The New Oil

Haven: “Self-Host a Private Blog Instead of Using Facebook”

April 16, 2022

A couple weeks ago, one of my blog posts went slightly viral and even ended up on Hacker News (for those who don’t know, Hacker News is an aggregate site where users submit links and comments, kind of like Reddit). Because of this, a developer saw my post, learned about The New Oil, felt that we had a similar target audience and mission, and reached out to me to ask if I’d check out his project called Haven.

Now, before everyone and their mother rushes to ask me to do a review of their project, first ask yourself if it’s even qualified. Quite frankly I’m already sick of getting emails asking me to check out your useless blockchain “military-grade encrypted” proprietary messenger or to sponsor a post for your enterprise suite that doesn’t apply to my target audience. Please do thirty seconds of research. That’s all I ask. That’s not a guarantee – if your project doesn’t interest me, I’m just not gonna talk about it.

With that out of the way, Haven interested me. To be honest, it’s not for me. I don’t have a use for it in my own life. But I liked the intention so I thought it might be fun to look into. With that, let’s dive in.

What is Haven?

Haven is – put simply – a private blog. Haven is aimed at solving the problem of “I hate Facebook but I need it to keep updated with my friends and family.” This is actually a pretty common thing I hear a lot: “Yeah, I know Facebook is evil, but it’s the best way I can keep my long-distance family in the know about what’s going on with my kids.”

You can self host a Haven instance or have the developer host it for you for only $5 USD/month. Payments are handled through Stripe, so card only (no cryptocurrency) but in my experience Stripe is pretty generous with things like Privacy.com or prepaid cards. It’s also been designed specifically for AWS or Raspberry Pi, giving options for both power users and novices (Note: the developer is working on a Docker deployment and has provided a few unsupported resources for hosting on other Linux distributions).

Here’s how it works: you sign up for an account (self-hosted or otherwise). On the dashboard, you can write a blog post. Posts are formatted in Markdown. On another page, you can subscribe to other blogs you wish to follow – or really any RSS feed you want (more on that in a moment). On yet another page, you can add “users.” Users can be administrators (who can add new users), publishers, or subscribers (who can only like and comment).

When you add another user, you are given the blog’s main address, the user’s email address, their password, and a “magic link” they can use for one-click login. You are then responsible for passing these on to the user.

The Good

Haven is – like my own site – targeted towards the non-tech-savvy and the “average person.” It is with this in mind that I went straight to my favorite test group: my family. While my family has very few “techy” members, we definitely don't have any flat-out tech morons – various family members have been able to sign up to Matrix with zero difficulty or help from me, and one successfully followed my instructions to install Linux Mint on an old device in only two tries (they missed a step the first time). With that context, here’s the good stuff.

The developer offers a paid hosting option rather than making it strictly self-hosted. This is great as it allows both experienced users who want total data sovereignty, but also caters to those who don’t feel comfortable self-hosting. I also appreciate the use of Markdown, which in my opinion is less complicated than HTML or CSS (which is already pretty simple). I also like the fact that it offers every account a “magic link.” This saves my friends and family from having to know their username and password, and it makes very easy for them to log in and get started (at least on my blog).

The thing that really impressed me was the RSS reader. I tested it by adding a subreddit, and to me this is a real game changer. This allows you to not just follow other blogs, but news outlets, subreddits, and even audio podcasts (tested with Surveillance Report). To me that’s huge. Imagine all your favorite news, YouTube channels, podcasts, family and friends’ blogs, all in one place. And all in chronological order. I have despised the algorithmic timeline since the day it got introduced, and so have many of my friends and family. I bet they'd really appreciate being able to get all their preferred information in the correct order.

The Bad

As I mentioned earlier, I asked my “normie” friends and family for feedback. Most of it was negative. Constructive, but negative. Few sent met any “I like this” parts, but rather “this needs work” notes.

The number one piece of feedback was that the website immediately put them off by being a wall of text with too much “technical jargon.” Truthfully I have no idea what part of the front page was “too technical,” but maybe that’s cause I’m so used to things like “self-hosting” and “RSS.” I think the real issue – as one person noted – is that the front page offers little in the way of explaining what Haven actually is. That part I definitely felt when I first got approached. You have to navigate to the Screenshots page before you get eyes on the software, which I think helps really drive the point home. As they say, “a picture is worth a thousand words.” Perhaps I overcomplicated it. I'm so used to people trying to change the universe with their “all-in-one” blockchain-based apps that I remember thinking “there's no way it's just a private blog. What else does it do?” One older family member said that they found the whole thing confusing and would rather stay where they are, but also admitted it could just be their generation. Perhaps a video demonstration or tutorial would be in order. I can’t imagine a comprehensive “how-to-use” video demo would be more than five minutes tops. Funny enough, one non-privacy friend noted the irony that it’s optimized for AWS while being a privacy-focused project, but did also say that they understood that you sometimes have to make tradeoffs to appeal to the widest audience.

I personally have questions about the idea of creating accounts for people. On the one hand, I think for people like me – who are more comfortable with tech – this would actually be a positive move. I’ve mentioned in a previous blog that I got my mom to use ProtonMail by creating the account for her, then sending over the credentials and letting her take it from there. I think you’d be much more likely to get friends and family to use Haven – at least as readers – by saying “here’s the magic link, just click it and you can view/comment/etc.” Having said that, I could see my mom very quickly and easily getting lost by this when it comes to her own blog and adding subscribers. After all, she’s never before had to make my Facebook profile on my behalf before, or subscribe to something for me. Usually that's my job to join, make an account, and go find and follow her.

The final big hurdle I could see (though it is no fault of the developer at all) is the use of RSS. RSS fell out of mainstream consciousness, and while it’s actually incredibly easy to use some people may be intimidated approaching it for the first time like this. This could make adding the feeds you wish to subscribe to very scary for non-techy folks. Perhaps the developer should include a page (their own or external) about what RSS is and how to use it to make it a bit more approachable to the non-techy folks. (Something like this already exists on the FAQ, perhaps they could just link that on the RSS page.)

Conclusion

I think Haven’s a really cool project. I don’t think it’s for everyone, but I think it could have uses, especially for those who want to share with a specific group privately. The website mentions how the developer wanted to share photos of his kids with family (that could be good marketing: keep your kid’s photos safe) or gives the example of a group newsletter of sorts, like for school or work. If you’re reasonably tech savvy, this could be a great solution for you to privately share information with a group of people. If the people around you know how to click a link, they’re in. Is it right for everyone? No. As I said at the top, I have absolutely no use for something like this. One of my friends noted that he just uses an iCloud folder and email to share photos of his kid with his family. But I don’t think it’s a stretch to say that some people out there do want something like Haven. It's an elegant solution – more polished than “iCloud an email” for sure – and I think the developer has made a very clean, useful project that functions very well. The marketing on the home page might need some work, but the product itself is pretty snappy. It only takes about five minutes of hands-on playing around with it to get the hang of it. If you’re in a position where you want a private blog, then I recommend you look into this. If I needed something like this, I’d say without reservation that it’s easily worth the $5/month for a hosted plan. I encourage you to check it out if you think you might need something like this.

You can check out Haven here.

You can find more recommended services and programs at TheNewOil.org, and you can find our other content across the web here or support our work in a variety of ways here. You can also leave a comment on this post here: Discuss...

2022 Review: AnonAddy & SimpleLogin

April 9, 2022

Disclosure: I have an affiliate link with SimpleLogin that gives me credit towards my own SL account. You do not have to use this link, I provide a non-affiliate link at the end, and I tried my best to be unbiased in this review.

In this review, I’ve decided to lump both AnonAddy and SimpleLogin into the same review because they’re so incredibly similar in their offerings and features, though I will note any differences between them. I don’t think of this blog as “AnonAddy vs SimpleLogin,” though I’m sure it will help anyone who’s on the fence decide between the two. Rather, I present this as simply two tools you can use to achieve the same protection. I keep referring to AnonAddy first because I’m listing them in alphabetical order.

The Services

AnonAddy and SimpleLogin are both email forwarding services. Having an account allows you to create an email address – such as “f9f24233-d80b-4e17-a689-b7f1d0cc04c8@anonaddy.me” or “panguingue_graphostatic@aleeas.com.” These email addresses then forward any mail they receive to the mailbox of your choice, such as contact@proton.thenewoil.org. I highly encourage the use of one – or both – of these services. (If you’ve found a comparable alternative that works for you, feel free to let me know because personally these are the only two I’m aware of.) The practical reason is that for most of us, email is the central hub of our lives. Everything is managed from that one inbox, from newsletters and Netflix to doctor’s appointments, job offers, and important correspondence. The compromise of an email account is the digital equivalent of getting kicked out of your own house. If your email address gets exposed in a data breach – which it certainly will if it hasn’t already – that’s half of the required login exposed, leaving only the password to be guessed for access. This can be mitigated by using strong, unique passwords and two-factor authentication, but the exposure of an email address can still be used in other ways, such as phishing attacks or tracking you across the various accounts and websites, leading to stalking by both individuals and companies.

