A Geek With Guns

Chronicling the depravities of the State.

Archive for the ‘Technology’ tag

Fleeing Facebook

with one comment

Another election is on the horizon, which can only mean Facebook is clamping down on wrongthink in the futile hope that doing so will appease Congress enough that it won’t say mean things about the company that might hurt its stock price. This week’s clamp down appears to be more severe than others. I have several friends who received temporary bans for making posts or comments that expressed apparently incorrect, albeit quite innocent, opinions. A lot of them also reported that some of their friends received permanent bans for posting similar content.

In the old days of the Internet when websites were dispersed you usually had friends from forums, game servers, and various instant messenger clients added on other services. Because of that, getting banned for any single account wasn’t usually a big deal. However, with the centralization that Facebook has brought, losing your Facebook account can mean losing access to a large number of your contacts.

If you are at risk of losing your Facebook account (and if you hold political views even slightly right of Karl Marx, you are), you need to start establishing your contacts on other services now. If you’re like me and have friends that predominantly lean more libertarian or anarchist, you’ve probably seen a number of services being recommended such as MeWe, Parler, and Gab. The problem with these services is that they, like Facebook, are centralized. That means one of two outcomes is likely. If they’re successful, they will likely decide to capitalize by going public. Once that happens, they will slowly devolve into what Facebook has become today because their stock holders will demand it in order to maximize share prices. If they’re not successful, they’ll likely disappear in the coming years, forcing you to reestablish all of your contacts on another service again.

I’m going to recommend two services that will allow you to nip this problem in the bud permanently. The first is a chat service called Element (which was formerly known as Riot). The second is a Twitter-esque service called Mastodon. The reason I’m recommending these two services is because they share features that are critical if you want to actually socialized freely.

The most important feature is that both services can be self-hosted. This means that in the worst case scenario, if no existing servers will accept you and your friends, you can setup your own server. If you’re running your own server, the only people you have to answer to are yourselves. However, you may want to socialize with people outside of your existing friend groups. That’s where another feature called federation comes in. Federation is a feature that allows services on one server to connect with services on another server. This allows the users on one Element or Mastodon instance to socialize with users on another instance. Federation means not having to put all of your eggs in one basket. If you and your friends sign up on different servers, no one admin can ban you all. Moreover, you can setup backup accounts that your friends can add so if you are banned on one server, your friends already have your alternate account added to their contact list.

The reason I’m recommending two services is because Element and Mastodon offer different features that are geared towards different use cases. Element offers a similar experience to Internet Rely Chat (IRC) and various instant messenger protocols (such as Facebook Messenger). It works well if you and your friends want to have private conversations (you can create public chat rooms as well, if you want anybody to be able to join in the conversation). It also offers end-to-end encrypted chat rooms. End-to-end encrypted rooms cannot be surveilled by outside parties meaning even the server administrators can’t spy on your conversation. It’s much harder for a server administrator to ban you and your friends if they’re entirely ignorant of your conversations.

Mastodon offers an experience similar to Twitter (although with more privacy oriented features). You can create public posts that can be viewed by anybody with a web browser and with which anybody with a Mastodon account can interact. This works great if you have a project that requires a public face. For example, you and your friends may work on an open source project about which you provide periodic public updates. Mastodon enables that. Users can also comment on posts, which allows your posts to act as a public forum. Since Mastodon can be self-hosted, you can also setup a private instance that isn’t federated. Thus you could create a private space for you and your friends.

It’s critical to establish your existing contacts on another service now so you don’t find yourself suddenly unable to communicate with them because you expressed the wrong opinion. Even if you don’t choose Element and/or Mastodon, pick a service that you and your friends can tolerate and at least sign up for accounts and add each other to your contact lists. That way if you disappear down Zuckerberg’s memory hole, you can still keep in contact with your friends.

Written by Christopher Burg

September 5th, 2020 at 9:17 am

Posted in Technology

Tagged with ,

The Exodus

without comments

When COVID-19 started making headlines, I didn’t think much of it. A new virus makes the headlines every few years. But when governments started using COVID-19 as a justification to implement severe restrictions, I started to wonder if we were on the cusp of a major shift in the status quo. Now that we’re several months into the restrictions put into place to “flatten the curve,” I’m all but certain that we’re in the midst of major changes.

