Online Security Basics 2

This is part 2 of 10 of a series of relatively short posts that focus on things that everyone should think about to be safe when using computers. This is based on a class that I teach which can be found at https://chuckmcandrew.com/class/onlinesecuritybasics/. Feel free to use the class as is, or fork it on Github and make it your own. If you can remember all of your passwords, you are doing it wrong LassPass estimates that 85% of account compromises are because of poor passwords. [Read More]

Online Security Basics Part 1

This is part 1 of 10 of a series of relatively short posts that focus on things that everyone should think about to be safe when using computers. This is based on a class that I teach which can be found at https://chuckmcandrew.com/class/onlinesecuritybasics/. Feel free to use the class as is, or fork it on Github and make it your own. Do your updates When we think about hackers compromising computer systems, we often imagine them having secret exploits that no one else knows about. [Read More]

Using Let’s Encrypt to secure local services

Hopefully, at this point everyone has secured all their public facing services with HTTPS. Let’s Encrypt makes this quick and easy to do (not to mention free!). What about local services that are only available on your lan though? This is tougher because normal verification methods don’t work, yet it is still important. Part of a defense in depth strategy is to always assume you are in a hostile environment, and with all the router vulnerabilities, Universal Plug and Play problems, and issues such as DNS rebinding attacks, it is not a good assumption that there are no malicious actors on your lan. [Read More]

Docker fun!

In the past two months, I have attended the Public Library Association’s annual conference, Code4Lib 2018, and my wife’s grandmother turned 100. It has been a busy couple of months. Code4lib especially filled my head with lots of new ideas which I will right about more over the coming weeks. On the first day of Code4lib we had half day workshops. The first workshop that I attended was on Docker and virtual machines with Ed Hill. [Read More]

Retro Gaming at the library

I have wanted to get some kind of gaming going at our library for a long time now. The problem with most modern games is that they assume that you have your own account and aren’t really made for settings like public libraries. Enter the Retropie. This Raspberry Pi based system contains emulators which allow you to play roms from a whole host of retro game systems. This will allow us to offer gaming in a format more friendly to multiple users. [Read More]

Amazon Web Services

Notice anything different about this site? Hopefully the answer is no. My library is transitioning from Digital Ocean to Amazon Web Services for our web presence and this site is our test case. We were very happy with Digital Ocean as a host, but Tech Soup offers $2000 in AWS credit for $175 (or $80 if you belong to their Boost program). We had been averaging somewhere around $30/month for Digital Ocean, so if we assume that Amazon is close on their pricing (which may or may not be a justified assumption), we stand to save $185 just from making that switch. [Read More]

Protecting your online privacy

Which steps you take to protect yourself online depend entirely on your personal threat model. I have tried to select things that are broadly applicable and are easy to implement. This is a topic where you can absolutely deep dive, but remaining totally anonymous online is very difficult (if not impossible) and takes a lot of effort and discipline. Fortunately, the vast majority of people don’t require that level of protection. [Read More]

Online Self Defense

Inspired by the Electronic Frontier Foundation’s Surveillance Self Defense, I have put together a five part course covering privacy and security for people ranging from basic to advanced. Here are my notes and slides from the first of the classes. This covers basic topics that every computer user should be familiar with. Everything shared on this site is made available under a creative commons share alike license so please feel free to use and modify this for your own library. [Read More]

Tarsnap – Online backups for the truly paranoid

With Crashplan stopping its free consumer service, I have had to find a new backup solution for my home computers. After looking at many options, Tarsnap was what I settled on. They advertise themselves as “Online backups for the truly paranoid”. This is a true claim, and their security is certainly one thing that draws me to them, but they are also easy to use and quite inexpensive. Tarsnap is built from the ground up to be secure. [Read More]

Yet Another Digital Signage Solution on the Cheap

1st Gen Chromecast The first-generation Google Chromecast dongle was made available in 2013 for around $35 dollars. I acquired one of these devices for our library so that I could wirelessly cast our Samsung Galaxy Tab’s screen to our AV system during classes and training sessions, and thus handily avoid the need for wired tethering along with the necessary adaptors to effect this. The device has served us well, but with the advance of screen resolution technologies in mobile devices as well as the demands of mirroring the same, it makes sense to upgrade to Google’s latest model refresh, the Chromecast Ultra model, which promises better overall performance, less wireless lag, and support for 4K resolution and high dynamic range, among other things. [Read More]