How and why I got a VPN

As part of my ongoing efforts to lock down my cyber-life, I finally decided to investigate VPNs (virtual private networks) and subscribe to one, if it seemed to be a good idea.

Well, it is a good idea. So I got one, and it was pretty cheap.

What is a VPN, anyway?

A virtual private network, briefly, is subscription service (there are free ones, but don't use a free one) that you can connect to in order to mask your IP address, pretending (unsuccessfully if you're using a mobile connection) that you're connecting to the Internet from somewhere else, while encrypting the data that passes between you and your ISP (which can mean your data is encryped as it passes through wifi). It doesn't replace your ISP; you still need an ISP to connect to the Internet. More specifically, a VPN (typically, a for-profit company):

  1. Is runs a number of servers (computers), which ideally are located all around the world, each of which connects to the Internet on your behalf.
  2. Is a service you connect to, as a data "tunnel" to the Internet. You can set up your computer or phone so that it connects to the VPN whenever you get online (or whenever you like). All your requests to the Internet, and all the responses you receive from the Internet, are routed through one or another of the VPN's nodes.
  3. Encrypts the data exchanged between its servers and your device.
  4. Typically doesn't log your traffic (but there's no way to know this for sure) or intercept your data (unless they receive a specific court order to do so in your case).
  5. Is typically a paid service; there are free ones.

Why would I want a VPN?

So, what does a VPN do? What is it good for? What are the benefits? Why would you get one? Several things (cf. this useful intro):

  1. Foil the NSA, maybe. You connect to the Internet via your ISP at home, right? Well, since data you exchange with the VPN is encrypted, your ISP can't detect anything about what websites you're looking at or what information you're sending. Since mass surveillance (e.g., by the NSA) is typically done at the ISP level, this foils such surveillance. But maybe you trust all the fine, upstanding people who work for the government and don't care. Well, there are other reasons, as well:
  2. Make it harder for websites, hackers, and advertisers to spot you. When you connect to a website without a VPN, it typically logs the IP address that is accessing it, maybe info about your device, browser, etc. This can be used by the website to track you and for various nefarious purposes. When you connect with a VPN, websites log data from the VPN's server, which says nothing about you. This protects your information privacy and security (which you should care about!).
  3. Use airport, hotel, and restaurant connections securely. If you connect to the Internet via your airport's connection, hackers can pretty easily do nasty things with your data stream. But if your data stream is completely encrypted on its way through the airport's wifi to and from the VPN, those hackers can't touch you. Take that, hackers! This is a huge advantage to me, considering how much traveling I'm doing these days.
  4. See content as if you were elsewhere. If you want to access information that is accessible only by IP addresses from a given country (such as the U.K. or the U.S.), a VPN lets you do so. You can make it look like you're from there! E.g., I can watch Brits-only content from the BBC. That's just kind of cool.
  5. More safely do P2P file sharing. If you must, and are cheap, and refuse to pay the creators of your content, you bastard.

If you don't care about privacy or security or striking a blow against mass surveillance, then you should pass. If you do care about those things, consider getting a VPN.

WThere's one significant disadvantage about VPNs, which makes me sad, but I'll live with it: VPNs do slow down your Internet connection, but not necessarily by much. As you know (if you know how the Internet works at all), Internet traffic bounces from node to node as it makes its way from the website (or whatever) you're accessing to your device. The VPN adds one node to that trip. As long as you connect to a VPN server located near you, this trip isn't actually lengthed by much. BestVPN.com says it slows down your connection speed by 10%, but the actual amount at any given time depends on many factors. I rarely notice much of a difference, for what it's worth.

Update: after using it for a couple days, my VPN (which is reputedly one of the faster ones) doesn't really noticeably slow down my connection, even at the hotel. Except when I was connected to the U.K., and then the only problem was that I had to buffer a video once or twice.

What VPN did I choose?

I'm not telling. I spent some hours doing research. A name emerged. You should do the same and use your own judgment. Be careful not to subscribe to any shady VPNs; they doubtless do exist and it might be hard to figure out whether yours is one. There can be problems with the software as well. Unfortunately, some amount of trust is involved if you're not a specialist. I bore these requirements in mind:

  • Don't just look for claims that they don't keep logs; check that the claims have been verified (by consultants, courts, or police).
  • Bear in mind that many reviews might be paid for and so can't be trusted. It might be hard to tell which reviews these are.
  • Speed.
  • Can one determine who owns the company? Do they look legit?
  • Support for Linux.

There are other features you might be interested in, of course.

How hard was it to buy and install?

I can speak only about the one I bought and installed: it was dead simple. It was no harder to buy than any other subscription service. As for installation, I had it downloaded, installed, and working in maybe two minutes. Of course, that's just the one I bought.

Note, you don't have to install special software to use a VPN, e.g., if you're using an OS or browser that has the software built in.

There's much more to know about VPNs, which you might want to know if you're going to get into it. You're just getting a rank beginner's explanation of why he got one, here.

This is part of the series on how I'm locking down my cyber-life.


Further on my Linux journey: Ubuntu on a laptop

First, I decided to switch to Linux. I have to tell you: I'm so glad I did. It's not just the sheer relief from the knowledge that I'm not being monitored by Microsoft or carefully controlled by Apple. I'll admit, that's probably the biggest advantage to Linux for me. But I really, truly find Linux Ubuntu (that's the distro I'm using) running the Gnome desktop environment (this is actually the thing that has 80% of the "look-and-feel" we associate with operating systems) to be significantly easier to use (and faster, and less frustrating). Of course, we're all different and your mileage may vary.

But after having used it some more, and having also installed another distro, I'm not sure Linux is quite ready for grandma yet—not unless she's rather technical, is eager to commit a fair bit of new stuff to memory, or has easy and quick sources of help. I do stand by my claim that Linux is ready for prime time, but only if you use one of the more user-friendly distros. If you're a "power user," i.e., if you are not necessarily a programmer but do know your way around a computer pretty well, if following technical instructions to solve problems doesn't bother you too much, then you should really seriously consider trying out Mint or Ubuntu. The cool thing is that you can try it out before you take the leap, either with a live boot (i.e., it lives on a thumb drive; this is probably easier) or a virtual machine.