One major shift that has come of government COVID-19 policies is the worker migration from offices to home. Before the lock downs were implemented a lot of companies were still skeptical of the work from home model. At the beginning of the lock downs those companies were forced to either shutdown or transition to a work from home model. Now that those businesses have been operating on a work from home model for several months many of them are starting to question the old model. Consider the cost of maintaining a large office in a central hub for your employees. There’s the cost of the building itself. It’s either owned; in which case the costs of the building, upkeep, and property taxes are incurred; or it’s rented; in which case the monthly rent is incurred. Then you have the cost of municipal services such as electrical power, water, and sewer. Most offices offer employees some amenities such as coffee, snacks, etc. Often forgotten are the costs of added risks such as employees being injured or killed during their commute, employees coming in late or being unable to come in at all due to weather, and business being disrupted by power outages, civil unrest, etc. And then there are future costs to consider such as likely tax hikes as various levels of government scramble to make up for lost revenue.

It should come as no surprise that businesses are looking at the current landscape and questioning whether they should flee their expensive central hubs now that many of their employees are working from home:

A new survey by the Downtown Council shows 45 business owners say they are considering leaving downtown – citing the lack of people working or socializing downtown – and the idea that the police department could be dismantled.

[…]

“We are seeing business owners wanting to eliminate the overhead, especially in a world where it looks like there’s going to be a more hybrid approach happening – and people are going to be working from home – business owners and companies are looking to downsize,” he said.

Keep in mind that these are 45 business owners that bothered to participate in a survey. The overall number is almost certainly higher.

This exodus would cause a domino effect. If major companies begin to flee a city, supporting companies usually follow. What’s the point of operating a restaurant or a bar in a city if nobody is eating or drinking there? Likewise, employees that moved to the city because they wanted a short commute may begin looking for a place that’s cheaper and/or nicer. Minnesota is already seeing this as people working from home ask themselves why they shouldn’t work from lakefront property (or in my case, why not work from the woods).

Besides work the other major attraction of large cities has traditionally been big events. Concerts, sports, festivals, etc. usually happen in large cities. But those also vanished when the lock downs were implemented. Downtown Minneapolis is currently a ghost town compared to a few months ago and the same is probably true of other major cities.

We may be witnesses the beginning of the end of a system that really took off with the Industrial Revolution: population centralization. The Industrial Revolution brought factories and factories needed a lot of manpower so they tended to be built in existing population centers. Those factory jobs tended to pay better than farm work so laborers started to migrate from rural areas to those population centers. There was a cycle where factories went to where laborers could be found en masse and laborers started migrating to where factories could be found en masse.

A lot of labor is no longer physical and the Internet provides a mechanism for nonphysical labor to be done remotely. Thus the groundwork exists for the Industrial Revolution cycle to be broken. Employees can live in the boonies and work for a company whose nearest office is several hundred miles away or even across the globe. Many other city attractions also disappeared or went remote.

I think we may be at the beginning of an exodus away from cities. If it occurs, this could end up being another epoch like the Industrial Revolution.

Written by Christopher Burg

August 6th, 2020 at 3:45 pm

Posted in Side Notes

Tagged with ,

Error Indicators of Limited Value

without comments

When I moved into this house, I decided to use UniFi gear for my entire network because I wanted to centrally manage it (I, like most people who work in the technology field, am lazy by nature). This house doesn’t have Ethernet running through the walls so I (again, being lazy) opted to rely on a mesh network for most of my networking needs. My mesh network consists of three UAP-AC-M access points.

Like most other people working in the technology field, I’ve been working from home since COVID-19 started making headlines. This means my in-person meetings have mostly been done via remote video conferences. My setup ran smoothly until a few weeks ago when I started experiencing a strange issue where I’d periodically lose my video conference feeds for 10 to 30 seconds. Since I first setup my mesh network my UniFi Controller has reported a large number (as in several hundred per 24-hour period) of DHCP Timeout errors along with a handful of WPA Authentication Timeout errors. It also reported long access point association times for my two mesh nodes (the other node is wired to my switch). Searching Ubiquiti’s online support forum returned a lot of results for individuals experiencing these errors without any resolution. In fact several comments made by Ubiquiti employees stated that the DHCP Timeout errors can be ignored so long as the network is performing well. I ended up ignoring the errors because at the time my network was performing well and nobody seemed to have a resolution to the errors.

