Restic, SimpleX, TunnelCrack, CloudNordic, Bricked, Fsync

1. Finally replaced my old 7-zip backup(s) with Restic (@ restic.net) backup. Way way faster backups, with specified history retention. - That's great.

2. Educated a few friends about UPS devices, AVR and other features (off/on-line etc). They live in an region where there's poor is really power quality. I personally think that here surge arresters and UPS units are mostly waste of money. It's almost a decade from previous power outage.

3. TunnelCrack (@ https://tunnelcrack.mathyvanhoef.com) - What a simple and a nice way to circumvent protection provided by many VPN solutions.

4. CloudNordic - Yet another cloud provider bites dust. All data, including customer data was lost to a ransomware attack. Great example why backups are important and there should be proper disaster recovery plan in place and it should be also tested and rehearsed regularly. I'm often wondering when people think that data is safe in the cloud. Do you have your own copies do you? If you don't, well. - Yet of course this is nothing new at all, unfortunately totally expected outcome.

5. Watched many CCC (Chaos Communication Camp 2023) videos, including the one talking about TETRA security and encryption flaws (@ media.ccc.de). As expected, amazing, excellent and hilarious work!

6. Tor PoW based DoS denial system explained Introducing Proof-of-Work Defense for Onion Services (@ blog.torproject.org). Yes, taking down Onion services has been too easy, but hopefully this limits some basic attacks which I've experimented with decades ago.

7. Had some very annoying problems with Unicode and cmd and .cmd script files. After some research changing codepage to Unicode fixed the issues. chcp 65001 - Phew! That's good to remember, I have to save that as separate script snippet for future use. Yet, why not go with .ps1 to begin with. Those default for Unicode (UTF-8) as everyone should. 

8. A friend Googled several times for highly questionable security related content. Then the phone suddenly offered an software update and got immediately bricked. For sure that sounds like trying to install a backdoor and something going wrong. Update trying to exploit something and boom. The phone got so badly bricked that some parts of the hardware sounding really unrelated to the software update had to be replaced to get phone working on again. - Could that be just a random coincidence? - Who knows?

9. With SimpleX, I also got another ingenious idea. - Sending messages selectively to groups can be used for spam. It's great that you can send spam, which the moderators and admins do not see at all. Wakes a classic troll in me. When users complain about spam, admins and mods say that they haven't seen any. - As said, every design comes with pros and cons and how those features can be used or abused. - Some people said that the client app won't allow. Wtf? It really doesn't matter what the official client app allows or doesn't allow. It only matters what the technology allows, you can always write your own client, server, or modify the existing client with your own changes.

10. Tested SimpleX Chat - simplex.chat - (@ simplex.chat) desktop AppImage. It's nice and works. Yet it uses different default paths than the CLI version. So I had to link a few directories, allowing using the same identity, database and config with CLI and Desktop apps.

11. Most interesting, one SimpleX server is operated by "Zentral- und Anlaufstelle Cybercrime NRW". Well, that's obviously totally random co-incidence right? Well, I wouldn't be surprised if they would be interested about the platform at this stage.

12. Daily frustration. Where do these software developers come from? They don't understand networking latency, blocking disk I/O latency, RAM latency and other basic stuff. They talk about RAM and CPU speed, when something is purely about blocking write I/O latency with fsyncs. When I say that if I use RAM disk, the task is at least 45x faster. They still keep talking about CPU and RAM. That's not the problem. Problem is that you generate massive amounts of fsyncs and related blocking I/O which cause the extreme latency from users viewpoint and a very bad user experience. - Honestly, where do these guys come from?

2024-06-30