Matrix, Passwords, SimpleX, Google Sites, Duplicati

1. Rotating Matrix (Element) encryption keys - How to do it? - First logout all devices except the one you're going to use for the rotation operation. When that's done, select delete key backup. At this point you can also easily change account password if you want to. Then logout the last remaining session with encryption keys. - Now keys are lost. - When you login next time just select that you want to reset encryption and store new backup key / set new backup password as well. Of course you can also choose not to enable encryption key backups completely. Now just login as usual from the other devices using cross signing, and mission is accomplished. All devices are now using new encryption keys with all chats. In case you have verified connections, please pre-announce them that you're doing to do this and maybe send them some clear identifier, when you can reshare again after resetting keys, creating seeming cross signing between then keys in logical terms. They have this nonce which is now signed with old and new keys. This makes it easier to initiate trusted verification process bit later, because the key reset doesn't seem arbitrary and random. Like it would likely be, if done by attacker. If you don't logout other devices, then after cross-signing, the old keys from other device(s) will automatically get copied to the device again. This allows you to retain chat history. Another way of doing is to export chat keys first, then do the key storage and identity-key reset operation, and then importing the old chat keys back. This allows you to maintain access to encrypted chat history.

2. Cyber security, long chats how police cracked 64 character random password and other stuff. It's interesting to see how this turns out. It's also interesting how long the process such a simple case. Huge waste of time and resources. - Way too much obvious discussion. Don't store data at all, which you don't want to leak. Don't assume that other people, companies or platforms care about information security at all. Therefore, don't give them any information that needs to be kept secure, and so on. - All totally obvious stuff.

3. SimpleX chat v5.4.0-beta.3 - Read release notes, so many fixes. It'll take a while before this is good enough for general use.

4. Google Sites - Did I say there are race conditions and sh111+ code? Yep. Just updated this site, I modified three pages and pressed publish. The list showed only two of the pages being changed. I went like wtf. I went to the page missing from the list, deleted one character from it and added it back. Went to publish and now it was ready for publishing. Even if I just had a minute ago added several lines to the page, so removing and putting back that one character didn't technically change anything at all. - Amaaazing coding skillzzz. - For some specific reasons I'm not going to repeat, I'm really allergic to these kind of problems which are caused by constant ignorance of basic logic. (This improved a lot after writing this post)

5. Based on Duplicati forum posts, the transaction journal and replay issues should be now fixed with the program. Unfortunately binary with the fixes hasn't been released yet. Yet the latest version finally recovers from corruption correctly after running manual repair mode. Yet, it still stops backups from working until the fix is run. Yet earlier this step also corrupted the data, but now thank god, it doesn't anymore. Final step is to get the journal to work correctly, so there's no need to run repair and the journal rollback / roll forward works as intended. - Actually in this case the problem is lack of marking in the journal, so roll forward process doesn't redo the necessary failed steps. For nerds: deleting stale index files. (This has been fixed after writing this post)

6. Reminded myself about CCM mode (@ Wikipedia). because it's supported by TLSv1.3.

7. Something different? Interesting tech: "thermoacoustic Stirling generator"  (@ Wikipedia) which cobmines ideas of thermoacustic heat engine (@ Wikipedia) and Stirling engine (@ Wikipedia).

2024-09-22