I began looking into the problem again when the video conferencing problems I mentioned started to manifest. To make a long story short, I finally figured out my problem. UAP-AC-M access points use the 5Ghz spectrum for mesh communications so they all operate on the same 5Ghz channel, but it’s expected that they utilize different 2.4Ghz channels. My mesh nodes were setup to automatically select their 2.4Ghz and 5Ghz channels during boot up. I assumed this was safe because I boot them up in stages one after the other. That should have caused them to see each other when they booted up and select a different 2.4Ghz channel. According to my UniFi controller, all three 2.4Ghz channels (one, six, and 11 are the only channels that don’t overlap with other channels) were being utilized so I assumed the access points were operating as I expected. After trying to few different settings I decided to manually select the 2.4Ghz channels for my access points. I put one access point on channel one, one on channel six, and one on channel 11.

Since doing that I haven’t experienced any video conferencing problems. Moreover, my DHCP Timeout errors have dropped to almost nothing (I now experience between two and four per 24-hour period), the WPA Authentication Timeout errors have remained at one or two per 24-hour period, and I no longer see any errors about access points taking longer than expected to associate.

If you’re one of the many people experiencing a massive number of DHCP Timeout errors with UniFi access points and you haven’t already manually selected non-overlapping 2.4Ghz channels for your access points, give it a try. I will note that since I live in the country and there are no other visible Wi-Fi networks anywhere on my property, your experience may differ if you’re in an environment with a lot of competing Wi-Fi networks.

Written by Christopher Burg

August 3rd, 2020 at 6:00 am

Posted in Technology

Tagged with

Avoiding Censorship Online

with one comment

Facebook, Twitter, Reddit, and most other mainstream social media platforms have pledged to increase the speech they censor. This has lead many people, especially those most likely to be censored, to seek greener pastures. They usually tell anybody who will listen to flock to alternate social media platforms such as MeWe, Minds, and Parler. Of course this is an exercise in trading one centrally controlled platform for another. This means users are still at the mercy of the individuals who control the services. Parler has already walked back its commitment to absolute free speech and other alternate platforms will likely do the same.

So is the concept of free speech online hopeless? Not at all. However, you have to take a page from radicals throughout history. If you look at a lot of radicals, they generally owned and operated their own newspapers, magazines, journals, and periodicals. Benjamin Franklin bought a newspaper, Benjamin Tucker printed his own periodical, egoists printed their own journal, and Peter Kropotkin published his own journal. By owning and operating their own print media they were able to say whatever they wanted whenever they wanted.

Today’s Internet has become centralized, corporatized, and sanitized, but that wasn’t always the case. It also doesn’t have to be the case. Anybody can run a server. This blog is hosted on a server sitting in my basement. In fact I self-host most of my online services. This gives me absolute control over my platforms. I can say whatever I want whenever I want.

If you want to express yourself freely, you need to take a page from radicals of yesteryear and own and operate your own platform. Fortunately, it’s easier today than ever before. There are a lot of self-hosted platforms available. For example, if you want something akin to Twitter, there’s Mastodon. If you want something akin to Facebook, there’s Freindica and diaspora*. If you want chatroom functionality, there’s Matrix (which also supports end-to-end encryption so you can speak freely on other people’s servers). In fact there are a ton of self-hosted platforms that cover almost anything you could need. What’s even better is that many of the self-hosted social media platforms can be federated, which means every person in a group could run their own instance and interconnect them.

To quote Max Stirner, “Whoever will be free must make himself free. Freedom is no fairy gift to fall into a man’s lap. What is freedom? To have the will to be responsible for one’s self.”

Written by Christopher Burg

July 7th, 2020 at 9:24 pm

Posted in Self-Hosting

Tagged with ,

The Way It Should Always Have Been

without comments

I received my PinePhone last week. The model I ordered was the UBPorts Community Edition. My initial thoughts on the phone are that the build quality is actually very solid, but otherwise it behaves like a $150 phone. The performance isn’t great, but acceptable; the battery life, which is a known issue, is pretty terrible; and the software is in a pretty rough state (easily beta quality, maybe even late alpha quality). All of these were what was promised and what I expected so none of this should be considered criticism. I’m actually impressed by what the manufacturers and software creators managed to pull off so far.

