State of the YouTube Ads

While my site currently doesn’t contain ads, it did contain them before. And I still do a sponsored post or two on occassion. Primary reason why I removed ads from these pages was because they were becoming vehicle for a snake-oil salesman. I was ok with ads that try to sell real stuff. I was not ok with ads that sell perpetuum mobile of any kind. Google ads didn’t allow me to remove later category so I simply disabled them all.

But that doesn’t mean I removed ads from my life. While amount of ads online is increasing, one site is becoming more and more unusable due to them - YouTube. Pretty much all ads I get these days from YouTube are ads for either scammers or republicans. But I repeat myself.

And length of the ads has been increasing substantially. For example, I got ad for Ben Shapiro show. Curious on how long it would go, I left it running. Darn thing ran for more than 1 hour (don’t worry, I muted him after a minute or two in order to preserve my sanity). The whole freaking show was the “ad”. Total duration of the “ad” was 1:07:41. Duration of the video this ad was playing on was 46:33. So, ad was more than 20 minutes longer that the content. WTF?

And this is just one ad that made me write this. I cannot even count how many ads for the revolutionary new device that “the government wants to destroy” I saw. Be it a flashlight, binoculars, night-vision, or some magic bean, YouTube will give it an audience.

This is not a normal thing. It never was, and it should never be considered normal. While ads on TV were never perfect and there was an occasional scammy ad or two, you had some standards. For one, I never saw and ad that was longer than the content. And I never saw as many political garbage on TV (admittedly, I didn’t grow up in the USA).

I guess we all bought into an argument that it’s “too difficult to check all the ads”. I guess multibillion company just cannot afford it.

That said, I don’t believe solution is in more rules. Solution, as it often happens would be in more competition. I doubt that YouTube would allow for crappy ads if they had any proper competition. But it might be that ship has sailed.

Disabling AMD Turbo Boost

Recently I upgraded my trusty Framework 13 laptop to AMD motherboard. It’s not my primary laptop mind you, but it does come handy whenever my F16 is too cubersome to lug around. For me, that often ends with it in my lap.

And this laptop can get hot. AMD CPU always wants to give it all, even when it’s not necessary. Often I will have a long-running task in background, that CPU will try to speed up as much as possible by boosting its clock and fans to max. And those are tasks I care not if they finish in 30 or 35 minutes and thus extra heat is unappreciated.

Easy solution for this is just turning off turbo boost. And that is easy enough by writing 0 to a file:

echo 0 | sudo tee /sys/devices/system/cpu/cpufreq/boost

However, I usually remember to do so only once my legs start smoking. So, I decided that it was about time for my system to use that setting as a default. And, since my Kubuntu uses systemd, all starts with creating a service

cat << EOF | sudo tee /etc/systemd/system/cpu-noturbo.service
[Unit]
Description=Disable Turbo Boost

[Service]
ExecStart=/bin/bash -c "echo 0 | tee /sys/devices/system/cpu/cpufreq/boost"
ExecStop=/bin/bash -c "echo 1 | tee /sys/devices/system/cpu/cpufreq/boost"
RemainAfterExit=yes

[Install]
WantedBy=sysinit.target
EOF

Whenever service is started, it will disable turbo boost. Once service is stopped, turbo boost will be reenabled.

Of course, to make sure it starts on every boot, we need to enable it. And because we don’t want to reboot system to apply settings, we might as well start it immediately.

sudo systemctl daemon-reload
sudo systemctl enable cpu-noturbo
sudo systemctl start cpu-noturbo

PS: The same behavior for Intel CPU can be achieved by using slighly different commands. Note that 1 and 0 are swapped:

echo 1 | tee /sys/devices/system/cpu/intel_pstate/no_turbo
echo 0 | tee /sys/devices/system/cpu/intel_pstate/no_turbo

Obtaining Hash as a Part of 11ty Build

Last week I stated in post that I’m not singing my software anymore. So someone might be wondering how do I check I have executable coming from you. Well, together with that post I also added SHA-256 to every file that gets downloaded from my site. If you don’t know how, I even created Summae in order to bring this information into the context menu. And, to make the whole task of generating SHA-256 easier on myself, I added it as part of the build process.