The Good

Both services offer a free tier with premium, paid features. AnonAddy offers Lite ($12/year) and Pro ($36/year or $4/month) paid plans, while SimpleLogin offers only a single Premium paid plan for $30/year (or $4/month). In addition, both offer F-Droid apps, as well as Google Play and Apple App Store apps, allowing you to create masked addresses on the go. Both allow you to import your public PGP key (free for AnonAddy, paid feature for SimpleLogin), both support the use of custom domains (paid feature for both), and both allow catch-all email addresses (meaning if I make up an email address on the spot, that email address will be automatically created and forwarded to me as soon as the first email is sent, free for AnonAddy, paid feature for SimpleLogin). AnonAddy offers you the option to replace email subjects (so that the true subject isn’t visible (a shortcoming of PGP)). Both services support hardware security keys (like Yubikey) and offer browser extensions for Chromium-based browsers and Firefox (SimpleLogin also has a Safari plugin, AnonAddy does not). SimpleLogin also offers enterprise solutions if you happen to be responsible for a company.

The Bad

AnonAddy’s mobile apps are fan-made and not officially supported. AnonAddy also has a limited number of custom domains, a limited amount of bandwidth (except for the Pro plan), and a limited number of email addresses you can receive to. The bandwidth thing is probably not an issue for most people, but keep in mind that if your bandwidth is exceeded that means they won’t forward any emails for you for the rest of the month. The bigger issue to me is the limited number of emails you can send and receive – 20/50 (100 for the Pro plan). While most people probably don’t send 50 or even 20 emails in a single month, it’s something to be aware of if you’re a power user.

The drawbacks of SimpleLogin are that it is less feature-rich than AnonAddy (can’t change the email subject, can’t disable catch-all). SimpleLogin’s free tier is also much more restrictive than AnonAddy’s (can’t use PGP, 1 recipient inbox to AnonAddy’s 2). But they do make up for it by offering unlimited bandwidth, unlimited reply/send even on the free tier, and a variety of tools like alias directories and an email-by-email alias name option that can help you stay ultra-organized, which really is a must if you’re going to be compartmentalizing.

Final Verdict

I use both of these services, and honestly I find them almost identical. Being that I consider a custom domain to be a valuable part of a privacy strategy, I think the average user could get away with AnonAddy’s Lite tier ($12/year, $1/month), but SimpleLogin’s Premium will be the better bang for the buck with all the unlimited features. Neither service is bad and they really come down to what you want or need out of them and the price you’re willing to pay for those features you want. I’ve found both to be extremely user friendly and affordable, and I use them pretty interchangeably myself. I encourage you to explore their pricing options for yourself, and maybe even sign up for a free account for both to decide which is best for you.

You can check out AnonAddy’s Pricing here and SimpleLogin’s Pricing here and sign up for each service at their respective websites. If you decide to sign up with SimpleLogin, please consider using my affiliate link. I will not see any information about you, but I will get a few bucks added to my SimpleLogin account if you purchase a paid plan, which means more money I can put toward other The New Oil-related projects. Of course, I understand that not everyone is a fan of affiliate links, so no hard feelings if you choose not to use it. The important thing is that you use one of these services and start protecting yourself.

Why to Care About Privacy After Years of Sharing Data

April 3, 2022

I have a thought experiment for you. Pretend you’re driving somewhere local. A friend’s house, your favorite store, the office, whatever. You’re on autopilot, you’re not really paying attention. You reach a stop sign, take a left, and keep going. After about five or ten minutes, you snap out your highway hypnosis and go “oh wait, this isn’t the way to get where I’m going. This is the way to get to [another place I frequent]!” Do you just keep going?

The answer is “of course not!” That’s totally ridiculous. If you know you’re doing something wrong, why would you keep doing it? And yet, that’s exactly what many people ask. A common pushback against privacy is “well they’ve already got so much data about me already, would changing now really do any good?” The answer is a instant, emphatic “yes” and I can think of two good reasons for this.

Ethical

The first reason is related to the thought experiment I shared above: it’s a matter of ethics. If you’re doing something wrong out of ignorance, personally I think there’s no shame in that. But once you know better, continuing to do it wrong is a choice, and usually a bad one. What I’m about to say may be unbelievable to some readers: I used to be deep in the Big Tech data sharing ecosystem. I never changed the presets on my devices. I filled out every single field given to me like address, birthday, and favorite quote even when it wasn’t required. I posted every thought and accomplishment on Facebook. Yup, that’s right, I had a Facebook. This is one reason privacy matters so much to me: I was wrong and now I “see the light.” Once I realized I was doing it wrong, I couldn't in good conscience keep doing the same thing.

If I can change, so can you. And frankly, so should you. It’s a matter of principle. It’s like when you meet someone new and mishear their name. “Hi Toby, nice to meet you. Oh, Tony? My bad.” You don’t wouldn’t keep calling them Toby after that. You wouldn’t keep driving down the wrong street. You don’t keep using the pot that’s too small to cook the pasta in after realizing that the bigger pot works better. It’s really not complicated. “Oops, I was doing this wrong before, I should do it right.” There’s no shame in admitting you were wrong. In fact, that’s a sign of growth and maturity, and it acknowledges that things change. If I never admitted I was wrong, my site would be full of misinformation and outdated tools. Doubling down is just immature and stubborn.

Practical

The other reason to change is much more pragmatic: the data gets stale. For my readers who are at least thirty years old, pause for a moment to reflect on the “you” of ten years ago. (For my readers under thirty, perhaps only jump back five years.) Now stop cringing and come back to me. Chances are that there were parts of you that changed. Maybe the “stop cringing” joke a moment ago doesn’t apply – as a child I was always a pretty mature, well-behaved kid, but that doesn’t mean I didn’t say or do dumb things that I look back on and go “wow, I’m so glad I moved on.” Maybe it was a bad emo or goth phase (no shame if it wasn’t a phase, rock on), maybe it was something you used to believe or think (when I was little my siblings somehow convinced me I was born at Disneyland), or maybe it was the people you used to hang out with or the job you used to work. You changed. You grew, and you (hopefully) made yourself a better person. The data you produced back then – your favorite band, your home address, your social circle – those have all changed.

Really think about that for a moment. Where did you live ten years ago? Who were you dating? What was your nightly routine like? I’d bet money that 99.9% of people reading this will admit that they are a pretty different person now than they were back then. Now to be fair, 99.9% of people also haven’t dramatically changed. Maybe you were and still are conservative, or a jokester, or an activist, or a big sports junkie. But I’m willing to bet that you’ve changed enough that you’d consider yourself “a different person.” The exact differences may vary, but you know that there’s a distinct difference between you and that person, even if it’s just maturity and experiences.

There's serious reasons this might matter, like letting the past be in the past. In some cases, your profile built by ad companies to sell you stuff can make letting go of the past nearly impossible, like if you’re a recovering alcoholic who keeps seeing alcohol ads. I wish I’d kept the original story I saw this in, but regardless: a little bit of searching had no trouble turning up multiple stories of recovering alcoholics being served ads for drinks, and one story I found in the course of this search even talked about ads reminding you of dead loved ones, eating disorders, miscarriages, and more. If you’re trying to move on from a dark point in your past, lack of privacy will make this nearly impossible. Privacy helps you grow and become a new person. Continuing to drive down the wrong street won’t make this growth any easier, and won’t let you deal with your trauma on your own terms: you can only do that by turning around and going the right way.

Conclusion

For many, change is hard and scary. Fear of the unknown is a real thing. I have never started a new job and not felt some degree of anxiety, even if I was 100% sure it was the right move. Fear of the unknown has kept us alive as a species. But we evolved, and so must you as an individual. You have to conqueror your fear of change and be willing to make changes. It might be hard at first. It was hard for me to learn how to not just post every thought I had for the whole world to see. I had to completely retrain myself on how I interact with my friends and family without Facebook. But in the end, it can be done. Whatever those companies know about me now is only a fraction of what they knew before, and much of what they knew before is no longer true. I no longer have those same social circles, that same fashion sense, the same relationship patterns, or even work in the same industry. Change is inevitable and natural, so don’t fear it. Embrace it and the potential it brings to make your life better. Change to a life where you are in control of your direction.

One Week of LineageOS

March 27, 2022

Recently I came into possession of an old, cheap Android phone that just so happened to be compatible with LineageOS. I have no desire to use Lineage as a daily driver for security reasons I'll discuss shortly, but I thought it might be a fun experiment to flash the phone. It may surprise some of my readers to know that I’ve never flashed a phone before. My privacy journey started much more recently than some of you may suspect, and due to a combination of frugality and not wanting to bite off more than I can chew, I’ve been using the same stock device that I’ve had since then. So I decided this would be a zero-risk, zero-cost chance to experiment with both the flashing process and the phone itself. After having a Lineage phone for about a week, I thought I’d report on my initial impressions.

Why/What is LineageOS?

Google has an interesting and surprisingly supportive relationship with the Open Source community. Chrome is based on Chromium – an open-source, simplified version of Chrome. Likewise, Android is based on the Android Open Source Project (AOSP). Both of these projects are highly complete and well-supported, allowing for others to take the mantle and run with it relatively easily. This is where we get browsers like Brave, Vivaldi, and many, many others. Likewise, thanks to the open source nature of AOSP, we have alternative operating systems (called “ROMs”) for Android phones. Just like with Linux, these vary based on what they’re aimed to do, but generally in the privacy community there’s a few that get brought up most often: Graphene is best for security, Calyx is the best compromise between Graphene’s security and stock, mainstream Android’s user-friendliness, and then there’s a handful of popular but less secure options. Among these, the two that usually get cited most are /e/ and Lineage. These are typically considered less secure because they’re based on older Android kernels (Graphene and Calyx are both based on Android 12, the latest at the time of writing, while Lineage and /e/ are both based on 11 or earlier depending on your device) but more importantly because they don’t lock the bootloader, which – from what I understand – is similar to saying “everything runs with admin privileges 24/7.” This means that malware is virtually unchecked and can completely take over your device and access every single piece of sensitive information if you slip up even once.