However, after playing with UBPorts I wanted to try some other operating systems. This is where the PinePhone shines since it doesn’t lock you into any specific operating system. The next released of the Community Edition of the PinePhone will come with postmarketOS so I loaded postmarketOS onto an MicroSD card (you can also flash it to the internal eMMC chip) and booted it on the phone. postmarketOS has a utility that builds an image for you. That utility also allow you to customize a number of things including using full-disk encryption (which I haven’t played with yet since it’s experimental) and choosing your user interface. I chose Phosh for the user interface because I wanted to see what the Librem team has been working on. My experience with postmarketOS was similar to UBPorts. Performance was sluggish, but acceptable and the software is still in a rough state. However, postmarketOS makes it easy to install regular Linux desktop and command line applications so I installed and tried a few applications that I use regularly on the desktop. Unfortunately, most of the available graphical software doesn’t yet support screen scaling so applications are too big for the PinePhone’s screen. With that said, progress is being made in that direction and once more applications support screen scaling there should be a decent number of apps available.

Being able to boot up a different operating system on my phone is the way it should always have been. On my desktop and laptops computers I have always been able to choose what operating system to run, but my mobile devices have always been locked down. Some Android devices do allow you to unlock the boot loader and install a different Android image, but often doing so it’s officially supported by the manufacturer (so it’s often a pain in the ass). It’s nice to finally see a mobile phone that is designed for tinkerers and people who want to actually own their hardware.

Written by Christopher Burg

June 30th, 2020 at 6:30 am

Posted in Technology

Tagged with ,

Advertising Self-Hosted Services

without comments

The ceaseless lock down that many states are experiencing has lead to the inevitable push back. Protests have already taken place in a number of states and more protests are being planned. Unfortunately, many of these protests are being organized on Facebook and Facebook has decided to remove them.

It probably doesn’t surprise anybody that I have friends interested or participating in the protests in Minnesota. When I saw them posting on social media saying that the latest protest event had been removed, I saw a number of people recommend other centralized social media sites such as MeWe and Minds. I have a tradition when I see such recommendations. I point out that jumping from one centralized social media site to another simply kicks the can down the road because they could decide to implement restrictions at any point and that the only long term solution is using self-hosted services to advertise events. The usual rebuttal I received is a variation of we have to post the event where the people are (falsely implying that many people use MeWe or Minds). Apparently there is a lot of misunderstanding about using self-hosted services to organize events.

When you use a self-hosted service, you don’t have to isolate it from everything else. You can advertise your self-hosted service on Facebook, Twitter, and other centralized social media sites. The point of a self-hosted service is to be authoritative and under your sole control. When you share a link to your self-hosted service, you note that the website you’re hosting is the place to go for official information. If Facebook removes your post, it doesn’t matter because the people who have already seen it will know where to go for updates to your event and because Facebook cannot remove your website. The official information still exists and can be shared with interested parties.

Written by Christopher Burg

May 4th, 2020 at 6:30 am

Posted in Self-Hosting

Tagged with

Mullvad VPN

without comments

Periodically I’m asked to recommend a good Virtual Private Network (VPN) provider. I admit that I don’t spend a ton of time researching VPN providers because my primary use case for VPNs is to access my local network and secure my communications when traveling so most of the time I use my own VPN server. When I want to guard my network traffic against my Internet Service Provider (ISP), I use Tor. With that said, I do try to keep at least one known decent VPN provider in my back pocket to recommend to friends.

In the past I have usually recommended Private Internet Access because it’s ubiquitous, affordable, and its claim that it doesn’t keep logs has been proven in court. However, Private Internet Access is based in the United States, which means it can be subject to National Security Letters (NSL). Moreover, Private Internet Access was recently acquired by Kape Technologies. Kape Technologies has a troubling past and you can never guarantee that a company will maintain the same policies after it has been purchased so I’ve been looking at some alternative recommendations.

Of the handful with which I experimented, I ended up liking Mullvad VPN the most. In fact I ended up really liking it (for me finding a decent VPN provider is usually an exercise in finding the least terrible option).

