orizuru

OpenAI's data collection

2023-08-11T00:00:00+00:00

To the surprise of no-one, OpenAI has been crawling the web</a> for content to train their Large Language Models (LLMs).</p>

While LLMs have opened up a world of possibilities, like with every other technology, not all of them will be good. So, for the time being, I’ll be adding the following lines to my website’s robots.txt</code> (and I encourage you to do the same):</p>

User-agent: GPTBot
</span>Disallow: /
</span></code></pre>
Even disregarding the controversies that OpenAI has been involved in (e.g. the fact that they are not as open as their name implies), I feel like we don’t fully understand what this brave new world has in store for us.</p>
When large data collection became widespread, we let that Pandora’s box opened for years. Which allowed companies like Facebook and Google to collect vast amounts of data, the consequences of which we’re still dealing with today.</p>
We should learn from the mistakes of the past, and let public policy catch up with the tech this time around.</p>


Filter out results from your web searches
2023-08-09T00:00:00+00:00
Let’s face it, searching for information on the web has been going downhill for a while.</p>
You used to be able to search for information using your favourite search engine and get what you were looking for. But I guess in the age of AI-generated content and SEO-riddled websites, that’s no longer the case.</p>
As I described in a previous post</a>, I run a metasearch engine instance instead of directly “googling” for information. In case you don’t know what that means (and don’t feel like reading my previous post): I use an app that sends my searches to multiple search engines at the same time, and retrieves the aggregated results back to me. This allows me to (hopefully) have access to less biased information, and to reduce my reliance on Google. However, this still won’t spare me from useless websites, scam websites, or awful “modern” interfaces that the website owners decided to shove down our throats (looking at you Reddit).</p>
Luckily, SearXNG</a> (my metasearch engine of choice) has a builtin plugin which allows me to either filter out or redirect domains</a>. All I need to do is to change my SearXNG settings.yml</code> file to enable it by default:</p>
enabled_plugins</span>:
</span>  - '</span>Hostname replace</span>'
</span></code></pre>
Then define the filter rules on the same file:</p>
hostname_replace</span>:
</span># Filter out
</span>  '</span>badwebsite\.com</span>': </span>false
</span># Redirect
</span>  '</span>(.*\.)?reddit\.com$</span>': '</span>old.reddit.com</span>'
</span></code></pre>
And that’s it! Just need to restart the docker container, and I’ll have a much more pleasant browsing experience.</p>
docker</span> restart searxng
</span></code></pre>
If you want know how to set-up SearXNG check out my previous post</a>, and if you need a comprehensive list of junk websites, you can always have a look at what some relevant open-source projects use, for example:</p>

The Big Blocklist Collection</a></li>
Let’s Block It!</a></li>
uBlock-Origin-dev-filter</a></li>
</ul>
Happy browsing! 🙂</p>


Why use just Google, when you can combine the power of multiple search engines?
2023-02-03T00:00:00+00:00
There is this idea expressed in the book The Wisdom of Crowds</a>, which states that aggregating the information from a large group tends to yield better decisions than the ones taken by a single member of the group (as long as the group is diverse enough and each member is independent). There are some discussions regarding the conditions in which this holds, but there’s still some nugget of truth in there: looking through a problem from a diverse set of perspectives is beneficial.</p>
Which leads leads me to: search engines.</p>
Depending</a> on</a> the</a> source</a>, you’ll get slightly different values for the current market share of Google, but the general consensus is that it seems to be around 90%. This is concerning (to say the least), since the world is trusting a single member to dictate what’s relevant and/or true. Yes, Google aggregates the results from different sources, but the company is still responsible for designing the algorithm that decides which sources are displayed at the top (or displayed at all).</p>
Even if you don’t really care about the possible consequences of concentrating all this power in a single company, you can still look at this issue from a pure self-interest perspective (which turns it into an opportunity). In the current competitive information age, having access to more varied sources of information than your peers can be an advantage. You may not notice it at first, but every so often you’ll find a website that was not as good at playing the google SEO</a> game, but happens to have the information or the solution to the problem that you were looking for. Exposing yourself to more variety will give you an edge.</p>
My point is not “don’t use Google”, but rather “why use only</em> Google?”. The fact is, Google is amazing at what they do, but there’s nothing stopping you from enhancing your search results with more sources, in other words: to create your own wise crowd</strong>.</p>
Which leads me to: metasearch engines</em></a>.</p>
A metasearch engine is basically a search engine of search engines. It’s a piece of software that sends your query to multiple search engines, aggregates the results, and presents them to you.</p>
In this post, I’ll show you how you can run your own metasearch engine for free. More specifically, SearXNG</a>.</p>
</p>
SearXNG is a fork of Searx</a>, with a few improvements</a> which makes it (in my opinion) easier to set-up.</p>
Setting up SearXNG</h2>
The first step is to install docker</a>. Make sure that you follow the post-installation</a> steps as well, so that you don’t have to run docker with sudo</code>. After you’re done, create a directory where you’re going to store the startup scripts (or cd</code> into the one you already use for your personal scripts):</p>
cd </span>~</span>/
</span>mkdir</span> scripts
</span>cd</span> scripts
</span></code></pre>
Inside your scripts directory, create a new script called start_searxng</code>, open it, and paste the following:</p>
#!/bin/sh
</span>
</span> </span>mkdir -p </span>$</span>HOME</span>/searxng
</span>
</span> </span>docker</span> pull searxng/searxng
</span> </span>docker</span> run</span> -d --rm </span>\
</span>              -d -p</span> 8080:8080 \
</span>              -v </span>"$</span>{</span>HOME</span>}/searxng:/etc/searxng</span>" \
</span>              -e </span>"</span>BASE_URL=http://localhost:8080/</span>" \
</span>              searxng/searxng
</span></code></pre>
Don’t forget to make the script executable</p>
chmod</span> +x start_searxng
</span></code></pre>
And run it:</p>
./start_searxng
</span></code></pre>
If you now open your browser and go to localhost:8080</code>, you should be able to see the SearXNG page.</p>
</p>
It’s that easy. You’re running SearXNG now!</p>
You can customize your preferences, and pick which search engines you’d like to use.</p>
</p>
Be aware that your queries will be slower the more engines you add (specially if they are slow and/or unreliable). So, you’ll have to balance between diversity and speed.</p>
You can also see that you have various search categories, including “science” (i.e. scientific papers) and “files” (i.e. torrents), which you can customize as well.</p>
Setting it up in the search bar (optional)</h2>
Another thing you may want to configure, is to have your browser use SearXNG when you type a search in the address bar,  instead of Google. This will depend on your browser.</p>
Chrome-based browsers</h3>
For chrome-based browsers (which include Brave), you want to do the following:</p>

