TRNG, BLAKE3, Read Ahead, LwM2M, MLS, AKE, Scripting

1. Again too much discussion about random, random number generation, amount of entropy and "security" it creates, this is total waste of time. But sure, there are things how Linux kernel works with random, there are TRNGs, and you can mix multiple sources and save pool state and so on. And next discussion about data integrity, well, things are done correctly or not. And when not, corruption is just normal and expected result. Phew. Done with this topic too.

2. Dropped BLAKE3 on multiple systems, and replaced older BLAKE2 with it.

3. Increased read ahead on a few traditional disks from 256 pages to 4096 pages. This radically improved overall throughput when drive is under multi process read load.

4. Studied few IoT protocols: OMA Lightweight M2M (LwM2M) (@ Wikipedia) and 6LoWPAN (@ Wikipedia) for one project... Haven't yet decided about the pros and cons of different solutions. So many options. Usually it comes quite easily when project is going on, we need to use X and then it's done, no need to discuss other alternatives. As said, I don't really how it's done, when it's just done. I can use any protocol when necessary. I don't have protocol / solution fixation.

5. Re-read version 13 of The Messaging Layer Security (MLS) Protocol (@ datatracker.ietf.org) - Interesting to see if Matrix and other IM platforms adapt this end to end encryption solution. This is actually pretty awesome. Because it could provide efficient E2EE for PubSub style services (or any other situation) where encrypted messages are exchanged with group of recipients. Yet it remains to be seen what kind of interesting security flaws and practical problems this very complex protocol will cause. kw: authenticated key exchange (AKE), draft-ietf-mls-protocol-13

6. Matrix peer-to-peer (P2P) implementations / project status tracking (@ arewep2pyet.com). Nice to see progress. Yet as mentioned P2P is not actually often preferred method, there's always careful consideration what's good model and what are pros and cons. Some users don't trust server, but if you do trust server, then serverless model is much better than serverless / p2p model from privacy stand point.

7. Quotes, first: "How this can be so expensive and take so long?" - After discussing the open matters and what kind of answers are needed... Then: "I have to say I don't understand anything about this". - Ok, so you know it's quick and cheap to do, even if you don't understand anything. - Check!

8. Fine-tuned IPv6 temporary addresses settings on multiple systems. Limit number of addresses, limit lifetime and lowered preferred lifetime to increase address rotation rate, yet not ending up with ridiculous number of addresses. Of course this does also limit maximum lifetime of TCP sessions over such connection / when address(es) expire. ref: net.ipv6.conf.default.temp_valid_lft and net.ipv6.conf.default.max_addresses.

9. Wondered Lacuna Space (@ lacuna.space) And how wonderful services they're going to provide. Global low-cost, low power, LoRaWAN connectivity via Satellites, perfect for remote / global IoT.

10. Registered for Neeva & Kagi "future search engine" beta phase, to check out what kind of service those actually provide. Interestingly both of the projects lack Wikipedia page. Well, no links then. Because those could fold, I don't want to link to their domain directly at this point.

11. Lots and lots of tinkering with shell scripts, automated many things. I also ported some of my simple scripts to Fish shell from Bash. Because it was just ridiculous to do Python 3 for such a simple tasks. Also improved some dangerous scripts so that all that parameters and paths etc are validated, so it's unlikely that the script will run from wrong directory or with seriously wrong parameters. Of course this is very unhackerish. ;) If user gives invalid input, well... Lots of tuning with sftp server and client side configuration, directory access rights, groups. wget cookie files post with wget, curl -I header handling with awk, and well. Just basic nerd stuff.

2023-06-18