Mullvad is headquartered in Sweden, which means it’s not subject to NSLs or other draconian United States laws (it’s subject to Swedish laws, but I’m outside of that jurisdiction). But even if it’s subjected to some kind of surveillance law, Mullvad goes to great length to enable you to be anonymous, which greatly hinders its ability to surveil you. To start with your account is just a pseudorandomly generated number. You don’t need to provide any identifiable information, not even an e-mail address. When you want to log in to pay your account, you simple enter your number. The nice thing about this is that the number is also easily disposed of. Since you can generate a new account by simply clicking on a link, you can throw away your account whenever you want. You can even generate accounts via its onion service (this link will only work if you’re using the Tor Browser).

Mullvad’s pricing is €5 (roughly $5.50 when I last paid) per month. Paying per month allows you to change accounts every month if you want. Payments can be made using more traditional services such as credit cards and PayPal, but you can also use more anonymous payment options such as Bitcoin and Bitcoin Cash (I would like to see the option of using Monero since it has anonymity built-in).

The thing that initially motivated me to test Mullvad was the fact that it uses WireGuard. WireGuard is our new VPN overlord. If you’re new to WireGuard or less technically inclined, you can download and use Mullvad’s app. If you’re familiar with WireGuard or willing to learn about it, you can use Mullvad’s configuration file generator to generate WireGuard configuration files for your system (this is how I used it). Mullvad also supports OpenVPN, but I didn’t test it because it’s 2020 and WireGuard is our new VPN overlord.

Like most decent VPN providers, Mullvad also has a page to check if your Mullvad connection is setup correctly. It performs the usual tasks of reporting if you’re connecting through a Mullvad server and if your Domain Name System (DNS) requests are leaking. It also attempts to check if your browser is leaking information through WebRTC. You can also test your torrent client in case you want to download Linux distros (because that’s the only thing anybody downloads via BitTorrent) more securely.

I didn’t come across anything egregious with Mullvad, but don’t take my recommendation too seriously (this is the caveat I give to everybody who asks me to recommend a VPN provider). My VPN use case isn’t centered around maintaining anonymity and I didn’t perform thorough testing in that regard. Instead I tested it based on my use case, which is mostly protecting my connection from local actors when traveling. As with anything, you should test the service yourself.

Written by Christopher Burg

April 15th, 2020 at 6:00 am

The Users and the Used

without comments

I’m happy that computer technology (for the purpose of this post, I mean any device with a computer in it, not a traditional desktop or laptop) has become ubiquitous. An individual who wants a computer no longer has to buy a kit and solder it together. Instead they can go to the store and pick up a device that will be fully functional out of the box. This has lead to a revolution in individual capabilities. Those of us who utilize computers can access a global communication network from almost anywhere using a device that fits in our pocket. We can crank out printed documents faster than any other time in human history. We can collect data from any number of sources and use it to perform analysis that was impractical before ubiquitous access to computers. In summary life is good.

However, the universe is an imperfect place and few things are without their downsides. The downside to the computer revolution is that there are, broadly speaking, different classes of users. They are often divided into technical and non-technical users, but I prefer to refer to them as users and used. My categorization isn’t so much based on technical ability (although there is a strong correlation) as by whether one is using their technology or being used by it.

Before I continue, I want to note that this categorization, like all attempts to categorize unique individuals, isn’t black and white. Most people will fall into the gray area in between the categories. The main question is whether they fall more towards the user category of the used.

It’s probably easiest to explain the used category first. The computing technology market is overflowing with cheap devices and free services. You can get a smartphone for little or even nothing from some carriers, an Internet connected doorbell for a pittance, and an e-mail account with practically unlimited storage for free. On the surface these look like amazing deals, but they come with a hidden cost. The manufacturers of those devices and providers of those services, being predominantly for-profit companies, are making their money in most cases by collecting your personal information and selling it to advertisers and government agencies (both of which are annoying, but the latter can be deadly). While you may think you’re using the technology you’re actually being used through it by the manufacturers and providers.