So why did I go with Lineage? Frankly: because the phone was free, I had no plans to make it my daily driver, and because I have because internet common sense. I don’t mean that as an insult to the less tech-savvy amongst us, but there are some foundation rules for using technology: don’t click links you aren’t sure of, don’t download apps you don’t need, and don’t give away too much information (I discuss all of this on the website here). If you live by these rules, the unlocked bootloader is unlikely to be a problem (though I do recommend a secure ROM as a safety net). It was with this in mind that I decided to give Lineage a shot and see what I thought of it.

The Flashing Process

So the first and most obvious question was “how easy was it to ‘de-Google’ the phone?” The honest is answer is “not easy.” It was probably mostly user error, though my research did indicate that my particular brand of phone was not exactly friendly toward this process which probably didn’t make life any easier. Having said that, I still wouldn’t describe the process as “hard.” Lineage thankfully has a very active Reddit community who was incredibly gracious, patient, and helpful. Between that and just following the instructions, I was up and running in a collective total of a couple hours (a later flash I did on another, different device took less than one hour, so clearly the process isn't difficult if you follow the instructions and set aside some time to dedicate). The most time consuming part was getting the unlock PIN from my manufacturer, which was significantly more painful than necessary but I’ve come to expect no less from big tech companies. At any rate, all that to say it was a pretty simple process and there was help when I hit bumps.

Initial Impressions

As a first-time “degoogled” phone user, the thing I noticed right away was how fast I got up and running. Unlike a traditional Google phone (or iPhone, for that matter), there was nothing to sign into, no fifty pages of permissions and analytics to opt out of, no twenty extra pages of “here's what's new!” It asked me to set a PIN, connect to WiFi, and asked if I wanted to enable a few permissions, and possibly asked me if I wanted to submit analytics to the Lineage project (I can’t recall, but if they did it was only one page). The other big thing that stuck out to me was how clean it was, by which I mean “clean from apps.” Sure, it came with the obvious stuff: a camera, a browser, settings, a photo viewer, etc. But there was no Facebook, no fifteen Google apps or twelve stupid Apple apps I'll never use, no custom proprietary browser, etc. There was some stuff I removed because I knew I’d never use it, like the voice recorder or the file explorer, but there was nothing that I immediately identified as a privacy invasion that I wish would just go away.

The first order of business was apps. Normally I’d say settings, but as Lineage was already so clean there was very little to do in the way of changing settings. I did review them, but found very little to adjust other than personal-preference stuff like the background image and stuff. So that left me with getting the apps I wanted/needed onto it. Lineage comes with no app store, so I decided to start with F-Droid, an app store with very strict vetting procedures that accepts only open source apps. This was easily accomplished by simply navigating to F-Droid.org in the stock browser and choosing to install it. Once that was up and running, I decided to put my money where mouth is and install Bromite as my browser of choice. This was my first experience adding an F-Droid repository, and perhaps for that reason I was unable to add the repository via the link. Once again, this was almost certainly user error. The last time I recall having an Android of any kind was about 2013/2014. I had to pull up the QR code on a second device and scan it from there, which made me quickly realize that the stock Lineage camera did not feature a QR scanner. I had to go find one in F-Droid to finally scan it.

Once Bromite was installed, I searched for Signal and to my chagrin was reminded that Signal is not available via F-Droid. This meant I should use the Play store, but of course as this was my chance to try to finally be private, I decided to get Signal via the Aurora store, a Google Play proxy. Fortunately this turned out to be super easy as Aurora is available on F-Droid. From there, adding whatever I needed was a breeze. If it wasn’t on F-Droid, I’d simply pop over to Aurora and get it there.

One Week Later

Let me make something clear: I f*cking despise my phone (speaking now of my usual daily driver). I normally try not to drop “F-Bombs” on The New Oil, but I truly cannot impart on my readers the intensity with which I hate my phone. My hatred of my phone is rivaled only by my hatred of Old Navy commercials (dunno why) and Mitch McConnell (I’m told by my right-leaning friends that this is not exactly a controversial opinion, so that’s probably okay to say here). I truly mean that: I view my phone as a necessary evil that I’m forced to exist with for at least the next few years. (Don’t come at me with how you’ve been phone free for years. Trust me, I can’t do that right now and you’re only going to incur my ire by trying to convince my otherwise.)

Having said that, I love this Lineage phone. I haven’t shut up about it all week. One of my coworkers remarked that he’s never heard me rave about a phone like this before. I know it’s got some valid security concerns, but the peace of mind I get from this device is unreal. Every day I tell people that I’m one day closer to making it my daily driver. I love this phone.

There’s a few drawbacks, of course. Perhaps the most concerning is the lack of automatic updates. It seems that Lineage once had automatic updates, but something went wrong (probably a change on the AOSP end) and the devs are working to rebuild this capability. But this isn’t limited to just the OS, rather also to the apps. I have to manually check both F-Droid and Aurora to see if there’s any app updates. I’ve seen a few people in various forums speculate that turning off “battery optimization” for these services may allow them to run continuously, and therefore might allow automatic updates, but I haven’t seen anything to confirm that and I haven’t had time to confirm this myself. Personally this isn’t a dealbreaker – I usually manually check for updates about once a day anyways – but it makes me reticent to recommend the device to anyone else as not everyone is quite so studious. The device is also a bit slow and unresponsive at times, but I largely suspect that’s due to using such an old device and not an actual shortcoming of Lineage itself.

There have also been peripheral benefits I’ve enjoyed exploring. For example, my PineTime now works with my phone way more than it did before. I get notifications of Signal messages (but weirdly not content) and Matrix messages (weirdly with content). Syncing Nextcloud was absolutely painless. (Meanwhile, with my latest iOS device I’m still attempting to sync over a week later.) And thanks to using an old device, I still have a headphone jack (thus my Lineage device has become my workout device until I can afford some wireless headphones). It’s been fun to learn all the little quirks and differences on this device.

Final Thoughts

Will I make good on my promise to make Lineage my daily driver? Probably not, mostly because of the slow performance. I need a phone that’s at least moderately snappy when it comes to using VoIP and stuff like that. But I now carry two phones everywhere. Even without a SIM card, I can (and do) connect Lineage to the WiFi (with a VPN) and so far this system has worked very well for me. It’s been a wonderful breath of fresh air to have a device that isn’t stalking my every single move and forcing me to put up with bloatware. (I know that if I made it a daily driver I’d still have my location tracked by the carrier – plus the few proprietary apps I still use like Spotify – but that’s still a lot less tracking than a stock phone.)

Would I recommend Lineage? Only under a few specific circumstances. First and foremost: you have to know the security risks. Again, unlocked bootloader and no automatic updates. You have to be extra careful because there’s no malware safety net, and you have to be sure to stay on top of those updates (I recommend checking at least once per day). Second, I’d only recommend it if you’re unable to get a better device. If you have an old Android that’s compatible and you simply can’t afford to buy a more modern one, then I would recommend Lineage over an outdated Android version in a heartbeat. But if you can afford a Pixel with Graphene/Calyx (or a current iPhone if you don't want that for whatever reason), at least those offer a secure safety net against mistakes. Again though, if you exercise some basic caution and your threat model doesn’t include “targeted attacks,” you’ll likely be safe with Lineage.

Ultimately, not to sound overdramatic, but this week has made me rethink what a phone – and technology in general – can really be. Not every piece of technology has to be the antichrist incarnate come to stalk and track every breath I take. Rather, freedom through FLOSS technology may actually be not only more possible, but closer than we think. From a tech perspective, this has been a very exciting week for me, and I’m glad I went down the road of this little experience.

For those who fear they aren’t “tech savvy” enough or “smart enough” to flash a phone, I strongly encourage you to – if you can afford it – get your hands on an old device with no risk and try flashing it. I think you’ll find it’s a lot easier than you think, and the peace of mind and privacy is immeasurable. And if for whatever you reason you decide it’s not for you, you’ve lost very little and I would consider that knowledge worth the price. But either way, I encourage you to go find out. It’s worth it.

How to Make People Care About Privacy

March 19, 2022

It’s that time again. I’ve been seeing the question pop up a lot: “how do I get the people around me to care about privacy?” Truthfully I’ve tackled this topic a few times in a few different ways, but today I want to address a different side of this question.

Publicly asking “how do I make my friends and family care about privacy?” has several problematic components, and in this blog post I want to examine them. Particularly the fact that – as one podcaster jokes – I failed Psychic Powers 101. This is just a sarcastic way of saying “I’m not psychic.” Most of you reading this know nothing about my parents or my siblings. I’ve made offhand comments here and there in past blogs that you can probably infer a few things from, but overall I wouldn’t expect you to know a lot of vital information. “Vital information” in this case would include things like values and concerns. When I ask “how can I get my mom to care about privacy?” you are missing a lot of critical information to accurately answer that question. Ignoring the horde of stupid (and in some cases illegal) answers thrown out by people who clearly haven’t spoken to another actual human being in months, you may consider ideas like “explain how invasive Facebook tracking is” or “explain how this information could be used to censor you if the wrong political party took office.”

