The Facebook Experiment

Follow Blogs of War on FacebookI’ve never really committed to making Blogs of War available on Facebook. There’s been a page there for years and it has seen the occasional update but it has been largely neglected because, well because I hate Facebook. And seeing as how Blogs of War isn’t a business, I’ve had the luxury of being able to afford bad decisions. I’m not in this for likes, follows, and pageviews. Unlike many other sites, I don’t need clicks to pay the bills (but do appreciate you following along and reading anyway).

So what’s changed? Well, nothing really. I still hate Facebook. But the audience there is OMFG huge and there is an entire segment of Blogs of War readers who have given up on Twitter entirely.  I have to admit that, while I once thought Twitter was different than other social platforms (and it was for a little while), it has been adrift and steadily (if not rapidly) degrading over the past three or so years. The best aspects of it are largely inaccessible to normal humans, the trolls/bots are the worst, and no other company has ever seemed quite so consumed by hatred of its own developer community. Yeah, Twitter pretty much sucks now too.  So, if you have a choice between publishing on a terrible smallish platform or a terrible gigantic platform there’s certainly no reason to ignore the larger, more viable, of the two. Right?

I might write more about that later (or I might not because I’m sort of sick of the topic and you probably are too) but the real purpose of this post is just to let you know that if you are a Facebook person you can now get the same 24/7 updates there that you would usually get from @blogsofwar on Twitter.  That’s right. Facebook people can now follow Blogs of War on Facebook. And if you’re not a Facebook person don’t feel obligated to “Like” me or whatever. Believe me. I get it.



Tweet about this on TwitterShare on FacebookShare on TumblrShare on RedditShare on LinkedInDigg thisPrint this pageEmail this to someone

The Toshiba Chromebook 2 – An Amazing Chromebook, Good Linux Laptop, and Decent MacBook

Toshiba Chromebook 2

I went shopping for a laptop yesterday, with a fairly high budget and thoughts of a new MacBook, but came home with a $300 Toshiba Chromebook 2 instead. Now obviously a Chomebook gives up something to any Mac in terms of capability but my decision was possible because my laptop isn’t my primary workstation. That being said the new generation of Chromebooks represent a great value and a huge leap in quality over my first-gen Acer C720. With it’s elegant design and amazing display (IPS up to 2400×1350) most casual observers wouldn’t know that you weren’t using a Mac.

Kali Linux Sana

Kali Linux Sana

Like a lot of Chromebooks this is going to be a light-duty machine. I’ll use it for notes and email in meetings, streaming videos to my TV via Chromecast, and as Linux laptop for stuff. I used Linux on my Acer but options on that front are slowly improving. You still have to run in developer mode but thanks to Crouton I had Kali Linux (Sana/XFCE) up and running on the Toshiba in just a few minutes. And it seemed to work fine right out of the gate. In fact, I also tried Ubuntu Trusty KDE, Ubuntu Vivid Mate, and Kali 1.0 with decent results. Only Vivid presented any real difficulties. So the Toshiba is perfectly viable as an inexpensive Linux laptop.

My Office Mac - Via Chrome Remote Desktop

My Office Mac – Via Chrome Remote Desktop

However, you’re probably still wondering about the tile of this piece. How could a $300 Chromebook be a “decent MacBook” without some kind of next-level hackery? Well, Chrome Remote Desktop is the way – provided you have a Mac to remote in to. I use it extensively on all of my devices and I’m always amazed that more people haven’t discovered it. I’ve been known to spend an entire workday remoted into my Mac at work. Of course, this solution is not perfect but performance is reasonable – surprisingly good actually. You can get real work done. If there’s a killer app for the Chromebook, Chrome Remote Desktop is probably it.

I might be alone in this but what I’d really like is a 17″ version of this machine. The display is incredible but I wouldn’t want to spend an extended period of time working on a 13″ laptop. I tend to want my laptop to be either really small or gigantic and even a 15″ display isn’t the right compromise for me.  Dreams of a massive Chromebook aside, I still have to say that at the end of the day the Toshiba does what it’s supposed to. It’s portable, powerful, and surprisingly elegant for a $300 laptop that (with a little tinkering) can do far more than is advertised. Oh, and let’s not forget – it saved me a thousand bucks.

Tweet about this on TwitterShare on FacebookShare on TumblrShare on RedditShare on LinkedInDigg thisPrint this pageEmail this to someone

Encrypted Communication Has Never Been Easier – Security Never More Challenging

ProtonMailJust over two years ago I decided to spend some time digging into an emerging class of encryption tools that were making a solid run at simplifying the notoriously cumbersome use of PGP.

