Encrypted Storage on Shared VPS

 Posted on October 12, 2021

My Virtual Private Server tutorial was fairly extensive, but it left out something important: information security! I think it’s wise to revisit the topic now, since security and encryption are critical in any application of computer systems. With the popularity of cloud computing and storage, it’s easy to take security for granted. Easy to think “Let someone else worry about it for me! That’s why I pay them.” I disagree with that premise, for simple (and pessimistic) reasons: [Read More]
security  encryption 

Authelia: Self-Hosted Two-Factor Authentication (2FA)

 Posted on October 8, 2021

The previous post about Self-Hosted Password Managers was well received, and it brought up some interesting discussion on Twitter. A common takeaway was the importance of two-factor authentication (2FA for short). Two-factor authentication is a system whereby a login system verifies with a separate and unrelated login system. Log into system #1 and verify that you’re truly the correct user by verifying with a pre-configured integration with system #2. Et voila! [Read More]
security  self hosted 

Take Control of your Passwords with Bitwarden

 Posted on September 18, 2021

Do you have a password you use everywhere? Be honest, we’re friends here. Good password security is critical, but few take it seriously. I understand why, life has become too complex to keep track of everything inside your head. Security / Convenience — Pick One! Consider the Github list of the top 100 most commonly used passwords, sorted by frequency. Here are the top 10: 123456 password 12345678 qwerty 123456789 12345 1234 111111 1234567 dragon “Dragon” appearing as #10 surprised me, but the rest are sadly predictable and fall into an obvious pattern — quick & easy keyboard entry. [Read More]
security  self hosted 

IPFS: Gateway to the Decentralized Web

 Posted on September 12, 2021

The Internet is a beautiful thing, but every rose has its thorn. One that bothers me in particular is the slow encroachment of Cancel Culture. The Internet was not designed as a tool for censorship, and the authors of its foundational protocols designed it with redundancy and fault-tolerance in mind. The Internet interprets censorship as damage and routes around it. — John Gilmour When I introduced you to DNS, I glibly referred to domain name registrars as rent-seekers. [Read More]
web3  decentralization 

Encrypted Cloud Backups

 Posted on August 31, 2021

I already explained how The Cloud is just someone else’s computer, so you should already be suspicious about any service that offers cheap and easy storage for anything. The classic security trilemma is you cannot easily make a service secure, easy, and cheap at the same time. The typical cloud tradoff is to compromise security for cost and simplicity. If you’ve used Google Drive, for example, you’ve seen how simple it is to send a file up to Google then access/share it later. [Read More]
cloud  backups 

Secure Communications with Matrix

 Posted on August 25, 2021

Not your keys, not your coins. In the crypto world, this is an essential truth. Even if you’re not an expert on private-public key cryptography, you intuitively understand that allowing someone else to control your assets is a losing move. Communication is the same. Not your keys, not your contacts! Fortunately, there are communication protocols that provide strong encryption. The most well-known is probably Signal, which acts as a drop-in replacement for your phone SMS app. [Read More]
encryption  communication 

Self Hosted BTCPay Server

 Posted on August 14, 2021

I was inspired by BowTiedChukar’s guide to setting up BTCPay Server using LunaNode, so I spent some time reading the BTCPay docs to get more familiar. The 3rd party route through LunaNode is an excellent one, since you are only outsourcing the client-facing invoice aspect. They never take possession of your bitcoin, so I consider it a safe choice. However I’m a maniac purist, and I wanted to host it myself. [Read More]
docker  bitcoin 

Marketing Automation with Mautic

 Posted on August 9, 2021

While you may not have heard the term Marketing Automation before, you’ve certainly been exposed to it. This kind of software is designed to automate many of the tedious aspects of acquiring, communicating, and tracking subscribers and customers. Popular commercial Marketing Automation (abbreviated MA hereafter) platforms include Marketo, Eloqua, Pardot, Mailchimp, and Hubspot. I don’t have much experience with the commercial offerings for two simple reasons: They are expensive A fantastic open source alternative exists Enter Mautic. [Read More]
linux 

Self Hosted Analytics with Matomo

 Posted on August 5, 2021

It’s easy enough to host your own blog. Once you have a website running and the visitors start arriving, you’ll be left with the question how can I track and analyze my traffic? The most popular choice is to use Google Analytics, and for good reason. Google makes it very easy to include analytic functionality. For the unfamiliar, analytics is a broad term that describes measuring user behavior across your webiste. [Read More]
self hosted 

Roll Your Own Cloud

 Posted on July 30, 2021

Cloud has to be the most over-used and under-understood term of the last 10 years. The problem is that “cloud” can refer to many things, since at its core a cloud service is simply a remote service. I’ll use a slightly more expansive definition, at least for the purpose of this post. I’ll refer to a cloud as some service that allows you to securely share, store, and manage data and files between users. [Read More]
self hosted