anzo

The week went by and this was left unanswered. Usually I research a bit to treat anything on these threads. This time, I'm on the phone, so I went lazy and directly to chatgpt. Hopefully this is not an AI hallucination and it sheds some light for you.

The performance difference you're observing between AES128-CTR and AES128-GCM in OpenSSH with X11 forwarding can be attributed to several factors, including the nature of the ciphers and hardware acceleration support.

AES128-CTR vs AES128-GCM

1. Cipher Characteristics:

   • AES128-CTR (Counter Mode): This mode turns a block cipher into a stream cipher. It is generally faster because it can be parallelized and does not require padding.
   • AES128-GCM (Galois/Counter Mode): This mode provides both encryption and authentication (integrity check). The additional authentication step can introduce overhead, making it slower compared to CTR mode.

2. Hardware Acceleration:

   • AES-NI Support: Modern CPUs support AES-NI (Advanced Encryption Standard New Instructions), which accelerates AES operations. Both CTR and GCM modes can benefit from AES-NI, but the extent of the acceleration can vary.
   • GCM Overhead: Even with hardware acceleration, GCM mode has additional computational overhead due to the authentication process. If the hardware acceleration is not fully utilized or if the implementation is suboptimal, this overhead can become more pronounced.

Checking Hardware Acceleration

To determine if your system is using hardware acceleration for AES operations, you can check the following:

1. CPU Support:

   • Verify if your CPU supports AES-NI by checking the CPU flags:

     grep aes /proc/cpuinfo
     

   • If you see aes in the output, your CPU supports AES-NI.

2. OpenSSL Benchmark:

   • Run an OpenSSL benchmark to see the performance difference between CTR and GCM modes:

     openssl speed -evp aes-128-ctr
     openssl speed -evp aes-128-gcm
     

   • Compare the results to see if there's a significant difference in performance.

3. SSH Configuration:

   • Ensure that your OpenSSH configuration is optimized for hardware acceleration. You can specify the ciphers in your SSH configuration file (/etc/ssh/sshd_config for the server and /etc/ssh/ssh_config or ~/.ssh/config for the client):

     Ciphers aes128-ctr,aes128-gcm@openssh.com
     

   • Restart the SSH service after making changes:

     sudo systemctl restart ssh
     

Conclusion

The performance difference between AES128-CTR and AES128-GCM is expected due to the additional authentication overhead in GCM mode. Ensuring that your system is utilizing hardware acceleration (AES-NI) can help mitigate some of this overhead, but GCM will generally still be slower than CTR. If performance is critical and you do not need the additional authentication provided by GCM, sticking with CTR mode might be the better option.

Oh. And an invite-only could also work for new accounts.

On an instance level, you can close registration after a threshold level of users that you are comfortable with. Then, you can defederate the instances that are driven by capitalistic ideals like eternal growth (e.g. Threads from meta)

But terrible handling of metadata. Which is the case for all chat apps AFAIK. Like, even with OMEMO, who talks with whom, and when, can be exposed. Which sometimes is enough to get legal issues (e.g. Ola Bini's case)

The "other criminal activity" probably includes many horrible things. Not just a teen selling shrooms. So, I am not so sure that's really what we want.

As for git, many basic concepts (e.g. staging area) clicked for me after reading some articles that Atlassian (people behind BitBucket) wrote. Other than that, I'd recommend adamj.eu 's book "Git DX" which is on gumroad. Haven't read it, tho. But I read his Django DX and like 90% of it was stuff I had to learn on my own, and thought: oh, how come I didn't find this book earlier...

Not to mention the third Korea, which sounds so Chic (⁀ᗢ⁀)

AI (e.g. face recognition) is riddled with false positives. Such a tech already does wrong on civilians without being a weapon (e.g. cameras on subways). What you said is somewhat naïve.

(On the title of this post) Those fears were ablaze on islamophobia to begin with. Just like the media conglomerates that present the news in distorted ways. The nationality, ethnicity, or religion of these attackers has nothing to do with attacks themselves AFAIK. It's not like a jihadist bombing... Thankfully. What I mean to say, is that the wave of attacks is being pushed to the political agenda and at the same time the far-right always strives to capitalize on whatever trends are there... It's not surprising really.

OpenCamera is good, but could do better. But I'd say video editing is the biggest void.

Also, gesture typing keyboards are an empty niche of foss alternatives. HelioBoard requires loading some proprietary blob unfortunately.

I guess the most heavy machine learning use cases are not filled in.

Just yesterday I deployed it locally, and was about to migrate from my keepasDX (+syncthing)...

This is happening on a regional level, east germany is way different than west. How different? I can't tell in detail, but demographics and worldviews are the two more salient categories for such differences.