- PostsZola2023-06-14T00:00:00+00:00https://batsense.net/blog/atom.xmlSocial responsibility and basic needs2023-06-14T00:00:00+00:002023-06-14T00:00:00+00:00https://batsense.net/blog/14-06-2023-social-responsibility-and-basic-needs/<p>As social creatures, our responsibility and our needs don't just stop at
taking care of ourselves. Being nice to the people around us is integral
to our growth and the well-being of our society. So to say that humans
need only leisure and the ability to engage in creative pursuits to
sustain themselves is only partly true.</p>
<p>We need opportunities and the privilege to exercise compassion. Those of
us that are fortunate enough to have enough capital to become
self-reliant must also aim to be a little more than self-sustaining.
So that we can help those in need. It doesn't have to be a lot, but
creating a positive, strong, meaningful impact in someone's life is
critical to reconnect with our humanity and truly realise what it is
like to be human.</p>
Is privacy really possible?2022-09-03T00:00:00+00:002022-09-03T00:00:00+00:00https://batsense.net/blog/03-08-2022-is-privacy-really-possible/<p>My mind is a mess. Deep, focused thinking is rare. I have discovered that writing helps. Writing on paper, that is. I'm environmentally conscious, so I use my computer and only fallback to paper, when I feel like it is insufficient. Or when the thought is too intimate. Digital is scary, it is easy to spy computer activity than real life. But the physical environment is not safe either. Notes can be leaked, journals read and secrets exposed. So I briefly considered getting a cigarette lighter: burn the note as soon as it is written and has helped me gain clarity.</p>
<p>But is that private enough? What if we invent a gizmo to recover paper from its ashes. Chemistry tells it is impossible but for the sake of this argument, <em>what if?</em> Or what if we invent time travel tech to go back and read the note before it was burnt?</p>
<p>So writing notes isn't safe. That's okay, I will hold secrets in my head. But if what we invent mind reading tech? It will threaten our thoughts too. Combine that with time travel and the threat becomes eternal.</p>
<p>It is scary, and it seems like there is no privacy even in the seemingly safe cocoon of one's own mind. But it is far from the truth. In fact, this is one of the reasons why privacy should be more strongly be pursued. We must recognise that thoughts are worthless and inconsequential until they are acted upon. It is through thoughts and in collectives through discussion, will we be able to figure out what's right and what isn't.</p>
<p>So please don't spy and invade someone's privacy. It doesn't matter if you are a programmer or just a normal person, respect the other person's privacy. Don't read stuff that isn't meant for you. Leave us alone and we can all have privacy.</p>
I'm on the Fediverse!2022-06-07T00:00:00+00:002022-06-07T00:00:00+00:00https://batsense.net/blog/im-on-the-fediverse/<p>and I have ideas for it. Well, they are more like opinions, really.</p>
<p>I recently launched a <a href="https://gts.batsense.net/">GotoSocial</a>
instance to join
the <a href="https://en.wikipedia.org/wiki/Fediverse">Fediverse</a>. I was very apprehensive about re-joining the social media
because I struggled with Social media addition from middle school
through high school. It was toxic, I found myself spending irrationally
long amounts of time on it. So starting 2018, I began to slowly reduce
and delete my accounts on all the services that I used at that time.
It took a lot of effort but I finally did it: to me, social networking
after that meant ringing up a friend or meeting them IRL.</p>
<h1 id="joining-fediverse">Joining Fediverse</h1>
<p>Again, very apprehensive. I appreciate that technology connects people
from across the world. I met a lot of kind, interesting, and generally
nice people from around the world on the Internet even after I quit
social media.</p>
<p>These people are usually from forums, chartrooms, and emails &#8212 all
platforms that take effort to participate in. One has to be thoughtful and
articulate their communications to engage in such platforms. But the social media
is a cheat code: all one has to do is come up with a witty remark or a
clever comeback to have a good time on there!</p>
<p>I had to join the Fediverse since I'm working on
<a href="https://forgeflux.org">ForgeFlux</a>, a project that is based on the
methods and technology that powers the Fediverse to make software
development collaboration tools better represent real world scenarios
— essentially using social media tech to make the programming social media.</p>
<p>And so the GotoSocial instance.</p>
<h2 id="first-impressions-it-is-different">First Impressions: It is different!</h2>
<p>My biggest concern with modern tech is being unmindful during the time I
spend with it. In this regard, GotoSocial is very refreshing. GotoSocial
doesn't show posts that are older than your account(it's either that or
my instance is misconfigured). Also, it doesn't have recommendations
widgets. Which is nice. I mostly followed people that I already knew from
other channels and follow people that my following interact with and
interest me &#8212 closely mimicking meeting new folks IRL.</p>
<h2 id="but-i-am-still-concerned">But I am still concerned</h2>
<p>While I'm temporarily shielded from the effects of social media because
I'm new on there, I can see how following large amounts of people would
snowball into creating a very lengthy, frequently updating feed. I hope
social media creators recognize that they are building tools to help
people catch up with their friends and not necessarily helping them
being constantly on top of what's happening in their friends' lives.</p>
<p>One would say that frequent updates will help information reach people
in a timely fashion but that isn't entirely accurate: if there was an
emergency, I would be making a phone call or use some other means of
highly real-time technology that requires absolute engagement from all
involved parties than post on social media and hope that it reaches and
grabs the attention of all concerned parties in a timely fashion.</p>
<p>So I propose feed updates only be made in fixed durations. By updates, I
refer to downloading the posts created by the people I follow and
