A few weeks ago Apple opened up "Enhanced Security". This lets you end to end encrypt *most* but not all of your iCloud data. I think the safest way to use iCloud is to not use it at all, but if you're going to use it, enhanced security is the way to go. Unfortunately this means generating a backup key, and having to take custody of it yourself. What that means is if you lose your key, you lose your data.
The big problem with icloud is if you back up to icloud your icloud back ups are not end to end encrypted w/o enhanced security turned on. In that case anyone who gains access to your icloud data, including Apple can access everything on your phone including your imessages, all of your location data, and sensitive photos you may have stored on your device.
In 16.3 you can now enable a security key as your 2nd Factor for logging in. I discussed this in a previous post, but a security key is a physical key for your digital life. Rather than approving adding a new device by receiving a code on a device you've already approved, you'll have to tap a physical key against your device. This means to access icloud, or your apple account, an attacker will need more than your phone, they'll also need the key, which will be stored away from your phone.
To set it up you'll need two FIDO equipped keys, one is a primary, the other is a backup. I use Yubico 5 series NFC enabled keys. If you want more info on how to set it up, I'd recommend using DuckDuckGo to search foe a tutorial.
I'm just a regular 30+ dude of average health. I skipped the vaccine and all the boosters and I haven't worn a mask since the public health order ended. The only thing I've done to protect myself against covid is avoid crowded indoor places, and take vitamin D gummies. I respect covid, I do not want to get it, but I also think that it's here to stay and that eventually my time will come, but for some reason, to date I've never had it. In fact I haven't had so much as a sniffle in 3 years.
As to why I haven't caught it yet, I'm not sure. I think avoiding indoor crowds has been a big part of it. My risk
is pretty low, I'm not unhealthy but I'm not super healthy either. My lifestyle has some factors that I think help reduce the risk even further. I don't drink alcohol and alcohol ruins sleep, sleep is really important for the immune system, so my sleep is usually pretty good. I take melatonin, aspirin, vitamin D, xylitol, NAC, marshmallow root, and quercetin regularly. All of these have at least some evidence of reducing the risk of infection or severe outcomes, and I do exercise fairly regularly.
At this point, I hesitate to say not taking the vaccine has helped me even though personally, I do believe it, and there is some evidence to support my belief but it's definitely not a proven fact. I can at least say making this choice hasn't harmed me or anyone else because I've never had it or given it to anyone, and the vaccine does not stop infection or transmission. While I also don't think I'll be able to avoid it forever, it's been odd having to go through all of these rituals in the last 3 years to never have gotten sick. I feel sort of stuck. I think everybody does. People seem to either live in fear or denial. I don't feel afraid, but I try to stay aware of the reality that covid is here to stay and that it's a novel virus, which means we don't know what it does to people over time. Maybe it's harmless, maybe it causes irreversible damage that slowly leads to premature aging, heart disease, cancer, autoimmune disease and death. Only time will tell. In the meantime, I'll stick to my same old routine of vitamin d gummies, baby aspirin, and sleeping in.
The Yubikey is a security tool which is used as a secure 2nd Factor for online accounts. Securing accounts with 2FA is always a good idea. Once enabled, your accounts require both a username, password, and a 2nd factor like a one time password (OTP). In the case of a security key, you need to physically insert or tap your yubikey into or against your NFC enabled device.
Many people are familiar with using 2FA via an SMS code that is texted to your device. This is a better method than SMS. People who use SMS for one time passwords often find themselves the targets of sim swap attacks. In this scenario, an attacker ports your phone number to their cell phone, and is then able to receive your 2FA codes.
With authenticator apps like Google Authenticator or Authy, you eliminate the risk associated with sim swaps but now your phone is the physical key to unlocking your online accounts. For this reason, phones are often the target of thieves, and if your phone is lost or damaged, you may permanently lose access to your accounts secured with the authenticator app on your phone.
By using an a physical security key, you can create backup keys and physically separate your 2nd factor from your phone.
Using a security key also eliminates the risk of phishing and social engineering because the security key must be inserted into a USB slot or read via NFC (near field communication, the same way you tap to pay).
No matter which way you enable 2FA, it's much more secure than not using it at all. An authenticator app like Authy is nearly as secure as using a Yubikey.
Accounts you should consider securing with 2FA include email accounts, social media accounts and financial accounts, and your Apple or Google account.
