Cloud smackdown: NAS vs. Resilio Sync vs. Zero-Knowledge Cloud!

In my ongoing effort to lock down my cyber-life, I jettisoned Dropbox three weeks ago, and I'm quite happy I did.

But I'm not done with the reconfiguration. So, if you have the patience and credulity, you may listen in while an amateur deliberates about the choices...

People more expert about this stuff than I am: please review my various claims here for accuracy. I must thank a gentleman who gave excellent feedback and corrections on my VPN post from a month ago.

Why Resilio Sync isn't working out for me

As I explained in an update, the solution I went with—Resilio Sync plus backup to an external drive—had some drawbacks that were unexpectedly annoying. Foremost among these is the fact that Sync isn't a "set it and forget it" technology, i.e., you have to think about and maintain the state of your syncitude, since your devices have to be on at the same time (and Sync has to be working on both/all of them). Also annoying is having to rely heavily on traditional backup, because if God forbid you should delete something inadvertently, your deletion will propagate among your devices (if they're all on at the same time—entirely possible). I've had to use Dropbox's "restore" feature before; I figure it's only so long before I have to restore something from my backup, and what happens if my backup program's restore feature is screwed up or very hard to use? Oy.

These problems are annoying, but not horrible. However, I definitively decided that I had made the wrong choice when I discovered that Sync has no easy way (that I can find) to support the syncing of contacts, passwords, calendars, bookmarks, and text editor settings. Sure, you can sync a data file, but insofar as this same data file (i.e., identical copies of it) must interact correctly with software on each of your systems, then unless the software is specially and carefully written to work with an independent datafile that works the same on all your systems (I think Sublime Text is OK here), you should let your local copy of the software update its own copy of its datafile. This is one of those technical issues that sounds very abstruse, but which poses very real, concrete problems when the rubber meets the road.

The problem, essentially, is that you need to let your software (browser, password manager, calendar, or text editor) handle its own syncing via the cloud. There are two ways in which software can do this for you: (1) you use a cloud you pay for, like Dropbox (e.g., Enpass supports Dropbox syncing), or (2) you use the software vendor's cloud/server, as email syncs via IMAP with your mail host, which you must trust, or as Chrome and Firefox do with bookmarks, and as Apple does with your contacts and calendar. Boo! Hiss! I'd rather handle this myself and avoid the privacy/security risks, if I can.

Your very own cloud server: a NAS

Well...having decided I'm going back to the drawing board on a cloud/device syncing solution, I recalled that NAS devices solve this general problem very neatly. NAS means "network-attached storage," and it means basically your very own personal cloud server. It's an actual box that lives in your home or office, but it's also on the Internet, so you can access it from anywhere. It's not a traditional desktop computer; it's a server. With a NAS, when you sync your devices, they don't all have to be on, because they sync via the NAS, which is always on (but don't worry, it doesn't use much energy). If you ever have to restore your files, the NAS makes it easy without the trouble or worry of having to interact with fiddly backup software. In other words, "file restoration" is built in to the NAS's syncing software—an "undo" button for inadvertent deletion.

NASes (especially the Synology brand) come with a whole raft of software for syncing particular types of data that work with different apps, like calendars (oh joy! Finally, a plausible replacement for Gcal!), address books, passwords (using WebDAV), and more. This is a decided advantage over Resilio Sync, which simply doesn't offer such solutions.

NAS devices also support cloud-based collaborative document editing—basically, they replace Google Docs. It's insane what a NAS can do for you: not just syncing documents and data, not just collaborative document editing, but also (these are all available Synology packages/apps)

  • calendar (replaces Gcal and Apple calendar via iCloud)
  • contacts/address book (CardDav; replaces various)
  • chat (replaces Facebook Messenger, Slack, and Telegram; includes end-to-end encryption)
  • your own frickin' mail server if you're brave enough
  • photo sharing (replaces Instagram, Facebook, or whatever you use to share pictures with your family and friends)
  • Discourse (host your own web forum)
  • Apache and support for various programming languages like Java, Node.js, PHP, Ruby, as well as databases; i.e., make your NAS an actual, fully-functional web server
  • Redmine (project management and ticketing system; replaces Zendesk, Pivotal Tracker, Jira, Trello, Asana)
  • multiple options for blog, CMS, and wiki systems
  • video hosting and podcasting
  • VPN (i.e., turn your NAS into a VPN node)
  • Git and Git Server (put your code on your own Git server instead of using Github or Gitlab; handy if you have totally private projects)
  • built-in backup for the NAS

In short, just think of all the computing functions you farm out to the Internet just because you want something "always available from anywhere using a brower." Well, pretty much all of those services can be had via your own NAS, and a sizeable company (Synology) supports the software.

Now, I'm not saying these apps are as good as the ones available to you from the professionals. Your NAS is not likely to be as fast or as reliable as your current web host. But (a) it's yours, and (b) you don't have to worry about the prying eyes of corporate workers, or about hackers attacking the big corporate data honeypots (they might take a crack at your NAS if they think its defenses are poor, though).

Wait, what about zero-knowledge cloud services?

Oh, you thought I had forgotten about zero-knowledge cloud services, like Sync.com, Spider Oak, Pcloud (my son threatened to use this one himself because he didn't like Resilio Sync), and others?

