diff options
| author | Christian Cleberg <hello@cleberg.net> | 2025-08-19 22:39:50 -0500 |
|---|---|---|
| committer | Christian Cleberg <hello@cleberg.net> | 2025-08-19 22:39:50 -0500 |
| commit | 8ca2c69e67c5b5cc3166af0c0a56e16078176b21 (patch) | |
| tree | d894c50cf3822fd1365c158029e7d7040054dfad | |
| parent | 407cc619dccd5f39dee64bb29fc9f479e3244b27 (diff) | |
| download | cleberg.net-8ca2c69e67c5b5cc3166af0c0a56e16078176b21.tar.gz cleberg.net-8ca2c69e67c5b5cc3166af0c0a56e16078176b21.tar.bz2 cleberg.net-8ca2c69e67c5b5cc3166af0c0a56e16078176b21.zip | |
summary of commits from minimal-enhancements
| -rw-r--r-- | content/about/index.org | 27 | ||||
| -rw-r--r-- | content/blog/2025-06-02-private-ios-apps.org | 238 | ||||
| -rw-r--r-- | content/blog/2025-06-27-how-blockchain-works.org | 197 | ||||
| -rw-r--r-- | publish.el | 9 | ||||
| -rw-r--r-- | theme/static/styles.css | 353 | ||||
| -rw-r--r-- | theme/templates/base.html | 9 | ||||
| -rw-r--r-- | theme/templates/blog.html | 3 | ||||
| -rw-r--r-- | theme/templates/index.html | 19 |
8 files changed, 170 insertions, 685 deletions
diff --git a/content/about/index.org b/content/about/index.org new file mode 100644 index 0000000..b583085 --- /dev/null +++ b/content/about/index.org @@ -0,0 +1,27 @@ +#+title: About +#+slug: index + +Hey, I'm */~cmc/*. + +I'm a technology audit manager, working on financial statement audits (SOX/MAR), +SOC 1-3 reports, and other attestations for KPMG. + +Read up on my [[https://cv.cleberg.net][CV]] or [[https://cleberg.net/salary/][salary]] for more information. + +In my spare time, I like to: + +- Run linux servers +- Enhance my home lab network +- Write personal programs, mostly in Python +- Research various topics (history, geography, science, etc.) +- Write blog posts and general documentation +- Converse with others on IRC and Matrix +- Play video games and watch television + +If you want to chat, you can find me in the following spaces: + +- [[mailto:hello@cleberg.net][hello@cleberg.net]] ([[https://cleberg.net/gpg.txt][GPG]]) +- [[https://lemmy.cleberg.net/u/cmc][@cmc]] on Lemmy +- [[https://matrix.to/#/@cmc.:matrix.org][@cmc.:matrix.org]] on Matrix +- @cmc.01 on [[https://signal.org/][Signal]] +- [[https://sr.ht/~cxc][~cxc]] on Sourcehut diff --git a/content/blog/2025-06-02-private-ios-apps.org b/content/blog/2025-06-02-private-ios-apps.org index b015bc2..14c744c 100644 --- a/content/blog/2025-06-02-private-ios-apps.org +++ b/content/blog/2025-06-02-private-ios-apps.org @@ -4,16 +4,14 @@ #+slug: private-ios-apps #+filetags: :ios:privacy:security: -In a world where our phones are extensions of ourselves, balancing convenience -with privacy can feel like a losing battle — especially on iOS, where platform -restrictions narrow the options. But it's not impossible. There's a growing -ecosystem of privacy-respecting apps, tools, and communities focused on helping -iPhone users take back some control. +The world is evolving into a privacy nightmare, where our own devices are being +used by numerous parties to constantly track and report on our activities. This +is especially prevalent on iOS, where platform restrictions leave users without +many options to lock down their data. -Below is a curated list of privacy resources, directories, and testing tools -specifically useful for iOS. Whether you're looking for a better email client, a -trustworthy VPN, or simply places to learn more, these links are a solid -starting point. +However, there are apps that exist that can help enhance the privacy of an iOS +device. The post below details a number of privacy resources, directories, and +tools for iOS. **Resource Table** @@ -36,38 +34,28 @@ starting point. #+begin_quote *Note*: This list focuses solely on iOS-compatible resources and tools. No -Android comparisons here — just options for those of us living in Apple's walled -garden. +Android comparisons here as I have not used Android in many years. #+end_quote * Email -First and foremost, I like to consider email as my first app on a new device. -However, the iOS market lacks a wealth of open-source and private email clients. -There are a few options, such as Proton Mail and Tuta, which are open source and -private, but they lock you into their ecosystem. Tuta doesn't allow for custom -domains and neither allows SMTP/IMAP access. - -Canary Mail is a decent option, as it is a classic SMTP/IMAP client - and does -more than most as it's one of the only PGP email clients on iOS - but is closed -source and the company behind it seems more focused on AI than privacy. - -- [[https://proton.me/mail][Proton Mail]] - A more mainstream-feeling app with PGP support built-in. Good if - you're looking for something that feels like Apple Mail but with privacy - upgrades. -- [[https://tuta.com/][Tuta]] - Tuta (formerly Tutanota) takes privacy a step further by encrypting - subject lines, message content, attachments, and calendar events. It also - avoids using phone numbers or third-party services for registration. The iOS - app is reliable for the basics. Downsides: no IMAP/SMTP support, so you can't - plug it into your own mail clients, and notifications require a premium plan - if you want them in real-time. Great if you care about metadata exposure. -- [[https://canarymail.io/][Canary Mail]] - A more polished, user-friendly email client that supports - end-to-end encryption using PGP and their own “SecureSend” feature for - encrypted messages. Canary