Then when I went on some trips and a month ago I had a serious moment of disgust with my Apple laptop. I mean, ugh, there were so many things I have come to dislike about the Apple scene, but after enjoying daily life with Ubuntu, when I switched to Apple while on the road, I just could not get over how damned clunky the thing is. It looks pretty and costs too much, but god, so much about it is, in the vernacular of my teen years, totally bogus.

So then I decided, OK, I'm going to dual boot on my MacBook Pro, too, i.e., run both OS X and Linux on the same machine, in different partitions. I had it narrowed down to distros like Arch, Manjaro, and openSUSE; I wanted to try something that wasn't Ubuntu, just for the experience.

Well, last week, I finally bit the bullet and put Manjaro on the machine. (This time I insisted on doing most of the hard work, instead of leaving it to my 12-year-old son, who has been using Linux daily for longer than I have.) Installing wasn't that hard, actually; it really wasn't significantly harder than installing Ubuntu. While most things worked, I ran into a series of problems I won't bore you with; suffice it to say that I ended up installing Manjaro twice and rebooted it endless times while trying different drivers and Grub parameters and stuff. I worked very diligently until an experienced Linux user told me that I shouldn't even try to put any Linux distro on a new MacBook (mine is from 2018) because so many of the device drivers are simply unsupported. That was a huge let-down. Even my Linux geek son couldn't figure out the issues. I told my wife I'd just sell it, but she said to give it to the boys since the old laptop they're sharing (another old one of mine) has a screen that often didn't work properly.

By then, I had also decided I didn't like Manjaro much (or maybe it was the XFCE desktop environment). In any event, I had enough hours on Manjaro to have learned that mastering two different flavors of Linux at once was going to be a serious pain without any compensatory advantage.

So I ended up shopping around and getting a decent Windows machine, a Samsung Notepad 9, and did a clean install (i.e., wiped Windows entirely) of Ubuntu again. I mean, if I'm going to learn Linux properly, might as well do it completely in one distro before branching out too much. The installation process was pretty painless—seriously, so much easier and more pleasant than setting up a new Windows machine.

So now I'm 100% Linux (and 100% Ubuntu with Gnome), and I'm not looking back. I'm so done with Windows and Mac. Now I'm just looking forward to implementing yet more ways to lock down my cyber-life.

(Wait...100% except for my phone and tablet. At present there is no non-heroic way to own a Linux phone, but I'm still keeping an eye on the Purism Librem 5 and might well take the plunge...)


How to decentralize social media—a brief sketch

The problem about social media is that it is centralized. Centralization empowers massive corporations and governments to steal our privacy and restrict our speech and autonomy.

What should exist are neutral, technical standards and protocols, like the standards and protocols for blogs, email, and the Web. Indeed, many proposed standards already do exist, but none has emerged as a common, dominant standard. Blockchain technology—the technology of decentralization—is perfect for this, but not strictly necessary. Common protocols would enable us to follow public feeds no matter where they are published. We would eventually have our pick of many different apps to view these feeds. We would choose our own terms, not Facebook's or Twitter's, for both publishing and reading.

As things are, if you want to make short public posts to the greatest number of people, you have to go to Twitter, enriching them and letting them monetize your content (and your privacy). Similarly, if you want to make it easy for friends and family to follow your more personal text and other media, you have to go to Facebook. Similarly for various other kinds of content. It just doesn't have to be that way. We could decentralize.

This is a nice dream. But how do we make it happen?

After all, the problem about replacing the giant, abusive social media companies is that you can't replace existing technology without making something so much more awesome that everyone will rush to try it. And the social media giants have zillions of the best programmers in the world. How can we, the little guys, possibly compete?

Well, I've thought of a way the open source software and blockchain communities might actually kick the legs out from under the social media giants. My proposal (briefly sketched) has five parts. The killer feature, which will bring down the giants, is (4):

  1. The open data standards. Create open data standards and protocols, or probably just adopt the best of already-existing ones, for the feeds of posts (and threads, and other data structures) that Twitter, Facebook, etc., uses. I'm not the first to have thought of this; the W3C has worked on the problem. It'd be like RSS, but for various kinds of social media post types.
  2. The publishing/storage platforms. Create reliable ways for people to publish, store, and encrypt (and keep totally secret, if they want) their posts. Such platforms would allow users to control exactly who has access to what content they want to broadcast to the world, and in what form, and they would not have to ask permission from anyone and would not be censorable. (Blockchain companies using IPFS, and in particular Everipedia, could help here and show the way; but any website could publish feeds.)
  3. The feed readers. Just as the RSS standard spawned lots of "reader" and "aggregator" software, so there should be similar feed readers for the various data standards described in (1) and the publishers described in (2). While publishers might have built-in readers (as the social media giants all do), the publishing and reading feature sets need to be kept independent, if you want a completely decentralized system.
  4. The social media browser plugins. Here's the killer feature. Create at least one (could be many competing) browser plugins that enable you to (a) select feeds and then (b) display them alongside a user's Twitter, Facebook, etc., feeds. (This could be an adaptation of Greasemonkey.) In other words, once this feature were available, you could tell your friends: "I'm not on Twitter. But if you want to see my Tweet-like posts appear in your Twitter feed, then simply install this plugin and input my feed address. You'll see my posts pop up just as if they were on Twitter. But they're not! And we can do this because you can control how any website appears to you from your own browser. It's totally legal and it's actually a really good idea." In this way, while you might never look at Twitter or Facebook, you can stay in contact with your friends who are still there—but on your own terms.
  5. The social media feed exporters/APIs. Create easy-to-use software that enables people to publish their Twitter, Facebook, Mastodon, Diaspora, Gab, Minds, etc., feeds via the open data standards. The big social media companies already have APIs, and some of the smaller companies and open projects have standards, but there is no single, common open data standard that everyone uses. That needs to change. If you could publish your Twitter data in terms of such a standard, that would be awesome. Then you could tell your friends: "I'm on Twitter, but I know you're not. You don't have to miss out on my tweets. Just use a tweet reader of your choice (you know—like an old blog/RSS feed reader, but for tweets) and subscribe to my username!

