Earlier this year, I’ve been asked to explain how end-to-end encryption is working for a non-technical audience (think of computer litterate people who do not know that much of geek stuff outside or their MSOffice package). The only constrain was time (10 minutes maximum).
That was very interesting experience and brought great prompt for more discussions. I thought the presentation support could be of interest for someone else.
Here is it, on Slideshare.
And in addition of that slide, why Signal is still more secure than WhatsApp.
Long time no see.
I’ve been busy but is working on getting back to writing :-)
Meanwhile I’ve been geeking a bit with Docker.I wanted a practical exercise so why not trying to host a website on it. This blog is now served from a Docker container on a Digital Ocean VPS. I’ve also deployed a Let’s Encrypt certificate. This blog is now full HTTPS Yay :)
Links and notes on the setup:
Setting up Nginx through a container (through Digital Ocean)
Setting up Let’s Encrypt cert for Nginx
git clone https://github.com/letsencrypt/letsencrypt `
./letsencrypt/letsencrypt-auto certonly –standalone –email firstname.lastname@example.org -d notsaved.org -d www.notsaved.org
Final container start call
This call includes
sudo docker run –name docker-nginx -p 80:80 -p 443:443 -v ~/notsaved.org/html:/usr/share/nginx/html -v ~/notsaved.org/nginx/default.conf:/etc/nginx/conf.d/default.conf -v /etc/letsencrypt:/etc/letsencrypt -d nginx
Port mapping for HTTP and HTTPS
Mounting volumes for Nginx root
Mounting config file for Nginx
Mounting Let’s Encrypt SSL cert and keyfile
As I have now a container infrastructure, I can deploy other apps super quickly. So my 2nd exercise came to mind very quickly. Let’s deploy a Tor relay using a container.
There is a link for that
A couple of minutes later, here is the result.
A couple of Todo items for me to play with in the next couple of weeks
- Implement Docker-composer
- Implement a reverse proxy container so I can host multiple sites on the same server
- Deploy Drupal websites via Docker
At the beginning of the month I attended the first Internet Freedom Festival in Valencia (which took place over the Circumvention Tech Festival last year) for a week in the sunny Valencia.
Thumbs up to Open Tech Fund and IREX teams for making this happen and bringing such a crowd of wide range of people connected to the online freedom fight space. I’m going to quite a few of these events during the year and it’s the only event with such an collaborative atmosphere. I find here participants taking more time to share what they are doing, and take the time to make sure other people in the room really understand them. I will come back next year for sure.
A first couple of things I learnt/noted/discussed that week.
- Signal’s case has been discussed a lot. It’s the go-to messaging app used by a lot of people in the sphere for safe mobile messaging (probably more than Telegram) , especially on safe mobile communications.
- It’s innocuous enough (as not clearly flagged as being used by targeted populations) and the name is quite easy to understand (I’ll signal you)
- In that extent, we should move away from making secure apps (communications, mobile phones etc) for at-risk populations only. Real life analogy of security tools for cars are seatbelts, which are available for everyone and not only activists. Security should be made available for anyone.
- Finally, Apple has been raised to the lord for fighting for the privacy of its consumers. Let’s not forget this security has initially been motivated by financial interests (to control any financial transaction / installed app on the device).
- I’ve discovered a safer Internet.
I will update this post as often as some other comments pop up in my brain.
Also some people I met / was happy to meet again.
- Freerk, which I spent a week writing a book in a previous life.
- Paige from Maidesafe for the crash test course on decentralized networks.
- Brian Conley from Storymaker, always nice to put a face on apps and projects I’ve been following for a while.
- The eQuali.ie team, which protects some of my websites
- Jun @ iilab, always nice to catchup with.
I’m a big fan of documentaries.
One of the recent ones I’ve been watching lately is the 15 billion the 3 parts BBC one about
Crossrail Elizabeth line. 3 episodes for a total of 3 hours on this astonishing and engineering work under a living (and buzzing) city. Breath-taking.
It makes you feel quite humble about your day-to-day work and want to switch to civil engineering almost immediatly :-) I am always tempted to imagine what would a building look like if it has been design with the same approach and rigourness than what some of developers of our sector would.
Some interesting bits I learnt about the tunnels boring machines (TBM).
Still learning how to manage my «One Thing I Learned everyday» process. I could talk about some important matters I discovered today, but it’s friday evening and I’m joining friends later so I’ll write about beer.
As you know I love beer (and heavy metal)!
Here are a couple of things I learnt on beer recently.
First of the What I Learnt Today, let’s start with something easy :-)
A couple of technical resources for your servers :
The master description
Am still playing with Hugo. A couple of things I’m trying to implement.
Continuous integration setup with Wercker.
Debug theme (bullet points are missing on the homepage).
Better integration with Prose.
Theme based template for Hugo (later).
So I have achieved the following setup. Thanks Atchai. Am documenting the process here so I can share it with friends.
The website you are reading is being served by a static site generator (SSG). I chose Hugo as it is simple enought to be deployed on a single library (when Jekyll needs the whole RoR stack to be deployed / maintained). I’m currently running Hugo on my Macbook Pro (and I would also run it on my Windows 10 desktop, or any of my VPSes).
Obviously, sources are available on Github (refered as the source repo).
Obviously (again), static generated files are hosted on Github Pages (I am using a 2nd dedicated repo, the gh-pages repo, but could have used gh-pages branch for sources repo. Done so just for sake of simplicity (I just needed to add ignore the /public folder of Hugo in the main source repository).
To make the publishing process more smoother, I’ve dug into continous integration (using Wercker). Wercker is generating the whole site at every commit on my source repository, and pushing it to my gh-pages repository. Here are instructions to setup Wercker and my app can be found there.
At this stage, any commit on the source repository is visible online within less than 5 minutes completely automatically. Everyting is cloud based. No more server side machinery :-)
Finally I had a try using Prose.io as main editor for writing posts (in lieu of Github inline editor). It is doing the job but some Hugo specific features are still lacking (for example the automated generation of all meta data on run on Hugo new post/post-name). You can have a look at my prose config. Not optimized yet but I’m working on it.
The amazing thing is that most of this setup is free. I am only paying for my domain name (and could use a github.io subdomain).
Here is my new setup. I want to continue experimenting the content as code approach and see how I can reuse some of this setup for my dayjob.
PS : The final setup step would be to enable HTTPS on github. It seems to be doable with Cloudflare. Will have a look later on. Watch this space
Now setting up Prose. With file attachment. Not optimal yet.
My first post from a static generator file. I am riding a fixie on Internet :-)