A user is the opposite. Instead of using technology that uses them, they use technology that they dominate. For example, Windows 10 was a free upgrade for users of previous versions of Windows. Not surprisingly, Windows 10 also collects a lot of personal information. Instead of using Windows 10, users of that operating system are being used by it. The opposite side of the spectrum is something like Linux from Scratch, where a user creates their own Linux distro from the ground up so they know every component that makes up their operating system. As I stated earlier most people fall into the gray area between the extremes. I predominantly run Fedora Linux on my systems. As far as I’m aware there is no included spyware and the developers aren’t otherwise making money by exploiting my use of the operating system. So it’s my system, I’m using it, not being used through it.

Another example that illustrates the user versus the used categories is online services. I sometimes think everybody on the planet has a Gmail account. Its popularity doesn’t surprise me. Gmail is a very good e-mail service. However, Gmail is primarily a mechanism for Google to collect information to sell to advertisers. People who use Gmail are really being used through it by Google. The opposite side of the spectrum (which is where I fall in this case) is self-hosting an e-mail server. I have a physical server in my house that runs an e-mail server that I setup and continue to maintain. I am using it rather than being used by it.

I noted earlier in this article that there is a strong correlation between technical people and users as well as non-technical people and those being used. It isn’t a one-to-one correlation though. I know people with little technical savvy who utilize products and services that aren’t using them. Oftentimes they have a technical friend who assists them (I’m often that friend), but not always. I would actually argue that the bigger correlation to users and those being used is those who are curious about technology versus those who aren’t. I know quite a few people with little technical savvy who are curious about technology. Their curiosity leads them to learn and they oftentimes become technically savvy in time. But before they do they often make use of technology rather than be used by it. They may buy a laptop to put Linux on it without having the slightest clue at first how to do it. They may setup a personal web server poorly, watch it get exploited, and then try again using what they learned from their mistakes. They may decide to use Signal instead of WhatsApp not because they understand the technical differences between the two but because they are curious about the “secure communications app” that their technical friends are always discussing.

Neither category is objectively better. Both involve trade-offs. I generally encourage people to move themselves more towards the user category though because it offers individuals more power over the tools they use and I’m a strong advocate for individual power. If you follow an even slightly radical philosophy though, I strongly suggest that you to move towards the user category. The information being collected by those being used often finds its way into the hands of government agents and they are more than happy to make use of it to suppress dissidents.

Written by Christopher Burg

April 14th, 2020 at 6:00 am

Upgrading My Network

without comments

The network at my previous dwelling evolved over several years, which made it a hodgepodge of different gear. Before I moved out the final form of it was a Ubiquiti EdgeMax router, a Ubiquiti Edge Switch, and an Apple Airport Extreme (I got a good deal on it, but it was never something I recommended to people). When I bought my new house I decided to upgrade my network to Ubiquiti UniFi gear. For those who are unaware UniFi gear fits into that niche between consumer and enterprise networking gear (it’s often touted as enterprise gear, but I have my doubts that it would work as well on a massive network spanning multiple locations as more traditional enterprise gear) often referred to as prosumer or SOHO (Small Office/Home Office).

Because I live out in the boonies, my Internet connection is pretty lackluster so I opted for a Security Gateway 3P for my router (it’s generally agreed that the hardware is too slow to keep up with the demands of many modern Internet connections, but I don’t have to worry about that). If I had built a new house, I’d have put Ethernet drops in every room, but I bought a preexisting house with no Ethernet drops, which meant Wi-Fi was going to be my primary form of network connectivity. I still needed Ethernet connections for my servers though so I opted for a 24-port switch as my backbone and AP-AC-M access points for Wi-Fi. The AP-AC-M access points provide mesh networking, which is nice in a house without Ethernet drops because you can extend your Wi-Fi network by connecting new access points to already installed access points. Moreover, they’re rated for outdoor use so I can use them to extend my Wi-Fi network across my property.

A UniFi network is really a software defined network, which means that there is a central controller that you enter your configuration information into and it pushes the required settings out to the appropriate devices. Ubiquiti provides the Cloud Key as a hardware controller, but I already have virtual machine hosts aplenty so I decided to setup a UniFi Controller in a virtual machine.