The one-two punch here is the combination of points (1) and (4): First, we get behind decentralized, common social media standards and protocols, and then we use those standards when building plugins that let our friends, who are still using Facebook and Twitter (etc.), see posts that we put on websites like Steemit, Minds, Gab, and Bitchute (not to mention coming Everipedia Network dapps).

The exciting thing about this plan is that no critical mass seems to be needed in order to get people to install the envisioned plugin. All you need is one friend whose short posts you want to see in your Twitter feed, and you might install a plugin that lets you do that. As more and more people do this, there should be a snowball effect. Thus, even a relatively small amount of adoption should create a movement toward decentralization. And then the days of centralized social media will be numbered. We'll look back on the early days of Facebook and Twitter (and YouTube!) as we now do the Robber Barons.

We can look at a later iteration of Everipedia itself as an example. Right now, there is one centralized encyclopedia: Wikipedia. With the Everipedia Network, there will be a protocol that will enable people from all over the web to participate in a much broader project.

I would love to see the various competitors of the social media giants settle on a common standard and otherwise join forces on these sorts of projects. If they do, it will happen, and the days of privacy-stealing, centralized, controlling, Big Brother social media will soon be behind us. We'll return to the superior and individually empowering spirit of the original Internet.

We have to do this, people. This is the future of the Internet. Even if you've given up social media, we should build this for our friends and family who are still toiling in the digital plantations.


18 things about Apple that suck

Apple, why dost thou suck? Let me count the ways:

  1. iTunes, the worst software in the world.
  2. The App Store is a centrally managed walled garden. I can't run apps Apple hasn't approved of on my phone, and on my own computer, I have to give special permission to run programs Apple doesn't like.
  3. iCloud is turned on by default.
  4. Apple brags about how committed to privacy it is, but gives us no credible way of verifying its claims.
  5. I'm forced to use Apple's default software for several features in iOS such as Siri search.
  6. Because Siri works only when you're online, I have to share my voice commands to my phone over the Internet, commands which Apple records, processes, and saves for a long time.
  7. Frequently, Apple's idea of "easy to use" software requires that I take extra steps, and is not particularly easy to use.
  8. Lack of sufficient customization options everywhere. Apple knows best.
  9. OSX is based on BSD, which is FOSS, but OSX is proprietary. They're contemptible free riders.
  10. Steve Jobs is dead and mere mortals now run the company.
  11. The company makes some really dumb decisions like getting rid of the 3.5mm audio jack.
  12. Apple encourages too many push notifications, which, I've decided, are an attention-hogging evil.
  13. Siri isn't very good.
  14. If they were a decent company, they wouldn't practice planned obsolescence, and they sure as hell wouldn't do it so aggressively.
  15. Apple Stores just really, really suck in many ways. That'd be another whole list.
  16. They're overpriced. No, not because they're premium products. When I say they're "overpriced," I don't mean they're expensive. I mean that they are poor value.
  17. Their CEO thinks he has a divine mission to censor wrongthink.
  18. They use a new proprietary image format (HEIC), if you want to airdrop yourself something from your iPhone to your MacBook. Idiots! Ugh, like I'm totally going to get rid of my Mac OS and this is the main reason why!

Much of this can be chalked up to the whole wretched, arrogant "Apple knows best" mentality. Why do we still give these people our money?


Notes on choosing a Linux distro (for Linux geeks only)

I've ditched Windows on my desktop machine. Similarly, I can't keep using macOS on my laptop. I decided to put Linux on it (and dual-boot). I thought it would be a good idea to use a different distro. But which?

I thought I would do my deliberations publicly. So here goes.

If I haven't exactly mastered Ubuntu with Gnome, why not keep working on it? But flavors of Linux are so similar that if you use one, it's not hard to figure out another. So I think it's a good idea for learning purposes to install a different one.

After a fair bit of hunting about, the following caught my eye enough to do some research and take some notes—your mileage may vary, obviously, as our needs and ability levels vary widely. I'll put these in order of how quickly I rejected them (from fastest rejection to slowest).

  • Arch. Nah, that's for advanced users, and I'm not an advanced Linux user (yet).
  • Kali. More privacy-oriented, but not beginner-friendly because it is actually aimed at security experts. I'll have to pass on that.
  • Pop!. The thing that has me considering the new Pop! distro is that it is specially adapted from Ubuntu by System76 (which sells Linux computers) for developers. Its landing page is very persuasive, but after I looked at some videos about it, it just has too much Ubuntu to be a suitably different system. I guess I'll pass on the Ubuntu-based systems; I want to try something different.
  • Debian. One source bills this as especially good for programming; but it is also not really for beginners, and besides, Ubuntu is based on Debian. So...
  • Mint and Deepin. If I'm rejecting Ubuntu-based distros out of hand, these must go; they're Ubuntu-based.
  • Manjaro and Antergos. These Arch-based distros are supposedly easier to install, and might be a good introduction to a more powerful Linux experience.
  • openSUSE Leap. This is a very old distro, and is very polished, well-documented, and stable (at least the Leap distro; Tumbleweed follows a rolling release model and so should be expected to be less stable). One source says it is targeted at developers and has "stringent" security protocols, whatever that means exactly. It's praised for its customizability, and I like the idea that one can pick and choose packages to include on installation.

