MatrixTTL, DataMatrix, AI-XSS, Teams, Kometa

1. Provided some support for my Matrix TTL project. It seems that people are really frustrated with the current data retention solutions with Matrix. Of course deleting anything from "the cloud" won't guarantee complete deletion. But it' still better than not even trying. - The most common mistakes I've seen people doing repeatedly: Room Id in invalid format, User ID in invalid format, server name incorrectly specified, trying to delete all messages instead of just your own messages (without necessary permissions)

2. Read in detail - GS1 DataMatrix Guideline: Overview and technical introduction to the use of GS1 DataMatrix - Good information about the solution, yet nothing actually new for me. I've been dealing with the 1D and 2D barcodes for decades.

3. Haha, I figured out an XSS vulnerability against AI powered website. I just asked it to add unescaped HTML on the page, and I can now load anything from anywhere, because AI writes raw HTML code for the browser. As a sample, I just loaded images from other domain. But script tag also works just as well. Boom! Done! There were some protections in place, but I just worked those one by one to circumvent all of the protections. Like quotes, terminating open tags, and managing adding external domain references. It was obvious that the protections in place were inadequate. I kind of expected that, but I wasn't sure it was this easy.

4. Updated all systems to use the "New Teams", which is significantly faster than old Teams. The most important improvement is much quicker organization change. With "Old Teams" the user experience of changing organization was really exceptionally bad, as well as notifications often failed to work properly. As far as I've noticed, this is the most significant benefit of the new version. Of course it's generally also lighter and faster. But that's not so significant difference. Attachment handling is still quite weak and often manages to annoy me.

5. Sigfox (@ Wikipedia) got unfortunately killed by LoRa (@ Wikipedia), being more popular and open platform.

6. IP over Avian Carries (@ Wikipedia). I don't know how I could have missed the updated RFC6214. Anyway, when I linked to that legend, I have also link to this one: Sneakernet (@ Wikipedia).

7. Excellent article about radio antennas and receivers and how big difference those make. How the Russian Kometa system works. Kometa / GLONASS issue (@ mil.in.ua).

8. Long (mostly pointless) discussion about Memory Management Agent (MMAgent) and it's features MemoryCompression (@ Wikipedia) and PageCombining (memory deduplication) in Windows environment. Is it good or bad thing? As usual, it depends. Just like everything else. To most of questions, there's no single correct answer. Try it and find out.

9. WhatsApp channels is a nice feature. I've been wishing to have something similar with Matrix for a long time. Of course also the Telegram handles this very beautifully.

10. Fixed my X Post RSS feed (RSS @ s.sami-lehtinen.net) again. It seems that they're doing constantly breaking changes to make life harder. Thank you for that!

11. Final words: Freaking awesome, FIDO2 2FA works again with Google! It was broken for like half an year or something. But now it's good, if Google makes logging in hard enough. Less users will login. - It seems likely that for some reason, they allowed a device which they don't want to be used as Passkey to be added ass passkey. Yet, it's most interesting that it works with Microsoft as a passwordless login and so on. Now they don't allow using the device I added as a Passkey as a Passkey anymore. That's kind of funny. And probably this caused some problems. I still would say it's more or less broken.

12. Something different? Yet another joint fighter program. It's interesting to see if the Global Combat Air Programme (GCAP) (@ Wikipedia) will make any more progress than other similar discarded programs. When that was being mentioned, let's also refer to Main Ground Combat System (MGCS) (@ Wikipedia). Which is similar kind of joint project for new main battle tanks in Europe.

2024-07-28