A friend in Bali handed me a 1 terabyte external SATA drive recently and that’s great because the device is an integral part of a 3-2-1 backup strategy I’m adopting after Apple Care suggested I make a full backup of my 15" MacBook Pro.

The principle is simple:

3 copies, 2 different types of storage (physical and in the cloud for example) and one copy being physically separated from the others

Emanuele M. Monterosso

Of the 3 copies I needed 2 are complete. One copy is stored on MicroSD and kept with me. The other encrypted in the cloud on a Scaleway server in France. The last copy is going on the external SATA drive given to me last week which would be cool to put in a time capsule.

In this post I will show you how to securely store your backup data with two layers of encryption on an external drive or disk. After securing the disk we will start to automate the creation of space-efficient backups. Tools we’ll be using include GNU Parted, DMCrypt, a device-mapper crypto target, and Borgmatic to automate our backups in a expressive way.

One of the motivations behind dual-booting Linux on my MacBook Pro was to take back control of my personal data. Not just because Apple uses faux encryption on iCloud. And not because macOS has been shown to leave users open to eavesdropping exploits. But because when I use my Mac with macOS the operating system gratuitously beams out activity records¹, sharing information I’d rather keep private with people I don’t personally know nor have I ever met. And without the ability to shut it off, I find my privacy – the sentient and autonomous nature of my very being – constantly under attack.

In many instances, privacy is threatened not by singular egregious acts, but by a slow series of relatively minor acts which gradually begin to add up.

I've Got Nothing to Hide and Other Misunderstandings of Privacy

In this short guide I’ll show you how to encrypt and route your local Internet traffic through a fast, modern, and secure VPN tunnel called WireGuard using a free and open source operating system called Manjaro Linux. I will explain how to install WireGuard on Manjaro, share a simple means of establishing and testing an encrypted Internet connection, and leave you with next steps and personal experience to help further your understanding and gain confidence getting started.

After switching from macOS to Manjaro on my MacBook Pro I was in need of a truly encrypted back-up solution. After considering a host of backup tools, including Restic, I opted for a less mainstream tool which supports blake2 encryption, gives you your private key, and, as an added bonus, churns out the smallest backups possible for use in cloud storage scenarios: BorgBackup.

In this post I’ll cover how to migrate encrypted Borg backups from any system which can run MinIO to a cloud services provider offering 500GB object storage for less than 6€ per month: Scaleway – a service brought to my attention by a friend and fellow After Dark user named Teo.

Read on to learn how to create Borg backups with MinIO and Scaleway.

Rio is a MicroPaaS for Kubernetes designed to run using minimal resources. Rio provides automatic DNS and HTTPS, load balancing, routing, metrics and more. Use it to remove the chore of creating and managing a secure IT infrastructure.

k3s is a lightweight, certified Kubernetes distribution capable of running on constrained hardware and therefore ideal for local, edge and IoT substrates. K3s was originally developed for Rio but useful enough to stand on its own.

Today I’m going to show you how to easily set-up k3s and Rio on Manjaro Linux MacBook and use them to create a self-hosted, git-based continuous delivery pipeline to serve your own website.

If you’re not yet familiar with Kubernetes, no problem. Please let this gentle introduction serve as your practical guide. When you’re finished you’ll have a better understanding of the concepts and tools used in container orchestration and a shiny new website you can use to demonstrate your skills.

I read an article on Medium titled How to encrypt your entire life in less than an hour. The article provided a number of tips for staying secure digitally. One of the tips was to use the Tor browser because popular browsers such as Safari and Chrome were not private enough – even in private mode.

What the author didn’t tell you was that it’s possible to increase your privacy without switching browsers using Dan Pollock's hosts file. A quick look at the file describes exactly what it does…

Daily Beast reports 8Chan refugees are leaving DARPANet, commonly known as “the Web”, for a new home on ZeroNet and doxxing their IPs in the process.

Getting on the ZeroNet can be done more discretely, however, and it’s not hard if you’re running Linux – even if running Linux on a MacBook Pro:

Scala is great and all though I’m not familiar with it and the maintainer of the deployment tool I’ve been using since 2016 ended active support for s3_website earlier this year. That’s too bad because s3_website was a huge breath of fresh air for me given its support for deploying both Jekyll and Hugo, among others. In addition to its support for various generators s3_website also has some novel features for deployments to AWS not trivial otherwise including:

Last week Firefox suffered multiple zero-day vulnerabilities, prompting renewed interest in a browser discussion thread on the Manjaro Forums.

Ironically the reason I’m using Manjaro in the first place is because macOS itself had several zero-day vulnerabilities recently, prompting me to perform a serious back-up of macOS and all my files on iCloud.

Thankfully switching browsers is trivial compared to switching operating systems on macOS. So herein I’ll show you how to easily install a few different browsers so you can try them out and decide for yourself which you prefer.

I don’t know about you but I really like dark interfaces. Dark interfaces use less battery on AMOLED screens, reduce eye strain at night, and help protect you from shoulder surfers and nosy bar flies. Plus they just look good.

Which is why I was a bit miffed after installing ghacks-user.js to lock-down security in Firefox Quantum. I finished setup right before bed, opened the browser and – WHAM – my entire room illuminated with New Tab page:

Last month, while download Mojave patches for at least two zero-day exploits a malfunction occurred and I couldn’t upgrade, leaving my machine vulnerable:

During a 10 minute chat with Apple Care it was suggested I back-up and restore Mojave. The resolution wasn’t exactly what I’d hoped for. But not a big deal as I hadn’t created a backup in 3 years and it was about that time.

Trust is like the stock market. Escalator up, elevator down. When an individual places trust in something they typically do so because that trust has been won through unwavering commitment over time. When we speak of brand trust – or trust with a company – committed relationships work much the same. Especially as that trust applies to technology in an era of cloud.

But here’s the thing about trust. If it’s not built with transparency, it is created under false pretenses – smoke and mirrors – and, in the long-term, will never stand. This is the unfortunate case with Apple. And here I will explain exactly when I stopped trusting them and why, and what I’m doing about it.