So, I'm down to Manjaro, Antergos, and openSUSE Leap. I still haven't made up my mind. So maybe you can help me decide, given my basic requirements:

  • Sufficiently different from Ubuntu with Gnome to give me a usefully different Linux experience.
  • Especially excellent for programmers.
  • Stable, established, well-documented.
  • Not advanced. Needn't be very easy-to-use.
  • I place a premium on security.
  • Looks nice. I don't actually enjoy ugly, clunky stuff.
  • Likes: keyboard shortcuts, snapping windows, reasonably easy customizability, cool, well-designed workspace functionality, etc.
  • I don't really want a rolling release distro, assuming that they're rather more open to disruptive problems. I'm too busy to squash trivial bugs others will eventually squash for me.
  • Works on MacBook Pro machine without too much trouble (it's OK if I have to install a driver, I guess).


A plea for protocols

The antidote to the abuses of big tech is the very thing that gave birth to the Internet itself: decentralized, neutral technical protocols.

  1. The thought that inspires
    my work.
    Ever since I started
    work on Nupedia and then Wikipedia, a thought has always
    inspired me: just imagine the stunning possibilities when people
    come together as individuals to share their knowledge, to create
    something much greater than any of them could achieve individually.

  2. The sharing economy. There
    is a general phrase describing this sort of laudable activity: the
    “sharing economy.” The motivations and rewards are different
    when we work to benefit everyone indiscriminately. It worked well
    when Linux and OSS were first developed; then it worked just as well
    with Wikipedia.

  3. The Internet itself is an
    instance of the sharing economy.
    The Internet—its ease of
    communication and publishing together with its decentralized
    nature—is precisely what has made this possible. The Internet is a
    decentralized network of people working together freely, for mutual
    benefit.

  4. The Internet giants have
    abused the sharing economy.
    About ten years ago, this all
    started to change. More and more our sharing behavior has been
    diverted into massive private networks, like Facebook, Twitter, and
    YouTube, that have exerted control and treated contributors as the
    product.

  5. Facebook’s contempt for
    our privacy.
    All you want to do is easily share a picture with
    your family. At first, we thought Facebook’s handling of our
    private data would just be the price we had pay for a really
    powerful and useful service. But over and over, Facebook has shown
    utter contempt for our privacy, and it has recently started
    censoring more and more groups based on their viewpoints. We don’t
    know where this will end.

  6. This aggression will not
    stand, man
    . We need to learn from the success of
    decentralized projects like Linux, open source software, Wikipedia,
    and the neutral technical protocols that define the Internet itself,
    that we don’t have to subject
    ourselves to the tender mercies of the Internet giants.

  7. How.
    How? Just
    think. The Internet is made up of a network of computers that work
    according to communication rules that they have all agreed on. These
    communication rules are called protocols and
    standards.

  8. Protocols
    and standards...
    There
    are protocols and standards
    for transferring
    and displaying
    web pages, for email, for transferring files, and for all the many
    different technologies
    involved.

  9. ...which
    are
    neutral.These
    different standards are neutral. They explicitly don’t care what
    sort of content they carry, and they don’t benefit any person or
    group over another.

  10. We need more
    knowledge-sharing protocols.
    So here’s the thought I want to
    leave you with. You evidently support knowledge sharing, since
    you’re giving people awards for it. Knowledge sharing is so easy
    online precisely because of those neutral technical protocols.
    So—why don’t we invent many, many more neutral Internet
    protocols for the sharing of knowledge?

  11. Blockchain is awesome
    because it creates new technical protocols.
    Probably the biggest
    reason people are excited about blockchain is that it is a
    technology and a movement that gets rid of the need of the Internet
    giants. Blockchain is basically a technology that enables us to
    invent lots and lots of different protocols, for pretty much
    everything.

  12. Why
    not Twitter- and Facebook-like protocols?
    There
    can, and should, be a protocol for
    tweeting without Twitter.
    Why should we have to rely on one company and one website when we
    want to broadcast short messages to the world? That should be
    possible without
    Twitter. Similarly, when we want to share various other tidbits of
    personal information, we should be able to agree on a protocol to
    share
    that ourselves, under our
    own terms—without
    Facebook.

  13. Wikipedia centralizes,
    too.
    Although Wikipedia is an example of decentralized editing,
    it is still centralized in an important way. If you want to
    contribute to the world’s biggest collection of encyclopedia
    articles, you have no choice but to collaborate with, and negotiate
    with, Wikipedians. What if you can single-handedly write a better
    article than Wikipedia’s? Wikipedia offers you no way to get your
    work in front of its readers.

  14. Everipedia,
    an encyclopedia protocol.
    Again,
    there should be a neutral encyclopedia protocol,
    one that allows us to add
    encyclopedia articles
    to a shared database that its creators own and develop, just like
    the Internet itself. That’s why I’m working on Everipedia, which
    is building a blockchain encyclopedia.

This is a little speech I gave to the Rotary Club of Pasadena, in the beautiful Pasadena University Club, January 31, 2019.


Further, alarming evidence of Larry's creeping geekhood

Isn't she beautiful

Yes, I'm another one who has plunked down unnecessary amounts of money just to get a keyboard with keys that bump, click, and have precise activation points, and with switches that people care a lot about, changeable keys, etc. So far, I don't regret the purchase one bit and I'm rather happy with it. And proud, since here I am bragging about it.

Not only did I get one of these contraptions, called a mechanical keyboard, I totally geeked out and got a 61-key (so called "60%") keyboard. This cut out the function keys, the arrow keys, the number pad, etc. How do I type all that stuff? What about when I want to do a screen capture? Well, for that there is the function layer. In fact, there is the default function layer, which has things like the arrow keys (on my keyboard, they're the green keys, I, J, K, L), as well as three more programming function layers. I don't have to use the Fn key to activate the function layer, either; I can use the Caps Lock key, which I reassigned to Fn with a simple dip switch. So if I want to print the screen, I simply type Fn (or Caps Lock) + p.

I bought the above keyboard from WASD Keyboards. They allow you to choose your keys and choose what is printed on your keys (see what I have on my space bar?). Mine is fitted with the both-bumpy-and-clicky Cherry MX Blue switches, and I can confirm that the bumpyclickiness is "satisfying," whatever that means, in this context, exactly. I do feel approximately 5% geekier, which puts my geekiness ratio might higher than it was not that long ago, what with having installed Linux and starting to really pay attention to privacy. (Speaking of privacy, as some have observed, I need to make larrysanger.org https: . I will soonish, honest.)