works with multiple mail providers (Gmail, Outlook, - etc.), so it's more of a privacy enhancement for existing services rather than - a private mail provider itself. Downsides: it's a proprietary, closed-source - app, and some privacy features require a subscription. Better than stock Mail - for security, but you're still trusting their implementation. +First, I like to consider email as my first app on a new device. However, iOS is +\extremely\ lacking in this area. Certain options are private, such as Proton +Mail and Tuta, but they have certain restrictions and ecosystem lock-in methods +that I try to avoid. + +Canary Mail was a decent option for a while, although a bit mysterious, but they +have recently leaned into the AI hype pretty heavily, which is concerning. +However, it's still one of the only options for PGP emails on iOS. + +- [[https://proton.me/mail][Proton Mail]] - One of the more popular private email options available on iOS. + Allows custom domains, but does not allow for IMAP/SMTP usage, so you're + locked into using their apps. Open source. +- [[https://tuta.com/][Tuta]] - Tuta also locks you into their clients and they do not allow you to use + custom domains. Open source. +- [[https://canarymail.io/][Canary Mail]] - Closed source, so you can't verify anything about what they are + building into the app. However, it's one of the only options for PGP mail on + iOS. Advanced features are locked behind a paywall. Another suggestion is to use a browser-based web client. You can install browser mail clients as progressive web apps (PWAs). For example, I have been using @@ -91,35 +79,29 @@ releases for iOS, I will probably use that. * Browsers -Your browser is basically the front door to the internet — and also the window, -mailbox, and security camera. It's where trackers, ads, fingerprinting scripts, -and data leaks happen most often. Even on a locked-down phone, if your browser -isn't protecting your traffic, your personal info can quietly leak out through -third-party scripts, embedded media, and background connections. Choosing a -privacy-respecting browser is one of the most impactful decisions you can make -for mobile privacy. - -- [[https://apps.apple.com/us/app/firefox-focus-privacy-browser/id1055677337][Firefox Focus]] - A stripped-down, no-nonsense browser from Mozilla. It - automatically blocks trackers, erases your browsing history with a tap, and - skips extras like tabs or bookmarks. Great for one-off searches and quick - visits to privacy-sensitive sites. -- [[https://duckduckgo.com/app][DuckDuckGo]] - A full-featured private browser with built-in tracker blocking, - HTTPS upgrades, and a clear data button. It also integrates DuckDuckGo search - and email protection. Solid for daily use if you don't want your browsing - activity tied to a bigger tech company. -- [[https://onionbrowser.com/][Onion Browser]] & [[https://orbot.app/][Orbot]] - Your best bet for anonymous browsing on iOS. Onion - Browser routes traffic over Tor, while Orbot can proxy other apps system-wide - through Tor. Slower than normal browsers, but excellent for masking your IP - and avoiding surveillance. -- [[https://brave.com/][Brave]] - Privacy-focused with ad and tracker blocking built-in, Brave also runs - its own private search engine and supports things like Tor tabs (on desktop, - not iOS). On iOS, it's basically a privacy-enhanced Safari/WebKit shell — - better than nothing, but subject to Apple's browser engine limits. -- [[https://www.apple.com/safari/][Safari]] (with caveats) - Surprisingly decent for privacy if you tweak the - settings. Enable “Prevent Cross-Site Tracking,” block all cookies, and disable - preload for best results. Still, it's tied to your Apple ID and iCloud syncing - unless you're careful, so don't treat it as anonymous. For a great baseline - configuration, read PrivacyGuide's [[https://www.privacyguides.org/en/mobile-browsers/#safari-ios][Safari]] section. +Your choise of browser is very important if you're concerned with privacy. Any +and all links you click will be opened in your default browser, so you need to +make sure you choose the right browser and configure it properly. Trackers, ads, +fingerprints, and data leaks are constant threats that should be avoided when +possible. + +- [[https://apps.apple.com/us/app/firefox-focus-privacy-browser/id1055677337][Firefox Focus]] - In my opinion, the best option for privacy on iOS. + Automatically blocks trackers, erases data and history upon app close, and + focused on private usage. However, it won't support your bookmarks or keep you + logged into sites long-term. +- [[https://duckduckgo.com/app][DuckDuckGo]] - Another good option, built on chromium. Like Focus, it allows you + to clear all data with a button tap. +- [[https://onionbrowser.com/][Onion Browser]] & [[https://orbot.app/][Orbot]] - Tor - what can I say? It's been the most popular + privacy browser for ages for a reason and now it's available on iOS. Onion + Browser is a Tor browser and Orbot can proxy any number of iOS apps through + Tor. As with all Tor traffic, it will be slower than "regular" traffic. +- [[https://brave.com/][Brave]] - Another chromium-based privacy browser. Can sync with other Brave + browsers via a secure linking process (no account). Fully-featured and great + privacy defaults. There have been some concerns in the past about the company + behind Brave, but I still think it's a decent option for most