uploading my newly created posts to other people's feeds. This way, we
will only be catching up with each other rather than anxiously scrolling
and constantly refreshing for new updates.</p>
Quitting non-free services and search for blood donor: idea for an MxN contact discovery system2022-05-09T00:00:00+00:002022-05-09T00:00:00+00:00https://batsense.net/blog/mxn-contact-discovery-system/<h2 id="background">Background</h2>
<p>I use a few non-free services, mostly instant messaging services to talk
to my friends and acquaintances, but had plans to 'sunset' them by the
end of the year. I was going to make a public post or the equivalent for
<code>$service</code>, without spamming my whole network, explain my motivation and
advertise libre means of contacts that they can use to reach me. I had a
plan for every <code>$service</code>, and I was eagerly waiting to execute them. But
recently I had to search for blood donors for a friend and my search
exclusively used a popular non-free service. I'm not sure if the search
would have been as effective if I had quite though.</p>
<p>The service is popular among us Indians and is run by a not-so-nice
<code>$BigCorp</code> but since it is available free of cost, most people are willing
to overlook the fact that it is harmful in the long run. It is one of
the services that I have been trying to get rid of for the longest time;
I've been running it in a sandboxed environment, using [Shelter] (TODO:
get shelter's link), without exposing my contacts database and main file
system to minimize damage. And I was all set to gradually phaseout
and get off of the platform but the recent experience of contacting
multiple people for an urgent cause suggests it will be more difficult
than I had anticipated.</p>
<h2 id="problem">Problem</h2>
<p>If I had to mount a similar search without the non-free instant
messaging <code>$service</code>, I would have to ring each of the people that I
messaged, which is more time confusing and requires more effort than
simply forwarding and coordinating with multiple parties par rally via
text messages. Also, the phone call process would require both parties,
my friend and I, to be available at the same time. My friends are more
busier than I am, so the search effort would have been bogged down and
significantly less effective than the instant message approach.</p>
<p>In my opinion, this is problem is much more fundamental than quitting a
platform. How do I contact someone who is on a platform that I don't have
access to or am unwilling to use? Why do platforms, especially the
social kind, impose these barriers implicitly? And how to break them
without screwing up security or ruining user experience for all involved
platforms?</p>
<p>For the web, we have RSS: anyone and everyone can subscribe to websites
that implement RSS feeds, like my blog <a href="/blog/atom.xml">here</a>, and
receive updates whenever a new article is published. The subscriber
isn't required to negotiate with the publisher, all they have to do is
periodically check the feed for new entries, which will automatically be
done for them by [their feed reader of choice] ( TODO: get archlinux
feed reader list)</p>
<h2 id="the-real-problem">The real problem</h2>
<p>We have emails and other free, federating alternatives like Matrix and
<a href="https://fedi.party">the array of Fedi apps</a> but they aren't just as
widely adopted as the popular non-free service is. But that isn't the
problem. <em>How does one discover alternate ways to contact a person?</em></p>
<h2 id="mxn-contact-discovery-system">MxN contact discovery system</h2>
<p>I propose a system where a person is able to search for alternate
contacts on alternate networks using any prior contact that they might
have. So if I have a person's Fedi address, I could use it to search for
the person's, say, phone number or even their Matrix ID if they have
one. This way, I get to choose an alternate means of contact that we
both share or agree to use without directly negotiating with them. I
mean, it's first contact, how does one negotiate even before
establishing a means of communication?</p>
<p>The system would store two hashes of every contact identifier: one a
strong, untraversable hash and the other a weak hash using a proved
colliding hashing algorithm like MD5 or SHA-1. The strong hash will be
used to uniquely search for a related contact identifiers' weak hashes,
which will then have to be cracked by the searching party to retrieve
the underlying contact identifier. The contact identifier can carry
metadata like which network it belongs.</p>
<h3 id="hashed-contacts-or-how-to-safely-advertise-contacts-publicly">Hashed contacts or how to safely advertise contacts publicly</h3>
<p>The hash serves multiple purposes:</p>
<h4 id="1-combat-spam">1. Combat Spam</h4>
<p>Publicly accessible, freely distributed contacts databases are a
spammer's wet dream. A system like this shouldn't hold monopoly over
who/what a person uses to establish communication. But to securely share
contacts publicly, we need a method to restrict spammer/whole database
access without compromising free distribution.</p>
<p>The weak hash generating using collision-prone algorithms like MD5 and
SHA-1 will serve as an unconventional Proof-of-Work mechanism: the user
will have to crack the hash to retrieve a contact. A spammer would have
to do a lot of work cracking the hashes to mount a successful spam
operation but a person that is interested in only single person's
contact will have to spend a only comparatively reasonable amount of
time to retrieve the contact.</p>
<h5 id="2-no-trusted-entity">2. No trusted entity:</h5>
<p>In centralized systems, the service provider will act as a trusted
entity and ensure secrecy of the information they host. This has the
unfortunate effect of monopolizing the data hosted by them. A competing
service would have to start from scratch and aggregate data, which if
done with consent(as it should be), would require convincing people to
start using the service.</p>
<p>The hash-based system doesn't require secrecy
and data aggregated can be freely shared with other providers to create
a sustainable, federated/peer-to-peer network.</p>
<hr />
<p>My schedule at the moment is completely packed but if someone is
interested in implementing this system, they are most welcome to do it.