So why spend this money (OK, it was $160) on a keyboard? The usual reasons are mine, too: the keys are rather more pleasurable to type on (it's true! The sense of precision is great!). The colors on the self-designed keys make me happy. The high quality also makes me happy. And as for the reasons for a 60% keyboard: I think it will make me a faster writer and coder, as I don't have to leave the center of the keyboard (I'm already seeing this to be the case). It also means I don't have to reach over the extra keys to get to the mouse, so my fingers can be directly in front of me, with the keyboard centered in front of my monitors. I couldn't do this with my old keyboard, which hogged the desk. My workspace is simpler now and that's actually a bigger deal than I thought it would be.

Normally, I would have put the above paragraphs on Facebook and/or Twitter. Instead, as part of my movement away from social media, I decided to put it on my blog and let people find it their own damn selves, and if not many people do find it, and if it has zero chance of "going viral," ask me if I care.


How to delete Ruby and Rails (and other gems) from Ubuntu 18.04

In order to install Ruby and Rails on Ubuntu 18.04, first I had to completely wipe my first, abortive attempt. That proved to be harder than expected. So, in order to save others the effort I had to go through, here's what I did. This worked for me...who knows if it'll work for you, though? I compiled some of the rm -f commands from other sources, but others I figured out myself. If it works, this should completely wipe Ruby and Rails (and other associated command line things, including rvm but not rbenv) from your system, so you can start over with a clean slate. Don't complain to me if anything goes wrong, but if you want to suggest helpful edits, please do. Some of these commands require sudo; if you save this as a .sh file, though (as I did), you can sudo the whole thing.

# HOW TO DELETE RUBY AND RAILS (AND OTHER GEMS)
apt-get purge ruby2.5
aptitude purge ruby
rm -rf /usr/local/lib/ruby
rm -rf /usr/lib/ruby
rm -f /usr/local/bin/ruby
rm -f /usr/bin/ruby
rm -f /usr/local/bin/irb
rm -f /usr/bin/irb
rm -f /usr/local/bin/gem
rm -f /usr/bin/gem

rm -rf /home/globewalldesk/.gem/ruby
rm -rf /home/globewalldesk/.codeintel/db/ruby
rm -rf /usr/local/bin/rails
rm -rf /var/lib/gems/
rm -rf /home/globewalldesk/.bundle/
rvm implode
rm -rf ~/.rvm
unset rvm_path

# THEN DO THIS TO MAKE SURE YOU'RE CLEAN:
# sudo find / -name 'rvm' -name 'rbenv' -name 'ruby' -name 'rails' -name 'gem'
# sudo find / -name 'rbenv'
# sudo find / -name 'ruby'
# sudo find / -name 'rails'
# sudo find / -name 'gem'
# sudo find / -name 'railties'
# cat ~/.bash_profile ~/.bashrc ~/.profile ~/.zshrc ~/.mkshrc ~/.zlogin | grep 'rvm\|rbenv\|ruby\|rails\|gem\|railties' # search for keywords in your bash profiles--they might need to be deleted
# env | grep rvm_path # ensure it's unset


How and why I transitioned to Linux—how you can, too

Let me briefly tell my Linux story. If you're thinking about moving to Linux, and wondering how you'd do so, it might give you some pointers and inspiration.

The back story

My first introduction to the command line was in the 80s when I first started learning about computers and, like many geeky kids of the time, wrote my first BASIC computer programs. But it wasn't until my job starting Nupedia (and then Wikipedia) that I spent much time on the Bash command line.

(Let me explain. "Bash" means "Bourne-again shell," a rewrite of the class Unix shell "sh." A "shell" is a program for interacting with the computer by processing terse commands to do basic stuff like find and manipulate files; a terminal, or terminal emulator, is a program that runs a shell. The terminal is what shows you that command line, where you type your commands like "move this file there" and "download that file from this web address" and "inject this virus into that database". The default terminal used by Linux Ubuntu, for example, is called Gnome Terminal--which runs Bash, the standard Linux shell.)

Even then (and in the following years when I got into programming again), I didn't learn much beyond things like cd (switch directory) and ls (list directory contents).

It was then, around 2002, that I first decided to install Linux. Back then, maybe the biggest "distro" (flavor of Linux) was Red Hat Linux, so that's what I installed. I remember making a partition (dividing the hard disk into parts, basically) and dual-booting (installing and making it possible to use both) Linux and Windows. It was OK, but it was also rather clunky and much rougher and much less user-friendly than the Windows of the day. So I didn't use it much.

Linux on a virtual machine

When I decided in mid-2016 that I wanted to start learning to program, really really, more seriously this time, I knew I'd have to transition soon to Linux, especially if I was going to learn Ruby on Rails (which I was and am). There's less pressure to do this if you're a Mac user, since modern Macs make a Bash console easily available; OSX is based on Unix and so is a sibling of Linux. Anyway, if you don't want to plunge headfirst into Linux-only or dual-booting, then the Thing To Do, beginners are rightly told, is to install Linux on a virtual machine.

A "virtual machine" (VM) is a program that, generally, runs in Windows or Mac and allows you to run a completely distinct operating system within a window (or in my case, a couple windows, one for each monitor). When I turned on my computer (i.e., the physical machine with the on switch), I booted into Windows as usual. But when I wanted to start programming, I started the VM and, inside the windows that popped up, it looks like a separate Linux computer is running. It's easy to switch back and forth; you can do so with the click of a mouse.

One of the first things I had to decide was which distro (flavor of Linux) to use. Leading distros include Ubuntu, Mint, Debian, Fedora, and CentOS. I chose Ubuntu because it was (and is) popular, relatively stable, well-supported, and relatively easy for newbies to get into. I find Ubuntu running the Gnome desktop environment—I'm not going to bother explaining what that means, but different distros can run different desktop environments—to be a pleasure, as I'll explain later.