I started out thinking these were good options, but in retrospect I see they don't hold a candle to NASes. They specialize in being always-on, reliable, and secure cloud sync/backup options. And that's good. The problem, however, is that there are an awful lot of cloud services we rely on that put you and your data in the same boat as Dropbox. And even if you don't need to host your own website or your own mail server, which is admittedly going a bit far, there are very sound reasons at least to want to host your own contacts, passwords, calendar, and so on.

I looked at the features offered by Sync.com, Spider Oak, and Pcloud, and while they seem to nail the traditional Dropbox feature set (which is good!), they don't support the other cloud features I'm anxious to have. One of the next items on my lock-down "to do" list is to finally replace Gcal and Apple Contacts, and to delete my calendar and contacts from Google. I just hate the idea of leaving these problems unsolved. My ambition is to completely divorce my data and habits from Google, Apple, and Microsoft products. I don't see how I can do that without either trusting somebody else, or running my own server. Since zero-knowledge cloud services are so underdeveloped at present—and if I were an investor, I'd put money into that, as it strikes me as a potentially huge growth industry—the only option left is a NAS.

Some final reasonable considerations

Let's take a step back and get reasonable, now.

What is the main concern motivating these deliberations? Not just concern about privacy, but a refusal to entrust sensitive information to corporations that are, essentially, black boxes to me. But maybe I can just accept some risk here. Isn't that reasonable?

Well, I wouldn't be where I am if I was prepared to answer "yes. " My sense of the thing is that having massive amounts of valuable data sitting right in their servers ends up being too much of a temptation to a lot of companies, and they can craft and interpret their privacy policies in a clever enough way to escape much legal risk. And even if I could trust their privacy practices, the many and growing number of security breaches means my data isn't safe.

I also don't like the direction that both government surveillance and authoritarian, paternalistic corporate cultures are moving in; while I don't expect the secret police to bust down the door anytime soon, or the remaining Big Tech companies I have relationships with to cut me off, it's a definite plus to cut ties with these institutions which have become so corrupt.

I admit my motivations are partly (perhaps only a small part) political. I'd like to lead a revitalized, individualistic civil society in a better direction, help support the ecosystem of privacy-respecting companies, and poke snoops, spooks, hackers, and authoritarians in the eye.

All that said, I don't expect others to think about this the way I do. We all have our paths to walk.

As for myself, I've concluded I will get a NAS after all. Wish me luck with the installation and configuration!


How I replaced Dropbox

Updated April 2 at bottom.

My main beef with Dropbox is that it's not secure, not adequately encrypted, and there's been a little too much indication that Dropbox is spying on user data.

Ever since I decided to lock down my cyber-life, I had Dropbox in my sights. It was going to be a pain to replace it, I thought, so it took a while before I got around to doing so. I finally did do so today.

The longest step of this process was deciding what I wanted to do. At first, I thought I'd set up my own lightweight cloud server using my desktop, which would sync files on all my devices, something like NextCloud. A great bonus is that this makes it particularly easy to sync things like your address book and passwords. This doesn't seem like a bad idea and is now my fallback. But I ultimately decided to pass because (a) setup might end up being very bothersome, (b) it might eat up desktop resources, and (c) I'd have to keep my computer on all the time, which seems suboptimal.

All of the problems with installing my own NextCloud—bothersome setup, resources constraints, and always-on system—are taken care of by getting my own server or, less ambitiously, what is called a NAS, or Network-Attached Storage system. I spent several hours yesterday researching all about NASes, and came close to getting either a QNAP or a Synology NAS, because they're so frickin' cool. I mean, jeez, it's actually a fully-functioning standalone web server with a zillion apps (especially Synology), and sure, you can use it to sync your files. But the more I thought about it, the more I thought, "This is a lot of work (and yet another giant attack surface for hackers), when all I really want is a Dropbox replacement." If I were just hacking and exploring, I would have gotten a NAS in a heartbeat, they're so cool. But I have other things to do, so...

I also semi-seriously considered getting a zero-knowledge encryption system, like SpiderOak. The premise seems solid: your files are all saved in the cloud, but 100% encrypted, and the key needed to decrypt them is only on your machine (or in your head). SpiderOak (and many other similar services) cannot scan your files because it lacks the keys to read them. I guess my experience with being hacked and seriously disaffected with storing data in the cloud generally turned me off even to this. If I don't have to trust a company (as I do if, e.g., I want to use a VPN), then I'd prefer not to.

So, how do you get cloud functionality without the cloud? With syncing apps. These use different technologies to sync your devices directly with each other, through the Internet, but not stored on the Internet, and without any one of them acting as a server to the others (so they're all peers of each other in your little device network). It turns out that there are several options available here, and I came close to going with Syncthing because it's open source (and therefore, more trustworthy) but...no iPhone app. But the next best thing is Resilio Sync, which is also based on (the UPDATE: closed-source) Bittorrent Sync. Now, the fact that it uses Tor doesn't mean your data is stored in the dark web. It simply makes use of the Tor network, which is perfectly legal and legit, that is required for accessing the dark web (something I've never even tried to do, by the way). The beauty of the system is that in transit through cyberspace, your data is end-to-end encrypted through a decentralized network. It's hard to get more secure, or that's my understanding.