Let me tell you a little bit about my mom and see if your answer changes: when I asked her what she wanted to be when she grew up, she told me she always wanted to be a mother. As soon as my youngest sibling moved out of the house, she wasted no time in getting two cats because she enjoys caring for and nurturing someone. She adores her grandkids and talks about them all the time. My mom is also, well, I wouldn’t say “poor” but technically speaking. My mother once told me she never made more than $40,000/year at any point in her life (impressive how well she managed money, looking back on my childhood). She’s passionate about architecture and design, and is a woman of faith.

If you’re a veteran privacy advocate, your brain probably exploded with a ton of new arguments to win her over. “Facebook is stalking and brainwashing your grandkids.” “Your grandkids are growing up in a world where every dumb, innocent, ‘growing up’ mistake they make is being immortalized and may cost them a job in the future.” “Your bank is using your data – including your friends circle – to determine interest rates, coverage amounts, and loan eligibility.” “Your religion might be targeted for censorship or persecution.” I have shared many of these stories with her myself, and they do worry her. Last month, something amazing happened: my mom actually signed Fight For The Future’s petition for the IRS to stop using ID.me’s facial recognition software. I know this because she sent me their “victory” email and said “yay!” I told her that I was honestly surprised she signed it as I didn’t think she would care, and then went on to to praise her and thank her for helping and congratulate her for being part of positive change in the world (always gotta have that positive reinforcement). While I wish my mom would do more (namely quit Facebook and use better passwords), she’s on the right path. She has Bitwarden, now she just needs to change passwords. I think she’s moved off Chrome and started using DuckDuckGo instead of Google search. She even once called me and asked for helping putting Linux on an old Windows Vista computer she found because she wanted to use it but knew that Vista was no longer safe.

Here’s my point: it’s all about knowing how to reach the person. And this is what those random, public “how do I get people to care” posts always miss. I don’t know your mom. I don’t your sister, or brother, or significant other, or best friend, or boss, or whoever. My approach to making them care is going to change dramatically based off every piece of information I learn about them. Are they right-leaning or left-leaning politically? Are they even political? What do they value? Are they family-oriented or independent? Where do they draw the line between freedom and the “greater good”? Have they ever had a stalker? Have they ever had their identity stolen? Are they a cam girl? An adult actor is probably not going to be swayed by the “do you close the blinds at night?” argument when they post their nudes publicly online with the intention of being seen.

An example I made recently that I think really worked was guns. Bear with me, I’m not going to get political (even though I’ve now brought up guns twice in three weeks, I'm sorry). But that caveat proves my point: everyone reading this has an opinion on guns, and they’re probably all very, wildly different opinions. On one end of the spectrum we have people who think all firearms should be illegal and not even law enforcement should carry them. On the other end, we have people who think that guns shouldn’t be regulated in any way, shape, or form and that it should be on the user to be responsible. This is because we all have different beliefs, experiences, and values that shape how we view everything, like our views on guns. Another example I gave was “where do you think I [Nate] should go on vacation?” I’m sure you guys have some solid recommendations but I bet few (if any) of you are going list any of the really cool places that are on my actual bucket list. Again: I have unique experiences, values, and outlooks on life. Does that mean I’m a special snowflake and there’s nobody else on earth like me? Eh, yes and no. I’ve met lots of people that I share commonalities with, but it's probably safe to say that nobody has the exact same combination of interests and opinions that I do. True crime, video games, sci-fi, there’s a lot of categories I fall into, but even in those categories there's not a guaranteed uniformity. Not everyone agrees with my assessment of Tenet or who was the worst serial killer. And that’s true of anyone. My mother cares very much about her grandkids’ permanent records while my coworker – also a mother – doesn’t. A blanket “what should I say” question fails to recognize that despite all our commonalities, people are still people.

No two people are identical, and even despite their similarities they can still vary wildly in their values. Thus, there is no one-size fits all argument for why privacy matters, and there is no magic combination of words like some sort of incantation that will suddenly make every person care about privacy. If there was, don’t you think we would’ve started using it by now? That’s really what this question is always asking: “what’s the magic word I can say that’ll make people care about privacy?” The answer is that there is none. “Expecto Privacium” does not exist. And neither do psychic powers (at least, as far as science is concerned). Strangers on the internet are not qualified to tell you how to convince someone to care about privacy when they don’t know that person at all. It’s up to you to identify what a person cares about and find how that relates to privacy. And just a reminder: never go into a discussion expecting someone to change their minds, especially right there. That’s just asking for disappointment. Give them the facts, let them know how they’re affected, and leave it up to them. It may take a while, but you’d be amazed how often people come around.

2022 Review: CTemplar

March 12, 2022

Disclaimer/Disclosure of Interest: The New Oil has a CTemplar referral code. If you sign up using this code, we get one free month of Prime membership.

What is Zero-Knowledge/End-to-End Encrypted Email & Why Do You Need It?

CTemplar is a new up-and-comer in the encrypted email space, founded in 2018 as far as my research can tell. Encrypted email is a bit of a misnomer. Technically all emails are “encrypted,” but in this context we mean specifically “end to end” encrypted, also known as “zero-knowledge.” This means that the provider can’t read your inbox, which is – in my opinion – a must-have for any person who values their privacy and security. Many people argue that zero-knowledge email providers are overhyped – or worse – because you’re only securing half of the chain. If I email someone at a Gmail address, the contents are still exposed on Google’s servers. However, in my opinion, that’s still cutting your attack surface in half. If we’re both using Gmail – or if one of us is using another provider like Yahoo – that’s just twice the opportunity for a data breach, warrants, or an insider threat. Sure, you may not get the full benefit without both parties using encryption, but it still counts for something.

The Good

CTemplar starts out the gate strong with some impressive claims. First off, they offer an onion address for Tor users. As veteran readers may know, this is one of the first steps toward making a service truly anonymous. The next step is that they offer payment via Monero, which unlike Bitcoin is truly private by design. If your threat model isn’t quite that hardcore, they also offer Bitcoin and fiat currencies via Stripe. So far so good.

On their about page, they claim to be independently owned and funded without any grants or investments due to the invasive nature of such arrangements. They base their encryption on PGP – a win in my book as it allows non-users to initiate a secure conversation with you if they have your public key (which you can freely post/share anywhere) and allows you to add the keys of other non-users so you can securely email them without the additional step of an external password (a la Tutanota and ProtonMail). They have also open sourced all their clients (Android, iOS, and desktop) as well as their web client and several other libraries, but that should be expected if I’m writing about them given that open source is a requirement for us to consider listing a service. They also offer a free-tier, though you do have to request an invite from a user you know or from CTemplar directly. This is a bummer, but it’s primarily aimed at fighting spam, which I completely understand. Abuse like that can sink a new company.

Finally, jurisdiction: CTemplar as a company (Templar Software Systems Ltd, to be exact) is based in the Seychelles, an independent island nation off the East coast of Africa. Data – according to their website – is stored in Iceland. This does provide two considerable layers of protection against Eyes surveillance.

The Bad

For all of CTemplar’s strong points, there’s a few objective concerns. First and foremost, let’s tackle that anonymous signup thing: CTemplar’s onion link redirects to clearnet (aka the regular “ctemplar.com” address) when attempting to signup or login. While this doesn’t make anonymous signup impossible – as they still do not require any kind of phone number or email address – it does make it incredibly difficult for those with very high threat models. This is compounded further by their Monero payment system: you have to to email them. But wait, there’s a catch here: as I said before, you have to request an invite. This automatically obliterates any chance of truly, hardcore anonymous sign up. You have to contact them from some sort of existing account, which may or may not be anonymous depending on which account and how you set it up. You could probably be reasonably safe by asking someone that you trust in person – assuming you know anyone in person who uses CTemplar – but such an exchange would still have to be done intentionally and carefully. Again, this only affects people with particularly high threat modeling – and the onion/clearnet issue does appear to be a legitimate bug outside of their control – but it still feels kind of misleading and puts users who want or need maximum anonymity in a very tough spot where they have to tread with immensely more care than usual.

My next complaint is more personal than objective: I find the company to be remarkably opaque. A while back, I wrote about their catastrophic data loss incident (note: they have since changed their practices to ensure this doesn’t happen again) which I also listed on the website as a “con” because – in my opinion – they never formally addressed it. During an unrelated correspondence with the company, they informed me that they did officially address it here. As such, I removed that “con” but personally I think Reddit is a pretty poor replacement for an official company bulletin board of some kind, especially when you have an official blog on your official website. I get that a blog is a useful marketing tool (which is why I don't mind but actually really enjoy all the articles they post), but it’s also a good way to communicate important news with your audience in an official, trusted capacity. Like I said, this is all subjective. CTemplar is not my company, and I can’t tell them how to run it or what they should and shouldn’t do, I can only offer my perspective. I don’t want to have to follow their subreddit – no matter how official – just to get official important updates that aren’t marketing pieces. The point of a blog is that I get the official, important news. I don’t want to subscribe to their subreddit where I’m now getting all the user posts – which range from “casual discussion” to “help tickets.” I just want the official, noteworthy updates.