My contacts are available <a href="/contacts">here</a> if someone wants to
brainstorm ideas :)</p>
Project plans for a hosted Gitea online service2022-02-16T00:00:00+00:002022-02-16T00:00:00+00:00https://batsense.net/blog/16-02-2022-gitea-managed-hosting-plans/<p><em>This post was originally published on <a href="https://blog.dachary.org/2022/02/16/project-plans-for-a-hosted-gitea-online-service/">Loïc Dachary's
blog</a>.</em></p>
<p>Loïc and I are in the process of creating a 100% libre, managed Gitea
hosting service. Successfully monetizing such a service to a point where
it becomes self-sustainable is a very challenging task. Loïc wrote a
post that documents the challenges a libre, managed hosting service
provider would have to solve and he was kind enough to let me re-publish
it on my blog. Enjoy!</p>
<hr />
<p>When an organization asks me about Gitea, I would like to direct them to
a provider where they can rent an instance and just use it, in the same
way they can go to https://discourse.org for a forum, or
https://nextcloud.com for storage. Instead of waiting for that to
happen, <a href="https://batsense.net/about/">Aravinth</a> and
<a href="https://dachary.org/">myself</a> decided to do something about it, in a
way that is in line with our shared values: transparency and Free
Software.</p>
<p>After doing some research we found counter examples that showed the
pitfalls to avoid. GitLab because its business model heavily relies on
selling proprietary licenses. CiviCRM because setting it up is complex
and requires training: users can't figure it out on their own. Gitea
images provided by Digital Ocean because they do not include security
upgrades. MySQL configured and run by AWS because of the vendor lock-in
that makes it impossible to self-host.</p>
<p>We concluded that an online service such as Gitea can be hosted in a
sustainable way as long as:</p>
<ul>
<li>It is well maintained and upgrades itself</li>
<li>It can be self-hosted</li>
<li>The service can automatically be restored from backups when the
underlying resources fail</li>
</ul>
<p>GitHub and GitLab make it look like there is a market around software
forges. It is however impossible to figure out if this market exists
only because it is based on proprietary software. How many of these
customers would pay for a Free Software hosted Gitea instance?</p>
<p>Even if these customers do exist, a new service provider would have to
figure out how to convince them to subscribe. The technical development
of the service can be done within weeks but building a sustainable
business takes much longer. Again, there were examples of what can go
wrong, for instance ElasticSearch. After years of work developing a
successful online service and a customer base, AWS entered the
competition and started to take it away from them.</p>
<p>The sustainability of the Free Software ecosystem is a new and very
difficult problem to solve. It is discussed more than it ever was in the
wake of security breaches originating from widely used and yet abandoned
library or disillusioned Free Software authors self-sabotaging their
next release, and everyone has diverging opinions. It falls on each Free
Software author to spend time to think about their own projects because
there are no handbook or good examples to follow. That is what Aravinth
and myself did to find a semblance of clarity and decide how to go about
this hosted Gitea service idea.</p>
<h1 id="sustaining-free-software-online-services">Sustaining Free Software online services</h1>
<h2 id="more-mature-online-services-mean-less-opportunities-to-sell-services">More mature online services mean less opportunities to sell services</h2>
<p>Ideally the software running an online service is rock solid and bugs
are so rare that it can run unattended. This is true of
https://wordpress.org and it is not uncommon for an instance to run for
years while upgrading themselves to get security patches. The cost of
maintaining such a service is negligible and hosting companies can offer
it for free to their customers. They make their profit by renting the
machines on which the service runs.</p>
<p>When the software is not as mature, it is more expensive to run. Bugs
need fixing, upgrades require manual intervention, users must be trained
to overcome the complexity of the user experience, etc. Well known
examples are Discourse or CiviCRM for which companies sell services to
overcome these issues.</p>
<p>But when an organization is both the author of the software and the
provider of paid services to compensate for its lack of maturity, it
creates a conflict of interest. Should they focus their effort on making
the software more mature, they would harm a business model that is based
on this very lack of maturity. For instance, if the author of a software
also sells training courses, they are not motivated to solve user
experience issues. If they did, it would lower the need for training
courses and reduce their income.</p>
<h2 id="free-software-online-services-in-the-wake-of-the-sustainability">Free Software online services in the wake of the sustainability</h2>
<p>crisis</p>
<p>Nowadays all Free Software authors struggle to get enough resources to
produce a steady stream of releases, even when the project is very
popular. This sustainability problem is getting more and more attention
as the number of Free Software projects in use world wide keeps growing.
Even the simplest online service relies on thousands of Free Software
projects, each of which needs work to keep going. Accidents caused by
poorly maintained Free Software projects become more frequent.</p>
<p>This Free Software sustainability crisis is barely emerging and very
much resembles ecological problems such as climate change. In both cases
it is very difficult to figure out how to properly care for the
resources that are consumed. After decades of advocacy, it is generally
accepted that fossil energy won't last forever but there still is a long
way to go. It will also take a long time for the Free Software community
to answer this simple question: how to sustain an ever growing library
of Free Software?</p>
<p>Luckily, it is relatively simpler to solve that problem for an online
service because it has users. They can be reminded that their assistance
is needed to keep the project afloat, for instance by a donation. A
proposition that would be much more difficult to make for the author of
a cryptographic library. Convincing users to pay for an online service
has the best chance of success when the author of the software is also
the service provider. This is the business model of Discourse and
Weblate, but it is relatively fragile because nothing stands in the way
of the competition.</p>
<p>A few years ago ElasticSearch successfully developed an online service
offering. But when AWS entered the competition and was better at
marketing it, ElasticSearch quickly realized they would likely go out of
business. They tried to fight back by <a href="https://www.elastic.co/blog/licensing-change">changing their
license</a>, which was the
wrong answer to a real problem. Discourse or Weblate are also likely to
face competition from hosting companies in the future and they may not
survive it.</p>
<p>In the end, the durable source of income for a Free Software online
service is to rent the resources (CPU/RAM/network/disk) it needs to run.
In other words only hosting companies can make a profit when running
such an online service. And for that reason they also need to share part
of the profits to ensure the sustainability of the Free Software service
their customers need.</p>
<h1 id="online-services-vendor-lock-in-is-cured-by-free-software">Online services vendor lock-in is cured by Free Software</h1>
<p>When hosting companies offer online services they also provide upgrades
and transparent recovery when the hardware fails. But none of them allow
the service to be self-hosted. When their price policy change, or when
the term of services ban users from a given country, migrating the
service elsewhere it costly and difficult. For instance when AWS runs
MySQL for their customers, they allow to download the data but not the
software that runs the proprietary AWS interface used to configure and
control the server. Another example is GitHub where the content of the
git repository can be downloaded but the code that runs GitHub itself is
not Free Software.</p>
<p>If a customer cannot run the same software as their service provider,
they are locked-in, even if they can download their data. It is a common
misconception to think that there is no vendor lock-in as long as it is
possible to download the data in an standard format. Migrating the data
from one software to another is, more often than not, time consuming and
costly to a point that it is effectively a blocker. A GitHub salesperson
would argue that it is possible for people to run GitHub Enterprise on
their own hardware. But the vendor lock-in is still present via the
proprietary license contract. The user experience, maintenance and
upgrades are still exclusively controlled by GitHub.</p>
<p>To guarantee their independence, the customers of an online service need
to be able to:</p>
<ul>
<li>Download their data</li>
<li>Run the exact same Free Software as their service provider</li>
<li>Run the exact same Free Software infrastructure as code as their
service provider</li>
</ul>
<p>The requirement regarding Free Software infrastructure as code refers
to, for instance, the AWS control panel and all that is behind it when
creating a new MySQL service. It includes whatever a competitor would
need to run the same online service. An example would be
https://enough.community, an infrastructure as code dedicated to
creating the services needed by whistleblowers and human rights
defenders. It consumes resources rented by hosting providers, assembles
disks and machines, setup monitoring and intrusion detection, installs
various online services and upgrades them.</p>
<p>The availability of the software that creates the infrastructure is not
only useful to the competitors of a service provider. It also benefits a
non-profit that wants to provide (for instance) Wordpress instances to
its members. Without it they would need to create something from scratch
using building blocks such as CiviCRM. Even though such building blocks
exist, this is a significant undertaking and effectively a blocker.</p>
<h1 id="federated-online-services-and-durability">Federated online services and durability</h1>
<p>All self-hosted services are in danger of loosing the data they contain.