Resilio Sync is pretty easy to install if you're not using Linux. It was a bit of a pain (they could work harder on the setup, I mean really, guys) but still doable, if like me you're reasonably adept with vague Linux instructions. It didn't take longer than an hour to completely set up and test (my son did it in half the time), and then I started moving folders over, one by one, from Dropbox to my new Sync folder. This was quite satisfying, not unlike that satisfying feeling of changing my account email addresses from gmail.com to sanger.io. And because Resilio updates via your LAN directly from device to device, it syncs much faster than Dropbox. Like Linux, the slightly geekier alternative turns out to be just better, all the way around.

I got the $100 one-time deal so my family could all use it. Since this is roughly what I've been paying to Dropbox yearly for the last decade or whatever it's been, I was very happy to pay this.

How does it work? Well, once it's set up, it's just like Dropbox. Create a new file in your work folder? It's practically instantly synced to any other devices that are on, as soon as you save it. (Of course, it does have to be on, in order to sync. And your phone won't sync the file and folder contents; it will only sync the index, and then, as with the Dropbox mobile app, you can download the item one-by-one.)

There is one very small change this might require to your routine. Since your files aren't in the cloud but only on other machines, before you leave one machine with files on it you might want to access elsewhere, you'll want to make sure either (a) that machine will stay on while you're away from it, or (b) you've synced before you leave while they're in close proximity (the LAN connection will make syncing faster, too).

Love it so far. Buh-bye Dropbox! Any regrets so far? Not really. While LAN syncing for me is significantly faster than Dropbox, it uses only 10% of my available LAN bandwidth, and I wasn't able to get it to go faster; I'm not sure what's up with that. I tried to fix it but didn't dare do too much, since it involved a lot of fiddly changes to settings that, it seems, need to be undone. Your mileage may vary.

Also, they didn't make Linux GUI other than a browser-based one, which is OK; it works well enough. They didn't even bother to create a tray icon, but they do have an API, so my 12-year-old son made one for them and I'm already using it. (Want the code, Resilio? I can set that up.)

Of course, if you haven't taken the Linux plunge, Resilio Sync is probably going to be a lot more usable for you—not that, at the end of the day, it isn't extremely usable for Linux users, too. And, as I've indicated, there are many, many other options available to you if you want to ditch Dropbox. You should consider them for yourself.


April 2 update:

I've been using Resilio Sync for the last two weeks, and my son and I have a few concerns. The first is one we knew about going in: it's not a cloud solution. Syncing works only if both devices are on. This means syncing isn't exactly "set it and forget it." You have to pay attention to whether something is syncing, and if you forget...you won't be synced. After using Dropbox for years, this turns out to be quite annoying.

This, in turn, means I have to worry more about losing files. I can back up files on my main machine, which is always a great idea (of course), but if I haven't synced because two machines haven't been on at the same time (or because I need to reboot Sync, which is also an annoyance), then I might still lose laptop files because I only back up my desktop.

Backing up is all the more important because it is possible to inadvertently delete a bunch of files from one machine...leading them to be deleted everywhere. That would be a disaster. It's like automatically deleting all your backups. Of course, the stuff might be rescuable in Trash, but do you really want to rely on Trash as a fallback solution?

To pour salt in the wound, if I really want peace of mind, I have to make sure the the backup program is fantastic. I can't rely on Resilio Sync as a backup program. And the default Ubuntu backup program kind of sucks (which is surprising to me). This isn't a count against Resilio, but it does make switching, if I'm going to switch, more urgent.

So it's back to the drawing board. A zero-knowledge encryption cloud solution is sounding better now, but there are two sticking points for me: (a) I don't want to have to trust an external vendor if I don't have to, and (b) I'm not confident that I know what's going on well enough to be able to say that my data is truly secure and private.

Last time, I came very close to getting a NAS, but I didn't. I'm now 90% sure I will get a NAS after all.

The reason I didn't get a NAS the first time is that it sounded like just too much trouble to set it up and maintain it, not to mention having another attack surface to lock down. But the more I think about it, the more I think it might be worth it.

After all, another rather huge advantage of a NAS is that I don't have to rely on any cloud service I don't control myself, at least for my personal purposes, for a range of purposes we now use different cloud services for. That means I can maintain my own synced contacts, passwords, bookmarks, etc., as well as supporting collaborative documents (a la Google Docs) I want to work on with others (such as a Declaration of Digital Independence). I might still have to rely on Google Docs (or something like it) for work, but at least my private life would be more locked down.

Any one of the latter advantages certainly wouldn't be enough to justify getting a NAS. But taken together, and combined with an always-on Dropbox alternative that I can "set and forget," it's looking better and better.

Stay tuned. I'm not done yet.

Another installment in my series on how I’m locking down my cyber-life.


How and why I got a VPN

As part of my ongoing efforts to lock down my cyber-life, I finally decided to investigate VPNs (virtual private networks) and subscribe to one, if it seemed to be a good idea.

Well, it is a good idea. So I got one, and it was pretty cheap.

What is a VPN, anyway?

