January 2020

Notes ·

Updated:

My thoughts on Nextcloud Hub, Rust, Thunderbolt 4, The Sovereign Individual, RSS tricks and a few other things.

Illustration by Eric Rothermel

Table of Contents

Nextcloud Hub

Nextcloud Hub is the 18th release of Nextcloud platform. This release comes with a lot of polishing and a few new features and apps.

Here is the announcement made by Frank Karlitschek where he talks about the motivation behind Nextcloud, the need to counteract the negative trends of centralization, ways to achieve digital sovereignty and the importance of being in control of our own digital assets:

https://youtu.be/9Sx8_9ZSWzY?t=135

Nextcloud Flow is the darling of this particular release, and it looks promising.

Another interesting Nextcloud app is Nextcloud Deck. I started using it a few weeks ago and the web front-end is pretty great. I also tried its Android front-end but it’s not finished yet, its more like an early access version aimed at Nextcloud Deck’s developers themselves.

Rust

I used to code in Java but nowadays, I don’t use it often. Kotlin is my new language of choice and I’m pretty excited about it. It’s more or less on par with C in terms of CPU efficiency and it doesn’t consume as much RAM as one may think. It’s high level, strongly typed and resource efficient, is there a reason to use something else?

I’m probably too young to not be afraid of C or C++ and too old to truly love Python, JavaScript, Ruby or any other scripting language, although I use them from time to time. But Rust, it’s a completely new beast.

Rust is not as high level as Java or Kotlin but it doesn’t need a virtual machine in order to run, which is important when you target resource-constrained hardware. A niche advantage? I agree, but that’s not all. The main advantage of Rust, in my amateur opinion, is code safety. It’s much harder to write unsafe code in Rust and it’s where it really shines. Rust compiler is exceptionally smart and it goes a long way to prevent you from introducing bugs in your code.

I worked in QA for a short time during my student years and here is a thing that stuck in my head since then: the earlier you can find a bug in your software, the less it will cost you. Bugs are expensive, and that’s one of the reasons I’m biased against languages that have little code quality checks. They may feel like freedom initially, but what they really do is stretching the feedback loop between introducing bugs and fixing them.

Another interesting thing about Rust is its concept of memory ownership. JVM uses garbage collector so Java/Kotlin programmers rarely think about memory or who can access or modify certain objects.

Here is a summary of Rust’s memory ownership system:

  • Each value in Rust has an owner.
  • Values can’t have more than one owner at a time.
  • Values get ‘dropped’ when their owners go out of scope.

That’s an interesting way to avoid having a garbage collector while not getting down to allocating and freeing up the memory, which is error prone. Such a system allows us to write safe and performant code without a GC overhead and it also guarantees that our threads won’t get halted while waiting for memory to be freed up.

Here is an interesting case study that compares Java and Rust in terms of memory consumption:

https://www.rust-lang.org/static/pdfs/Rust-Tilde-Whitepaper.pdf

It claims that the same code that consumed 5GB of RAM inside JVM consumes just 50MB after migrating to Rust. I very much doubt that, but I guess Rust can score up to 3x memory-efficiency advantage due to not using a garbage collector which might get memory-hungry under certain conditions.

Client-Side Encryption

Many apps depend on servers and there are good reasons for that. We often hear of data breaches and it may seem like the price we have to pay for the convenience of not having to worry about losing our data. There is always a full copy, somewhere in the cloud. Sometimes, bad people can hack their way to this data, but what can we do about that?

I was thinking about that for quite some time. The reason is: I’m working on a portfolio tracking app which deals with really sensitive data. Is there a good reason for our target audience to share their financial data with a bunch of shady Russian guys? I wouldn’t do that, would you? I mean, a lot of people wouldn’t mind, but we’re also responsible for protecting that data and it’s not simple at all.

Actually, there is no need to share user data with “The Cloud” in order to make sure it’s available from any device, as long as users remember their auth credentials. You might heard of the services such as ProtonMail or Tresorit, they adopted that model and they provide their services without knowing anything about the private data of their users.

That’s really cool and I hope more services will follow their lead but there is a problem with client-side encryption: it’s hard, at least for me. I’m a total noob in cryptography but I feel that it’s the only way forward. So, I’ve found an interesting article to start with:

https://medium.com/passpill-project/creating-a-client-side-encryption-system-aaa601b4ad35

I’ll play with this scheme and, hopefully, implement it in our app, so we won’t know anything about the financial data of our users. No data, no problem.

RSS Tricks

RSS is a great way to subscribe to various blogs but it can be used for a lot of other things. For instance, you can get notified of new releases of any GitHub project right from your RSS feed. Here is an example:

https://github.com/rust-lang/rust/releases.atom

It’s also possible to add your favorite YouTube channels to your RSS feed. For example, here is a link to a BBC Documentary feed.