When a Wordpress service is hosted in a home and the machine dies, it
must be restored from backups... when there are backups. Hosting
companies ensure the durability of the data with their own backup
system. It creates a dilemma for people who are looking into self
hosting: independence is desirable, but is it worth taking the risk of
data loss?</p>
<p>Federated online services do not suffer from this problem, because they
can mirror each other. A Gitea instance that is federated with another
will mirror copies of software projects found on its peers. Should one
instance be destroyed, mirrored projects can be resurrected from the
federated instance. Not only is it a practical way to ensure the (rare)
failure of an entire datacenter, it also helps with the (more frequent)
destruction of self-hosted machines. Contrary to backups that require
special attention, the replication involved in federated online service
is built in and works continuously. There is no need for an extra backup
service that is very rarely used and therefore likely to fail when
needed.</p>
<p>Federated services are not yet mainstream and Gitea is one of the rare
services that started to implement the concept. In the interim,
customers of an online hosting service will need to worry about backups
to ensure the durability of their data. But the ultimate solution for
them won't be the emergence of an ideal backup infrastructure, it will
be replication (via federated services) that will continuously ensure
the durability of their data.</p>
<h1 id="paths-forward">Paths forward</h1>
<p>The Gitea project itself, following the footsteps of Discourse or
Weblate, could provide a hosting service. Part of its current user base
may become customers and there does not seem to be any blocker to make
that happen. As with most successful Free Software project, people
working on Gitea daily are already very busy and cannot engage in such a
long term project. But Aravinth and myself can, if they will have us.</p>
<p>Another path forward would be to wrap Gitea into a bundle that existing
hosting companies could easily use to provide such a service to their
customers. The biggest hosting companies are unlikely to be interested:
if Digital Ocean was to provide upgrades on top of their existing Gitea
image, they are more likely to rely on their internal staff to implement
that from scratch, as proprietary software integrated into their
existing infrastructure. But smaller hosting companies such as
https://Octopuce.fr or https://Easter-Eggs.com, who already deploy Gitea
instances for their customers, would use it if, for instance, it helped
with the upgrades. They would then kindly be reminded to give back a
share of their profits in order to sustain the development of the
service they deploy.</p>
<p>Finally it would also be possible to follow the example of GitLab in the
early days (before it turned to proprietary software) or Codeberg and
offer a free shared forge hosting service to build a user base. After a
few years, a percentage of the user base would convert to being paid
customers or donors to sustain the activity and part of the income would
be used to sustain the development of the service.</p>
Gotta Love Europe2021-12-26T00:00:00+00:002021-12-26T00:00:00+00:00https://batsense.net/blog/26-12-2021-gotta-love-europe/<p>After getting a static IP for my internet connection at home, I decided
I had to get a VPN subscription(<a href="https://mullvad.net/en/">Mullvad</a>, not a
paid endorsement; but man, are they fantastic!).</p>
<p>Using the VPN, I was able to "visit" countries. You'd think you'd see
idempotent behavior from websites but, no. They go out of their way to
treat us like crap. See for yourself:</p>
<p><img src="/img/blog/26-12-2021-gotta-love-europe/consent-google-com-basic.jpg" alt="consent.google.com basic consent form" /></p>
<blockquote>
<p><code>consent.google.com</code>? I didn't know Google was capable of saying the C-word</p>
</blockquote>
<p><img src="/img/blog/26-12-2021-gotta-love-europe/consent-google-com-advance.jpg" alt="consent.google.com advance consent form" /></p>
<blockquote>
<p>And they ask consent for YouTube too!</p>
</blockquote>
<p>You will be greeted by the above webpage when you visit <em>any</em> Google
website, search included, for the first time. And Google wasn't the only
service that was suddenly privacy-respecting when I switched to Europe.</p>
<p>In my opinion, ad blockers, JavaScript-disabling plugins, and a host of
other privacy tools are only trying to compensate for the lack of good
policy. And sometimes, no matter how good and technically sound the
circumvention mechanisms are, a lack of policies will always come back
to bite us.</p>
Basic needs2021-12-03T00:00:00+00:002021-12-03T00:00:00+00:00https://batsense.net/blog/03-12-2021-basic-needs/<p>I think definition of basic needs is a little outdated. I mean, a
roof over your head, food on the table, clothes on your back and a bed
to sleep in? They sound like the needs of cattle than that of a
complexed, civilized human.</p>
<p>Here's how I describe basic needs: the ability to pay for or acquire
decent healthcare, quality family time through vacations and other
means, and self-development for fitness, hobbies and the likes. I'm not
saying that owning a private yacht and a personal fitness studio should
also be considered basic needs --- that's luxury but letting off steam
once in a while and engaging in creative pursuits are all part of a
healthy, sustainable and happy life, is it not?</p>
<p>Sure, this post might come off as entitled but I think if humanity is able
to meet these needs, we will be free of suffering, gleaming with joy and
have a sense of fulfilment!</p>
Math and second systems effect2021-09-13T00:00:00+00:002021-09-13T00:00:00+00:00https://batsense.net/blog/13-09-2021-math-second-systems-effect/<p>I think math is suffering from <a href="https://en.wikipedia.org/wiki/Second-system_effect">second-system