This year I realized we can't wait around for the pandemic to end. Nothing prevents transmission or infection of Covid. There is no ability to form long lasting immunity, not with a shot and not naturally. The only thing we can do is adapt.
While I've given up a lot of things, I started to reclaim some as well. Some of the things I've given up are movies, air travel, indoor dining, concerts, basically anything that involves spending time indoors with big groups of people. I don't really miss any of these things. I think they are mostly a distraction.
Some things I've reclaimed are time with my family, time with my Bible, and time for friends in small groups.
Computer hacking skills
This year I completed a lot of tech projects. I deployed a virtual private server, learned how to use Docker, reverse proxies, and containerized web apps like Vaultwarden, Rocketchat, and Ghost.
I installed Linux on a laptop and GrapheneOS on a google Pixel. I nuked my social media accounts and started self hosting a Mastodon server that I use a microblog. This server is managed, but I think I may try installing another activityhub based project like Pleroma on a server I manage.
One of our biggest past times this summer was working on landscaping the backyard.
This wraps our first year with Big Acres. While we personally haven't been able to spend much time up there, our family has been busy building roads, fixing up the cabin, and clearing land. For 2023 we want to get up there and put in a dog run so that traveling up with S will be a lot easier.
Friends and projects
While we spent less time than in years past with friends, we got some socializing in with people we value and stayed busy.
I think moving forward things will only continue to get more challenging and it's essential to surround myself with people who are good at critical thinking, who have a strong moral compass and unbreakable mental fortitude. The trials of the pandemic were extremely revealing of people's characters and I realized that choosing friends wisely isn't just a good idea, it could mean the difference between making it out of a dire situation, or not. So while we had less, it was the important stuff that mattered.
I've been working on getting physically, mentally and spiritually strong. Going through 2020, 21, and 22 has been challenging but faith strengthening. I started a daily bible reading program in September and am just about done with the New Testament.
I continue to work on my physical strength and endurance as well as buying the right tools, equipment and supplies to be more self reliant. These include power tools, food storage, land, generators, batteries, fuel (propane), hunting and fishing gear, medical supplies, and more.
Some may not understand why, but going through the pandemic was tough for everyone, doing it unvaccinated was tougher. Everything we had was threatened including our freedom of movement, ability to work, and even the basic human right to make a personal health decision. While many left the experience broken and traumatized, I only got stronger in every conceivable way. I learned who I am and that I can endure more than I ever thought. I also learned that I am unbreakable and when I decide the right path I will not bend to bribes, bullying, peer pressure, gaslighting, fear, guilt trips, or even threats.
Hopefully I'm wrong and things turn around, but we'll see what 2023 brings.
I have a Leatherman Wave+ that I daily. I've had it for about 3 years and I wrote about it a few weeks ago. It's the ideal size for that purpose, especially in warmer weather when I might not have a coat or big roomy pants to keep it in.
Owning land very near to national forest, BLM and state parks, I thought I might want something a little bigger and sturdier for those times when I feel like going on a bigger adventure.
The surge is about 4oz heavier than the Wave+ (12 point something oz vs 8 point something oz) and sports bigger versions of most of the same tools. It also has a few additions, these are an awl, blade exchanger, big scissors and gives up the eye glass screw driver. Instead it has a smaller flathead, which I think is pretty unnecessary since it has a bit driver as well.
The Wave + feels down right petite in comparison. While I don't think I'll daily carry this beast, I think it will be a great addition to my camping gear.
The black scissors on the right are what comes on the Wave+, while probably better than no scissors they're fairly useless. The middle scissors are the Surge which are clearly much bigger and beefier. The Gerber Armbar is on the far left, I carry this with my Wave+ because it gives me an awl, big scissors, a longer bit driver, a second sharp blade that I won't mind beating up a bit, and finally a small prybar and pommel (not a hammer, but you can slam it into something that needs a good whack, I'd probably just find a rock instead).
With the Surge, I get 21 tools plus room for a saw blade, a ratchet, and 42 bits. 40 of which can be used in my Surge's bit driver. The large screw driver can double as a small pry tool as well, which they don't count. That gives me a total of 64 tools in my pocket. The other cool feature is that the blade exchanger accepts t-shank saw or file blades, so it will accept much larger saw blades than can be folded into the tool.
Overall, I'm very pleased with the overall quality and tool set. It feels like something the Mandorian would keep on his belt and I'll probably carry it on mine as long as I can hide it under a long flannel or coat.