My precocious son H., then age 10, had already set up a VirtualBox VM, so I had his help installing Linux in one myself. Installing Ubuntu to a VirtualBox VM is not terribly easy if you've never done it before, but there are plenty of tutorials and free help to be found online. If you're moderately technical, you can do it. It's not that bad.

Why I decided to install Linux on a partition

I used Ubuntu in VirtualBox for a couple years. It was a great way to transition from Windows to Linux; I ran Linux on a VM when studying programming, and I ran Windows for everything else.

Then came 2018, with its stunning revelations and outrages by Facebook, Apple, Google, and others. With privacy and free speech—in short, digital autonomy—deeply under threat, I decided to lock down my cyber-life. (I encourage you to do the same.)

I'd wanted to run Linux on a partition for a long time (doing so is quite a bit faster and more seamless than a VM). But when all these giant, centralized corporations showed such contempt for our privacy (and thus our security) and free speech, I decided that I was going to do all I could to take my data out of their hands. Microsoft is and always has been terrible when it comes to security, but with Windows 10—though admittedly an improvement in UX—they jumped on the privacy-violating bandwagon. Windows 10 bothered me ever since it came out. Now finally I decided I'd have to do something about it.

See, I've always thought information privacy was important, but like many of us, I rationalized the increasingly jaw-dropping privacy violations and security failures by corporations (and government, for that matter) in the last ten years or so as the price we pay for awesome new technology. You know—awesome new tech like Facebook, Twitter, Google Search, Google Chrome, cloud storage, and a free but better-designed operating system like Windows 10 was (at launch). At first, all this seemed indeed worth the price. (Or enough to keep me from taking the privacy issues seriously.) But when these corporations (and government) over and over brazenly demonstrated just how much contempt they have for our information privacy and security, not to mention free speech rights, the bloom was off the rose. Something snapped, and I'm never going back to them.

Privacy matters. A lot. Facebook? Don't need it. I'll be switching back to good old-fashioned email groups soon. Twitter? OK, I might keep it around strictly for advertising purposes, but don't expect much in the way of personal sharing. Google Search? Meh, DuckDuckGo has come a long way and is as good as Google for most (still not all) purposes. Google Chrome is simply not better than privacy-respecting browsers like Brave (my preference) and Firefox. I'll be moving my data to a more secure solution than traditional cloud storage soon.

A few days ago, as I worked through my to do list, I finally decided it was time to ditch Windows and switch to Linux. I still have Windows available for things like Camtasia Studio (video production), but I really don't need it for most purposes.

The switch

There are five basic steps to the process of adding Linux to your Windows or Mac machine:

  1. Pick a distro.
  2. Put the distro on a thumb drive or DVD so you can boot to it from there.
  3. Create a partition big enough for the Linux distro.
  4. Install the Linux distro in the partition.
  5. Configure Linux so you can use it on a daily basis.

I won't explain how to do these things (there are lots of tutorials already available, like this), but here are a few notes. And for the non-techies out there who have bravely read this far, let me tell you: the hardest part of using Linux is installing it. Don't feel bad if you need to get help. Heck, I've installed it myself before my 12-year-old son was born, and I wasn't too proud to get a lot of help from him the second time around! If you don't have a family or friend who can help, and you have to pay a rent-a-geek, it'll be money well spent.

I discussed #1 above. Notes on #2 and #3: Creating a partition is a pretty simple process. But if you're going to use a Linux boot loader (i.e., the thing that tells your computer which operating system to load; I use Grub) then you'll first want to put Linux on a thumb drive, since it's typically quite small and easily fits, and boot to that. Then you'll probably use GParted (the Linux partition software) to actually do the partitioning. You'll want to make sure you actually know what you're doing (so, read up about potential pitfalls) before making any changes. It's also very important to make sure your must-have data is well backed up, because you might lose it. If you do it right, there's little chance you will; but there's always a chance. Also, make sure you allocate reasonable amounts of space to your respective partitions. You don't want to run out of space on either one.

As to #4, actually installing Linux, once the partition is ready, is the easy part. It takes a little while (i.e., waiting), then you set your time zone and a login (very important, as you'll use it a lot), then you're done!

The easiest part is #5, but you're not totally out of the woods yet. The Ubuntu Software app is like a free app store (it's not the only one, of course), and they've made it quite easy to install a lot of software. Especially if you're programming, though, you'll have to use the command line at least sometimes. The most important thing to remember here (and maybe for the whole process) is to do intelligent web searches for help whenever you need it.

There's nothing magical or particularly deep and difficult about any step of this process. It just requires a little bravery, lots of Internet searching, time, and patience, and you can definitely get it done.

So...how is it?

So far, I love using Linux (OS), Ubuntu (distro), Gnome (desktop environment) as my main workstation. I actually hate it when I have to boot up Windows. Not only does it feel clunkier (really) and more unnecessarily bloated, I can't stop thinking about how I don't know what data is being sent to Microsoft.

If you haven't tried Linux for a long time, let me tell you: it has changed a lot from the early days. It is not just more usable than it was, in some ways it is more usable than Windows or Mac, in my opinion, for day-to-day work. I mean, of course this applies if you can deal with a few technical challenges. But if you can, Linux is more usable not just because of the nicer UX available, but also because of how configurable Linux is. You can change almost anything on the system you want. You want a different look and feel? There are apps for that. You want a different sort of app store? There are alternatives. You want something simpler and leaner? Available. Something that looks and feels like Windows or Mac? Available, of course.

One big exception is in installing some technical software that, if you aren't a programmer, you probably won't need to install. If for whatever reason you want or need to start using the command line (for example, running Bash on a terminal like Gnome, as I said above), try this beautifully written tutorial. The command line isn't that difficult to learn, actually. The basics are rather simple once you get the hang of them.