effect</a>. Right from
7th grade onwards, kids are taught about symmetric functions and whatnot
but are rarely told where they become useful. And as years go by and as
the kid advances in school, additional baggage is added to a point where
the sole purpose of this ordeal, at least in my opinion, is to torture
the kid into oblivion.</p>
<p>This semester I have graph theory at school. Graph theory is one of
those things that feels like reading a quick start manual --- almost
everything taught has some <em>real</em> and actionable purpose. Which is
pretty cool. Now this isn't because of some magical trait of the subject
itself, it's just that my 7th grade garbage is finally seeing some
usage. Also, it's amazing how we spend years learning how to <em>read</em>
math. I get it. Mathematical logic can't have any exceptions and should
hold true in all cases. So a perfect language to describe the perfect
system. Sound familiar?</p>
<p>Now it can be argued that math has been very successful to a point where
entire fields of studies have been born out of it. But very few subjects
are as notorious as math is. Another case in favour of its complexity
is that the field is hundreds, if not thousands, of years old and the
knowledge accumulated over such a long period will be inevitably
complex. This is a valid point, but it doesn't make the learner's life
any easier.</p>
<p>In my opinion, a peek into the useful aspects of math occasionally
should provide sufficient motivation to pursue its study. Mindlessly
reading specification after specification without ever understanding its
intended purpose will only serve to demotivate the learner.</p>
<p>I could never do math. I always taught I wasn't cut out for it and so it
has never been my thing. But this recent experience makes me wonder if
math is plagued by second-system syndrome and, at least in my case,
collapsed under its own weight.</p>
<p>But then again, I might simply lack the lobes for it :)</p>
<video
style=display:block;margin:auto;
alt="lobes reference: Rom, in classic Ferengi style, tries to cheat his brother Quark and take over his bar. Any normal species would call it a betrayal and generally burn bridges but not the Ferengi. Quark is impressed by how deceitful Rom was and praises Rom: I didn't think you had the lobs"
controls autoplay loop muted playsinline width="350px">
<source src="/img/blog/13-09-2021-math-second-systems-effect/firengi-meme.mp4" type="video/mp4" />
</video>
Ideal backup situation2021-09-10T00:00:00+00:002021-09-10T00:00:00+00:00https://batsense.net/blog/10-09-2021-ideal-backup-situation/<p>I've been playing fast and loose with backups, and I've been extremely
fortunate to have not suffered any serious system failures or data
loses. I recently recovered from systems failures on my Raspberry Pis
caused by upgrading Debian Buster to Bullseye. The outage wasn't a
because of a bug in Bullseye, the upgrade modified some parameters
<code>/boot/firmware/config.txt</code> which, for some reason, prevented the board
from booting.</p>
<p>Also around the same period, my place was being renovated, and the
construction workers had nicked the main power supply lines. As a
result, we were experiencing some wild voltage fluctuations and power
outages. I thought I burnt my boards from either one of these two
things. It was time to set up a proper backup mechanism.</p>
<h2 id="requirement">Requirement</h2>
<p>I have roughly 3 TB of storage across multiple devices and none of these
were being backed up. Going by the
<a href="https://en.wikipedia.org/wiki/Backup#3-2-1_rule">3-2-1</a>, I would
require at least 9 TB + 3 TB of storage(3*3 + some additional space for
versioned backups --- most backup systems these days are chunk snapshot
systems so versioning is very efficient). But since I'm broke and can't
afford offsite storage, my requirements are down to 6 TB + 2 TB.</p>
<h2 id="my-current-solution">My current solution</h2>
<p>I bought two 4 TB disks and setup <a href="https://www.borgbackup.org/">Borg</a>
backup jobs to run at night. I currently have 7 daily, 4 weekly and 4
monthly snapshots on the first disk and the second disk contains 4
weekly and 4 monthly snapshots, and is unplugged and stored at a
different part of the house.</p>
<p>Ideally, it should be plugged in at a different part of the house, away
from my server rack, but I neither have the hardware nor the
infrastructure to implement that.</p>
<h2 id="ideal-solution">Ideal solution</h2>
<p>My current set up will work in most cases. I live in a calm neighborhood
in a very safe city(not prone to natural calamities and such) but
<em>ideally</em> there should be at least one copy of offsite backup. So I did
some math to see how much it would cost me:</p>
<h3 id="aws-s3">AWS S3</h3>
<p>AWS is usually the cheapest and there's probably an adapter available
for Borg</p>
<ul>
<li><strong>pricing:</strong> <a href="https://aws.amazon.com/s3/pricing/">$0.023/GB-month for the first
50 TB</a></li>
<li><strong>cost:</strong> $0.023 * 3 * 1024 = $70.656/month</li>
</ul>
<p>But I don't like AWS or anything Amazon</p>
<h3 id="tarsnap">Tarsnap</h3>
<p>Tarsnap is developed by <a href="https://www.daemonology.net/blog/">Dr. Colin
Percival</a> and is quite popular.</p>
<ul>
<li><strong>pricing:</strong> <a href="https://www.tarsnap.com/">$0.25/GB-month + $0.25/GB
bandwidth</a></li>
<li><strong>cost:</strong> $0.25 * 3 * 1024 = $768/month + bandwidth costs</li>
</ul>
<p>And is also quite expensive!</p>
<p>I can't afford either of these solutions. My current setup set cost me
roughly ₹16,000 or $220 or the two months worth of AWS rent. Which is
ridiculous. So here's my proposal:</p>
<p>As the internet becomes more diverse and more decentralised, home
servers will become a common thing. This means more folks, like myself,
will be on the lookout for cheap backup and failover solutions.