peoplel. +- [[https://www.apple.com/safari/][Safari]] (with caveats) - Great option if the browsers above don't work for you. + Be sure to read PrivacyGuide's [[https://www.privacyguides.org/en/mobile-browsers/#safari-ios][Safari]] section for more information on what you + need to do to lock it down before relying on it full time. #+begin_quote *I use*: Hardened safari in private mode for every day use, and Onion Browser @@ -128,30 +110,26 @@ for anonymous browsing. * Messaging -If you're trying to keep conversations off surveillance infrastructure, choosing -the right messaging app is crucial. Between metadata collection, insecure cloud -backups, and shady server practices, most mainstream chat apps aren't -privacy-friendly by design. On iOS, you're a little more limited than on -Android, but there are still solid options built around end-to-end encryption -and metadata minimization. - -- [[https://signal.org/][Signal]] - The gold standard for secure messaging. Open source, end-to-end - encrypted, and runs its own private push notification infrastructure so Apple - can't read your message content. Downsides: phone number required for signup - (a known metadata weak point). +Next up are messaging apps. If you have an iPhone, it's a good bet that you will +be messaging other people on it. The threats for messaging apps tend to be +metadata/data collection from cellular providers, ISPs, and Apple itself. If you +want to protect the privacy of your messages, who your messaging, and the +metadata around those messages (time, method, location, etc.), you'll need to +think about which apps you're using. + +- [[https://signal.org/][Signal]] - My personal favorite and still the gold standard for secure and + private messaging. Open source, end-to-end encrypted, and runs its own private + push notification infrastructure so Apple can't read your message content. A + phone number is required to sign up, but you can create a username immediately + after signing up and share that with others instead of sharing your phone + number. - [[https://simplex.chat/][SimpleX]] - A decentralized, phone-number-free messaging system. Uses anonymous - message relays and asymmetric keys. Great for pseudonymous chats or if you're - tired of number-based identity systems. + message relays and asymmetric keys. - [[https://getsession.org/][Session]] - A fork of Signal's protocol that eliminates phone numbers entirely. - Routes messages through a decentralized onion network (like Tor). Excellent - for metadata resistance, though message delivery can sometimes lag. + Routes messages through a decentralized onion network (like Tor). - [[https://element.io/][Element]] - Based on the Matrix protocol, offering decentralized, federated - chat. Great for groups and communities, with optional end-to-end encryption. A - little heavier on resources than the others. - -Privacy-friendly messaging isn't perfect on iOS — background sync restrictions -and notification relay challenges exist — but these tools will cover most needs -while keeping your data away from corporate servers. + chat. Great for groups and communities, with optional end-to-end encryption. + Other client options are available for Matrix on iOS, as well. #+begin_quote *I use*: Signal for private chats with known people, and Matrix for group chats. @@ -160,8 +138,8 @@ while keeping your data away from corporate servers. * VPNs & Networking Network traffic is where most surveillance happens. Even with encrypted -messaging and browsers, your IP address and DNS queries reveal a lot. A good VPN -or alternative network routing tool masks this, but not all VPNs are +messaging and browsers, your IP address and DNS queries reveal a lot about you. +A good VPN or alternative network routing tool masks this, but not all VPNs are trustworthy. Avoid “free” services or those lacking transparency. - [[https://mullvad.net/][Mullvad]] - A no-logs VPN that doesn't require an email or personal info to @@ -174,10 +152,10 @@ trustworthy. Avoid “free” services or those lacking transparency. polished for mobile but useful for hobbyists or building private networks between devices. -If you can't self-host or build your own mesh, Mullvad is hands-down the -cleanest option here. There are other VPN options available, but I haven't -tested them all so I will simply put my vote for Mullvad here and let you -research other options if you don't want to use Mullvad. +If you can't self-host or build your own mesh, Mullvad is hands-down the easiest +option here. There are other VPN options available, but I haven't tested them +all so I will simply put my vote for Mullvad here and let you research other +options if you don't want to use Mullvad. #+begin_quote *I use*: Mullvad for 24/7 usage, and Tor when anonymity is required. @@ -185,12 +163,12 @@ research other options if you don't want to use Mullvad. * Password Management -Weak, reused passwords are still one of the biggest risks for personal security. -A good password manager makes it possible to use strong, unique credentials +Weak and reused passwords are still the biggest risks for personal security. A +good password manager makes it possible to use strong, unique credentials without memorizing them all. -- [[https://bitwarden.com/][Bitwarden]] - Open source, audited, and free to self-host. The iOS app - integrates with system autofill and Face ID. Solid for most users. +- [[https://bitwarden.com/][Bitwarden]] - Open