Public Keys, Security, Retention, File Tunnel 

1. One party just announced that they're going to renew their keys. Keys will be renewed after given date and then you should just use TOFU (@ Wikipedia) with the new keys. - What an lovely process. I would have preferred knowing the new keys in advance as well as the announcement should have been signed. As well as it should have had a clear timestamp when the new keys should be used. Preferably before the old keys expire. - But this seems to be the (wrong!) norm. Someone renews the keys at some time, and we don't know what the new keys will be and when. Bruh. Then you'll just get new keys with TOFU (Trust on first use) and grant "full trust". Ouch! "The standard secure encryption / keying process". - At least they announced that the keys are going to be renewed. And not just randomly renew those out of blue. So this must be good then, at least much better than normal. Ah, new keys, let's use those, TAC (Trust Any Certificate) more widely used permissive trust model. At least data is still encrypted, protecting from fully passive listening. Yet active MITM (@ Wikipedia) would work and go completely unnoticed.

2. Cyber Security: A Pre-War Reality Check (@berthub.eu) - I really love Bert's posts, here's an excellent one! - I've asked so many times, why everything needs to be so complex, slow, messy, dependent on everything, brittle, unreliable etc. In this article he is asking exactly the same questions. - Also my posts asking for secure communication device, were among the same lines. People tell lies about this is secure, but truth is, none of the "new cool secure systems" are secure. Not even remotely!

3. Data Retention (@ Wikipedia) - You can't reliably delete data from modern computer systems, or especially from "the cloud". Everything you store, might potentially (safe to assume, it is) be stored forever. You can't control it, and or guarantee deletion.  - KW: data hygiene

4. After running extensive tests, it still seems that Duplicati backup is slightly broken, and doesn't recover from corruption in any sane way. Had to delete backup sets and recreate those. - Sigh... - So tired about this. - Update 2025, Duplicati project has made huge progress since writing this statement, and it's now MUCH better! I haven't seen any (serious / catastropic) restore issues for a while.

5. File Tunnel (@ GitHub) Tunneling TCP traffic using files as intermediate relay. This goes pretty well along the basic lines I've talked so much, tunneling anything over anything.

6. SimpleX Chat - It's nice to see the list of issues getting fixes between versions 5.7.0 - 5.7.4 - Yet all of those are quite expected based on the user experienced behavior. It's just funny how often obvious problems like these are ignored and or lied that it's ok. - It's great to see the matters getting addressed. (@ GitHub) Yet some options are still absolutely ridiculous like the ping count, at least there isn't ping timeout option anymore. It was absolutely ridiculous option to have. Yet, so is the ping count as well.

7. SimpleX Chat version now adds two-hop routing aka out bound relay (@ GitHub) - feature as beta, hiding users IP from other servers (and users) - opt-in "private message routing" that protects IP addresses from destination messaging relays - both configured and destination relays must support it.

8. SimpleX - Unexpectedly there has been also some spamming incidents in anonymous public groups. Ha, how unexpected.

9. SimpleX Chat v5.8 release notes (@ simplex.chat) - Now all the new features are collected in a single blog post by the SimpleX team. Including private routing details.

10. Engineering for slow internet (@ brr.fyi) - Absolutely great post! Most likely not at all surprising to anyone whom using systems with subpar network conditions. It's easy to find out, that many programs are total garbage and networking code is really bad. This article just goes and elaborates it a lot. TL;DR Show status, resume and don't use too short timeouts. - I've written several times about this specific topic.

2025-01-12