“So I stopped being lazy and have encryption implemented across all of my devices. Now, I have a 4096-bit RSA OpenPGP key, The Chrome extension Mailvelope is handling Gmail encryption, Thunderbird and Enigmail are configured on the Linux box, and IPGMail is setup for the same on my iPhone.”

Now I wasn’t looking to implement the strongest security model. I just wanted to see how challenging it would be to implement and use reasonably safe tools across all of my devices. These tools, all of which sprang to life pre-Snowden, did represent a huge improvement in usability but none of them would have passed the mom test.

Fast forward a very short two years and the landscape is starting to look very different. Free elegant encrypted email services like ProtonMail (listen to my interview with co-founder Andy Yen) and Tutanota are now viable alternatives to Gmail for millions of people. Encryption is baked-in and transparent to the user. If you were creating your first email account today there would be no reason not to start with an encrypted-by-default solution and we are rapidly approaching the point where the absence of end-to-end encryption in some of these tools will be perceived as a fatal flaw by consumers. Tresorit

Encrypted cloud storage is significantly easier to use as well. Here we see the same kind of evolution from plugins or add-on applications that add encryption capabilities to standalone tools like SpiderOak and Tresorit that encrypt by default. These services greatly simply security by making it a nearly invisible function of the software. Are they as easy to use as Dropbox? Close, but not quite. However, they are reasonably easy. In fact, I use Tresorit for all of my file storage across all of my computers and phone. The convenience penalty is now so slight that it is essentially negligible for a large portion of the user base.

SignalBut nowhere has the shift toward usability been more evident than in the mobile app market. People have literally thousands of options to choose from. Although it must be said that the number of good options is substantially lower than the total. Still, the barriers to encrypted text messaging, photo sharing, and even voice conversations on your phone just don’t exist. Secure communication is drop dead simple.

And Now A Warning

The tools that I’ve mentioned here are all reasonably secure. Reasonably. That’s a very important caveat but what does it mean? It means that, as I’ve said before, true security requires more than tools. Every tool and every model has numerous attack vectors. If your secrets are juicy enough, say they’re interesting to a superpower or country with advanced intelligence collection capabilities, then they will find a way to literally or metaphorically read your mail.

Reasonably secure in this context means that people who are not targets of incredibly sophisticated adversaries can expect these tools to do exactly what they say they do. If you are Edward Snowden or on this exclusive list then these tools are not for you. In fact, the internet is not for you at all unless you’re willing to employ a radically different security model. ProtonMail is even honest enough to remind its users of that in a breakdown of their threat model:

ProtonMail Warning

You’re probably not the next Snowden (lucky you!) but all of us have to think about who we are, who wants our information (seemingly everyone), why they want it, and what precautions must be taken to prevent that disclosure. Security requires more than an app. It requires thought. And this is why it will always be difficult – even as the tools get easier to use.

Tweet about this on TwitterShare on FacebookShare on TumblrShare on RedditShare on LinkedInDigg thisPrint this pageEmail this to someone

The Linux Foundation’s Linux Workstation Security Checklist

Linux workstation security checklistKonstantin Ryabitsev’s high-level security recommendations for Linux Foundations systems administrators is probably not the kind of document that most of you would read. In fact, I’ve known a shocking number of SysAdmins who wouldn’t take the time to read something like this. But trust me it’s worth reading – even if you don’t understand it.

Now you’re probably wondering how reading something that you don’t understand could be useful. That’s a very understandable point of confusion. But when it comes to security the things that you don’t know or don’t understand are the things that could literally or metaphorically kill you. The stuff you don’t know is the most important stuff.

A lot of very technical people follow and read Blogs of War but I am primarily sharing this for the benefit of the other 99% – those of you who probably won’t fully understand Konstantin’s recommendations.


Because if you’re even remotely interested in security this will give you topics for exploration. This is a pretty cool jumping off point for those of you who want to learn more about securing yourself and your hardware. And don’t get too hung up on the Linux-specific recommendations because many of the concepts and vulnerabilities are universal. If you’re not interested in learning more about this topic that’s fine too – as long as you’re comfortable with the risk.

Tweet about this on TwitterShare on FacebookShare on TumblrShare on RedditShare on LinkedInDigg thisPrint this pageEmail this to someone