A virtual private network, briefly, is subscription service (there are free ones, but don't use a free one) that you can connect to in order to mask your IP address, pretending (unsuccessfully if you're using a mobile connection) that you're connecting to the Internet from somewhere else, while encrypting the data that passes between you and your ISP (which can mean your data is encryped as it passes through wifi). It doesn't replace your ISP; you still need an ISP to connect to the Internet. More specifically, a VPN (typically, a for-profit company):

  1. Is runs a number of servers (computers), which ideally are located all around the world, each of which connects to the Internet on your behalf.
  2. Is a service you connect to, as a data "tunnel" to the Internet. You can set up your computer or phone so that it connects to the VPN whenever you get online (or whenever you like). All your requests to the Internet, and all the responses you receive from the Internet, are routed through one or another of the VPN's nodes.
  3. Encrypts the data exchanged between its servers and your device.
  4. Typically doesn't log your traffic (but there's no way to know this for sure) or intercept your data (unless they receive a specific court order to do so in your case).
  5. Is typically a paid service; there are free ones.

Why would I want a VPN?

So, what does a VPN do? What is it good for? What are the benefits? Why would you get one? Several things (cf. this useful intro):

  1. Foil the NSA, maybe. You connect to the Internet via your ISP at home, right? Well, since data you exchange with the VPN is encrypted, your ISP can't detect anything about what websites you're looking at or what information you're sending. Since mass surveillance (e.g., by the NSA) is typically done at the ISP level, this foils such surveillance. But maybe you trust all the fine, upstanding people who work for the government and don't care. Well, there are other reasons, as well:
  2. Make it harder for websites, hackers, and advertisers to spot you. When you connect to a website without a VPN, it typically logs the IP address that is accessing it, maybe info about your device, browser, etc. This can be used by the website to track you and for various nefarious purposes. When you connect with a VPN, websites log data from the VPN's server, which says nothing about you. This protects your information privacy and security (which you should care about!).
  3. Use airport, hotel, and restaurant connections securely. If you connect to the Internet via your airport's connection, hackers can pretty easily do nasty things with your data stream. But if your data stream is completely encrypted on its way through the airport's wifi to and from the VPN, those hackers can't touch you. Take that, hackers! This is a huge advantage to me, considering how much traveling I'm doing these days.
  4. See content as if you were elsewhere. If you want to access information that is accessible only by IP addresses from a given country (such as the U.K. or the U.S.), a VPN lets you do so. You can make it look like you're from there! E.g., I can watch Brits-only content from the BBC. That's just kind of cool.
  5. More safely do P2P file sharing. If you must, and are cheap, and refuse to pay the creators of your content, you bastard.

If you don't care about privacy or security or striking a blow against mass surveillance, then you should pass. If you do care about those things, consider getting a VPN.

WThere's one significant disadvantage about VPNs, which makes me sad, but I'll live with it: VPNs do slow down your Internet connection, but not necessarily by much. As you know (if you know how the Internet works at all), Internet traffic bounces from node to node as it makes its way from the website (or whatever) you're accessing to your device. The VPN adds one node to that trip. As long as you connect to a VPN server located near you, this trip isn't actually lengthed by much. BestVPN.com says it slows down your connection speed by 10%, but the actual amount at any given time depends on many factors. I rarely notice much of a difference, for what it's worth.

Update: after using it for a couple days, my VPN (which is reputedly one of the faster ones) doesn't really noticeably slow down my connection, even at the hotel. Except when I was connected to the U.K., and then the only problem was that I had to buffer a video once or twice.

What VPN did I choose?

I'm not telling. I spent some hours doing research. A name emerged. You should do the same and use your own judgment. Be careful not to subscribe to any shady VPNs; they doubtless do exist and it might be hard to figure out whether yours is one. There can be problems with the software as well. Unfortunately, some amount of trust is involved if you're not a specialist. I bore these requirements in mind:

  • Don't just look for claims that they don't keep logs; check that the claims have been verified (by consultants, courts, or police).
  • Bear in mind that many reviews might be paid for and so can't be trusted. It might be hard to tell which reviews these are.
  • Speed.
  • Can one determine who owns the company? Do they look legit?
  • Support for Linux.

There are other features you might be interested in, of course.

How hard was it to buy and install?

I can speak only about the one I bought and installed: it was dead simple. It was no harder to buy than any other subscription service. As for installation, I had it downloaded, installed, and working in maybe two minutes. Of course, that's just the one I bought.

Note, you don't have to install special software to use a VPN, e.g., if you're using an OS or browser that has the software built in.

There's much more to know about VPNs, which you might want to know if you're going to get into it. You're just getting a rank beginner's explanation of why he got one, here.

This is part of the series on how I'm locking down my cyber-life.


Further on my Linux journey: Ubuntu on a laptop

First, I decided to switch to Linux. I have to tell you: I'm so glad I did. It's not just the sheer relief from the knowledge that I'm not being monitored by Microsoft or carefully controlled by Apple. I'll admit, that's probably the biggest advantage to Linux for me. But I really, truly find Linux Ubuntu (that's the distro I'm using) running the Gnome desktop environment (this is actually the thing that has 80% of the "look-and-feel" we associate with operating systems) to be significantly easier to use (and faster, and less frustrating). Of course, we're all different and your mileage may vary.

But after having used it some more, and having also installed another distro, I'm not sure Linux is quite ready for grandma yet—not unless she's rather technical, is eager to commit a fair bit of new stuff to memory, or has easy and quick sources of help. I do stand by my claim that Linux is ready for prime time, but only if you use one of the more user-friendly distros. If you're a "power user," i.e., if you are not necessarily a programmer but do know your way around a computer pretty well, if following technical instructions to solve problems doesn't bother you too much, then you should really seriously consider trying out Mint or Ubuntu. The cool thing is that you can try it out before you take the leap, either with a live boot (i.e., it lives on a thumb drive; this is probably easier) or a virtual machine.

