IM, Tweepy, TLS, IPv6, Scuttlebutt, Proxmox, FRA, FemtoStar

1. Read long thread how Signal is better than Telegram, but still, Signal lacks the feature of having random unlimited identities. As I've written several times, that should be basic feature. Otherwise it's trivial to cross-reference contacts. From privacy and anonymity standpoint lack of that feature is really major shortcoming. Multiple parallel, pseudonymous or anonymous contacts is a must.

2. Studied and tested Tweepy with MVP tests using a test Twitter account and API v2. Just out of curiosity, I don't have any real use case for that currently.

3. Just a funny thought, when Matrix gets it direct calls using WebRTC working, they could also offer direct messaging, instead of the relay messaging mode, which is currently being used. In direct mode, messages are sent directly from client to client, without being relayed over one or more servers.

4. Again long discussion about TLS certs. PAKE would be interesting (@ datatracker.ietf.org), but I haven't ever seen anyone using it. I personally prefer allowing specific certificate fingerprints, manual trust / cert pinning. Of course it requires manual update whenever the certificate is renewed.

5. Can we break things? I joined using IPv4 only server to room on Matrix which is on IPv6 only server. Using alias on dual stack server. Now I think that the federation is probably broken, that IPv4 posts are only visible to IPv4 + dual stack of course users and IPv6 posts are only visible to IPv6 users + dual stack of course. Wonderful times, still waiting for confirmation from peers that the situation is as messed up, as expected. After long debug chat, we concluded that yes, it's very broken. As example images from IPv6 only home server can't be seen on IPv4 only home servers. But it seems that messages can get relayed via dual stacked servers, using back fill feature. Ahh, go and then try to explain to normal user why things are like this. I concluded that the only correct answer "it's complicated" to many Matrix questions is the only right answer. If you answer anything else, you've probably missed some edge cases and therefore the answer isn't correct anymore. Same applies to encryption, data retention and so many other factors.

6. I did study Scuttlebutt Protocol Guide (@ GitHub) in detail. But the main question remains, what's the use case this is supposed to solve? Interestingly it's not explained very well. There are many many protocols to do many things, but what's the use case for this? Because different use cases also often affect how the protocol is designed to work. Is it designed to be fast, light, simple, complex, privacy preserving, secure, anonymous? - Well their example is a patchwork social media network on on peer 2 peer network.

7. Helped a friend to configure Proxmox on Debian to host Synapse Matrix Home Server with IPv6 addressing. Took a few tries to get all the configuration and routing to work correctly. But still took around 30 minutes including the trial and error episode.

8. Finally figured it out why shell commands with pipe '| something' fail so often, AltGr + space produces chr 160 or 0x0a or ' ' and it looks like space, but isn't. Result: Invalid command line, where one space is replaced with that chr(160) which looks similar, but naturally doesn't work.  And root cause is that AltGr was pressed when pressing the space bar key. But that happens quite often, because | requires AltGr with Finnish keyboard. 

9. Something not so different? Watched a documentary about Swedish signals intelligence. kw: SIGINT, FRA, Sweden. Also got lost in excellent steam locomotive site. That's bad, so much interesting history. I didn't even know that steam turbine locomotives where a thing.

10. FemtoStar (@ femstostar.com) a privacy oriented satellite communication platform. Sounds awesome and interesting, yet I'm very skeptical that plan like this would ever work for multiple reasons. First reasons are technical and funding and then of course that such platform should be so beneficial for specific organizations that most likely other very powerful organizations wouldn't let that happen.

2023-03-12