If you're not sure which one to get, I think most people would be well suited with a Wave+ for every day utility, but if you don't mind the extra weight and bulk, the Surge is an upgrade for sure.
While the overall risk is low to users who had strong passwords, it's not zero. Every year I am reminded several times that using someone else's service puts my data at risk. As of today, I have set up and deployed an instance of the open source alternative "Vaultwarden" and while it was a little tricky, it was definitely not that bad. Vaultwarden is an open source password manager. I'm running a copy of it myself on a computer in the cloud. That means there is no one to fix it if I break it, if my server crashes I have to log in and reboot it. If vulnerabilities are discovered I have to log in and update it, and so forth.
How is this better? Well Lastpass is a honeypot because it has a lot of data in it. Now I have moved my honey to a smaller pot hidden in an obscure corner corner of the internet where less people are looking for it, and the reward for finding it is dramatically low. Not worth the effort basically.
While Lastpass may not know your passwords, I suppose they could scrape some metadata like my IP address and device info, maybe the website I was logging in to. I don't know if they do this in practice, but now I don't have to worry about it.
The biggest benefit was I learned something new. I used Portainer to install Vaultwarden onto a server in the cloud. Then I used nginx proxy manager to route traffic coming in to that subdomain to the appropriate internal ip address which represents the port I'm running it on. I also had to create a few DNS records.
My vault is still online, so it's not exactly fixing all of the problems Lastpass has. It's also running on a server I don't own. While my data is encrypted and running in the cloud next to a bunch of other random apps, it could still get hoovered up I guess, but the hoover user wouldn't know what they were hoovering up until after it had been hoovered. If that doesn't make sense, lastpass was known to have a ton of passwords, so if people wanted credentials then it was a good place to look. Now I've hid my vault on a random provider's infrastructure and if someone were to try to hack that entire datacenter, they would have to sort through a lot of mixed data from a bunch of random services people like myself are running.
My VPS provider while perhaps not knowing what I was running exactly, could still scrape some but probably a lot less of my metadata, so this is an improvement but it doesn't fix it.
I think the most secure situation would he to have a server running locally in my house, but that can cause other problems, like for example, creating back ups, 24/7 up time, etc etc.
So I've made some security improvements, but I've given up some conveniences, and have arguably put my data in peril because there is no one to help should I botch it, but I learned how to do something new and that's good!
In 2009 I had a run of bad health. I got stung by a bee, it got infected, and then I did a round of antibiotics. The antibiotics wiped me out and while I was sick I agreed to getting a tetanus boost which overloaded my system. A few weeks later I had raging tinnitus, digestive problems, heart palpitations and I thought I was dying. I started trying all kinds of things to fix myself not knowing what was wrong, including low carb. I went low carb for a long time and lost a bunch of weight but felt awful. One day for a lark, I googled "high sugar diet" and found Ray Peat.
Ray Peat was a retired biologist that lived in Oregon. He believed that helping the body make energy was critical. The best way to do that according to Ray was to eat lots of sugar, protein, and fat soluble vitamins like Vitamin A, K, E, and D. He was a pioneer of the idea that red light had special benefits and that seed oils are toxic, that cancer and diabetes were metabolic conditions that could be treated by treating the thyroid.
Ray was criticized by a lot of people for his fringe ideas but I think he was way ahead of his time on a lot of it. The most impressive part of Ray's behavior was that he sold only a few products. These were his books, which were in the process of being digitized and reprinted for the entire 13 years I kept up with him. They were never available to purchase. He also had a newsletter, to sign up you had to mail cash in an envelope to his PO box. Finally, a progesterone supplement which I don't think he had been involved with for many years. Every article, hundreds of hours of podcasts, he gave away for free. More than that, his email address was right on his website and he would write back if you emailed him a health question. He must have spent hours per day replying to people. Over the years people even built a repository of his responses and it was always encouraged by the community to check for an answer before emailing Ray, but he'd write back anyway.
I follow Danny Roddy who is sort of an heir of Ray's legacy and work, one of many in the community who follow in Ray's footsteps. He put together a call in show and I watched all 3 hours of it. Grown men called in crying, but what really got me was the number of people who said they would call Ray and chat with him on the phone regularly. A number of callers said Ray saved their lives. All in all even if people disagreed with Ray, he wasn't in it for the money. He literally just wanted to help people the best way he could. They don't make people like that anymore.