解決 Ubuntu 重開機後麥克風聲音太小的問題

Ubuntu 桌機重開機後會遇到外接 USB 麥克風 AM310 的聲音會變得太小的問題,常常是開會的時候被同事提醒才去調。

查了一下是不是有 bug,看起來跟「Mic input volume always resets (to middle/low value) on resume or restart」這個 bug 有關,但這個回報是 16.04,到現在 22.04 都出了,好像沒有新進度...

接著就是找看看有沒有 workaround 可以用,其中一種想法是找出用 command line 設定音量的方式,這樣就可以在開機的時候自動執行。

接著就找到「How can i increase microphone volume beyond 100%」這個問答,首先用這個指定列出所有的 source:

pactl list sources

裡面可以看到 AM310 的資料,接著就可以透過 name 的部份指定音量了:

pactl set-source-volume alsa_input.usb-AVerMedia_AVerMedia_AM310_USB_Microphone-00.multichannel-input 70%

放到 startup script 在 login 的時候跑就 OK 了。

確認 Deepfake Video Call 的方式

Hacker News 首頁上看到「To uncover a deepfake video call, ask the caller to turn sideways (metaphysic.ai)」這篇,講怎麼在 video call 的時候辨認是不是 deepfake 的人。原文在「To Uncover a Deepfake Video Call, Ask the Caller to Turn Sideways」這邊可以讀到。

文章裡面介紹一個很簡單的方式,就是轉頭拍側面,會看到明顯的缺陷:

這張 GIF 會更明顯:

Hacker News 上的討論也有人提到這是目前的技術限制,所以這個方法算是有效的。但以現在各類 machine learning 成長的速度來看,可能沒多久後就會有新技術突破這個方法了。

今年三月的時候 Limelight Networks 買了 Edgecast,改名為 Edgio

查資料的時候才發現的新聞,Limelight Networks 買下 Edgecast,改名為 Edgio:「Limelight to Acquire Yahoo’s Edgecast, Creating Global Leader in Edge Enabled Software Solutions」,然後 NASDAQ 代碼從 LLNW 改成 EGIO

不過本來 Edgecast 本來在台灣是有點的 (跟 HiNet 合作),現在看起來在 network map 上面沒出現了:

不過直接抓 www.edgecast.com 還是可以看到是中華的機房:

  2.|-- 168-95-170-94.hinet-ip.hi  0.0%    10    2.0   3.0   1.5  11.4   3.0
  3.|-- ???                       100.0    10    0.0   0.0   0.0   0.0   0.0
  4.|-- ???                       100.0    10    0.0   0.0   0.0   0.0   0.0
  5.|-- 220-128-24-53.hinet-ip.hi  0.0%    10    7.0   6.8   6.4   7.7   0.4
  6.|-- 211-20-238-81.hinet-ip.hi  0.0%    10    6.1   6.9   6.1   9.7   1.0
  7.|-- 152.195.35.156             0.0%    10    7.1   6.7   6.3   7.4   0.4

edg.io 看起來是丟去新加坡:

  2.|-- SNUH-3302.hinet.net        0.0%    10    1.8   2.6   1.2  11.4   3.1
  3.|-- ???                       100.0    10    0.0   0.0   0.0   0.0   0.0
  4.|-- pcpd-4101.hinet.net        0.0%    10    1.8   2.2   1.8   3.0   0.4
  5.|-- pcpd-4001.hinet.net        0.0%    10    2.2   2.6   2.1   3.3   0.4
  6.|-- ix-ae-17-0.tcore1.svw-sin  0.0%    10   48.6  50.7  48.6  61.7   4.0
  7.|-- if-be-45-2.ecore2.esin4-s 60.0%    10   49.1  48.7  48.1  49.1   0.4
  8.|-- if-be-10-2.ecore2.svq-sin  0.0%    10   52.3  50.7  49.3  55.1   1.8
  9.|-- 117.121.251.241            0.0%    10   49.7  50.1  49.5  50.6   0.4
 10.|-- 208.69.180.13              0.0%    10   49.6  49.9  49.0  51.8   0.8

再找機會研究看看...

OxideDB:另外一套用 PostgreSQL 為底的 MongoDB 相容層

看到 OxideDB 這個專案:

OxideDB is a translation layer that works as a MongoDB database server while using PostgreSQL's JSON capabilities as the underlying data store.

跟之前提到的 MangoDB 有些淵源 (參考「MangoDB:拿 PostgreSQL 當作後端的 MongoDB 相容層」),順便提一下 MangoDB 然後後來被要求改名為 FerretDB:「MangoDB 改名為 FerretDB (雪貂)」。

主要的差異在於 OxideDB 只以 PostgreSQL 為底層,另外是用 Rust 寫的:

The project was heavily inspired by FerretDB and is on its early days. The main difference is that there is no intention to support any database other than PostgreSQL (FerretDB is also supporting Tigris) and it's written in Rust, as opposed to Go.

看起來大家都拿 PostgreSQL 在搞事,但這個專案裡面好像沒搜到 GIN 這個關鍵字,不知道是不是連 index 都沒下...

用 GPT-3 產生 Hacker News 上熱門文章的摘要

看到「Autosummarized HN」這個工具,算是一個組合技的應用:

All summaries have been generated automatically by GPT-3. No responsibility is claimed for their contents nor its accuracy.