Another big exception lies in the sometimes non-standard and quirky ways the software sometimes behaves. Again, this is much better than it was in days gone by, but quirkiness is still definitely a Linux thing. I guess I don't mind.

A final difficulty is that it has some occasional, and almost always very minor, operating system issues that simply would never crop up for Windows or Mac. This is probably one of the bigger problems and obstacles to wider adoption. I can give you an example from Ubuntu 18.04, which I installed: it has a "memory leak" problem that very slowly and progressively eats up your memory (over the course of days) until you have to reboot. This will be fixed in an update soon if it hasn't been already.

But enough of the negatives. One enormous positive that neither Windows or Mac is likely ever to be able to boast is that it's an operating system that respects your autonomy. You own your system, not Microsoft or Apple. You don't have to ask a giant corporation for permission to do anything. You don't have to worry about them invading your privacy, putting your data at risk of hacking, or censoring you. And you have all the tools you'll need to make the system just the way you like it. That might not sound like a big deal (and maybe it wouldn't be to you), but if you try it, you might find yourself delighted with all the options. I was.

In summary, here are the similarities and difference to a typical desktop (Windows and Mac--I have both) experience:

  • Browsing is exactly the same as in Windows (I use Brave).
  • My mail program is exactly the same (MailSpring).
  • Other apps, like Telegram, Slack, and more, are exactly the same.
  • My password manager is almost exactly the same (Enpass).
  • For the long tail of specialist software, most of it is free, and you don't have to worry nearly as much about downloading viruses. Linux is much harder to hack and hackers rarely try.
  • Finding and loading software is different. It's better in that most of the software is free and quite easy to find, and there's a lot more of it. It's worse, however, in that more technical software (at least, the stuff I use) requires comfort with the command line. This is a deal-breaker for some non-techies, I know. But I think most of the software non-techies use will be pretty easy to install. Ubuntu developers put a great deal of work into usability, and it shows.
  • A lot of the free/open source software for office work is "fine" but will strike experienced MS Office users as a little quirky and clunky in places. Office 360 doesn't run in some flavors of Linux except using Wine, which doesn't always work (my son uses Wine for some purposes). This is one reason I still have a Windows partition going. UPDATE: Wrong. I don't use Office anymore at all. No reason to. LibreOffice (both the word processing and the spreadsheet programs) is great.
  • Linux is generally lean and fast. Unless you install a particularly bloated distro, it's much faster than Windows or Mac on the same machine. This is a very nice benefit.
  • If you're a serious gamer, Linux won't satisfy you (yet). (Some gamers take issue with this, others don't.)
  • It can be subject to very occasional weird but non-serious crashes and problems solved with updates. Don't worry about this, really, it's OK.

Back in 2002 when I was using Linux the first time around, it wasn't really ready for prime time. But it is now. You kind of have to be able to search the Internet and read some technical help pages in order to learn how to use the thing, or get help from someone who can do this. It is, after all, another whole operating system. So, yes, there's still a learning curve. It's not a huge learning curve, though, and not nearly as big as it used to be.

Linux: it's not for just uber-geeks anymore. Admittedly, there is probably a minimum intelligence requirement. But in the not-too-distant future, we might well see a completely foolproof distro.


How I locked down my passwords

If you’re one of those people who uses the same password for everything, especially if it’s a simple password, you’re a fool and you need to stop. But if you’re going to maintain a zillion different passwords for a zillion different sites, how?

Password management software.

I’ve been using the free, open source KeePass, which is secure and it works, but it doesn’t integrate well with browsers, or let me save my password data securely in the cloud (or maybe better, on the blockchain). So I’m going to get a better password manager and set it up on all my devices. This is an essential to locking down my cyber-life.

One of the ways Facebook, LinkedIn, et al. insinuate themselves into our cyber-lives is by giving us an easy way to log in to other sites. But that makes it easier for them to track us everywhere. Well, if you install a decent password manager, then you don’t have to depend on social login services. Just skip them and use the omnipresent “log in with email” option every time. Your password manager will make it about as easy as social login systems did, but much more securely and privately.

You need a password manager

Password management software securely holds your passwords and brings them out, also securely, when you're logging in to websites in your desktop and handheld browsers. Decent browsers (like Brave) make your passwords available for the same purposes, if you let them, but there are strong reasons you shouldn't rely on your browser to act as a password manager.

Instead, for many years I've been using KeyPass, a free (open source) password manager that's been around for quite a while. The problem with KeyPass, as with a lot of open source software, is that it's a bit clunky. I never did get it to play nicely with browsers.

Password managers can, of course, automatically generate passwords and save them securely. They can also (but not all do) store your password database reasonably securely in the cloud (assuming you trust public clouds, which maybe you shouldn’t), so you don't have to worry about losing it; you can export a copy if you like. You can use it on all your devices with equal ease. The software will even let you grab your passwords with a fingerprint (or whatever) on your phone.

A very nice feature is that they'll securely store payment information, so your browser, websites, and operating system don't have to hold that information. That means you don't have to trust browsers, websites, and operating systems to manage this information securely. You only need to trust the password manager...

But can you trust password managers?

"Ah," you say, "but can you trust password managers?" That's not a bad or naive question at all; it's an excellent question. Consumer Reports, of all things, weighs in:

By default, LastPass, 1Password, and Dashlane store your password vault on their servers, allowing you to easily sync your data across devices. As a second benefit, if your computer crashes you won’t lose your vault.

But some people just really hate the idea of storing all their passwords on one site in the cloud—no matter what the company promises about its security measures, there's probably a bulls-eye painted on its encrypted back. If that sounds like you, it's possible to store your passwords locally.

Dashlane lets you do this by disabling the “Sync” feature in Preferences. This will delete your vault and its contents from the company’s servers. Of course, any further changes you make to your vault on your computer won’t show up on your other devices.

So what's my take? Hopefully there are layers of security protecting your password repository, not least of which is the (hopefully well-chosen) master password to your password database. While you do have to choose the professionalism and honesty of a cloud-based password manager, I think that's their business, so I want to trust them. But, but!

