Scope, Security, Salamanders, Patching, UEFI, SSDFS, PSQL

1. Long discussion if programs should do, what they're supposed to do, or if they should do everything else as well. I personally prefer that programs do what they're supposed to do and do that well. If you need something else, you can then use other platforms and programs for that. As example, should every chat app provide video chat and file sharing features? What about cryptocurrencies? What about AI which generates funny emojis and write replies for you?

2. I've thought how I would say this. But let's format it this way: On some level, I'm totally shocked how much highly confidential information is shared on major cloud platforms, without encryption.

3. Invisible Salamanders in AES-GCM-SIV (@ keymaterial.net) - Very interesting properties. But could be quite compute intensive, if larger changes are required. Of course the aim is to keep the changes minimal when possible, and maybe change something like reference or such stuff. I always use OTP (XOR) as example, when people say that decrypted message X reveals. Ok. Here's my message ABCDEFGHIJKLMNOPQRSTUVXYZ and now when you OTP that with suitable key which you made up, you'll get exactly the plaintext you wanted. Nice, eh? - Obvious.

4. Binary Patching | Delta Encoding (@ Wikipedia) - Zstd can be used as efficient binary file patching engine (@ github.com) - I had missed that somehow, even if I did investigate last year some modern ways of producing binary patches. Purpose is making updating binaries faster and require a lot less data transfer for number of systems. kw: zstandard, patch, bsdiff, xdelta, vcdiff

5. Watched SimpleX Chat talk at Born Hack 2023 event. I don't have anything to add, a very nice with lots of details and facts.

6. Quad9 Turns the Sony Case Around in Dresden (@ quad9.net) - DNS censorship is quite common in some countries. It's good that some providers fight against it. Yet, when they say DNS isn't designed for data, it doesn't mean that it couldn't be used for data as well.

7. LogoFAIL (@ bleepingcomputer.com) UEFI exploit is too good to be true. It sounds more like it's intentionally planted backdoor. Well, why would anyone do such stuff?

8. Malicious Life (@ malicious.life). Yay, finally they fixed their RSS-feed. Now it directly links to right show, which can be listened. Earlier it just linked to other streaming services with show id, dropping the episode reference. Making it one of the worst websites I've ever used.

9. SSDFS (@ phoronix.com) - Way interesting file system for Linux. Which is optimized for ZNC SSD and HM-SMR drives. As I've posted, the Btrfs overhead is pretty high. Also ext4 got it's own drawbacks. The initial promises of SSDFS sound good. It remains to be seen what it can in reality deliver as well as it requires specialised from hardware.

10. Bunny CDN (@ bunny.net) re-trialed. It's nice and very easy to setup CDN with great pricing and good performance. Yet, I don't currently have anything what would need from their platform. Cloudflare's free tier delivers everything I need.

11. PostgreSQL transaction isolation (@ thenile.com ) - A nice post, nothing new. Everyone should know this stuff, but it often seems that they don't. There's just one trap, with Postgres all of the transactions need to use SERIALIZABLE. With SQL Server, I usually use SERIALIZABLE only for things I which require it, I also use UPDLOCK when selecting for updates and, if necessary, also HOLDLOCK (which is same thing as SERIALIZABLE), if it's necessary, knowing it blocks inserts. Without doing proper locking at early stages for the data, deadlocks become much more probable radically decreasing performance. It's also so easy to be careless and lock way too much with range locks when using SERIALIZABLE, or not to lock properly at early stages, which leads to deadlocks later. kw: SQL, PostgreSQL isolation levels

2024-10-13