Normally, these home servers won't be at 100% utilization(I'm currently
at 20% across the fleet) so forming rings of trust among friends and
family will be mutually beneficial. This way, the participants within
the ring can rely on each other's facilities for backups and
failover situations for a fraction of what a cloud-based solution would
cost.</p>
<p>Of course, there should be proper measures taken to prevent unauthorized
access and trespassing, but they are implementation details.</p>
NAT Troubles or how my ISP screwed me over2021-07-18T00:00:00+00:002021-07-18T00:00:00+00:00https://batsense.net/blog/18-07-21-nat-troubles/<p>Couple of days ago, I woke with my inbox filled with alerts from my
<a href="https://stats.uptimerobot.com/EQ7VJHWylx">monitoring service</a>, the
dashboard was lit up like a Christmas tree. I'm not new to having
downtimes, but this was the most unusual one: the servers were alright,
the internet connection was fine, but the services were
inaccessible. I had a bad feeling about this one.</p>
<p><img src="/img/blog/18-07-21-NAT-troubles/inbox-nightmare.png" alt="Inbox full of alerts" /></p>
<p>You see, most of my internet presence comes out of my bedroom. This
website, my search engine, and even <a href="https://matrix.org">my favourite instant
messaging platform</a> is operated right out of my
bedroom. This has been possible because I've had a publicly accessible
IP address. It's dynamically allocated but thanks to
<a href="https://en.wikipedia.org/wiki/Dynamic_DNS">DDNS</a>, it works! Everything
was fine until my ISP decided to put me behind a NAT. I told them that
I'm okay with paying for a static IP, but they said they only offer
static IPs for enterprise accounts. I love my ISP, I think they are
great but a static IP costs ₹200/month(~$3) only, but they want me to
upgrade to a plan that costs four times more than what I'm paying now.</p>
<p>I can't buy an enterprise connection and I can't migrate the fleet to
the could because it's expensive, and my parents will disown me. The only
logical option is to switch to an ISP that offers static IPs. But in the
meantime I have set up a tunnel between my servers and a cheap
DigitalOcean box using
<a href="https://github.com/fatedier/frp#rewriting-the-http-host-header"><code>frp</code></a>.</p>
<p>It's only been a few hours since the tunnel was set up but so far,
everything seems to be okay. There's a client and a server component,
the client is run on machines behind NAT and the server on a machine
that's exposed to the internet. The client connects to the server and
sets up a reverse tunnel. They support a wide range of protocols
including <code>HTTP</code>, <code>HTTPS</code>, <code>UDP</code> and <code>TCP</code>. Compared to my previous
setup, performance is a little
sluggish, but that's expected since the application now sits behind
two reverse proxies instead of one. But it's usable.</p>
<p>Here's an example <code>frpc</code>(<code>frp</code> client) configuration for <code>HTTP</code> and
<code>HTTPS</code>:</p>
<pre data-lang="ini" style="background-color:#2b303b;color:#c0c5ce;" class="language-ini "><code class="language-ini" data-lang="ini"><span style="color:#b48ead;">[libreddit-https]
</span><span style="color:#bf616a;">type </span><span>= https
</span><span style="color:#bf616a;">local_ip </span><span>= </span><span style="color:#d08770;">127.0.0.1
</span><span style="color:#bf616a;">local_port </span><span>= </span><span style="color:#d08770;">443
</span><span style="color:#bf616a;">use_encryption </span><span>= </span><span style="color:#d08770;">true
</span><span style="color:#bf616a;">use_compression </span><span>= </span><span style="color:#d08770;">true
</span><span style="color:#bf616a;">host_header_rewrite </span><span>= libreddit.batsense.net
</span><span style="color:#bf616a;">custom_domains </span><span>= libreddit.batsense.net
</span><span>
</span><span style="color:#b48ead;">[libreddit]
</span><span style="color:#bf616a;">type </span><span>= http
</span><span style="color:#bf616a;">local_ip </span><span>= </span><span style="color:#d08770;">127.0.0.1
</span><span style="color:#bf616a;">local_port </span><span>= </span><span style="color:#d08770;">80
</span><span style="color:#bf616a;">use_encryption </span><span>= </span><span style="color:#d08770;">true
</span><span style="color:#bf616a;">use_compression </span><span>= </span><span style="color:#d08770;">true
</span><span style="color:#bf616a;">host_header_rewrite </span><span>= libreddit.batsense.net
</span><span style="color:#bf616a;">custom_domains </span><span>= libreddit.batsense.net
</span></code></pre>
<p>Hopefully <code>IPv6</code> deployment increases and this post is rendered useless
but if there's someone out there who's trying to get past the NAT and
requires assistance, feel free to contact me!</p>
Home defense adventures with Hikvision CCTV cameras2021-03-26T00:00:00+00:002021-03-26T00:00:00+00:00https://batsense.net/blog/26-03-21-hikvision-cctv/<p>We recently got robbed, so we decided to secure the house with some CCTV
cameras. Ours is a modest setup with nine 5MP cameras and a DVR
recording all the footage from those cameras at 1080p. The DVR can
connect to Hikvision's cloud infrastructure so that owners can see live
footage using the internet., which I don't like. I mean, in the past few
years, I've moved all my online life from Big Brothers to my servers for
privacy reasons, so giving free access to live footage of my house to
companies is certainly not acceptable.</p>
<p>So I decided to set up the DVR in an isolated network(without access to
the internet), expose its web interface(the DVR has a web interface) via
a reverse proxy to the internet. This post is an attempt to record my
findings. </p>
<p>I'm using Nginx for reverse proxying. Setting up the reverse proxy
wasn't straightforward. The web interface has many quirks and no
documentation.</p>
<h2 id="first-attempt-simple-reverse-proxy">First Attempt: simple reverse proxy</h2>
<pre style="background-color:#2b303b;color:#c0c5ce;"><code><span>server {
</span><span> server_name example.com;
</span><span> location / {
</span><span> proxy_pass http://dvr-ip-address;
</span><span> }
</span><span> listen 443 ssl;
</span><span> listen 80;
</span><span>--- snip ---
</span><span>}
</span></code></pre>
<p>This setup exposed the web interface, I was able to log in, but video
playback wasn't working. It would work when I directly access
<code>http://dvr-ip-address</code> but not through the reverse proxy.</p>
<p>I poked around with browser dev tools for a bit and learned that video
was handled by WebSocket connections. And so:</p>
<h2 id="second-attempt-there-s-a-websocket-component">Second Attempt: there's a WebSocket component!</h2>