Go to the settings: chromium://settings/searchEngines</code> (replace chromium</code> with brave</code>, chrome</code>, etc).</li>
Go into the “Search engines” section.</li>
Add a new search engine.</li>
Give it a name.</li>
In the  “URL with %s in place of query” field, fill it out with the following: http://localhost:8080/search?q=%s</code>.</li>
Set it as the default search engine.</li>
</ol>
Firefox-based browsers</h3>
For Firefox-based browsers (which include LibreWolf), the procedure is the following:</p>

Go into the settings: about:preferences#search</code></li>
Select the “Add search bar in toolbar” option (i.e. select the option to split the search bar from the address bar).</li>
Open localhost:8080</code></li>
On the search bar, the magnifying glass icon should have a green “+” symbol.</li>
Click on the icon.</li>
You should see an SearXNG icon with the same “+” green icon.</li>
Click on it. SearXNG is now on your search engines.</li>
Go back to about:preferences#search</code>, and set it as default.</li>
</ol>
Final questions you might have</h2>

What if I want to use this on the go, while on my phone?</p>
</blockquote>
This is where the “for free” part of running your own metasearch engine stops. If you want to do this, you will usually have to buy a domain name and  pay for hosting. If there’s interest, I might write a post in the future with a step-by-step guide. But for now, you should at least be able to play around with your new metasearch engine, and see if this is something that you’re willing to pay a few dollars per month to have available everywhere you go.</p>
If you’re already familiar with how to host your own services, you should be able to easily deploy the docker containers yourself. SearXNG provides a docker-compose</code> yaml file</a> that will make your life much easier.</p>

Are there any kind people running SearXNG instances that I could use for free?</p>
</blockquote>
There certainly are</a>, but to be honest, I wouldn’t use them. You have no idea what a random internet stranger is running, they could be logging your search history. You can check what kind of code you’re running on your machine, but you can’t check theirs.</p>
As with most computer-related things, I’d rather have more control. But you’re free to decide what’s best for you.</p>