Then when I went on some trips and a month ago I had a serious moment of disgust with my Apple laptop. I mean, ugh, there were so many things I have come to dislike about the Apple scene, but after enjoying daily life with Ubuntu, when I switched to Apple while on the road, I just could not get over how damned clunky the thing is. It looks pretty and costs too much, but god, so much about it is, in the vernacular of my teen years, totally bogus.

So then I decided, OK, I'm going to dual boot on my MacBook Pro, too, i.e., run both OS X and Linux on the same machine, in different partitions. I had it narrowed down to distros like Arch, Manjaro, and openSUSE; I wanted to try something that wasn't Ubuntu, just for the experience.

Well, last week, I finally bit the bullet and put Manjaro on the machine. (This time I insisted on doing most of the hard work, instead of leaving it to my 12-year-old son, who has been using Linux daily for longer than I have.) Installing wasn't that hard, actually; it really wasn't significantly harder than installing Ubuntu. While most things worked, I ran into a series of problems I won't bore you with; suffice it to say that I ended up installing Manjaro twice and rebooted it endless times while trying different drivers and Grub parameters and stuff. I worked very diligently until an experienced Linux user told me that I shouldn't even try to put any Linux distro on a new MacBook (mine is from 2018) because so many of the device drivers are simply unsupported. That was a huge let-down. Even my Linux geek son couldn't figure out the issues. I told my wife I'd just sell it, but she said to give it to the boys since the old laptop they're sharing (another old one of mine) has a screen that often didn't work properly.

By then, I had also decided I didn't like Manjaro much (or maybe it was the XFCE desktop environment). In any event, I had enough hours on Manjaro to have learned that mastering two different flavors of Linux at once was going to be a serious pain without any compensatory advantage.

So I ended up shopping around and getting a decent Windows machine, a Samsung Notepad 9, and did a clean install (i.e., wiped Windows entirely) of Ubuntu again. I mean, if I'm going to learn Linux properly, might as well do it completely in one distro before branching out too much. The installation process was pretty painless—seriously, so much easier and more pleasant than setting up a new Windows machine.

So now I'm 100% Linux (and 100% Ubuntu with Gnome), and I'm not looking back. I'm so done with Windows and Mac. Now I'm just looking forward to implementing yet more ways to lock down my cyber-life.

(Wait...100% except for my phone and tablet. At present there is no non-heroic way to own a Linux phone, but I'm still keeping an eye on the Purism Librem 5 and might well take the plunge...)


How to decentralize social media—a brief sketch

The problem about social media is that it is centralized. Centralization empowers massive corporations and governments to steal our privacy and restrict our speech and autonomy.

What should exist are neutral, technical standards and protocols, like the standards and protocols for blogs, email, and the Web. Indeed, many proposed standards already do exist, but none has emerged as a common, dominant standard. Blockchain technology—the technology of decentralization—is perfect for this, but not strictly necessary. Common protocols would enable us to follow public feeds no matter where they are published. We would eventually have our pick of many different apps to view these feeds. We would choose our own terms, not Facebook's or Twitter's, for both publishing and reading.

As things are, if you want to make short public posts to the greatest number of people, you have to go to Twitter, enriching them and letting them monetize your content (and your privacy). Similarly, if you want to make it easy for friends and family to follow your more personal text and other media, you have to go to Facebook. Similarly for various other kinds of content. It just doesn't have to be that way. We could decentralize.

This is a nice dream. But how do we make it happen?

After all, the problem about replacing the giant, abusive social media companies is that you can't replace existing technology without making something so much more awesome that everyone will rush to try it. And the social media giants have zillions of the best programmers in the world. How can we, the little guys, possibly compete?

Well, I've thought of a way the open source software and blockchain communities might actually kick the legs out from under the social media giants. My proposal (briefly sketched) has five parts. The killer feature, which will bring down the giants, is (4):

  1. The open data standards. Create open data standards and protocols, or probably just adopt the best of already-existing ones, for the feeds of posts (and threads, and other data structures) that Twitter, Facebook, etc., uses. I'm not the first to have thought of this; the W3C has worked on the problem. It'd be like RSS, but for various kinds of social media post types.
  2. The publishing/storage platforms. Create reliable ways for people to publish, store, and encrypt (and keep totally secret, if they want) their posts. Such platforms would allow users to control exactly who has access to what content they want to broadcast to the world, and in what form, and they would not have to ask permission from anyone and would not be censorable. (Blockchain companies using IPFS, and in particular Everipedia, could help here and show the way; but any website could publish feeds.)
  3. The feed readers. Just as the RSS standard spawned lots of "reader" and "aggregator" software, so there should be similar feed readers for the various data standards described in (1) and the publishers described in (2). While publishers might have built-in readers (as the social media giants all do), the publishing and reading feature sets need to be kept independent, if you want a completely decentralized system.
  4. The social media browser plugins. Here's the killer feature. Create at least one (could be many competing) browser plugins that enable you to (a) select feeds and then (b) display them alongside a user's Twitter, Facebook, etc., feeds. (This could be an adaptation of Greasemonkey.) In other words, once this feature were available, you could tell your friends: "I'm not on Twitter. But if you want to see my Tweet-like posts appear in your Twitter feed, then simply install this plugin and input my feed address. You'll see my posts pop up just as if they were on Twitter. But they're not! And we can do this because you can control how any website appears to you from your own browser. It's totally legal and it's actually a really good idea." In this way, while you might never look at Twitter or Facebook, you can stay in contact with your friends who are still there—but on your own terms.
  5. The social media feed exporters/APIs. Create easy-to-use software that enables people to publish their Twitter, Facebook, Mastodon, Diaspora, Gab, Minds, etc., feeds via the open data standards. The big social media companies already have APIs, and some of the smaller companies and open projects have standards, but there is no single, common open data standard that everyone uses. That needs to change. If you could publish your Twitter data in terms of such a standard, that would be awesome. Then you could tell your friends: "I'm on Twitter, but I know you're not. You don't have to miss out on my tweets. Just use a tweet reader of your choice (you know—like an old blog/RSS feed reader, but for tweets) and subscribe to my username!