Furthermore, perusing their subreddit reveals some noteworthy but troubling things. Take this post, for example, where a user asked for some clarification on the company’s latest transparency report. Notice a lack of response from the company? What about that onion bug I mentioned earlier? No official company response, only responses from other readers. Even a post as simple as where the blog’s RSS feed can be found was answered by a reader. You could make the argument that since the questions were answered there’s no need for the company to officially weigh in, but in at least the first two cases I personally would feel a lot better with official input. That said, I have spoken with the company on two separate occasions and in both cases I found their support to be responsive, helpful, and professional, so maybe I’m just nitpicking with the Reddit thing. Like I said, this is subjective and has no real bearing on the quality or security of the service itself, so feel free to disregard all of that if you don't care.

Moving away from my personal opinions there a couple other smaller, objective drawbacks to the service. First, both cryptocurrency payment methods require annual plans and cannot be done monthly (I guess that particularly makes sense with Monero since it must be processed manually by the company). While I’m a fan of paying annually as it almost always means a cheaper price, not everyone has that kind of financial stability. Second, the Seychelles have no data privacy laws at all as far as my research could tell. Being located out of any kind of Eyes country does still provide a layer of protection, but it would also be a nice plus if the company’s country of origin provided some additional legal legal protection. And, just to touch on the criteria we list: the service is centralized and not audited. Personally I don’t really consider either of those dealbreakers: the company is new enough that they may not be able to afford a full audit yet, and as far as decentralized email, while I do see the value of such a thing (mainly being harder to take down or seize the data), email is already interoperable and CTemplar relies on PGP so I don’t see this as tremendously important.

Conclusion

Email is not secure. I think that’s always worth pointing out. Email was never designed to be 100% secure. You never know who might print it or forward it, and there’s also a bunch of super-technical issues with both email itself and PGP that literally cannot be fixed. You should never trust your life to email (which is one reason why Snowden didn’t just email his documents to people). Yet email is still a widely-used tool that permeates almost every service we use in some way, shape, or form. For that reason alone, it’s worth trying to get a secure email provider to mitigate the risks as much as possible. CTemplar is a solid choice of email provider with multiple layers of data protection (both legal and technical), PGP-based encryption for interoperability, a free tier that should work for most users, and some great bonuses like green energy, Monero, and a number of other features that show that they really are trying to take user security and privacy seriously. While they are a young company, they are coming up fast. They’ve still got plenty of room to grow in terms of features (for example, I would love to see an email export feature for personal backup reasons) but they’ve already got enough to make them worth considering if you still need an encrypted email provider, or if other options haven’t convinced you. I strongly encourage you to check them out, maybe sign up for a free tier, and see how you like it.

You can learn more and sign up for CTemplar here. If you do, consider using our referral code (OjgEXLVR). It gives us one free month of Prime membership.

Physical Home Security

March 5, 2022

I talk a lot about digital privacy and cybersecurity. After all, it is the focus of the site. However, I think there’s a time and a place for us to give some thought to our home situations. Your home is your castle, and a home invasion is one of the most violating, confidence-shaking things that can happen to a person. You can spend the rest of your time there – maybe even the rest of your life – living in fear and feeling unsafe. Not to mention that there is, of course, an obvious crossover with privacy: keeping your home safe from would-be stalkers who mean you or your family harm, or even just jerks who want to rob the place.

Much like digital privacy and cybersecurity, there is no such thing as “invincible” when it comes to keeping your home safe. But also like privacy and security, there are things you can do to reduce your risk and the likelihood of something bad happening. So this week, I want to share the tips and tricks I’ve picked up over the years to help you harden your home and reduce your risk of harm.

Picking a Location

Let’s start at the top: picking a place to live. It’s a sad fact that “nicer” (aka “richer”) neighborhoods suffer less crime – or at least less violent, random crime. Therefore I would definitely encourage you not to save a few bucks by living in the rough part of town. Of course there’s a balance – you do hit a certain point where you’re paying more for the prestige of the zip code than you are for safety. You likely already know that that point varies from town to town, but my point is simply to be aware of the neighborhood you may be moving to.

This is probably a “no duh” concept, so let me give you something actionable: you can see what kind of crimes get reported in your area and how often. I found several such resources just by searching “crime heat map” and my city name. You can also contact your non-emergency line on a slow day and let them know you’re thinking about moving to a certain area and ask if they get a lot of reports of violent crime from that area. The dispatchers would be uniquely qualified to answer. You’ll probably never find a truly crime-free area, but if the only crimes on the block are “drunk in public” and not “breaking and entering,” (or at least the more troubling ones are rare) you’re probably in a good spot.

Here’s a trick I’ve started doing: knock on random doors. The most recent time my partner and I moved, we found a beautiful apartment complex in a great area with reasonable prices. After leaving the leasing office from our tour, I walked out of sight and knocked on a random door. When I explained to the people who answered that we were thinking about moving in and wanted to hear some tenant experiences, both of them immediately cut me off and exclaimed “don’t!” They rattled off their list of complaints with the property, which were verified by a few other doors we knocked on (never take one stranger’s word for something), and we dodged a bullet. We ended up settling in another complex in the area that wound up being even cheaper, but had none of the problems of the other complex. Another tip I was given said to visit a potential home near twilight: if people are out walking their dogs and exercising close to dark, that’s probably a safe neighborhood. Other good indicators could be if people park their cars outside their garages or on the street, or if the area is near a park or school.

Picking a Home

Once it comes to actually picking a house, you need to start thinking like a criminal. If you’re an apartment or condo dweller, I recommend getting a place at least on the second floor, but no higher than the sixth (firefighter ladders typically have a maximum height of 75-100 feet, so this ensures you can always be rescued by emergency services). This also gives a bit of privacy from people just passing by – most of whom are probably just going about their business, but a few may be casing the place. Be mindful of windows that are close to the walkways – you don’t want to open yourself up to a “smash and grab” where people break the window, grab whatever’s nearby, and go.

The next piece of advice is conflicting: yards. One way to deter criminals is to have yards that make it hard for them to enter – fences, hedges, etc. But on the other hand, having an empty yard makes criminals uneasy and feel exposed. A good middle ground is probably best: a fence with very few decorations (definitely nothing expensive or showy), but a well-kept yard that shows any passers-by that you maintain your stuff and they might get caught. Make sure to lock up anything that a criminal could use to gain entrance – like ladders or loose toys – and trim any trees that get too close to the roof or windows.

There’s also a lot of advice to get security system signs (or stickers in the window), and maybe even a “beware of dog” sign (with a big water bowl and some used chew toys to really complete the illusion). You don’t necessarily have to pay for a security system – I actually recommend against it, since most of them are ineffective and a waste of money – but if a criminal thinks you’ve got an alarm system, it may make them rush so they’re gone before the cops arrive and possibly not steal everything (or miss some things). I recommend purchasing some ADT security stickers or signs online as they're one of the most ubiquitous and recognizable brands out there.

A privacy trick I mention on the website is to get a home that’s not in your name. This is a complicated process that deserves an entire blog post, but basically if you’re buying a home put it in a trust, and if you’re renting an apartment put it in a shell corporation (this is known as a “corporate rental,” FYI. When scouting possible apartment complexes, ask if they do “corporate rentals”). I’m not a lawyer, I suggest you consult one before doing any of this as the exact regulations for how to set up a trust/company and stuff like that varies from state to state, but it’s usually not outrageously difficult or expensive and can be invaluable to protect against doxxers and stalkers.

Hardening the Home

Okay, you picked a safe neighborhood, you picked a good home that’s got some built-in deterrents, now let’s talk about steps you can take once you’ve moved in.

Let’s start with the front door. Your front door is probably garbage. If you live in a house you can probably buy a solid-core door that will be much harder to break down (if you own the house or the landlord approves). If you live in an apartment, this is probably not an option, but in both cases you can insert longer door screws. Chances are that your current door is being held in by ½” screws. I can break that down while sick. For solid-core doors, most websites recommend using 3” screws. For hollow doors, I’ve found 3” to be too long. Your screws are no good if they don't grip anything. I recommend 1 ½” – 2” screws instead. Be sure to replace both the door side and the frame side, as well as the screws around your lock. For additional security, you can even get a door frame reinforcement kit that makes the door even harder to break down, as well some locks that can't be accessed from outside like a deadbolt or a slide lock.

Speaking of your door lock, let’s talk about locks. Traditional consumer cylinder locks are total trash. Hard stop. End of story. No arguments welcomed. I have yet to find a good solution for this. Traditional locks can be picked easily in less than 30 seconds with a $15 lockpick kit from Walmart (personal experience talking here). Most digital locks also come with key backups, rendering them equally useless in my opinion. Fully digital no-backup locks run the risk of a battery failure, though I do think this is unlikely for most people as the lock should give you some indicators that the battery is low, allowing you to replace them before you get locked out. Perhaps the best solution is one with a key backup that’s hidden.

Regarding digital locks, there are generally three kinds: PIN, fingerprint, and keycard. Depending on your threat model (as always) PIN and fingerprint are probably okay if you make sure to wipe the panel down after each use or keep an eye on the number buttons to make sure they aren’t getting too noticeably faded. If the numbers 1, 2, 6, and 7 are all faded on your keypad (or if I can see the smudges), I can tell that your PIN is some variation of those four numbers, which means I only have to guess 24 combinations. Instead, I’ve come to believe that keycards are probably best for most people. No smudges, no buttons, no cylinders waiting to be broken. Of course, keycards can be skimmed and cloned if you don’t take proper precautions, but for most people I don’t think this is likely. Again, as always, weigh your own threat model. Spare keys – if you put any outside – should be reasonably hidden away from the door. Under the mat and even fake rocks or flower pots are all pretty well-known tricks. Attaching a magnetic case under the air conditioner unit in the back or putting the fake rock behind the shed is significantly less obvious.

