh, let's see. It seems that adding idVendor and idProduct information device configuration file in etc udev rules.d fixed the situation. ref: Details are updated to the old device configuration post (@ this). 

8. Read a very long article about internet sites, hiding the service behind reverse proxies, which can be changed on the fly. Running the primary background services as hidden services and so on. Also relates to sites like 8kun, kiwi farms, daily stormer, etc. DDoS Guard and Vanwahtech. Of course there wasn't anything new in the article. Some sites like The Pirate Bay has been doing such stuff for a long long time. How hosting companies which allow creating servers via Tor without KYC (@ Wikipedia) and payments in anonymous crypto currencies make the reverse proxies easy to run and so on. And how some of those companies have interesting backgrounds / potential funding in/from the countries which usually control media very strictly, but in this case because the client base is western, they're happy to provide bullet proof hosting. Pretty much basic ops.

9. Studied ETH merger from PoW to PoS (@ Wikipedia). kw: cryptocurrency

10. Something different? Moscow Signal (@ Wikipedia) also read the public information available about GLONASS-K2 (@ Wikipedia) GNSS / PNT satellite network and related interesting geopolitical aspects.

2023-11-05