Inspecting non-HTTPS TLS traffic
Inspecting TLS traffic from a browser or any application that works with an HTTPS proxy is straight-forward in most cases. Browser support for SSLKEYLOGFILE or mitmproxy (if you control the trusted CA list the application uses and it doesn’t use certificate pinning) address these scenarios respectively. I ran into a scenario recently where I wanted to inspect non-HTTP TLS traffic from a .NET library.
Use ECC everywhere, check your chips
Recently Linus Torvalds was in the news blaming Intel for the lack of ECC memory everywhere. I also recently built my first new workstation in over 5 years. My workstation is literally used for work, my livelihood, so reliability was my top priority. All of my parts were selected for reliability and compatibility with Linux (my workstation runs Ubuntu LTS). One of my specific goals with the Ryzen 3rd gen platform was to use ECC memory. ECC memory is readily available and the extra cost is typically reasonable. However, Ryzen only supports unbuffered ECC DIMMs; not the readily available registered ECC DIMMs. At the time of my build (February 2020), 3200MHz ECC UDIMMs were not available anywhere… at any cost. I conceded to the situation and bought reputable non-ECC DIMMs: Corsair Vengeance LPX. Big mistake. This is my story.