The Grumpy Troll

Ramblings of a grumpy troll.

Docking Compute

What I would like to see emerge as technology is “compute docking”. A dock which provides, as part of the peripherals, more CPUs and RAM. This partially demonstrates a failure of software, in that the operating systems approaches in widespread use today have abandoned the idea of the OS and trust boundaries being spread over multiple machines. You get clusters, and software written to run across clusters with a lot of heavyweight infrastructure for scheduling, deployment, etc.

(more…)

OCSP Oops!

Conceptual Background OCSP provides a means for a TLS client to check that a certificate issued to a server is still valid, by asking for a “current proof”. In its original form, it’s a disaster: clients need to talk to the TLS server (typically a secure web server), find out who issued the certificates and where on the Internet they can talk to, to get a current cert, go off and talk to that OCSP server, get a current proof, then resume talking to the original server.

(more…)

Jitsi & Certificates

I’ve been on the lookout for an XMPP client I could trust, for macOS. Trust is a loaded term, but in this context, it means: Either not written in C, or very proactive about security updates OTR support Source code available, should I choose If installing binary packages, signed releases which can be verified. Today I installed Jitsi. It’s written in Java and is a little slow to start, but I’ll take that if it means my account isn’t compromised by anyone who can send me a friend request.

(more…)

I'm Back

This blog saw a bit of a hiatus; I’m back, I might post a little more often. Longer version: I had used custom-patches to the engine’s code-base to get group-by-time functionality for constructing the side-bar, but while I offered the patches upstream, I lost the time to write tests too. Life at a start-up, my time disappeared again and various factors led me decide to not spend what little time I had on the static site generator’s codebase.

(more…)

Keybase unwedging

[ This post originally appeared as a Facebook note. ] Disclaimer: this goes deep into computing, cryptography policy, gross Unix fiddling with keys and the like. If computers bore you, spare yourself and just stop reading now. I first tried out Keybase.io so that I could provide an informed opinion for my then-CEO, at a previous employer. I was unimpressed with the security model, but conceded that it might improve usability enough to be worthwhile anyway.

(more…)