source, audited, and free to self-host (e.g., Vaultwarden). + The iOS app integrates with system autofill and Face ID. - [[https://keepassium.com/][KeePassium]] - A KeePass-compatible client for iOS. Local database storage, optional cloud sync, and no external accounts. Excellent if you want full control over your credential store. @@ -198,8 +176,8 @@ without memorizing them all. your database with a secure method like [[https://cryptomator.org/][Cryptomator]]-protected cloud storage, Syncthing, or local-only transfers. -Good password hygiene matters more than people realize, and these apps give you -control over your vault. +Good passwords matter are extremely important, and these apps give you control +over your vault. #+begin_quote *I use*: Bitwarden Families ($40/year) to protect passwords, passkeys, TOTP @@ -210,17 +188,20 @@ myself, I would prefer KeePassXC + Syncthing. * Multi-Factor Authentication (MFA) MFA is essential, but relying on SMS codes or untrusted proprietary apps defeats -the point. Use open, local, encrypted authenticators where possible. +the point. Use open, local, encrypted authenticators where possible. Also, use +passkeys if you can! I prefer passkeys, then TOTP, and then SMS/email, if other +options are not possible. -- [[https://bitwarden.com/products/authenticator/][Bitwarden Authenticator]] - Integrates with the password manager or works - standalone. Encrypted backups through Bitwarden. +- [[https://bitwarden.com/products/authenticator/][Bitwarden Authenticator]] - Integrates with the password manager or works as a + standalone TOTP app. Optional encrypted backups through your Bitwarden + account. - [[https://ente.io/auth/][Ente Auth]] - Open source, end-to-end encrypted TOTP manager. Syncs encrypted via Ente's infrastructure. - [[https://www.tofuauth.com/][Tofu]] - Minimal, offline-first TOTP app. No cloud, no telemetry. - [[https://raivo-otp.com/][Raivo OTP]] - Open source, native iOS app with secure iCloud backups. Clean interface. - [[https://apps.apple.com/us/app/otp-auth/id659877384][OTP Auth]] - A longstanding, trusted TOTP manager with encrypted backups and - Apple Watch support. Not open source. + Apple Watch support. *Not open source.* I recommend pairing one of these with strong passwords and a VPN for everyday security. @@ -231,9 +212,8 @@ security. * Notes & Personal Data -iCloud Notes and Google Keep aren't exactly privacy havens. If you're storing -sensitive personal notes, account details, or journal entries, opt for -encrypted, local-first apps. +If you're storing sensitive personal notes, account details, or journal entries, +opt for encrypted, local-first apps. - [[https://beorgapp.com/][Beorg]] - An Org-mode-compatible outliner and task manager for iOS. Great for Emacs fans and those managing plaintext files. @@ -248,15 +228,15 @@ These options help decouple your data from major cloud platforms while keeping notes portable and encrypted. #+begin_quote -*I use*: Beorg, since I love org-mode and no longer use markdown. +*I use*: Beorg, since I love org-mode. #+end_quote * Photos & Media -Your camera roll quietly feeds metadata and images to iCloud by default. If you -want to self-host or encrypt your photo library, here's what works on iOS. At a -minimum, I suggest disabling iCloud for the Photos app, so the data stays local -on your device. +If you're using iCloud Photos, your camera roll quietly feeds metadata and +images to iCloud by default. If you want to self-host or encrypt your photo +library, here's what works on iOS. At a minimum, I suggest disabling iCloud for +the Photos app, so the data stays local on your device. - [[https://immich.app/][Immich (self-hosted)]] - Open source, feature-rich, self-hosted photo manager with facial recognition and live photo support. Requires a home server. @@ -290,14 +270,12 @@ require Instant PGP since Migadu's webmail client (SnappyMail) supports PGP. * News & Social -Mainstream news and social apps leak all kinds of usage metadata, even when -you're just lurking. These tools let you follow content with less exposure. +News and social apps leak all kinds of usage metadata, even when you're just +lurking. These tools let you follow content with less exposure. -- [[https://netnewswire.com/][NetNewsWire]] - Free, open source RSS reader for iOS. Follow sites without - tracking. -- [[https://www.talklittle.com/three-cheers/][ThreeCheers]] - Privacy-friendly Reddit client for iOS. No official API calls, - built-in filtering. -- [[https://getvoyager.app/][Voyager]] - Clean, independent Mastodon client. +- [[https://netnewswire.com/][NetNewsWire]] - Free, open source RSS reader for iOS. +- [[https://www.talklittle.com/three-cheers/][ThreeCheers]] - Privacy-friendly Tildes client for iOS. +- [[https://getvoyager.app/][Voyager]] - Clean, independent Lemmy client. - [[https://joinmastodon.org/][Mastodon]] - Federated, open source alternative to Twitter. - [[https://joinpeertube.org/][PeerTube]] - Decentralized video platform, accessible via web or PWA. - [[https://pixelfed.org/][Pixelfed]] - Federated, open source alternative to Instagram. @@ -305,17 +283,23 @@ you're just lurking. These tools let you follow content with less exposure. If you're going to be online, at least let it be on your terms. #+begin_quote -*I use*: NetNewsWire (via FreshRSS) for RSS feeds, and Voyager for Lemmy. I have -used all of these apps and they are great, but I am not very active on social -sites. +*I use*: NetNewsWire (via FreshRSS) for RSS feeds, Voyager for Lemmy, and Three + Cheers for Tildes. I have used all of these apps and they are great, but I am + not very active on social sites. #+end_quote * Final Thoughts -This isn't about paranoia — it's about awareness. Every app you use, every -service you sign into, quietly collects and trades your data. iOS makes true -anonymity harder than other platforms, but these tools and services give you a -fighting chance to keep your personal life personal. +Whether you just want to improve your privacy in small steps or you're +fashioning a tinfoil hat as we speak, moving to privacy-focused services and +apps does two things: + +1. It protects your privacy by ensuring that your data is being protected + through the many methods mentioned above; and +2. It provides money (for paid apps), support (in terms of download count, + reviews, ratings, etc.), and motivation for the developers and companies + behind these apps that provide a privacy haven for users on iOS. -If you have other privacy-friendly iOS tools you enjoy, [[mailto:hello@cleberg.net][email me]] — I'm always -looking for new things to test. +Every app you use, every service you sign into, quietly collects and trades your +data. iOS makes true anonymity harder than other platforms, but these tools and +services give you a fighting chance to keep your data private. diff --git a/content/blog/2025-06-27-how-blockchain-works.org b/content/blog/2025-06-27-how-blockchain-works.org deleted file mode 100644 index c31e5a8..0000000 --- a/content/blog/2025-06-27-how-blockchain-works.org +++ /dev/null @@ -1,197 +0,0 @@ -#+date: <2025-07-07 Mon 00:00:00> -#+title: Blockchain Series #1: How Blockchain Works Under the Hood: Hashes, Keys, and Signatures Explained -#+description: Dive into blockchain's cryptographic foundations. Explore how hash functions, Merkle trees, and digital signatures secure distributed, tamper-resistant ledgers. -#+slug: how-blockchain-works -#+filetags: :blockchain:encryption: -#+draft: t - -/This is Part 1 of a series I'm writing on blockchain. Stay tuned for further -editions./ - -Blockchain is one of those technologies that seems to generate more marketing -buzz than real understanding. Everywhere you look, people talk about -decentralization, trustless systems, and the next big disruption. But beneath -the hype, blockchain systems rely on well-understood cryptographic building -blocks to do something very specific: maintain a secure, tamper-resistant ledger -without needing a central authority. - -If you're serious about understanding blockchain, it's critical to understand -the cryptographic primitives that make it work. Hash functions, digital -signatures, and public-key cryptography aren't just jargon—they're the core -mechanisms that let a distributed network agree on a shared history no one can -easily rewrite. - -This post is Part 1 of a multi-part series on blockchain. Here, we'll focus on -these fundamental building blocks—how they work, why they're used, and how they -fit together to provide the security and trust that blockchain promises. - -* What is Blockchain? - -At its core, a blockchain is a distributed, append-only ledger shared among -participants in a network. - -What does this mean? Essentially, we can think of a standard, non-technical -ledger (book of accounts where transactions are recorded against accounts). When -introductin the idea of a blockchain, let's extend the idea of a standard ledger -and make a few connections: - -- Each block of transactions is connected cryptographically to the block before - it, via a [[https://en.wikipedia.org/wiki/Cryptographic_hash_function][cryptographic hash]]. This is what forms a =chain= of blocks, or - records. -- Each block consists of: - - A list of validated transactions - - A timestamp - - A cryptographic hash of the previous block (ensuring immutability) -- Each transaction within a block is initiated between addresses, signed with - cryptographic keys, and sent to the blockchain for validation (e.g., - proof-of-work, proof-of-staking, etc.). -- The blockchain is shared amongst nodes in the network, who agree on the state - of the blockchain through consensus mechanisms. - -As we can see, the decentralized nature and cryptographic linking of -transactions and blocks ensures that modifying the history is infeasible. - -If you're more of a visual person, here's a very basic diagram of a standard -blockchain structure. - -#+begin_example -+------------+ +------------+ +------------+ -| Block 1 | -> | Block 2 | -> | Block 3 | -|------------| |------------| |------------| -| Data | | Data | | Data | -| Prev Hash: | | Prev Hash: | | Prev Hash: | -| 00000000 | | <hash1> | | <hash2> | -| Hash: | | Hash: | | Hash: | -| <hash1> | | <hash2> | | <hash3> | -+------------+ +------------+ +------------+ -#+end_example - -* What Problems is Blockchain Trying to Solve? - -I will be diving into the technical details of blockchains later in this post, -but what exactly is the reason blockchain exists? - -You may know of cryptocurrencies, such as Bitcoin, but that is only one of many -use cases for blockchains. - -As we learned in the section above, a blockchain can be equated to a ledger. -With this in mind, let's dive into a few interesting use cases: - -** Immutable record-keeping - -If you simply need a ledger that cannot be modified easily and can establish a -decentralized network to support that, blockchain