This next trick I stumbled on by accident: my current home is not very well insulated. As such, we sought out some kind of solution and my partner discovered insulating window film. Most of these are easily removable (a plus for renters), dirt cheap, and can easily be installed by one or two people with a can-do attitude and some patience (personal tip: don’t start with the sliding glass door. Start with a smaller window so you get the hang of it). We can’t say for sure, but we do think this has had an impact on our energy bill (it definitely feels more comfortable than it did), but another pleasant side effect was that it gave us some privacy. These films are highly reflective from the outside – not “reflect the sun into your eyes” reflective, but kind of like a car window on a sunny day. As long as it’s brighter outside than in, nobody can see inside our home, giving us an additional layer of privacy during the day. Of course, we still close our windows at night because once the sun sets and we turn on the lights, the reflectivity stops working. You can find window insulator film kits at your local hardware store or online.

The next tip I have is to not put any names anywhere (ex, “The Johnsons” on the mailbox) and to make your house number highly visible with big, reflective, easily-seen-from-the-street numbers. The first tip will make you private (you should be using a PO Box anyways, in my opinion) while the second one makes it easier for police to find your house in an emergency. A final pretty common tip: I recommend putting motion-activated floodlights outside your home. Remember: criminals don’t like being seen – hence the stuff about the yard earlier. A bright light suddenly turning on as they approach may make a criminal reconsider and possibly even flee because it may be enough to get your attention – or your neighbors’ – and ruin both their element of surprise and stealth.

Being Proactive

Hopefully all these steps will be enough, but sometimes they’re not. Despite our best efforts, sometimes things happen and people can be unpredictable. In this context, there’s a few things I think you should do just in case the worst ever does happen. The first thing I suggest is to inventory everything of value in your house. Go through your house now, identify the valuable stuff, take pictures of it, and make a spreadsheet that lists make, model, serial number (if it has one), and value. Unfortunately, I have been robbed before and I know firsthand this is what the cops want. If you can provide them will all five of these things, that will make their investigation a exponentially more likely to succeed. It should go without saying that you don’t have to list every single “live laugh love” poster in the house, but you should at least get the things that are most valuable or most meaningful to you: game consoles, computers, musical instruments, jewelry, grandma's ashes, etc.

Regarding pets: you should both train (if possible) and microchip them. Even if you have a big dog, it probably won’t actually attack the person breaking in unless you’ve explicitly trained it to. Find a good, credible dog trainer in your area and train your dog on how to be able to defend the home. If you have a small dog, cat, or other animal that either can’t trained or training would be useless, I recommend microchipping them and getting them tagged (I recommend this for the big dog, too, by the way). A criminal probably doesn’t really care about being polite. as in they’re not going to shut the door when they leave (in fact, if you followed these tips, they probably had to break the door down or break a window to get in). This means your pets may wander off, either out of fear or simply curiosity of the outside world. Making sure they have collars with a phone number and/or microchipping them may be the difference between getting them back and never seeing them again. As a pet owner, I can imagine firsthand how devastating this would be.

I know I’m getting kind of long here, but there’s one last thing I want to address: guns. I’m not going to weigh in or express my opinions too much, but I do think this is something you should ask yourself about if you live in a place that allows gun ownership. Guns are sometimes called “the great equalizer.” No matter how big or small an attacker is or how much judo they know, a gun is likely to take them down. Likewise, no matter how big or small a victim is or how much judo you know, a gun will defend you all the same (assuming you get the right one and know how to use it, which I talk about in a second). And in America you can often get a pizza to your house faster than a cop. If you’re staunchly anti-gun, that's fine. I’m not here to make the case for why you should get one. But if you’re pro gun or on the fence, I encourage you to ask yourself if getting a gun for home defense is right for you. Even some pro-gun people may not be comfortable with a weapon in the house if they have small children, mental health issues, or other circumstances. In that case – or if you're anti-gun – I would advise getting a baseball bat or something else you can to defend yourself if the worst happens. If you think a gun is right for you, I offer three pieces of advice: first, get the right gun. An assault rifle in a small, cramped hallway is – in my opinion – not a good choice. If you have a very wide, open home, maybe it is for you. Just put thought into it. Second, similar to the first, get the right ammo. This is especially important if you live in an apartment or have other people in your house. If you miss the criminal – or if the bullet goes through them – what will it hit? Will it blow right through the drywall and hit someone in the unit next door? Will it hit your kids sleeping in the next room? I’m being dark, but serious. Guns are not toys. They kill. That’s their purpose. Period. Make sure you’re not killing something you didn’t mean to. And finally, on that note: training. Guns are deceptively complicated. They’re not as simple as “point and click.” I mean, they are, but they aren’t. There’s a lot to be said for learning how to shoot the gun right – how to SQUEEZE and not PULL the trigger, how to handle the recoil, the follow-through of the shot, etc. Don’t just buy a handgun and go “yay! Now my family is safe!” Learn how to use it, get actual lessons from an expert, and make sure you go to the range regularly to keep those shooting skills sharp. When someone’s in your home, you’re under high stress with a million things going through your mind. Knowing how to shoot – and hit your target – needs to be second nature that just happens without any thought, and you need to be practiced so that – again – you don’t miss or hit something you didn’t mean to.

Conclusion

Hopefully all of this helpful and gave you some tips to help keep your home safe. In my opinion, the best defense is deterrents. I would put the most energy into the initial steps I discussed: finding a home in a good neighborhood, putting up signs and fences that deter criminals, etc. Just like with basic cybersecurity tips (password managers, 2FA, etc), having good deterrents in place will make you far less likely to be victim of a crime. And, should the worst happen anyways, hopefully some of these tips will make it easier for you to pick up the pieces, fix the damage as much as possible, and reduce stress during a stressful time. The world is crazy, and not all of our threats are digital. Make sure you take some time to consider your physical footprint and how you can protect yourself. Be safe this week.

Valentine’s Day Q&A

February 20, 2022

or: Interview With An “Average” Non-Privacy Person

If you follow me on Twitter or Mastodon, you likely saw over the last 6 weeks or so that I was planning to do a Valentine's Day Q&A with my partner featuring listener submitted questions. My partner humors me about privacy stuff, and she does care a little bit (for example, she often sends me links to apps and asks me to identify any serious privacy concerns about them) but overall she's nowhere as privacy-minded as myself. A lot of people seem to struggle with connecting with non-privacy people, and that can be especially devastating when you comes to someone you love. So while I don’t consider myself a flawless paragon of anything, I do have reason to believe that my partner and I have a very healthy, strong relationship and thus I decided it might be helpful (and fun) to have her answer reader questions so you can get a first-hand account of what goes through the head of someone who’s not a privacy enthusiast and how we make it work.

Bonus: at the last minute, my partner asked to make this a video interview, so if you prefer video content (or you’re just curious what my better half looks like), you can watch the interview on YouTube, Odysee, and PeerTube. Without further adieu, let’s jump in.

Q: How do you feel about the whole “privacy” thing?

A: When you first introduced it to me, it was kind of scary to realize that all of this stuff is happening behind the scenes and I had no idea! Now it’s kind of part of my day-to-day life. I guess for other people who are also actually into privacy, like Nate, it just kind of feels like an everyday thing now.

Nate: For the record, that just reaffirms my belief that more people would care if they knew how bad it was. I firmly believe that a lot of people who say “I have nothing to hide” or “I don’t really care,” you don’t care because you don’t understand how invasive it is.

A: Especially me, remember when I got really scared, I had my privacy scare. I thought that my job was looking at my text messages and I was like “oh my god” and I think after that I started using a VPN more. But I think it was one of those things that they could only see it if you’re logged into the [company] WiFi or something? It was like “well I’m gonna start using a VPN because I don’t want to use my data so I’m still gonna be logged into the WiFi but you can’t see me.” Though I think it was just an empty threat.

How much of my security posture has rubbed off on you?

A: I guess just the things that you listed: ProtonVPN and Signal. And I guess – because [Nate’s] the more technical one between us so you know what you’re looking for – I do allow you to actually get on my computer and my phone for any tracker kind of situation, with Windows and Firefox and things like that. I guess just kind of those things – Signal and ProtonVPN and whatever it is that you feel you need to do to keep me safe.

Note from Nate: I use the same stuff I recommend on this page and this page of the website to secure her computer with minimal disruption.

What privacy advice did you actually end up implementing in your life?

A: Signal and ProtonVPN. Well actually, I remember you set up a ProtonMail for me, so I guess that kind of counts in a way.

Nate: Yeah, you’ve been using that a lot more.

A: Oh yeah and SimpleLogin, too, I just remembered that.

Nate: Oh yeah, you actually asked me about that one.

A: Yeah, and Privacy.com cards. So there’s a lot more than just those two things. Very little by little.

What compromises have you had to make with me for privacy?

A: I feel like you’ve made more compromises than I have.

Nate: I mean that is… yeah, that’s true. I’ll be honest.

A: The reason why I say that is because – for anybody who is watching this who is a privacy person and they’re kind of wanting their partner to also be very privacy-centric, it is kind of that whole “trying to compromise” thing but you also have to let your partner be their own person. Definitely one of the biggest compromises, I think, is definitely TikTok.

