Posts

Why Use Cloudflare Pages Free Tier?

Free plan limits that actually matter for a static blog:

In practice, none of these will ever touch you with a personal blog.

Let's Encrypt with Nginx

Let’s Encrypt is a game changer for websites.

I thought it was a good idea when Let’s Encrypt introduced the notion of a free CA Authority making SSL more accessible to the public in early 2015. But, I didn’t delve deeper because I was already using sslmate to somewhat automate my certificate management. Then, as I was setting up a new domain, I noticed that Dreamhost was issuing free SSL for any domain, and I thought, “WHAT?? I want that!”

GPG Key Management

GPG2 is a brilliant encryption tool, but so rarely used.

It’s not used mostly because it’s difficult to get buy-in from all the people with whom you want to securely communicate.

But if you use it and are lucky enough to find peers who use it as well, it’s a great boon for secure private communication and data storage.

Keep Your Master Key Safe

This is a key management technique I learned while working at UC Berkeley: Keep your master signing key away from your working keyring and use it only when you need it.

SSL PFS on Nginx

Update 3/10/2016: Cipher list matches recommendations from https://wiki.mozilla.org/Security/Server_Side_TLS.

Update 5/29/2015: Modified cipher list for high security.

Update 12/9/2014: RC4 has been identified by SSL Labs as a weak point in SSL implementations so the example nginx configuration below now includes disabling of RC4 ciphers. This updated configuration means that the horribly outdated browsers IE6 on Windows XP and IE8 on Windows XP will no longer work with your site.

Also, please upgrade to the latest OpenSSL to ensure that TLS POODLE is mitigated via TLS_FALLBACK_SCSV downgrade attack prevention.

What Your Boss Wants

Originally published on Medium: What Your Boss Wants

GNU Screen Status Bar

If you live in a terminal, you are likely using GNU Screen.

This is a pretty cool way to set a status bar at the bottom of your unix screen session. Add this to your screenrc file (one line):

[dennis@caffeinatedcode ~]% vim .screenrc

caption always "%{=b dw}:%{-b dw}:%{=b dk}[ %{-b dw}%{-b dg}$USER%{-b dw}@%{-b dg}%H %{=b dk}] [ %= %?%{-b dg}%-Lw%?%{+b dk}(%{+b dw}%n:%t%{+b dk})%?(%u)%?%{-b dw}%?%{-b dg}%+Lw%? %{=b dk}]%{-b dw}:%{+b dw}:"

Hofstadter's Law

It always takes longer than you expect, even when you take into account Hofstadter’s Law.

—Douglas Hofstadter

Online Backups for the Truly Paranoid

I like paranoia in design. Well, I take that back. I don’t like it when it inhibits programming experimentation and creativity, but I do like it when it comes to services, and most especially when it comes to backup.

I wanted to write about my experiences with consumer offsite backup services (e.g. Mozy, Carbonite, Jungle Disk) as well as the plain practice of having a redundant storage device onsite. But all that was side-tracked when I recently needed to quickly backup my servers, and discovered tarsnap.

Online Newspapers in 1981

Before the Internet, there was an effort to distribute news to the 2000 or so home computer owners in the Bay Area. It only took over 2 hours to download an entire newspaper over the phone at a $5.00 per hour usage charge, now that’s tech!

Mind Your Web Presence

“Mind your web presence,” said my former boss and mentor Gilles Vandelle. We were discussing the kinds of hits we get when we do web searches on people. Gilles, who specializes in search technologies, showed me some of the things he found about me. Results focused mostly on my photographs, some friends’ website links, and miscellaneous contributions to journalism and charitable efforts. This made me think: What can one do to mind his/her own web presence?