I ask myself: what is more likely, that they become compromised (for whatever reason—let your imagination run wild) or instead that I lose my master password or all copies of my password database or somehow allow myself to be hacked? I think both are fairly unlikely, first of all. I am certainly inclined to distrust myself, especially over the long haul. And frankly, the idea that a security business is compromised seems unlikely, since security is their business. But could a password manager server be hacked? That is, again, a really good question, and you wouldn't be the first to ask it. Password manager company OneLogin was actually hacked, and the hackers could actually "decrypt encrypted data," the company said. Holy crap!

Also, which is most disastrous? Losing my password file would not be a disaster; I can easily generate new passwords; that's just a pain, not a disaster. But a hacker getting hold of my passwords in the cloud (no matter how unlikely)? That could be pretty damn bad.

After all, especially as password manager companies grow in size (as successful companies are wont to do), they naturally can be expected to become a honeypot for hackers. Another example of a hacked password management company was LastPass, which was hacked in 2015, although without exposing their users' passwords.

If you're like me, you have libertarian concerns about having to trust external entities (and especially, giant corporations) with your entire digital lives. You might also not want to trust (future?) dangerous governments with the power to force those corporations to give access to your entire digital life, then we're no longer talking about anti-crime cybersecurity. Then it looks like you shouldn't (sensibly) put your password files in a corporate-managed cloud. Then I’m having to trust people a little too much for my comfort. So you should manage their location yourself.

Then there are two further problems. First, can you be sure that it is impossible for anyone at the password management software company to crack your password database, even if you host it yourself? (Do they have a copy? Can they get access to a copy? If they have access, are there any back doors?)

Second, there's the practical issue: Without the cloud, how do you sync your passwords between all your devices? That feature is the main advantage of hosting your passwords in the cloud. So how can you do it automatically, quickly, and easily?

What self-hosted password manager is really secure?

Several password managers use the cloud, but what is stored in the cloud is only the encrypted data. All the login and decryption happens on your local device. This is called zero-knowledge security, and it might be a suitable compromise for many. I have one main issue with this: Especially if the software is proprietary, we must simply trust the company that that is, in fact, how it works. But that's a lot to ask. So I'll pass on these. I'll manage the hosting of my own passwords, thanks very much.

Here are my notes on various password managers:

  1. These all feature zero-knowledge security but seem not to allow the user to turn off cloud sync (maybe they do, I just couldn't find evidence that they do): 1Password, Keeper Password Manager, LastPass, LogMeOnce, Password Boss, Zoho Vault.
  2. Sticky Password Premium: Allows home wifi sync of passwords, which is just fine. Fills out forms, works on all your devices...except Linux devices. Linux does not seem to be supported. Next!
  3. RoboForm: Doesn't have a sync feature without using their cloud service, but hey! It has a Linux version! Might work on Brave, since Brave is built on Chromium and there is a Chrome extension. This was enough for me to install it (and it worked!), but it seems to be rather clunky and there were a few different things that didn't inspire confidence.
  4. Dashlane: This has zero-knowledge security, which isn't a bad thing, but in addition, it allows you disable sync. Whenever you turn it off, the password data is wiped from their servers (so they say). You can turn it on again and sync your devices, then turn it off again. This is within my tolerance. Also, Dashlane has a Linux version. In other respects, Dashlane seems very good. I installed it and input a password. The UX is very inviting—even the Linux version. It's expensive, though: it's a subscription, and it's $40 for the first year (if you use an affiliate link, I guess), and $60 if you buy it direct, which I'm guessing will be the yearly price going forward. That's pretty steep for a password manager.
  5. EnPass: Here's something unusual—a password manager that goes out of its way to support all platforms, including Linux and even Chromebook (not that I'd ever own one of those). Rather than an expensive subscription, like Dashlane, EnPass's desktop app is free, while the mobile version costs $10, and that's a one-time fee. They don't store passwords in the cloud; passwords are stored locally, but EnPass has some built-in ways to sync the passwords (including by wi-fi, like Sticky Password). The autofill apparently doesn't work too well, while more expensive options like Dashlane do this better, and lacks two-factor authentication, which would be nice, and other "luxury" features.

Installation and next steps

Dear reader, I went with EnPass.

So how did I get started? Well, the to do list was fairly substantial. I...

  1. Made a new master password. I read up on the strategy for making a password that is both strong, easy to remember, and easy to type. I ended up inventing my own strategy. (Do that! Be creative!) So my master password ended up being a bit of a compromise. While it's very strong, it's a bit of a pain to type; but it's pretty easy to remember. Whatever master password you chose, just make sure you don't forget it, or you'll lose access to your password database.
  2. Installed EnPass on Windows and Linux and tested it to see if it worked well in both. It does (so far).
  3. Used EnPass to sync the two installations using a cloud service. (I'll be replacing this with Resilio Sync soon enough, so it'll be 100% cloudless.) I confirmed that if I change a password in one, it is synced in the other.
  4. Imported all my Keepass passwords, then tested a bit more on both platforms to make sure nothing surprising is happening. So far, so good. My only misgiving about EnPass so far is that there doesn't seem to be a keyboard shortcut to automatically choose the login info. I actually have to double-click on the item I want, apparently.
  5. Deleted all passwords from all browsers, and ensure that the browser doesn't offer to save new passwords. Let the password manager handle that from now on. (No need for the redundancy; that's a bit of extra and unnecessary risk.)
  6. Installed on my cell phone, synced (without issue), and tested. (Annoyingly, the Enpass iOS app doesn't do autofill, but I gather that's in the plans.)
  7. Installed app and browser plugin on my (Mac) laptop. No issues there either.
  8. Deleted Keepass data in all locations. That's now redundant and a needless risk as well.

I'm now enjoying the new, secure, and easy access to my passwords on all my devices. I'm also happy to be free of browser password managers.

This was installment four in my series on how I'm locking down my cyber-life.