Nate: Do we compromise on that?

A: In a way, because I guess to me you could always be worse and not want me to have that ever and be mean about it. I feel like if you had more of your way, you just would not let me have that app at all. Again, I just feel like you compromise more. If it wasn’t for me, we wouldn’t have a Roku TV. Compromises have mostly been on your side rather than mine.

What privacy measures that I take do you find the most annoying?

A: This probably would fall more under the compromise one: I really, really loved using Google Assistant on my Android and that’s kind of a compromise for me that I took is I don’t really do that anymore but I really loved Google Assistant in the sense of some of the funny things that she would say. The biggest thing: the f’ing VPN on the damn internet. It was just one of those things for me – especially when we first got the router – you were messing with it so much-

Nate: That I can understand.

A: Mostly because I would be on an off day and I just wanted to do whatever on the computer or the phone or whatever and I could not do it because there was no f’ing internet and I was trying not to just scream at you like “please, just stop! Let me have my day off! You can do this tomorrow, I don’t care! I’ll be at work tomorrow!”

Nate: That was a lesson I did have to learn was to wait until you weren’t having a day off.

A: If any of y’all ever get a DD-WRT router, please make sure that anybody in your household who also uses the internet: don’t torment them with this because it was a very difficult setup, it was really hard for me – it was that and, I guess I’m irritated about the VPN because of so many issues we’ve had with it. Really I think it’s just those two. Granted, I kind of would’ve liked a Google Home, but that’s a dream that’s dead.

Note from Nate: I am not as tech-savvy as a lot of my readers (or as some of you think I am). A DD-WRT router is not terribly difficult, but for me this was uncharted territory. I have never set up anything on a router prior to this besides the DNS, the WiFi name, and the password. When I got the DD-WRT device, I flashed it (which was remarkably simple), then I set up VLANs, VPNs only on certain ports and WiFi networks, port-forwarding for self-hosted networks, etc. Depending on your skill level and experience, this may or may not be difficult. There was a lot of trial and error for me, but if you have experience with networking you’re unlikely to encounter the same level of difficulty I did.

Where do you draw the line between privacy and convenience?

A: That’s a great question because I don’t know because I don’t think that line has been crossed. I guess in a way that’s kind of already been answered with the whole internet thing. There’s not really anything you have done that has completely impacted my life severely where I’m just like mad mad. I mean, there’s small inconveniences but those are usually fixed.

What do you think about Linux phones?

A: I don’t have an opinion because I’ve never messed with it. I don’t know if I would like it mostly because I don’t have any experience with Linux as a whole.

Nate: I can say from my experience that the Pinephone is not ready for the average user but in terms of a “linux-like” experience it really depends which one you go with because Ubuntu Touch, for example, you can’t use the terminal. It’s actually so locked down it is not designed to work that way. You have to use all the graphic interface stuff like the app store and stuff. So something like that, once it’s a little more polished, I think would be – assuming it had all the same apps and everything – it would be virtually indistinguishable from an Android or an iPhone, it would just be another option. Then there’s other ones like Mobian that are very heavy on the terminal and that’s a much more traditional “linux-like” experience. At least, in my experience.

A: If the day comes when it does become more user-friendly – that I don’t have to use the terminal or something to update all of this stuff and it just kind of updates automatically or at least tells me that it needs an update – if it’s something more like that…

Note from Nate: We got off topic here talking about how Android alerts users to updates, but I think the implication is that she’d be willing to try a Linux phone under these conditions.

Do you watch Surveillance Report?

A: I saw [this question] and I laughed so much and my answer to that is: I kind of technically have a front row seat to at least half of it, so no. My Surveillance Report is technically this [gestures at Nate] anyway. I don’t need to listen to the podcast when I live with half of the team. So, no.

What made you care about privacy? (In other words: “how can someone like me convince the people around them to care?”)

A: That is a difficult question because I didn’t truly start caring until it affected me. I’m gonna sound very braggy here: the only reason that I managed to get one of Nate’s friends on Signal at all was because I knew how to kind of “work it” in such a way that “it does this and that and whatever.” “There’s these things that I like about it personally that maybe you might like about it.” Like recently, with Tiktok videos, especially with a lot of them being three minutes long. For example, Nate doesn’t have TikTok, but there are some TikToks that I find that I really want to share with him. Since [Nate] doesn’t have the app, and you’d rather me not send them to you with a link anyways, I just download the video if I can and just send to you and I can actually send it versus if it’s just regular MMS, you can’t do that cause it’s like “oh the video’s too big! I can’t handle it!” and Signal on the other hand is over here like “la la la la!” just doing the thing. And the voice message, too. The voice message feature, I know most phones already have that but I’ve run into a problem if I’m sending a voice message to someone either on Instagram or even Facebook Messenger, you can’t do that. You can’t send long voice messages, you have a very limited amount of time to do that. It’s just really hard to get someone to care, it really is. It’s kind of like the whole “you can’t help people who don’t want to be helped” thing. If somebody is just stubborn like that and they don’t want to hear about it and they don’t care no matter how many times you try to drill it in their head that Facebook is bad and this is bad, the way that you’re doing this thing – if it has not affected them personally yet, it’s not gonna matter. Again, I didn’t start using ProtonVPN or get really, really terrified about my privacy being invaded until I was told to my face that my job reads my text messages. We all love our creature comforts and unfortunately a lot of them are very privacy invasive. I usually just say “hey, here’s an app, you can download it if you want to.” Like Signal, “here’s all the things I like about it,” and if they still don’t get it, then I’m just like “okay.” Keep fighting the fight. This is not me saying “stop fighting.” Clearly a lot of people care because otherwise we would not be sitting here right now talking about privacy.

Nate: For readers, the part of that that really jumped out to me – and this is something I’ve noticed when you get people on Signal – is you focus, like you said, on the features. A lot people criticize Signal, for example, because – it does have shortcomings, like requiring a phone number. They promised us usernames like three years ago, or maybe even more than that. What the heck, guys? But as she’s pointed out, all these features they keep prioritizing that seem really stupid that nobody wanted like GIPHY integration, those are the little features that reel people in. When we’re trying to spread privacy to the average person, they want the features. I kind of like the fact that Signal focuses on the features because that’s what’s going to reel in people that maybe don’t care about their privacy as much – or at least not right now – but now they’ve got that protection because they’re like “all my friends are on Signal, I can join group chats, I can send massive video files.” Those little features get them in and to an extent I personally don’t even care what gets people to start using this stuff. It’s a net win for them and for everybody when they start protecting their privacy, even if they’re doing it inadvertently. That’s my opinion.

A: Go look at all of the things that you use and be like “these features are amazing and this is what makes it amazing for me!” The way that people are wired is that they want to know why something works for you and how they can also benefit from it. That’s why everybody loves Facebook because they “benefit” from it. Especially for people who could potentially be making other products for privacy, figure out what you can do to get the average person who doesn’t really care about privacy, see what you can do to market that. “Why do I want Signal on my phone? Why should I use it? I don’t know anybody who’s using it!” Features are always important.

Did you have anything else you wanted to say?

A: If anybody ever has any more questions for me, just ask Nate and I can definitely respond. I don’t mind being asked these questions. It’s times like these where I’m like “maybe I should join The New Oil’s Matrix room...”

Ain't Nobody Perfect

February 9, 2022

At the time of this writing, the following article has not posted to my Twitter/Mastodon feed yet, but will in a day or so: https://www.zdnet.com/article/best-browser-for-privacy/. This article from ZDNet claims to compare the “best” privacy browsers in 2022, with an honorable mention at the beginning for NoScript. Now, I already think ZDNet's “best X of [Year]” articles are either a joke or paid adverts (how many “best VPN” articles have they done and never once mentioned IVPN but mentioned Nord, Express, and Surfshark every time?), and this article is also not without imperfections: namely no mention whatsoever of Tor browser (not even an honorable mention), the inclusion of Microsoft Edge, and favoring NoScript over the much more user-friendly uBlock Origin. But I'm gonna share it anyways, and I'm gonna explain why in this quick, out-of-band blog post so that next time somebody goes “wow, really? You shared an article that lists X/doesn't list Y?” I can just send them this and stop repeating myself.

If I wanted to create a list of suggestions for a service that I think is perfect, I'd do it. Oh wait, I did. It's called TheNewOil.org. (Actually I don't believe this website is perfect, which is why it's open to suggestion and improvement, but the point is that I do strongly believe in every item listed there and will add or remove items as I become aware of their fitness or lack thereof.) I share these “best of” lists from time to time because it's a way to keep this stuff in people's minds and make sure people remember to check their fundamentals and maybe hear about some new options or angles they weren't aware of before.

Do these lists have flaws? Sure. Do I skip them altogether sometimes for having too many flaws? Oh yeah. Frequently. But what if they're mostly good except for one or two bad suggestions? Well then I probably share them. Because privacy isn't about being perfect, it's about doing your best. I don't think it's productive to hardline and say “I can't share this article that has six good suggestions because Suggestion #7 is bad.” What kind of a world would we have if we threw out every privacy tool that wasn't 100% perfect? One without any privacy at all, that's what. Because no privacy tool is 100% perfect. We'd have no universally-acclaimed Signal protocol because Signal requires phone numbers. We'd have no XMPP because it's too buggy and user-unfriendly. We'd have no VPNs or Tor because both have drawbacks, and no strong passwords because they can – in theory – be compromised by keyloggers. We'd have no encryption at all because weak passwords render it useless. Nothing is 100% foolproof or perfect, and if we “throw out the baby with the bathwater” as my mom used to say, we'd have nothing.

