Anthony Martinez @ajmartinez@librem.one
- Matrix
- @ajmartinez:txrx.staart.one
- Pixelfed
- https://pixelfed.social/ajmartinez
I like to work with my hands. That may mean hammering out solutions to complex problems in #Python or #Rust, building things in my shop, or spinning yarn to knit something warm. You’ll likely see some of all of that here. By day (and sometimes night) I keep >13k nodes and services alive in the Electric Vehicle sector.
PGP: FCBF 31FD B34C 8555 027A D1AF 0AD2 E852 9F5D 85E1
Joined Jun 2020
May well be that my USB-C hub, or my sys-usb qube, is to blame in my troubles with the Librem 14. Using everything straight off the laptop made it through a day of repeated Buildroot builds that flexed all my cores for more than an hour at a time.
Performance on my fairly beefy homeserver was atrocious the last 3-4 days. It took 9 attempts to join the synapse room on Matrix.org, and then the “solution” suggested was to add federation workers. Six hours after I noted more than 85% of my federation traffic was failing 1.37.1 was released, and actually addressed the very issue I was seeing.
If you’re running a Matrix homeserver do yourself, and everyone else, a favor and get off stale releases.
https://matrix.org/blog/2021/06/30/security-update-synapse-1-37-1-released
Anthony Martinez
boosted
Some words on why you should:
a) Always check certificates, and
b) Periodically make sure any devices you own are too
The steps for (b) are provided.
@moparisthebest pretty much everything under the umbrella of IoT is non-compliant with the protocol standards they use for telemetry.
For example, XMPP core states one MUST validate certificates if they are used. Given that my successful attack was both fast and trivial, it’s clear that part of the spec was ignored on the client and that indeed the server did not require a client cert or a stronger xmpp-sasl authentication method than “PLAIN”.
A post is coming soon.
Less than 5min with bettercap and sslstrip to intercept XMPP+STARTTLS. Always check certs y’all. No exceptions.
During a Qubes backup there was a slight dip in the battery charge even while plugged in. Next up, 12-thread DispVM compiling a bloated kernel.
Baseline charging rate for my Librem 14 over USB-C while running Qubes OS is.. 10W.
That may explain why the laptop died while charging from a low battery under load... I'll get some more data and see which rabbit holes that leads me down. Note that the same power supply handles all day heavy use on my work laptop without any decrease in battery status, so it can most certainly give more than 10W if asked.
On a train to add France to the list of countries I’ve physically traveled to in order to fix someone’s router...
Released v0.1.0 of check-tls-suites to provide some tooling to those who might want to check their cipher suites.
This takes the list of suites maintained by IANA, and uses them to check either a hex stream, or a list of integers like one might get from a TLS Client Hello in Wireshark or tshark. Each cipher is marked either as recommened, or not recommended.
Suites that are not recommended are wrapped in '!' characters.
Given that A Rust Site Engine was written for my better half, it appears another feature has been added to the 1.0 roadmap: an image gallery/slideshow.
Initial and simple POC is done... in JavaScript. It's not my favorite language, and it never will be, but I see how/why it's popular and useful.
ARSE 0.9.1 has been released
One step closer to 1.0.
Rust crate at: https://crates.io/crates/arse
Powering:
- https://ajmartinez.com
- https://anxioushousewife.one
- https://some.bullsh.art
Though other times I do update tech-y things: https://ajmartinez.com/tech/posts/202123-001-fedora-pcsc
TL;DR - if you're annoyed that using a smartcard with gnupg stops you from later using it with pkcs11 directly the solution is simple: kill gpg-agent.
@aral oh yeah, been cruising with ripgrep (and Rust) for quite a while now. Anytime I'm on a system that doesn't have it I weep a little.
Sometimes I do things that aren't computer related: https://ajmartinez.com/craft/posts/202124-001-spinning
Well at least when I’m stuck in Windows for work I’ve still got Emacs.
Update: I went ahead and tried to boot with my Librem Key plugged into the hub, and that works too.
It takes a while for the keyboard and mouse to come alive again after the login screen loads, and if you do something like disable the onboard panel and then accidentally sleep the machine rather than locking the screen you’ll be power cycling to get back in.
Pleased to report that all USB-C features offered by the Librem 14 work even when using Qubes OS.
Got my spare Librem Key working with my NUC today, though I did run into some trouble with pcscd/polkit/Fedora along the way. My solution is here: https://ajmartinez.com/tech/posts/202123-001-fedora-pcsc
- Matrix
- @ajmartinez:txrx.staart.one
- Pixelfed
- https://pixelfed.social/ajmartinez
I like to work with my hands. That may mean hammering out solutions to complex problems in #Python or #Rust, building things in my shop, or spinning yarn to knit something warm. You’ll likely see some of all of that here. By day (and sometimes night) I keep >13k nodes and services alive in the Electric Vehicle sector.
PGP: FCBF 31FD B34C 8555 027A D1AF 0AD2 E852 9F5D 85E1
Joined Jun 2020