Previously I was resistant to the idea of having to have a dedicated controller for my network. However, after experiencing software defined networking, I don’t think I could ever go back. Making a single change in one location and having that change propagated out to my entire network is a huge time saver. For example, I decided that I wanted to setup a guest Wi-Fi network. Without a central controller this would have required me to log into the web interface of each access point and enter the new guest network configuration. With a software defined network I merely add the new guest network configuration into my UniFi Controller and it pushes that configuration to each of my access points. If I want to change the Wi-Fi Protected Access (WPA) password for one of my wireless networks, I can change it in the UniFi Controller and each access point will receive the update.

The UniFi Controller also provides a lot of valuable information. I initially setup my wireless network with two access points, but the statistics in the UniFi Controller indicated that my wireless coverage wasn’t great in the bedroom, was barely available on my three season porch, and was entirely unavailable out by my fire pit. I purchased a third access point and rearranged the other two and now have excellent Wi-Fi coverage everywhere I want it. While I could have gathered the same information on a network without a centralized controller by logging into each access point individually, it would have been a pain in the ass. The UniFi Controller also allows you to upload the floor plan of your home and it will show you the expected Wi-Fi coverage based on where you place your access points. I haven’t used that feature yet (I need to create the floor plan in a format that the controller can use), but I plan on playing with it in the future.

Overall the investment into more expensive UniFi gear has been worth it to me. However, most people probably don’t need to spend so much money on their home network. I know many people are able to do everything they want using nothing more than the all in one modem/switch/Wi-Fi access point provided by their Internet Service Provider (admittedly I don’t trust such devices and always place them outside of my network’s firewall). But if you need to setup a network that is more complex than the average home network, UniFi gear is something to consider.

Written by Christopher Burg

April 13th, 2020 at 9:41 pm

Posted in Technology

Tagged with

The Importance of Open Platforms

without comments

Late last week I pre-ordered the UBports Community Edition PinePhone. It’s not ready for prime time yet. Neither of the cameras work and the battery life from what I’ve read is around four to five hours and there are few applications available at the moment. So why did I pre-order it? Because UBports has been improving rapidly, my iPhone is the last closed platform I run regularly (I keep one macOS machine running mostly so I can backup my iPhone to it), and open platforms may soon be our only option for secure communications:

Signal is warning that an anti-encryption bill circulating in Congress could force the private messaging app to pull out of the US market.

Since the start of the coronavirus pandemic, the free app, which offers end-to-end encryption, has seen a surge in traffic. But on Wednesday, the nonprofit behind the app published a blog post, raising the alarm around the EARN IT Act. “At a time when more people than ever are benefiting from these (encryption) protections, the EARN IT bill proposed by the Senate Judiciary Committee threatens to put them at risk,” Signal developer Joshua Lund wrote in the post.

I used Signal as an example for this post, but in the future when (it’s not a matter of if, it’s a matter of when) the government legally mandates cryptographic back doors in consumer products (you know the law will have an exception for products sold to the government) it’ll mean every secure communication application and platform will either have to no longer be made available in the United States or will have to insert a back door that allows government agents and anybody else who can crack the back door complete access to our data.

On an open platform such a Linux this isn’t the end of the world. I can source both my operating system and my applications from anywhere. If secure communication applications are made illegal in the United States, I have the option of downloading and use an application made in a freer area or better yet developed anonymously (it’s much harder to enforce these laws if the government can’t identify and locate the developers). Closed platforms such as iOS and Android (although Android to a lesser extent since it still allows side loading of applications and you can download an image built off of the Android Open Source Project) require you to download software from their walled garden app stores. If Signal is no longer legally available in the United States, people running iOS and Android will no longer be able to use Signal because those apps will no longer be available in the respective United States app stores.

As the governments of the world continue to take our so-called civil rights behind a shed and unceremoniously put a bullet in their heads closed platforms will continue to become more of a liability. Open platforms on the other hand can be developed by anybody anywhere. They can even be developed anonymously (Bitcoin is probably the most successful example of a project whose initial developer remains anonymous), which makes it difficult for governments to put pressure on the developers to comply with laws.

If you want to ensure your ability to communicate securely in the future and you haven’t already transitioned to open platforms, you should either begin your transition or at least begin to plan your transition. Not all of the pieces are ready yet. Smartphones remain one area where open platforms are lagging behind, but there is a roadmap available so you can at least begin planning a move towards open an smartphone (and at $150 the PinePhone is a pretty low risk platform to try).

Written by Christopher Burg

April 13th, 2020 at 6:00 am