SQLCipher, NYM, SimpleX, Teams, Guacamole, OAuth2

1. SQLCipher implementation (@ zetetic.net), only thing that looks old fashioned is CBC, but it's basically used in a short streak of blocks for a single page in this case, because each page uses it's own IV. Also using per page IV is great for security, but it's sightly annoying for data alignment on drive. Usually database pages align with the underlying file system and so on, but the per page IV information ruins that alignment. Depending on different factors that's more or less bad. But no can do, it would be pointless to make system insecure to improve performance.

2. Update a bunch of NYM relays for a friend. Ah, always so fun, when they're making breaking changes and changing the process. Well, got it still done, but it's always as annoying (as usual). Also updated SimpleX SMP / XFTP servers and Tor SnowFlakes and lots of other stuff they're hosting.

3. SimpleX Chat restart loop, database deletion. UX issues (linking very bad). Problems linking with mobile, can't reconnect (very bad). Sure, it works if you have to, but otherwise it's just very painful experience even for tech nerds. And this is not all, Matrix is having again UTD (Unable to Decrypt, encryption key issues). - Normal software, normal day. Everything more or less broken.

4. Hashing, always to remember use namespace / domain separator, or if the hashing supports keying, case specific key. Why? Even if the content would happen to be known, then the hash outputs aren't going to be the same.

5. Microsoft Teams (@ Wikipedia) - Now they did break web hooks, posting to channels doesn't seem to be working. Log shows messages ok, even their log, and messages just aren't visible. URL, authentication and message payload (messagecard) all triple checked by three persons. - Thank you for that Microsoft. Well, at least Matrix and SimpleX chat are still working fine. - After getting frustrated for two days more with their crap. I decided that it's so bad, there has to be way better alternative solution. And there is. Just email the stuff to the channel, and it works immediately. It took literally like a minute to implement and another minute to push to production. - Duh! It's kind of funny that Microsoft implementation is so bad, that it takes more time to implement than several other platforms like Matrix, SimpleX and Telegram just to mention a few I've done.

6. Apache Guacamole (@ Wikipedia), so much tuning with. I found the extensions to be joyful, and riddled with all kind of problems. Well, just the usual story. Reserve plenty of time, and coffee and keep grappling with it until it does work. Doesn't work yet, but maybe after a few days more, might get some results. There has been progress, slow progress, but progress still. - I'm happy to report that everything is now perfect and works, after tinkering with all the settings, on several layers of the deep stack.

7. About some open source programs doing or not doing something. Nothing is fixed, especially on Linux. You can change absolutely anything you ever want to. - This discussion started from the point, that many operating systems randomize network MAC address nowadays for privacy reasons.

8. I've been dreaming about completely P2P DHT (@ Wikipedia) based messenger application for a long time. Yet, I'm very aware about the limitations and challenges it causes. Especially with mobile devices. These models are much better for at least 8 hours / day powered on (preferably 24/7) desktops and servers.

9. Outlook & Thunderbird - Finally tuned my TB to use OAuth2 with Outlook. Yawn, required dealing with some settings, and was slightly frustrating but doable. Allowing cookies for only necessary domains took a while. Ref: Modern Authentication Methods now needed to continue syncing Outlook Email in non-Microsoft email apps (@ microsoft.com) - Yet it was slightly annoying that SMTP is still using plaintext password authentication. Maybe TB starts supporting OAuth2 for it too at some point, yet that remains to be seen.

10. Something not so different? Super sonic passenger plane companies (planning to build) are still operating in 2024, and Exosonic (@ Wikipedia) is one I haven't mentioned yet in my blog. Of course there's the Boom (@ Wikipedia) !

2025-02-02