<pre style="background-color:#2b303b;color:#c0c5ce;"><code><span>server {
</span><span> server_name example.com;
</span><span>
</span><span> # some static files were taking forever to download
</span><span> # so I hooked it up with a cache
</span><span> proxy_cache hikvision;
</span><span> location / {
</span><span> proxy_pass http://dvr-ip-address;
</span><span>
</span><span> proxy_http_version 1.1;
</span><span> # Ensuring it can use websockets
</span><span> proxy_set_header Upgrade $http_upgrade;
</span><span> proxy_set_header Connection "upgrade";
</span><span> proxy_redirect http:// $scheme://;
</span><span>
</span><span> # These sets the timeout so that the websocket can stay alive
</span><span> proxy_connect_timeout 7m;
</span><span> proxy_send_timeout 7m;
</span><span> proxy_read_timeout 7m;
</span><span> }
</span><span>
</span><span> listen 443 ssl;
</span><span> listen 80;
</span><span>
</span><span>}
</span></code></pre>
<p>Some files were taking forever to download, so I hooked it up with a
cache to speed things up. Video playback wouldn't work even with these
modifications. So I had to dig deeper with the browser dev tools. </p>
<p>Server ports are hardcoded in the frontend application. The DVR system
listens on four ports:</p>
<ul>
<li>WebSocket server for video playback (with and without TLS, separate
ports)</li>
<li>controls, authentication, etc. (with and without TLS, dedicated ports)</li>
</ul>
<p>Instead of having the back-end handle HTTP to HTTPS redirection, the
ports are hardcoded in the frontend. The TLS WebSocket server
listens on <code>7682</code> while the plain text WebSocket server listens on
<code>7681</code>. And the frontend, depending on the URI scheme, toggles between
the ports. The reverse proxy had TLS configured, so it was trying to
contact <code>wss://example.com:7682</code>.</p>
<h2 id="third-and-final-attempt-work-already">Third and Final attempt: work already :/</h2>
<pre style="background-color:#2b303b;color:#c0c5ce;"><code><span># server handling configuration, authentication, etc.
</span><span>server {
</span><span> server_name example.com;
</span><span>
</span><span> proxy_cache hikvision;
</span><span> location / {
</span><span> proxy_pass http://dvr-ip-address;
</span><span> }
</span><span>
</span><span> listen 443 ssl; # managed by Certbot
</span><span> listen 80;
</span><span>
</span><span>}
</span><span>
</span><span># websocket server
</span><span>server {
</span><span> server_name example.com;
</span><span> listen 7682 ssl;
</span><span>
</span><span> location / {
</span><span> # nginx talks to backend in plain text
</span><span> # and hence 7682-7681 plumbing
</span><span> proxy_pass http://dvr-ip-address:7681;
</span><span>
</span><span> proxy_http_version 1.1;
</span><span> # Ensuring it can use websockets
</span><span> proxy_set_header Upgrade $http_upgrade;
</span><span> proxy_set_header Connection "upgrade";
</span><span> proxy_redirect http:// $scheme://;
</span><span>
</span><span> # These sets the timeout so that the websocket can stay alive
</span><span> proxy_connect_timeout 7m;
</span><span> proxy_send_timeout 7m;
</span><span> proxy_read_timeout 7m;
</span><span> }
</span><span>
</span><span>}
</span></code></pre>
<p>I opened port <code>7682</code> on the reverse proxy to
and forward it to port <code>7681</code> on the back-end for video playback and it
works!</p>
<h2 id="conclusion">Conclusion</h2>
<p>There are a lot of weird things about the Hikvision DVR's web interface.
There was an SSH toggle switch that wouldn't work(I dug up its manual on
the internet, apparently my model doesn't have SSH). The root is not at
<code>/</code> but they have a redirect to <code>/doc/something</code>, which is weird.
There's a separate WebSocket server that listens on a separate port when
they could have simply scoped it to a certain path on the main server.
The web interface is practically useless on mobile devices: video
decoding is done client-side with WASM. So mobile devices struggle to
process feeds from two cameras simultaneously. I understand that these
systems are designed to Just Work™ but software design should be
intuitive and it certainly shouldn't take a whole day to set up a simple
reverse proxy!</p>
mCaptcha - to hell with captchas!2021-03-04T00:00:00+00:002021-03-04T00:00:00+00:00https://batsense.net/blog/04-03-21-mcaptcha/<p>While working on <a href="https://github.com/shuttlecraft/identity">Identity</a>, I
noticed some of the endpoints were computationally expensive. The target
platforms for Shuttlecraft systems are cheap computers such as Raspberry
Pis so I learned a <a href="https://rust-lang.org">new language</a> and picked up a
new <a href="https://actix.rs">web framework</a> among many things, to make things
go faster. And those computationally expensive endpoints were dog slow
and vulnerable to denial-of-service attacks if left unprotected.</p>
<p>I came up with the following ways to rate-limit those endpoints:</p>
<ol>
<li>Captcha: reCaptcha/hCAptcha types</li>
<li>IP based filtering: <code>x</code> requests per IP address during a specific
interval of time</li>
<li>Do nothing: there's only so much that you can do :p</li>
</ol>
<p>Let's analyse each one of these solutions.</p>
<h2 id="1-captcha">1. Captcha:</h2>
<h3 id="pros">Pros:</h3>
<ul>
<li>Captcha widgets are the norm for detecting bot activity.</li>
<li>Large companies like Google and Cloudflare are invested in making
captchas work.</li>
<li>Machine learning is used study bot activity and flag users down
whenever there's a resemblance.</li>
<li>No user learning curve: netizens are familiar with captchas</li>
</ul>
<h3 id="cons">Cons:</h3>
<ul>
<li>
<p><strong>Proprietary software:</strong> what is the backend doing? What sort of
algorithms are they using? Do they exhibit unfair bias when letting
users through? We will never know. We have to take them by their word
and have no way of verifying their claims. They can, in effect, ban
users from visiting your website if they wanted to do.</p>
</li>
<li>
<p><strong>Privacy invasive:</strong> Captchas mine data. I have Google domains
blacklisted by default and every time I visit a site that uses
Google's reCaptcha, I am forced to temporarily whitelist them. I don't
like doing that.</p>
</li>
<li>
<p><strong>Annoying:</strong> It sucks that I have to manually solve captchas to tell
a website that I am, in fact, a legitimate user. We should have
automated this stuff a long time ago!</p>
</li>
</ul>
<h5 id="anecdote"></h5>
<blockquote>
<p><strong>True story:</strong> My university has a student portal that we use to submit
assignments and view scorecards. They have a dumb captcha at the
sign-in page to keep bots away. The IT staff figured they'll be better
protected if they replace it with reCaptcha. And they did.