First, I had to add crypto-js package to my 11ty package:

npm install crypto-js

Then, in eleventy.config.mjs, I added an import:

import cryptojs from "crypto-js";

Lastly, into eleventy.config.mjs default function I added the sha256 shortcode:

eleventyConfig.addShortcode("sha256", async function (file) {
  const filePath = path.join(eleventyConfig.directories.output, file);
  if (fs.existsSync(filePath)) {
    const fileContent = fs.readFileSync(filePath, 'binary')
    const sha256hash = crypto.createHash('sha256').update(fileContent, 'binary').digest('hex');
    return sha256hash;
  } else {
    console.error(`File not found: ${filePath}`);
    process.exit(1);
    return "";
  }
});

Whenever I want to use the shortcode, I just add a call to it using the file name as an argument.

{% sha256 "/download/file.zip" %}

Now, in reality, there is a bit more code - especially in the templating area. But that code is just to read data from variables, style the output, etc.

So, how does this help?

Well, it allows the end user to check file validity. If hash code matches you know that download was successful and you got the file I was intending to provide. And I can offer this at no cost to myself.

Not Signing Software Anymore

I used to sign my software. And not with my personal code signing certificate - I used a “proper”, third-party one. Since my software offered here is freeware, this wasn’t really cheap - about $50 a year or so. But I could justify it to myself. Barely. All for a green checkmark.

However, since some time in 2023, pretty much all code signing certificate providers trusted by Windows started requiring hardware tokens. And that is indeed more secure. But it also raises certificate price to about $200 a year. For a software company, it’s a trivial matter. For somebody who offers their code for (mostly) free, it’s quite an increase.

So, what does the certificate give you? Blue checkmark when you install your software under Windows. Nothing more, nothing less.

For me, that checkmark is not worth $200. It wasn’t worth $50 but, for that price, I liked having it. And remember, this applies to Windows only. All my Linux software has no benefit whatsoever.

So, when my last code signing certificate expired, I never bothered to get a new one. And I didn’t get a single complaint about it in 2 years now.

PS: Please note that software signing doesn’t protect you from malware. Signing software just means somebody paid money - malware authers can sign their software too.

Speed Boost for Repeated SSH

If you lead Linux life, you probably have a bunch of scripts automating it. Assuming you have access to more than one computer, it’s really easy to use SSH and execute stuff remotely. In my network, for example, I’ve automated daily reports. They connect to all various servers I have around, collect bunch of data, and twice a day I get an e-mail detailing any unexpected findings.

Now, this script has grown over the years. At the very beginning it was just checking ZFS status and health, then it evolved to check smart data, and now it collects all things disk related up to a serial number level. And that’s not the only one. I check connectivity, temperatures, backup states, server health, docker states, and bunch of other stuff. So, my daily mail that used too come at 7:00 and 19:00 every day over time started taking over 30 minutes. While this is not a critical issue, it started bugging me - why the heck it takes that long.

Short analysis later and my culprit was traced to the number of SSH commands those script execute. Just checking my disks remotely executed commands over SSH more than 50 times. Per server. And that wasn’t the only one.

Now, solution was a simple one - just optimize darn scripts. And there was a lot of places to optimize as I rarely cached command output. However, those optimizations would inevitevely make my Bash scripts uglier. And we cannot have that.

Thus, I turned toward another approach - speeding up the SSH. Back in days when I first played with the Ansible, I noticed that it keeps its connections open. At the time I mostly noticed it due to issues it caused. But now I was thinking - if the Ansible can reuse connections, can I?

And indeed I can. Secret lies in adding the following configuration to the ~/.ssh/config file:

ControlMaster  auto
ControlPersist 1m
ControlPath    ~/.ssh/.persist.%r@%h:%p

What this controls is leaving the old SSH connection open, and then reusing the existing connection instead of going throush the SSH authentication each time. Since SSH authentication is not the fastest thing out there, this actually saves a lot of CPU time thus speeding it a lot. And, since connection is encrypted, you don’t lose anything.

Setting ControlMaster to auto allows your SSH connection to reuse the existing connection if it exists and fallback to the “standard” behavior if one cannot be found. Location of cached sockets is controlled using ControlPath setting and one should use directly that is specific to the user. I like using .ssh rather than creating a separate directory but any valid path will do as long as you parameterize it using %r, %h, and %p at a minimum. And lastly, the duration we can specify using ControlPersist value. Here I like using 1 minute as it gives me meaningful caching for script use while not keeping connection so long that I need to kill them manually.

With this, the execution time for my scripts went from more than 30 minutes to less than 5. Not bad for a trivial change.