So, YouTube feed links have the following format:

https://www.youtube.com/feeds/videos.xml?channel_id=

BBC Documentary channel_id is UCZEPItn2Nb62Zso5eohHAAA and you can get the ID’s of your favorite channels by inspecting your address bar when they are open.

Thunderbolt 4 and USB 4

Thunderbolt 3 is an interface that is available on pretty much every high-end laptop nowadays. It’s almost too good to be true. Thunderbolt-enabled hardware have a set of unified USB ports that can be connected to up to four PCIe 3.0 lanes. One such lane gives us up to 8 GT/s (985 MB/s) so it should give us up to 32 GT/s, although Intel claims that it’s capable of 40 GT/s. I’m not sure where those extra 8 GT/s come from but many people claim that their Thunderbolt 3 devices are only capable of ~22 GT/s. Anyway, it’s crazy fast!

Fast transfer speed is not the only benefit of Thunderbolt 3, it also allows us to charge our devices or send video output to external monitors. It’s also possible to use an external GPU and even Ethernet over Thunderbolt. Think of a small GPU enclosure that you can connect to your laptop with a single USB cable and aside from being able to do many GPU-intensive tasks, it would also keep your laptop charged and route your traffic via a wired interface which may improve your network throughput and latency. It’s a truly amazing little port.

So, on CES 2020 keynote, Intel announced a new generation of Thunderbolt: Thunderbolt 4, which left many people excited and confused at the same time. Intel promised some speed improvements, so it’s supposed to be 4 times faster than… USB 3.2. 2x1. Well, that was unexpected. Why do they compare Thunderbolt 4 to USB when they have Thunderbolt 3 as a more clear point of reference? They announced that Thunderbolt 4 is 4 times faster than USB 3.2. 2x1, which means 40 GT/s, same speed as Thunderbolt 3. That’s very strange, maybe they’ll clarify things later.

Aside from Thunderbolt standards, now we also have USB4 out in the wild. It’s practically the same thing as Thunderbolt 3, nothing new and exciting, but at least it’s not semi-proprietary which is nice. It looks like we’re going to stick with 40 GT/s for a while.

Actually, I expected that Intel would use the full potential of PCIe 4.0 which doubles the bandwidth to 16 GT/s (1970 MB/s) per lane. A man can dream.

Book: The Sovereign Individual

This is a very controversial book but it’s one of the things that makes it interesting. It made me Google DuckDuckGo both of its authors and I wasn’t disappointed, to say the least. Some ideas of this book are shocking but it doesn’t make them false. The Sovereign Individual is an interesting read if you like slightly dystopian futurology at least as much as I do.

https://www.simonandschuster.com/books/The-Sovereign-Individual/James-Dale-Davidson/9781439144732

Podcast: Command Line Heroes

This podcast might be interesting for people who’re into history of computing and who likes to listen to people talking about the new trends in IT. I’ve learned a few interesting facts about those matters and it’s always a pleasure to listen to a well made podcast.

https://www.redhat.com/en/command-line-heroes

CLI Tool: tree

Since I switched from macOS to Linux, I keep discovering new CLI tools and re-discovering some of the old ones. Here is one of the forgotten ones: tree.

tree
.
├── config
│   └── filebeat
│       └── filebeat.yml
├── docker-compose.yml
└── README.md

It’s very simple but super convenient. It allows users to see a complete structure of any directory without checking each sub-folder manually and it’s output can be customized. For instance, we can add -h argument in order to show the size of each file in the output:

tree -h
.
├── [4.0K]  100MSDCF
│   ├── [ 24M]  DSC00265.ARW
│   ├── [4.9M]  DSC00265.JPG
├── [517K]  2020-01.pdf
├── [4.0K]  DCIM
│   └── [ 12K]  100MSDCF
│       ├── [ 24M]  DSC00073.ARW
│       ├── [ 24M]  DSC00074.ARW
│       ├── [ 24M]  DSC00075.ARW
├── [4.0K]  raspbian
│   ├── [2.1G]  2019-09-26-raspbian-buster-lite-custom.img
│   ├── [2.1G]  2019-09-26-raspbian-buster-lite.img
│   └── [433M]  2019-09-26-raspbian-buster-lite.zip
└── [ 420]  rename-photos.sh
Personal  ·  Notes  ·  Nextcloud  ·  Rust  ·  Cryptography  ·  RSS  ·  Thunderbolt  ·  Books  ·  Podcasts

This webpage doesn't have ads and the reasons are simple:

  • Most people don't want to see ads (what a surprise)
  • Ads can track you and violate your privacy
  • Modern websites are slow, partly because of ads

If you find this content valuable, you can leave a tip with bitcoin: