Huge Pages, Duplicati, WhatsApp, Backups

1. Lot's of discussion about huge pages (@ kernel.org), Kuberentes and problems with one admin friend. That's a nice swamp. Only conclusion about this is just like with many other things. It's totally meaningless, unless it isn't. But in most of basic desktop use cases with current hardware it doesn't really matter at all. Situation could be of course totally different in high RAM environments.

2. Duplicati related issues still drag on. It's funny when developers are asking me, what of the program outputs is truth. Haha, I don't know, I thought you guys would know it. But now it seems that the team has gained a few people whom might be able to solve the issues. Or at least they're asking the right questions. If that helps, I don't know yet. It could. Some things are really funy, as example restoring one file gave error System.Exception: Unable to locate block with hash: 47DEQpj8HBSa+/TImW+5JCeuQeRkm5NMpJWZG3hSuFU=. Well? Of course there's no data block for that hash. It's the sha256 hash of no data input at all. But I'm sure many n00bs doesn't know that and might get mislead by the error message.

3. Duplicati backup test, wondered why it doesn't properly reuse FTP connections. It opens one connection, then uses one connection for uploads, closes it, and opens connection for downloads and closes it. Finally closes the first connection which was open for the whole time, even it wasn't used for anything else than the final QUIT command, which doesn't count as "sane usage" at least to me.

4. Had a long discussion with friends about heartbeat / watchdog micro service. If it would be useful or not. I could quickly make one, I've got all the necessary components in my lib already. But question is, if anyone would use it at all? That's the primary question. It's pointless to make something (if not just for learning), if nobody then actually uses the service(s). I personally don't feel that creating this service would provide me any kind of learning opportunity, because all the necessary components are done and familiar to me.

5. Tails 5.15.1 is out, nice! 

6. WhatsApp allows you to close down anyone's WhatsApp account by just sending email to support, telling that the phone is stolen and including the phone number. - Nice. Does feature like that improve or weaken security?

7. People getting busted when using burner phones. No surprises there. Correlating burner information with known phones can quite quickly reveal who you are, as well as give quite good predictions where they should be waiting for you. Knowing location history, gives nice pointers for predicting location future.

8. Latest SimpleX version added delivery receipts, that's nice feature. And of course it's opt-in. It's an easy way of knowing if messages are getting delivered to the user end device or not.

9. Read nice overview about the new MLS encryption standard (RFC 9420). The article also nicely refers to Off-the-Record (OtR), Wickr and Signal protocols.
   My own opinions: It's very complex, meaning that it's likely that many implementations will be buggy. Or as we've seen over and over again, there won't be many implementations. Everyone starts using the same library because things are just way too complex. Like in the case of TLS. Wit hdefault settings it reduces forward secrecy for groups. Yet I'm quite sure that re-keying can be triggered on demand or based on schedule, without anyone leaving from the group. It wasn't explicitly stated in the posts how that should work. Just like with Signal protocol, some implementations allow you to even modify the parameters, like Matrix. But the worst part is that it requires central controller. And that's the part I'm most worried with distributed platforms. How that will work out, if we create a  room of 1000 users. And then the users are during the week randomly online for let's say 10 minutes. How re-keying will work out and what kind of restrictions and problems it'll cause. Does message flow stop or just receiving, sending and so on. We've seen all kind of complex variations about this with different existing platforms.

10. Some discussion about IPv6 UDP hole punching through stateful firewalls. Ouch.

11. Something not so different? Great stuff, - animated Ellicptic Curve Cryptography (ECC)( @ curves.xargs.org).