It's not about being perfect, it's about raising awareness and reminding readers to stay informed and continually check their basic foundations to see if there's room for improvement. If you don't like the things I share or the lists I've made, please start your own privacy project. There is plenty of room for good, level-headed, evidence-based content that's not sensationalist or extremist. I don't claim to be the expert or end-all-be-all of privacy, handing out godlike judgements over what is or isn't acceptable. Feel free to add your own voice with your own blog or page. But that's why I'm willing to let a little not-so-great slip in with the good, because to me it's a net gain if we get people to care a little more in the process, and I'd rather people start with a less-great solution and then eventually move onto a better one once they feel comfortable than not even try because people are telling that the barrier to entry is absolute perfection from day one. And who knows, maybe these types of posts will remind them that they can do better.

Thank you for coming to my TED Talk.

Relationships 101

February 5, 2022

When we talk about privacy, we tend to think of technology: VPNs, messengers, metadata, and cameras. When we do think about relationships, we tend to think of them in terms of social engineering. But the fact is that most of us are not Elliot Alderson or Thomas Anderson. Most of us have jobs, hobbies, and an innate need for social interaction. Humans are social creatures, and while the amount of human connection we need varies from person to person, most of us still need it to lead an emotionally healthy and fulfilling life. Unfortunately, it seems that a number of people in the privacy community struggle to find connection once they’ve become passionate about privacy. To their defense, it’s not hard to see why. Our society has become increasingly digital: “Netflix and chill,” “add me on Facebook,” “Google it,” and more. Choosing to live a privacy-conscious life can be a one-way ticket to isolation if you let it. The good news is, it doesn’t have to be and you don’t have to let it. In this blog post, I want to talk about a few people skills and life hacks I’ve picked up along the way that have made my life socially fulfilling without compromising too much on my privacy goals. These skills can be applied to various levels to help you find love or simply be part of the workplace. This blog post can also work in conjunction with some other “people skills” posts I’ve made in the past, like “How I’ve Convinced People Around Me to Care About Privacy” and “Interacting With Non-Privacy People.” For some of you, you may have already mastered some or all of these skills. Congrats. But for those who struggle to find connection, read on.

Let’s start with the most obvious, basic things: if you’re not a likeable person, nobody’s going to want to connect with you. There are three skills I’ve found that can make a person likeable: sense of humor, breadth of knowledge, and diplomacy. I want it to be noted that I had virtually none of these skills growing up. I had to learn them all. These are not natural traits like height or skin color that you’re born with and can’t change. You can learn them if you put your mind to it.

Humor

Let’s talk about humor first, because in my experience this is where you get the most mileage. Humor consists primarily of subverting expectations. Consider the following joke:

Two farmers are talking to each other about their size of their land. One farmer brags “well I start driving the property before sun-up, right after breakfast. After driving for hours and hours, we pause for lunch, then keep driving. We just keep driving and driving til supper time, then we drive some more until the sun goes down.” The other farmer nods and goes “yup, I used to have a truck just like that.”

Now admittedly, this joke isn’t the funniest thing I’ve ever heard but I bet you that if you told it to most people they’d at least get a chuckle. That’s because humor is about breaking the tension with something unexpected and surprising. In this joke, the tension suddenly shifts from the incredible size of the farmer’s land to the poor quality of his truck. Consider this other joke: “there at 10 types of people in the world: those who understand binary and those who don’t.” The humor occurs when a person is expecting me to list off ten different types of people or personality traits, but instead I make it about a binary where there are only two options. The joke is further compounded by the fact that I clearly don’t understand Binary myself.

There are, of course, different types of humor. I thrive on sarcasm and dark humor. There’s also puns, stand-up, actual jokes with a setup and punchline, etc. There’s a million ways to tell jokes, but at the end of the day they all come down to a break of tension. This is why a lot of speakers start with a joke or funny story. It breaks the tension and makes everyone feel at home. The most important thing is to know your audience. Telling a dark joke in an HR meeting is probably not a good idea, and telling a tech joke to non-techies probably won’t go over well (my mom would not understand that binary joke to save her life). Not everybody is a master of every kind of humor. I couldn’t do stand-up comedy, but I am a master of situational humor. And not every joke is going to land. That doesn’t mean you aren’t a funny person, it could mean the people who heard it weren’t paying attention, didn’t get it, or aren’t in the right headspace for jokes. But if you can learn how to crack a well-timed joke tailored for the right audience, that’s a good way to get people to like you. This is probably the nerdiest thing I’ve ever said, but if you struggle to be funny I recommend “500 Clean Jokes and Humorous Stories: And How to Tell Them” by Russel and Linda Wright. I read this book as a child and it helped me understand why humor works and what makes people laugh.

Breadth of Knowledge

When I started high school, I was a hardcore gamer. I didn’t know anything about politics, I didn’t have a job, and I didn’t (and still don’t) like sports. If it didn’t concern X-Box, Gamecube, or PlayStation 2 then I didn’t care. While there’s nothing wrong with being a gamer, this made me incredibly difficult to talk to for anyone who wasn’t a gamer. I didn’t know any movies or TV shows, I had no additional hobbies. I really can’t stress how hard this made it for me to carry on a conversation with anyone that wasn’t about a video game. These days, I’m much more well-rounded. I’ve seen a wide variety of movies and TV shows (mostly scifi and horror), I’ve read classics like Dracula and Frankenstein as well as modern books like American Gods (as well as all of HP Lovecraft and Edgar Allan Poe). I read enough news to know what’s going on in the world broadly. This means that I can now carry on a functional conversation with almost anybody about almost anything, from current events to pop culture. No matter who I’m talking to, we can typically find something to talk about. Keep in mind, I never pretend to be an expert, but I know enough to talk and have an opinion.

A lot of people in privacy who struggle to make friends seem to lack this. They’ve fallen so far down the rabbit hole of privacy that that’s all they can talk about anymore. Don’t get me wrong: I can talk about privacy for hours – and admittedly I probably steer the conversation toward it more often than I should – but it’s far from the only thing I can talk about. If every time anyone mentions anything you inevitably tie it back to Big Tech and encryption, you may need to develop some other hobbies. Take up gaming, fitness, reading, psychology, cars, anything. If you want to connect with people on any kind of level and make them like you, you have to be able to talk about more than just a few niche topics. For this, I strongly recommend the podcast “Stuff You Should Know.” They lean left politically, for those who care, but they usually don’t cover political topics and they’ve been on the air for over a decade, so they’ve covered everything from grass (like the kind that grows in your front yard) to serial killers in deep, well-researched detail. This podcast should give you a great passing knowledge of a variety of topics. You don’t even have to listen to every episode, just pick whatever sounds mildly interesting.

Diplomacy

Last but not least, let’s talk about diplomacy. Winston Churchill once famously described diplomacy as “the ability to tell someone to go to hell in such a way that they look forward to the trip.” In this case that’s probably not the message we want to share, but the point is that it’s the ability to delivery a message in an amicable way, even if it’s an unwelcome one. For example, earlier I mentioned that I’m not into sports. When I’m trying to connect with someone and they say something like “did you see the game this weekend?” I usually reply with something like “nah, I’m not really into sportsball, but my dad was a big Sooners fan growing up.” This serves two purposes. One, it injects some humor with the phrase “sportsball” (which a word that usually implies “I know absolutely nothing about sports of any kind, not even what they’re actually called”), and two, it tells them I’m probably from Oklahoma because the Sooners are a college team from University of Oklahoma. That naturally leads them to ask “oh, are you from Oklahoma?” and turn the topic toward where we grew up, which is something else we can talk about and find common ground over. Maybe they didn’t grow up there, but they might have visited. Or maybe they have a friend from there.

The lesson here is that diplomacy is subtle. It’s not an instant, hard shut down of communication (ex, “no I don’t do sports.” End of statement, end of conversation) nor is it some kind of awkward question dodge (ex “you see the game last week?” “Nope, so where are you from?”). It’s a natural flow to the conversation, directing it in the direction you want to go. It’s almost like social engineering, except the goal isn’t to extract any specific piece of information from a person, only more information that you can both share.

Connection

Throughout this article, I’ve used the term “connect” multiple times. That’s because it’s important to remember what the goal of communication ultimately is: connection. No matter the form of communication – film, text, or spoken word – the goal is to create a relationship with a person and transfer a message. Sometimes the message can be about society, sometimes it’s about trying to impart the importance of privacy, sometimes it’s trying to say “I’m someone you’d get along with and you should hang out with more often.” But unless you can find a way to relate to that person, that message won’t stick. And that’s really what communication and connection is all about: finding common ground. If you both like Italian food and cooking, that’s a connection. If you both like black-and-white horror films, that’s a connection. Finding and cultivating these connections is ultimately what will make people like you and want to spend more time around you, and fills that social need.

Privacy is important. Privacy is a human right. But it doesn’t have to mean being alone and isolated from the world. You can be private and still have friends, family, and fall in love. It just takes some practice. And the more you do it, the better you get. Assuming it’s safe to do so with the pandemic and all, getting out is the best way to practice and develop new connections. Figure out your interests, then figure out where those people gather: concerts, old movie screenings, EFF meetups, cooking classes, you name it. It just takes a little intentionality.