is a great technology. - -** Trust without central authority - -The use of a decentralized system means that we do not need to rely on a -centralized authority (e.g., Social Security, a bank, etc.) to store and provide -access to information you need to record. - -Think of the US Social Security Number (SSN) system. Each time you want to -perform actions that require verifying your identify (e.g., opening bank -accounts, investment accounts, child birth, etc.), you are currently required to -provide your SSN. - -However, this is a singular number - which means that if someone learns it, they -can (essentially) now act as you. - -Now imagine a scenario where the SSN system is a blockchain where you have both -your private key for providing evidence to people that you are you. For example, -you open a bank account and sign your form with your private key. Now, the bank -can take that and use your public key to decrypt the message and verify that you -are you, without needing to know your private key. - -Another scenario is that, during a background check, a company could use your -public key and consult the related blockchain to validate specific pieces of -information. For example, if your identity alone is in one block, you could -provide that information to your employer without providing your full SSN and -all related personal information for as long as they keep your SSN on file. - -** Double-spending problem - -With the introduction of digital assets, such as cryptocurrencies and -non-fungible tokens, a new risk is introduced: without control, these assets -could be copied and reused at-will. - -To solve this problem, digital assets are transacted on a blockchain to ensure -that the decentralized system of nodes provide consensus on validating -transactions, transactions are recorded in a transparent and tamper-resistant -manner, and cryptographic functions are performed to order the transactions -logically on chain. - -* The Role of Cryptography in Blockchain -- Why cryptography matters -- Confidentiality vs. integrity/authenticity -- Core goals: - - Tamper-evidence - - Secure identification - - Non-repudiation - -* Hash Functions -- What is a cryptographic hash? -- Properties: - - Collision resistance - - Pre-image resistance -- How blockchain uses hashes: - - Chaining blocks together - - Block headers - - Transactions -- Example command: - #+begin_src bash - echo -n "Hello, Blockchain" | sha256sum - #+end_src -- Optional diagram: chain of blocks with hashes - -* Merkle Trees -- Summarizing many transactions in a single root hash -- Use case: efficient inclusion proofs -- Example diagram (ASCII art if desired) -- Why Merkle roots are in block headers - -* Public Key Cryptography -- Quick refresher -- Public/private keypairs -- Addresses derived from public keys -- Importance of keeping private keys secret - -* Digital Signatures -- Purpose: proving authorship without revealing private key -- Mention ECDSA / EdDSA -- How transactions are signed -- Example snippet: - #+begin_example - Alice signs transaction with her private key - → Anyone can verify with her public key - #+end_example -- Why signatures prevent forgery - -* Bringing it All Together: Blockchain Data Structures -- Block structure: - - Block header with previous block's hash - - Merkle root - - Timestamp, nonce -- How the chain ensures immutability -- Example flow: - 1. User creates a transaction - 2. Signs it - 3. Transaction included in block - 4. Block hash links to previous block - -* Proof of Work (Optional) -- Hash puzzles to add blocks -- Why it's hard to modify history -- Keep this section simple - -* Conclusion -- Summarize how these primitives work together -- Tease next post: "Next, we'll explore security threats and how blockchain - networks mitigate them." -- Optional links to further reading: - - Bitcoin whitepaper - - Ethereum docs - - Cryptography references - -* Optional Extras -- Glossary box with terms (hash, signature, Merkle tree) -- External references (e.g., NIST docs on hashes) @@ -93,6 +93,15 @@ :output ".build/now/{{ slug }}.html" :url "/now/{{ slug }}.html") +;; About page route +(weblorg-route + :name "about" + :input-pattern "content/about/*.org" + :template "page.html" + :output ".build/about/{{ slug }}.html" + :url "/about/{{ slug }}.html") + + ;; RSS feed route (weblorg-route :name "rss" diff --git a/theme/static/styles.css b/theme/static/styles.css index 9de0c4f..a032e1a 100644 --- a/theme/static/styles.css +++ b/theme/static/styles.css @@ -1,318 +1,5 @@ /*! normalize.css v8.0.1 | MIT License | github.com/necolas/normalize.css */ - -/* Document - ========================================================================== */ - -/** - * 1. Correct the line height in all browsers. - * 2. Prevent adjustments of font size after orientation changes in iOS. - */ - -html { - line-height: 1.15; - /* 1 */ - -webkit-text-size-adjust: 100%; - /* 2 */ -} - -/* Sections - ========================================================================== */ - -/** - * Render the `main` element consistently in IE. - */ - -main { - display: block; -} - -/** - * Correct the font size and margin on `h1` elements within `section` and - * `article` contexts in Chrome, Firefox, and Safari. - */ - -h1 { - font-size: 2em; - margin: 0.67em 0; -} - -/* Grouping content - ========================================================================== */ - -/** - * 1. Add the correct box sizing in