The one-two punch here is the combination of points (1) and (4): First, we get behind decentralized, common social media standards and protocols, and then we use those standards when building plugins that let our friends, who are still using Facebook and Twitter (etc.), see posts that we put on websites like Steemit, Minds, Gab, and Bitchute (not to mention coming Everipedia Network dapps).

The exciting thing about this plan is that no critical mass seems to be needed in order to get people to install the envisioned plugin. All you need is one friend whose short posts you want to see in your Twitter feed, and you might install a plugin that lets you do that. As more and more people do this, there should be a snowball effect. Thus, even a relatively small amount of adoption should create a movement toward decentralization. And then the days of centralized social media will be numbered. We'll look back on the early days of Facebook and Twitter (and YouTube!) as we now do the Robber Barons.

We can look at a later iteration of Everipedia itself as an example. Right now, there is one centralized encyclopedia: Wikipedia. With the Everipedia Network, there will be a protocol that will enable people from all over the web to participate in a much broader project.

I would love to see the various competitors of the social media giants settle on a common standard and otherwise join forces on these sorts of projects. If they do, it will happen, and the days of privacy-stealing, centralized, controlling, Big Brother social media will soon be behind us. We'll return to the superior and individually empowering spirit of the original Internet.

We have to do this, people. This is the future of the Internet. Even if you've given up social media, we should build this for our friends and family who are still toiling in the digital plantations.


18 things about Apple that suck

Apple, how dost thou suck? Let me count the ways:

  1. iTunes, the worst software in the world.
  2. The App Store is a centrally managed walled garden. I can't run apps Apple hasn't approved of on my phone, and on my own computer, I have to give special permission to run programs Apple doesn't like.
  3. iCloud is turned on by default.
  4. Apple brags about how committed to privacy it is, but gives us no credible way of verifying its claims.
  5. I'm forced to use Apple's default software for several features in iOS such as Siri search.
  6. Because Siri works only when you're online, I have to share my voice commands to my phone over the Internet, commands which Apple records, processes, and saves for a long time.
  7. Frequently, Apple's idea of "easy to use" software requires that I take extra steps, and is not particularly easy to use.
  8. Lack of sufficient customization options everywhere. Apple knows best.
  9. OSX is based on BSD, which is FOSS, but OSX is proprietary. They're contemptible free riders.
  10. Steve Jobs is dead and mere mortals now run the company.
  11. The company makes some really dumb decisions like getting rid of the 3.5mm audio jack.
  12. Apple encourages too many push notifications, which, I've decided, are an attention-hogging evil.
  13. Siri isn't very good.
  14. If they were a decent company, they wouldn't practice planned obsolescence, and they sure as hell wouldn't do it so aggressively.
  15. Apple Stores just really, really suck in many ways. That'd be another whole list.
  16. They're overpriced. No, not because they're premium products. When I say they're "overpriced," I don't mean they're expensive. I mean that they are poor value.
  17. Their CEO thinks he has a divine mission to censor wrongthink.
  18. They use a new proprietary image format (HEIC), if you want to airdrop yourself something from your iPhone to your MacBook. Idiots! Ugh, like I'm totally going to get rid of my Mac OS and this is the main reason why!

Much of this can be chalked up to the whole wretched, arrogant "Apple knows best" mentality. Why do we still give these people our money?


Notes on choosing a Linux distro (for Linux geeks only)

I've ditched Windows on my desktop machine. Similarly, I can't keep using macOS on my laptop. I decided to put Linux on it (and dual-boot). I thought it would be a good idea to use a different distro. But which?

I thought I would do my deliberations publicly. So here goes.

If I haven't exactly mastered Ubuntu with Gnome, why not keep working on it? But flavors of Linux are so similar that if you use one, it's not hard to figure out another. So I think it's a good idea for learning purposes to install a different one.

After a fair bit of hunting about, the following caught my eye enough to do some research and take some notes—your mileage may vary, obviously, as our needs and ability levels vary widely. I'll put these in order of how quickly I rejected them (from fastest rejection to slowest).