透過 GPT-3 解讀並產生出摘要,目前頁面上是沒有 RSS feed,但可以透過一些工具直接拉出來 (像是 PolitePol),然後就可以掛到 Slack 或是 RSS reader 裡面...

iOS Safari 擋 "Open in App" 的付費套件 Banish

在「New iOS App Blocks Those Annoying 'Open in App' Pop-Ups in Safari」這邊看到 John Gruber 的介紹文章「Banish: New Safari Extension to Block 'Open in App' Dickpanels」,裡面提到的 extension 在「Banish for Safari」這邊,一次性的費用,在台灣是 NT$70。

裡面的 screenshot 給了還蠻清楚的說明:

設定上面因為會牽扯到 privacy 的關係,會有點麻煩,需要開好幾個地方。

順道一提,桌面上的話可以透過 Annoyances 系列的 list 在 uBlock Origin 上擋。

Google 說要把 double quote 強制搜尋的功能加回來...

Hacker News Daily 上看到「We're improving search results when you use quotes (blog.google)」這則,才知道原來被拔掉了?(不過已經很久不是拿 Google Search 當主力了...)

原文在「How we're improving search results when you use quotes」這邊,裡面提到:

For example, if you did a search such as [“google search”], the snippet will show where that exact phrase appears:

[...]

In the past, we didn’t always do this because sometimes the quoted material appears in areas of a document that don’t lend themselves to creating helpful snippets.

在「Google for the exact phrase (and no, quotation marks don't help)」這邊可以看到 2020 的時候 double quote 就已經不是傳回精確的結果了。

不過應該不會回去用 Google Search 了,一方面是 Kagi 的表現還不錯,另外一方面是避免讓 Google 拿到更多資訊...

VirMach 炸開

之前有三台機器在 VirMach 上面,都是趁各種特價的時候買的,上面跑一些簡單的服務,結果最近炸光了:「VirMach Teeters at the Edge」。

差不多就是無預警更換 IP address,各種長時間的 admin panel 鎖住,所以只好把這些小東西改放到其他家的 VPS 上跑。

LEB 的討論串「★ VirMach ★ RYZEN ★ NVMe ★★ $8.88/YR- 384MB ★★ $21.85/YR- 2.5GB ★ Instant ★ Japan Pre-order ★ & More」這邊也是有大量的討論,不過基本上就只是抱怨集中處而已...

基本上公司應該是炸翻了,接下來照 LEB 的慣例應該是倒掉換殼重新來過?

Post-Quantum 的 KEM,SIDH/SIKE 確認死亡

似乎是這幾天 cryptography 領域裡面頗熱鬧的消息,SIDH 以及 SIKE 確認有嚴重的問題:「SIKE Broken」,論文在「An efficient key recovery attack on SIDH (preliminary version)」這邊可以取得。

這次的成果是 Key recovery attack,算是最暴力的幹法,直接把 key 解出來。

另外 SIKE 剛好也是先前 Cloudflare 在解釋 Hertzbleed 時被拿來打的目標:「Cloudflare 上的 Hertzbleed 解釋」,這樣看起來連 patch 也都不用繼續研究了...

論文裡面的攻擊對象中,第一個是 Microsoft$IKE challenges 內所定義的 $IKEp182 與 $IKEp217,在只用 single core 的情況下,分別在四分鐘與六分鐘就解出來:

Ran on a single core, the appended Magma code breaks the Microsoft SIKE challenges $IKEp182 and $IKEp217 in about 4 minutes and 6 minutes, respectively.

接著是四個參與 NIST 標準選拔的參數,分別是 SIKEp434、SIKEp503、SIKEp610 以及 SIKEp751,也都被極短的時間解出來:

A run on the SIKEp434 parameters, previously believed to meet NIST’s quantum security level 1, took about 62 minutes, again on a single core.

We also ran the code on random instances of SIKEp503 (level 2), SIKEp610 (level 3) and SIKEp751 (level 5), which took about 2h19m, 8h15m and 20h37m, respectively.

Ars Technica 的採訪「Post-quantum encryption contender is taken out by single-core PC and 1 hour」裡面,有問到 SIKE 的共同發明人 David Jao 的看法,他主要是認為密碼學界的人對於數學界的「武器」了解程度不夠而導致這次的情況:

It's true that the attack uses mathematics which was published in the 1990s and 2000s. In a sense, the attack doesn't require new mathematics; it could have been noticed at any time. One unexpected facet of the attack is that it uses genus 2 curves to attack elliptic curves (which are genus 1 curves). A connection between the two types of curves is quite unexpected. To give an example illustrating what I mean, for decades people have been trying to attack regular elliptic curve cryptography, including some who have tried using approaches based on genus 2 curves. None of these attempts has succeeded. So for this attempt to succeed in the realm of isogenies is an unexpected development.

In general there is a lot of deep mathematics which has been published in the mathematical literature but which is not well understood by cryptographers. I lump myself into the category of those many researchers who work in cryptography but do not understand as much mathematics as we really should. So sometimes all it takes is someone who recognizes the applicability of existing theoretical math to these new cryptosystems. That is what happened here.

這樣第四輪的選拔只剩下三個了...