Encrypted Storage on Shared VPS

My Virtual Private Server tutorial was fairly extensive, but it left out something important: information security! I think it’s wise to revisit the topic now, since security and encryption are critical in any application of computer systems. With the popularity of cloud computing and storage, it’s easy to take security for granted. Easy to think “Let someone else worry about it for me! That’s why I pay them.” I disagree with that premise, for simple (and pessimistic) reasons: [Read More]

Authelia: Self-Hosted Two-Factor Authentication (2FA)

The previous post about Self-Hosted Password Managers was well received, and it brought up some interesting discussion on Twitter. A common takeaway was the importance of two-factor authentication (2FA for short). Two-factor authentication is a system whereby a login system verifies with a separate and unrelated login system. Log into system #1 and verify that you’re truly the correct user by verifying with a pre-configured integration with system #2. Et voila! [Read More]

Take Control of your Passwords with Bitwarden

Do you have a password you use everywhere? Be honest, we’re friends here. Good password security is critical, but few take it seriously. I understand why, life has become too complex to keep track of everything inside your head. Security / Convenience — Pick One! Consider the Github list of the top 100 most commonly used passwords, sorted by frequency. Here are the top 10: 123456 password 12345678 qwerty 123456789 12345 1234 111111 1234567 dragon “Dragon” appearing as #10 surprised me, but the rest are sadly predictable and fall into an obvious pattern — quick & easy keyboard entry. [Read More]

IPFS: Gateway to the Decentralized Web

The Internet is a beautiful thing, but every rose has its thorn. One that bothers me in particular is the slow encroachment of Cancel Culture. The Internet was not designed as a tool for censorship, and the authors of its foundational protocols designed it with redundancy and fault-tolerance in mind. The Internet interprets censorship as damage and routes around it. — John Gilmour When I introduced you to DNS, I glibly referred to domain name registrars as rent-seekers. [Read More]

Encrypted Cloud Backups

I already explained how The Cloud is just someone else’s computer, so you should already be suspicious about any service that offers cheap and easy storage for anything. The classic security trilemma is you cannot easily make a service secure, easy, and cheap at the same time. The typical cloud tradoff is to compromise security for cost and simplicity. If you’ve used Google Drive, for example, you’ve seen how simple it is to send a file up to Google then access/share it later. [Read More]

Secure Communications with Matrix

Not your keys, not your coins. In the crypto world, this is an essential truth. Even if you’re not an expert on private-public key cryptography, you intuitively understand that allowing someone else to control your assets is a losing move. Communication is the same. Not your keys, not your contacts! Fortunately, there are communication protocols that provide strong encryption. The most well-known is probably Signal, which acts as a drop-in replacement for your phone SMS app. [Read More]

Self Hosted BTCPay Server

I was inspired by BowTiedChukar’s guide to setting up BTCPay Server using LunaNode, so I spent some time reading the BTCPay docs to get more familiar. The 3rd party route through LunaNode is an excellent one, since you are only outsourcing the client-facing invoice aspect. They never take possession of your bitcoin, so I consider it a safe choice. However I’m a maniac purist, and I wanted to host it myself. [Read More]

Marketing Automation with Mautic

While you may not have heard the term Marketing Automation before, you’ve certainly been exposed to it. This kind of software is designed to automate many of the tedious aspects of acquiring, communicating, and tracking subscribers and customers. Popular commercial Marketing Automation (abbreviated MA hereafter) platforms include Marketo, Eloqua, Pardot, Mailchimp, and Hubspot. I don’t have much experience with the commercial offerings for two simple reasons: They are expensive A fantastic open source alternative exists Enter Mautic. [Read More]
linux 

Self Hosted Analytics with Matomo

It’s easy enough to host your own blog. Once you have a website running and the visitors start arriving, you’ll be left with the question how can I track and analyze my traffic? The most popular choice is to use Google Analytics, and for good reason. Google makes it very easy to include analytic functionality. For the unfamiliar, analytics is a broad term that describes measuring user behavior across your webiste. [Read More]

Roll Your Own Cloud

Cloud has to be the most over-used and under-understood term of the last 10 years. The problem is that “cloud” can refer to many things, since at its core a cloud service is simply a remote service. I’ll use a slightly more expansive definition, at least for the purpose of this post. I’ll refer to a cloud as some service that allows you to securely share, store, and manage data and files between users. [Read More]