  • Arch. Nah, that's for advanced users, and I'm not an advanced Linux user (yet).
  • Kali. More privacy-oriented, but not beginner-friendly because it is actually aimed at security experts. I'll have to pass on that.
  • Pop!. The thing that has me considering the new Pop! distro is that it is specially adapted from Ubuntu by System76 (which sells Linux computers) for developers. Its landing page is very persuasive, but after I looked at some videos about it, it just has too much Ubuntu to be a suitably different system. I guess I'll pass on the Ubuntu-based systems; I want to try something different.
  • Debian. One source bills this as especially good for programming; but it is also not really for beginners, and besides, Ubuntu is based on Debian. So...
  • Mint and Deepin. If I'm rejecting Ubuntu-based distros out of hand, these must go; they're Ubuntu-based.
  • Manjaro and Antergos. These Arch-based distros are supposedly easier to install, and might be a good introduction to a more powerful Linux experience.
  • openSUSE Leap. This is a very old distro, and is very polished, well-documented, and stable (at least the Leap distro; Tumbleweed follows a rolling release model and so should be expected to be less stable). One source says it is targeted at developers and has "stringent" security protocols, whatever that means exactly. It's praised for its customizability, and I like the idea that one can pick and choose packages to include on installation.

So, I'm down to Manjaro, Antergos, and openSUSE Leap. I still haven't made up my mind. So maybe you can help me decide, given my basic requirements:

  • Sufficiently different from Ubuntu with Gnome to give me a usefully different Linux experience.
  • Especially excellent for programmers.
  • Stable, established, well-documented.
  • Not advanced. Needn't be very easy-to-use.
  • I place a premium on security.
  • Looks nice. I don't actually enjoy ugly, clunky stuff.
  • Likes: keyboard shortcuts, snapping windows, reasonably easy customizability, cool, well-designed workspace functionality, etc.
  • I don't really want a rolling release distro, assuming that they're rather more open to disruptive problems. I'm too busy to squash trivial bugs others will eventually squash for me.
  • Works on MacBook Pro machine without too much trouble (it's OK if I have to install a driver, I guess).


A plea for protocols

The antidote to the abuses of big tech is the very thing that gave birth to the Internet itself: decentralized, neutral technical protocols.

  1. The thought that inspires
    my work.
    Ever since I started
    work on Nupedia and then Wikipedia, a thought has always
    inspired me: just imagine the stunning possibilities when people
    come together as individuals to share their knowledge, to create
    something much greater than any of them could achieve individually.

  2. The sharing economy. There
    is a general phrase describing this sort of laudable activity: the
    “sharing economy.” The motivations and rewards are different
    when we work to benefit everyone indiscriminately. It worked well
    when Linux and OSS were first developed; then it worked just as well
    with Wikipedia.

  3. The Internet itself is an
    instance of the sharing economy.
    The Internet—its ease of
    communication and publishing together with its decentralized
    nature—is precisely what has made this possible. The Internet is a
    decentralized network of people working together freely, for mutual
    benefit.

  4. The Internet giants have
    abused the sharing economy.
    About ten years ago, this all
    started to change. More and more our sharing behavior has been
    diverted into massive private networks, like Facebook, Twitter, and
    YouTube, that have exerted control and treated contributors as the
    product.

  5. Facebook’s contempt for
    our privacy.
    All you want to do is easily share a picture with
    your family. At first, we thought Facebook’s handling of our
    private data would just be the price we had pay for a really
    powerful and useful service. But over and over, Facebook has shown
    utter contempt for our privacy, and it has recently started
    censoring more and more groups based on their viewpoints. We don’t
    know where this will end.

  6. This aggression will not
    stand, man
    . We need to learn from the success of
    decentralized projects like Linux, open source software, Wikipedia,
    and the neutral technical protocols that define the Internet itself,
    that we don’t have to subject
    ourselves to the tender mercies of the Internet giants.

  7. How.
    How? Just
    think. The Internet is made up of a network of computers that work
    according to communication rules that they have all agreed on. These
    communication rules are called protocols and
    standards.

  8. Protocols
    and standards...
    There
    are protocols and standards
    for transferring
    and displaying
    web pages, for email, for transferring files, and for all the many
    different technologies
    involved.

  9. ...which
    are
    neutral.These
    different standards are neutral. They explicitly don’t care what
    sort of content they carry, and they don’t benefit any person or
    group over another.

  10. We need more
    knowledge-sharing protocols.
    So here’s the thought I want to
    leave you with. You evidently support knowledge sharing, since
    you’re giving people awards for it. Knowledge sharing is so easy
    online precisely because of those neutral technical protocols.
    So—why don’t we invent many, many more neutral Internet
    protocols for the sharing of knowledge?

  11. Blockchain is awesome
    because it creates new technical protocols.
    Probably the biggest
    reason people are excited about blockchain is that it is a
    technology and a movement that gets rid of the need of the Internet
    giants. Blockchain is basically a technology that enables us to
    invent lots and lots of different protocols, for pretty much
    everything.

  12. Why
    not Twitter- and Facebook-like protocols?
    There
    can, and should, be a protocol for
    tweeting without Twitter.
    Why should we have to rely on one company and one website when we
    want to broadcast short messages to the world? That should be
    possible without
    Twitter. Similarly, when we want to share various other tidbits of
    personal information, we should be able to agree on a protocol to
    share
    that ourselves, under our
    own terms—without
    Facebook.