Firefox. - * 2. Show the overflow in Edge and IE. - */ - -hr { - box-sizing: content-box; - /* 1 */ - height: 0; - /* 1 */ - overflow: visible; - /* 2 */ -} - -/* Text-level semantics - ========================================================================== */ - -/** - * Remove the gray background on active links in IE 10. - */ - -a { - background-color: transparent; -} - -/** - * 1. Remove the bottom border in Chrome 57- - * 2. Add the correct text decoration in Chrome, Edge, IE, Opera, and Safari. - */ - -abbr[title] { - border-bottom: none; - /* 1 */ - text-decoration: underline; - /* 2 */ - text-decoration: underline dotted; - /* 2 */ -} - -/** - * Add the correct font weight in Chrome, Edge, and Safari. - */ - -b, -strong { - font-weight: bolder; -} - -/** - * Add the correct font size in all browsers. - */ - -small { - font-size: 80%; -} - -/** - * Prevent `sub` and `sup` elements from affecting the line height in - * all browsers. - */ - -sub, -sup { - font-size: 75%; - line-height: 0; - position: relative; - vertical-align: baseline; -} - -sub { - bottom: -0.25em; -} - -sup { - top: -0.5em; -} - -/* Forms - ========================================================================== */ - -/** - * 1. Change the font styles in all browsers. - * 2. Remove the margin in Firefox and Safari. - */ - -button, -input, -optgroup, -select, -textarea { - font-family: inherit; - /* 1 */ - font-size: 100%; - /* 1 */ - line-height: 1.15; - /* 1 */ - margin: 0; - /* 2 */ -} - -/** - * Show the overflow in IE. - * 1. Show the overflow in Edge. - */ - -button, -input { - /* 1 */ - overflow: visible; -} - -/** - * Remove the inheritance of text transform in Edge, Firefox, and IE. - * 1. Remove the inheritance of text transform in Firefox. - */ - -button, -select { - /* 1 */ - text-transform: none; -} - -/** - * Correct the inability to style clickable types in iOS and Safari. - */ - -button, -[type="button"], -[type="reset"], -[type="submit"] { - -webkit-appearance: button; -} - -/** - * Remove the inner border and padding in Firefox. - */ - -button::-moz-focus-inner, -[type="button"]::-moz-focus-inner, -[type="reset"]::-moz-focus-inner, -[type="submit"]::-moz-focus-inner { - border-style: none; - padding: 0; -} - -/** - * Restore the focus styles unset by the previous rule. - */ - -button:-moz-focusring, -[type="button"]:-moz-focusring, -[type="reset"]:-moz-focusring, -[type="submit"]:-moz-focusring { - outline: 1px dotted ButtonText; -} - -/** - * Correct the padding in Firefox. - */ - -fieldset { - padding: 0.35em 0.75em 0.625em; -} - -/** - * 1. Correct the text wrapping in Edge and IE. - * 2. Correct the color inheritance from `fieldset` elements in IE. - * 3. Remove the padding so developers are not caught out when they zero out - * `fieldset` elements in all browsers. - */ - -legend { - box-sizing: border-box; - /* 1 */ - color: inherit; - /* 2 */ - display: table; - /* 1 */ - max-width: 100%; - /* 1 */ - padding: 0; - /* 3 */ - white-space: normal; - /* 1 */ -} - -/** - * Add the correct vertical alignment in Chrome, Firefox, and Opera. - */ - -progress { - vertical-align: baseline; -} - -/** - * Remove the default vertical scrollbar in IE 10+. - */ - -textarea { - overflow: auto; -} - -/** - * 1. Add the correct box sizing in IE 10. - * 2. Remove the padding in IE 10. - */ - -[type="checkbox"], -[type="radio"] { - box-sizing: border-box; - /* 1 */ - padding: 0; - /* 2 */ -} - -/** - * Correct the cursor style of increment and decrement buttons in Chrome. - */ - -[type="number"]::-webkit-inner-spin-button, -[type="number"]::-webkit-outer-spin-button { - height: auto; -} - -/** - * 1. Correct the odd appearance in Chrome and Safari. - * 2. Correct the outline style in Safari. - */ - -[type="search"] { - -webkit-appearance: textfield; - /* 1 */ - outline-offset: -2px; - /* 2 */ -} - -/** - * Remove the inner padding in Chrome and Safari on macOS. - */ - -[type="search"]::-webkit-search-decoration { - -webkit-appearance: none; -} - -/** - * 1. Correct the inability to style clickable types in iOS and Safari. - * 2. Change font properties to `inherit` in Safari. - */ - -::-webkit-file-upload-button { - -webkit-appearance: button; - /* 1 */ - font: inherit; - /* 2 */ -} - -/* Misc - ========================================================================== */ - -/** - * Add the correct display in IE 10+. - */ - -template { - display: none; -} - -/** - * Add the correct display in IE 10. - */ - -[hidden] { - display: none; -} +html{line-height:1.15;-webkit-text-size-adjust:100%}main{display:block}h1{font-size:2em;margin:0.67em 0}hr{box-sizing:content-box;height:0;overflow:visible}a{background-color:transparent}abbr[title]{border-bottom:none;text-decoration:underline;text-decoration:underline dotted}b,strong{font-weight:bolder}small{font-size:80%}sub,sup{font-size:75%;line-height:0;position:relative;vertical-align:baseline}sub{bottom:-0.25em}sup{top:-0.5em}button,input,optgroup,select,textarea{font-family:inherit;font-size:100%;line-height:1.15;margin:0}button,input{overflow:visible}button,select{text-transform:none}[type="button"],[type="reset"],[type="submit"],button{-webkit-appearance:button}[type="button"]::-moz-focus-inner,[type="reset"]::-moz-focus-inner,[type="submit"]::-moz-focus-inner,button::-moz-focus-inner{border-style:none;padding:0}[type="button"]:-moz-focusring,[type="reset"]:-moz-focusring,[type="submit"]:-moz-focusring,button:-moz-focusring{outline:1px dotted