{{< figure src="/img/blog/04-03-21-mcaptcha/portal-dumb-captcha.png" caption="dumb captcha university portal" alt="dumb captcha university portal" >}} >
I have terrible luck with captcha systems. They always flag me as
a bot. So after this change, when I went online to upload an
assignment, I had to solve 49 captchas <em>and</em> get flagged as a bot and do
another 49 only to get flagged as a bot again. Only this time, Google
wouldn't let me try again and asked me to "try again later".</p>
<p>Luckily I wasn't alone. You see, my university is behind a
<a href="https://en.wikipedia.org/wiki/Network_address_translation">NAT</a> so
10,000 people share a single public IP address. From Google's
perspective, we would appear as a giant bot that generates a lot of
traffic(stopped using Google search after I moved there because of all
the captchas that they made me solve).</p>
<p>The next day, the IT team rolled back to the old dumb captchas</p>
</blockquote>
<h2 id="2-ip-based-filtering">2. IP based filtering:</h2>
<h3 id="pros-1">Pros:</h3>
<ul>
<li>
<p><strong>Easy to implement:</strong> IP addresses are ubiquitous on the internet</p>
</li>
<li>
<p><strong>Stateful:</strong> Unless and until users are hopping between networks,
they'll have the same IP address throughout their session with the
site. So it's trivially easy to use it as an ID to rate-limit clients.</p>
</li>
</ul>
<h3 id="cons-1">Cons:</h3>
<p>There's only one that I could think of:</p>
<ul>
<li><strong>Doesn't work for people behind NAT:</strong> When multiple users are
using the same IP address, there isn't an effective way to uniquely
identify each one of them. So an IP-based mechanism would fail in such
situations.</li>
</ul>
<p><a href="https://batsense.net/blog/04-03-21-mcaptcha/#anecdote">See previous section</a> for anecdotal evidence.</p>
<h2 id="3-don-t-do-anything">3. Don't do anything:</h2>
<p>Not really an option.</p>
<hr />
<p>So what we need is something that that will work behind NATs, is privacy
respecting but most importantly, it should be free(as in freedom)</p>
<h2 id="enter-mcaptcha">Enter mCaptcha</h2>
<p>mCaptcha is a proof-of-work(PoW) based rate-limiting system that uses
variable difficulty.</p>
<p>When a user visits a mCaptcha enabled website,
their client automatically generates a PoW to qualify for performing an
action(submitting forms, etc.). This enforces a rate-limit.</p>
<p>When the server is under load, the difficulty will rise to make the
clients spend more time preparing the request than the server processing
the request. This makes DoS attacks expensive for the attackers as well.</p>
My Matrix (mis)adventures2020-12-22T00:00:00+00:002020-12-22T00:00:00+00:00https://batsense.net/blog/26-12-2020-matrix-certificate-error/<p>Matrix is probably the largest federated network in production (Mastadon
might be close). I run an instance at https://matrix.batsense.net and I
absolutely love it. It was also the project that got me into the whole
decentralization thing. I loved the idea that I could run a server that
can play along with a bunch of other servers that are run by different
parties and they would all somehow magically work!</p>
<h2 id="error">Error</h2>
<p>Deployment was fairly straight forward, the project's README
files were sufficiently detailed but after about six months of running
the server, my instance broke! The federation was no longer working. I
could still chat with people that are on my own server but I could
interact with rooms on other servers or even on matrix.org. </p>
<p>The initial error massages were vague. The client complained that it had
hit some JSON related error. So I went to look for solutions on the
project's issue tracker. There was an open issue that said that when the
person started doing IPv6 DNS lookups, their instance broke. This was
also the time when my ISP moved us to IPv6 lookups so I figured that was
what was causing problems. At this time, I wasn't really using matrix
that much so it didn't bother me. I figured, eventually, massive project
such as matrix might roll out a patch. Several weeks and several updates
later, the issue still persisted. So I tried my hands at it once again. </p>
<h2 id="diagnosis">Diagnosis</h2>
<p>See, decentralization is complicated. Some matrix dev on Hackernews
remarked that building a decentralized system is six times harder than
building a centralized system. The bug that I was experiencing, wasn't
really a bug. I misdiagnosed it to be one in the first place. I use
Let's encrypt for TLS and their certs are valid for a maximum of three
months. So when I hit that "bug", I was through two cycles and was
beginning the third. Synapse, the matrix homeserver variant that I run,
listens on two ports: one for regular client-server interactions and the
other for federation. The client-server port is proxied by an Nginx
instance so all TLS stuff is delegated by the Nginx instance. The
federation port, however, is directly exposed and all TLS stuff is
handled by Synapse itself. That means Synapse is configured to read and
do TLS stuff with the TLS certs. That means, my stupid self has two
copies of the same TLS cert at two places. Now you could quickly see how
stupid this is and the problems that it could cause. During the third
cycle, I didn't refresh Synapse's copy of the certs. It was using stale
certs. TLS is mandatory for federation in matrix. So naturally, my
federation was broken!</p>
<h2 id="lessons-learned">Lessons learned</h2>
<ul>
<li>I am stupid</li>
<li>Maintain sysadmin notes to record all quirks of the systems that you
administer</li>
<li>Build simpler services: The more the number of levers to pull on, the
more likely someone is going to screw up. The second port for
federation feels necessary. It is a HTTP endpoint so I don't see why
it needs to be separated. It could've simply be scoped differently.
That way, the maintenance and deployment complexity can be
significantly reduced. In this case, firewall rules can become simpler
and the federation stuff will be handled by the Nginx instance itself. </li>
</ul>
<p>But seriously, I should have maintained notes. Three months without
federation over a stupid error is nuts.</p>