  13. Wikipedia centralizes,
    too.
    Although Wikipedia is an example of decentralized editing,
    it is still centralized in an important way. If you want to
    contribute to the world’s biggest collection of encyclopedia
    articles, you have no choice but to collaborate with, and negotiate
    with, Wikipedians. What if you can single-handedly write a better
    article than Wikipedia’s? Wikipedia offers you no way to get your
    work in front of its readers.

  14. Everipedia,
    an encyclopedia protocol.
    Again,
    there should be a neutral encyclopedia protocol,
    one that allows us to add
    encyclopedia articles
    to a shared database that its creators own and develop, just like
    the Internet itself. That’s why I’m working on Everipedia, which
    is building a blockchain encyclopedia.

This is a little speech I gave to the Rotary Club of Pasadena, in the beautiful Pasadena University Club, January 31, 2019.


Further, alarming evidence of Larry's creeping geekhood

Isn't she beautiful

Yes, I'm another one who has plunked down unnecessary amounts of money just to get a keyboard with keys that bump, click, and have precise activation points, and with switches that people care a lot about, changeable keys, etc. So far, I don't regret the purchase one bit and I'm rather happy with it. And proud, since here I am bragging about it.

Not only did I get one of these contraptions, called a mechanical keyboard, I totally geeked out and got a 61-key (so called "60%") keyboard. This cut out the function keys, the arrow keys, the number pad, etc. How do I type all that stuff? What about when I want to do a screen capture? Well, for that there is the function layer. In fact, there is the default function layer, which has things like the arrow keys (on my keyboard, they're the green keys, I, J, K, L), as well as three more programming function layers. I don't have to use the Fn key to activate the function layer, either; I can use the Caps Lock key, which I reassigned to Fn with a simple dip switch. So if I want to print the screen, I simply type Fn (or Caps Lock) + p.

I bought the above keyboard from WASD Keyboards. They allow you to choose your keys and choose what is printed on your keys (see what I have on my space bar?). Mine is fitted with the both-bumpy-and-clicky Cherry MX Blue switches, and I can confirm that the bumpyclickiness is "satisfying," whatever that means, in this context, exactly. I do feel approximately 5% geekier, which puts my geekiness ratio might higher than it was not that long ago, what with having installed Linux and starting to really pay attention to privacy. (Speaking of privacy, as some have observed, I need to make larrysanger.org https: . I will soonish, honest.)

So why spend this money (OK, it was $160) on a keyboard? The usual reasons are mine, too: the keys are rather more pleasurable to type on (it's true! The sense of precision is great!). The colors on the self-designed keys make me happy. The high quality also makes me happy. And as for the reasons for a 60% keyboard: I think it will make me a faster writer and coder, as I don't have to leave the center of the keyboard (I'm already seeing this to be the case). It also means I don't have to reach over the extra keys to get to the mouse, so my fingers can be directly in front of me, with the keyboard centered in front of my monitors. I couldn't do this with my old keyboard, which hogged the desk. My workspace is simpler now and that's actually a bigger deal than I thought it would be.

Normally, I would have put the above paragraphs on Facebook and/or Twitter. Instead, as part of my movement away from social media, I decided to put it on my blog and let people find it their own damn selves, and if not many people do find it, and if it has zero chance of "going viral," ask me if I care.


How to delete Ruby and Rails (and other gems) from Ubuntu 18.04

In order to install Ruby and Rails on Ubuntu 18.04, first I had to completely wipe my first, abortive attempt. That proved to be harder than expected. So, in order to save others the effort I had to go through, here's what I did. This worked for me...who knows if it'll work for you, though? I compiled some of the rm -f commands from other sources, but others I figured out myself. If it works, this should completely wipe Ruby and Rails (and other associated command line things, including rvm but not rbenv) from your system, so you can start over with a clean slate. Don't complain to me if anything goes wrong, but if you want to suggest helpful edits, please do. Some of these commands require sudo; if you save this as a .sh file, though (as I did), you can sudo the whole thing.

# HOW TO DELETE RUBY AND RAILS (AND OTHER GEMS)
apt-get purge ruby2.5
aptitude purge ruby
rm -rf /usr/local/lib/ruby
rm -rf /usr/lib/ruby
rm -f /usr/local/bin/ruby
rm -f /usr/bin/ruby
rm -f /usr/local/bin/irb
rm -f /usr/bin/irb
rm -f /usr/local/bin/gem
rm -f /usr/bin/gem

rm -rf /home/globewalldesk/.gem/ruby
rm -rf /home/globewalldesk/.codeintel/db/ruby
rm -rf /usr/local/bin/rails
rm -rf /var/lib/gems/
rm -rf /home/globewalldesk/.bundle/
rvm implode
rm -rf ~/.rvm
unset rvm_path

# THEN DO THIS TO MAKE SURE YOU'RE CLEAN:
# sudo find / -name 'rvm' -name 'rbenv' -name 'ruby' -name 'rails' -name 'gem'
# sudo find / -name 'rbenv'
# sudo find / -name 'ruby'
# sudo find / -name 'rails'
# sudo find / -name 'gem'
# sudo find / -name 'railties'
# cat ~/.bash_profile ~/.bashrc ~/.profile ~/.zshrc ~/.mkshrc ~/.zlogin | grep 'rvm\|rbenv\|ruby\|rails\|gem\|railties' # search for keywords in your bash profiles--they might need to be deleted
# env | grep rvm_path # ensure it's unset