ButtonText}fieldset{padding:0.35em 0.75em 0.625em}legend{box-sizing:border-box;color:inherit;display:table;max-width:100%;padding:0;white-space:normal}progress{vertical-align:baseline}textarea{overflow:auto}[type="checkbox"],[type="radio"]{box-sizing:border-box;padding:0}[type="number"]::-webkit-inner-spin-button,[type="number"]::-webkit-outer-spin-button{height:auto}[type="search"]{-webkit-appearance:textfield;outline-offset:-2px}[type="search"]::-webkit-search-decoration{-webkit-appearance:none}::-webkit-file-upload-button{-webkit-appearance:button;font:inherit}template{display:none}[hidden]{display:none} /* CUSTOM CSS */ :root { @@ -340,7 +27,7 @@ body { Liberation Mono, Lucida Console, monospace; - font-size: clamp(0.95rem, 1vw + 0.5rem, 1.1rem); + font-size: 1rem; line-height: 1.5; max-width: 50em; margin: 0 auto; @@ -353,17 +40,12 @@ body { } } -main>*+* { - margin-top: 2rem; -} - .site-nav, footer { border-color: var(--fg); } footer { - /* border-top: 1px dotted; */ padding-top: 1rem; margin: 1rem 0; } @@ -376,10 +58,6 @@ ul { list-style-type: "- "; } -/* .site-nav { - border-bottom: 1px dotted; -} */ - .site-nav ul { list-style-type: none; display: flex; @@ -396,31 +74,25 @@ h2, h3, h4 { color: var(--fg); - text-transform: uppercase; } h1 { - font-size: 2rem; + font-size: 1.5rem; font-weight: bold; - /* border-bottom: 1px solid var(--border); */ - margin-top: 2rem; - margin-bottom: 1rem; + margin-top: 1rem; + margin-bottom: 0.75rem; } h2 { - font-size: 1.5rem; - margin-top: 1.5rem; - margin-bottom: .75rem; -} - -h3 { font-size: 1.25rem; - margin-top: 1.25rem; - margin-bottom: .5rem; + margin-top: 1rem; + margin-bottom: 0.5rem; } -#text-table-of-contents li { - text-transform: uppercase; +h3 { + font-size: 1rem; + margin-top: 1rem; + margin-bottom: 0.25rem; } a, @@ -481,7 +153,7 @@ code { Liberation Mono, Lucida Console, monospace; - font-size: inherit; + font-size: 0.9rem; } pre { @@ -537,7 +209,6 @@ blockquote p { .post-metadata { border: 1px dotted var(--border); - /* border-top: none; */ padding: 1rem; } diff --git a/theme/templates/base.html b/theme/templates/base.html index 4f82e12..6a880e3 100644 --- a/theme/templates/base.html +++ b/theme/templates/base.html @@ -21,6 +21,7 @@ <nav class="site-nav" aria-label="site-nav" role="navigation"> <ul> <li><a href="/">Home</a></li> + <li><a href="/about/">About</a></li> <li><a href="/blog/">Blog</a></li> <li><a href="/services/">Services</a></li> <li><a href="/wiki/">Wiki</a></li> @@ -28,16 +29,16 @@ </nav> <main id="main">{% block main %}{% endblock %}</main> <footer> - <p>Donate: <a href="ethereum:0x7850b2Fe6be94f90F54A099C74126430C9CeB19e">ETH</a> + <p><a href="ethereum:0x7850b2Fe6be94f90F54A099C74126430C9CeB19e">ETH</a> | <a href="bitcoin:bc1qy74tcth6zwg88059ae9z3ghzk797fkav7zdx4k">BTC</a> | <a href="xrp:rJz78ahN1KmushjYjEnFd8CB5vCcreJ1EE">XRP</a> </p> - <p>Last build: <<time datetime="{{ now() | strftime("%Y-%m-%d") }}">{{ now() | strftime("%Y-%m-%d %a %H:%M:%S") }}</time>></p> + <p><<time datetime="{{ now() | strftime("%Y-%m-%d") }}">{{ now() | strftime("%Y-%m-%d %a %H:%M:%S") }}</time>></p> <p> <a href="https://stats.uptimerobot.com/OwOWs7HU0z">Status</a> · <a href="https://git.sr.ht/~cxc/cleberg.net" target="_blank" - rel="noopener">Source Code</a> · - <a href="/feed.xml">RSS Feed</a> · + rel="noopener">Source</a> · + <a href="/feed.xml">RSS</a> · <a href="/.well-known/security.txt">security.txt</a> </p> <p> diff --git a/theme/templates/blog.html b/theme/templates/blog.html index ff09d37..fc4f6d6 100644 --- a/theme/templates/blog.html +++ b/theme/templates/blog.html @@ -2,12 +2,13 @@ main %} <h1>Blog</h1> <p> - Use <code>⌘ + f</code> (<code>Ctrl + f</code>) to search blog post titles for + Use <code>⌘ + f</code> (<code>Ctrl + f</code>) to search for keywords. </p> <p> You can also add the <a href="/feed.xml">RSS Feed</a> to your feed reader. </p> +<br> {% for post in posts %} <div class="post"> <time datetime='{{ post.date | strftime("%Y-%m-%d") }}' diff --git a/theme/templates/index.html b/theme/templates/index.html index d7a97ed..a9cd2ae 100644 --- a/theme/templates/index.html +++ b/theme/templates/index.html @@ -1,22 +1,22 @@ {% extends "base.html" %} {% block main %} <section> - <h1><i>~cleberg.net</i></h1> + <h1><i>~cmc</i></h1> <pre>pub rsa4096 2022-11-16 [SC] <a href="/gpg.txt">3917 973F B159 BBB8 6194 5385 6945 1A51 7AC0 CB37</a> uid [ultimate] Christian Cleberg <hello@cleberg.net> sub rsa4096 2022-11-16 [E]</pre> </section> <section> - <h2>Recent Blog Posts</h2> + <h2>Blog Posts</h2> <!-- BEGIN_POSTS --> <!-- END_POSTS --> - <br> <a href="/blog/">All Posts →</a> </section> <section> <h2>Everything Else</h2> - <ul> + <ul> + <li><a href="/about/">About</a></li> <li><a href="https://cv.cleberg.net">Curriculum Vitae</a></li> <li><a href="/now/">Now</a></li> <li><a href="/salary/">Salary</a></li> @@ -25,17 +25,6 @@ sub rsa4096 2022-11-16 [E]</pre> </ul> </section> -<section> - <h2>Contact</h2> - <ul> - <li><a href="mailto:hello@cleberg.net">hello@cleberg.net</a> (<a href="https://cleberg.net/gpg.txt">GPG</a>)</li> - <li><a href="https://lemmy.cleberg.net/u/cmc">@cmc</a> on Lemmy</li> - <li><a href="https://matrix.to/#/@cmc.:matrix.org">@cmc.:matrix.org</a> on Matrix</li> - <li>@cmc.01 on <a href="https://signal.org/">Signal</a></li> - <li><a href="https://sr.ht/~cxc">~cxc</a> on Sourcehut</li> - </ul> -</section> - <section class="hidden"> <div class="h-card"> <span class="p-name">Christian Cleberg</span> |