How to host your own website on the darkweb
2023-01-25T00:00:00+00:00
In my previous post</a>, I explained how to set up a Raspberry Pi on your home network to act as an I2P router, allowing you to browse anonymous sites (and contribute to the network at the same time).</p>
If you’re not familiar with I2P, or how to set up an I2P router. Please checkout my previous post, as this one starts where the other one left off.</p>
Why bother hosting a website on I2P?</h2>
I could give you the whole spiel about the importance of censorship resistant systems, freedom of information, decentralisation of the web, etc. But the truth is: I did it because I was bored, and this was fun. So, why not?</p>
You certainly won’t get as much visibility when compared with a website on the clearnet. But you can always have a copy of your personal website on both the clearnet and I2P. However, be aware that speed that you get on I2P is really</em> slow, so keep it light. Who needs anything more than HTML and CSS anyway?</p>
This is the solution that I found to host it. Do let me know if you think it can be improved!</p>
Step 1 - Make a website and host it on your Raspberry Pi</h2>
The first step is to make a website. Log into the Raspberry Pi, and create something simple.</p>
cd </span>~</span>/
</span>echo </span>"</span><h1>Hello World!</h1></span>" >> index.html
</span></code></pre>
Now, you need to make it visible to anyone on your home network. For this part, you’ll want to have both docker</a> and docker-compose</a> installed. Also, make sure that you follow the post-installation</a> steps as well, so that you don’t have to run docker with sudo</code>, and that docker starts when the Raspberry Pi boots up.</p>
To host the website, you’ll want to use a webserver like nginx</code> . But to make things easier, you can use it inside a docker container.</p>
Start by creating a directory inside your home called nginx</code> and go into it (you can give it another name, as long as you keep things consistent).</p>
mkdir ~</span>/nginx
</span>cd </span>~</span>/nginx
</span></code></pre>
Then, create a directory to keep the website in:</p>
mkdir</span> website
</span>mv ~</span>/index.html website/
</span></code></pre>
Now that’s in place, you want to create a docker container running nginx</code>, and tell it where to find your website.</p>
You could just use docker run</code> for this, but docker-compose also allows you to run multi-container applications. One could argue this is a bit overkill, but there is one little feature which I quite like.</p>
Create a new file named docker-compose.yml</code> inside ~/nginx</code>, and paste the following inside:</p>
version</span>: '</span>3</span>'
</span>services</span>:
</span>  </span>app</span>:
</span>    </span>image</span>: '</span>nginx:latest</span>'
</span>    </span>restart</span>: </span>always
</span>    </span>ports</span>:
</span>      - '</span>80:80</span>'
</span>    </span>volumes</span>:
</span>      - </span>~/nginx/website:/usr/share/nginx/html
</span>  </span>watchtower</span>:
</span>    </span>image</span>: </span>containrrr/watchtower
</span>    </span>restart</span>: </span>always
</span>    </span>volumes</span>:
</span>      - </span>/var/run/docker.sock:/var/run/docker.sock
</span></code></pre>
This will tell docker-compose to launch a multi-container application with 2 containers. The first one (app</code>), will be a webserver with the following characteristics:</p>

it’s running the latest nginx</code> image</li>
it always restarts the container if it stops</li>
it forwards port 80</code> in the host (the Raspberry Pi), to port 80</code> in the container</li>
it mounts the path ~/nginx/website</code> in the Raspberry Pi, to the the default path used by nginx</code> to read the website from (/usr/share/nginx/html</code>).</li>
</ul>
That last point is important. It means that whatever you put inside ~/nginx/website/</code> will be read by the docker container running nginx</code>, and will be served as your website. Therefore, if you want to update it, you just need to change the files inside ~/nginx/website/</code>.</p>

OK that’s pretty obvious, but what’s watchtower?</p>
</blockquote>
This is neat little solution that automatically updates app</code> every time a new version of nginx:latest</code> is pushed to Docker Hub. In other words, if a newer version is available, watchtower pulls the latest version, shuts-down the currently running container (i.e. app</code>), and launches a new one running the latest version. Have a look at the documentation for more details</a>.</p>
Once the docker-compose.yml</code> file is saved, all you have to do is launch it:</p>
cd </span>~</span>/nginx/
</span>docker</span> compose up</span> -d
</span></code></pre>
You can now open a browser from another machine on your network, and give it the internal IP address of the Raspberry Pi.</p>
firefox </span><raspberry-pi-internal-ip-address>
</span></code></pre>
You should be able to see your website. If this does not work, something went wrong with the webserver. Try to pinpoint the problem before proceeding.</p>

Wait, how do I find this address?</p>
</blockquote>
From your Raspberry Pi, you can run the command below to get the address of the interfaces (e.g. if the Raspberry Pi is using the wifi, look at the inet</code> field under the wlan0</code> section):</p>
ifconfig -a
</span></code></pre>
If you want to find it from the machine where you’re opening the browser, you can scan your network to find it:</p>
sudo</span> nmap</span> -sn</span> 192.168.1.0/24  
</span></code></pre>
I won’t go into detail on how nmap</code> works, as it’s outside of the scope of this tutorial.</p>
Step 2 - Make the website accessible to the rest of the I2P network</h2>
As mentioned in the introduction, at this point, you should have i2pd</code> configured in the same way as described in my previous post</a>. I’m assuming that’s the case for you.</p>
Now that you can see the site from a different machine on your network, it’s time to make it visible on i2p. For that, you’re going to need to change the tunnels.conf</code> file. It’s usually on ~/.i2pd/tunnels.conf</code> , but that might not be the case for you.</p>
If you access the i2pd webconsole (http://127.0.0.1:7070/</code>), you should see a Data path</code> field on the main page (in my case, it says /var/lib/i2pd</code>). That’s the directory where you can find the tunnels.conf</code> file. Open that file (you might need to use sudo</code>), and add the following to the bottom</a>:</p>
[anon-website]
</span>type </span>= http
</span>host </span>= </span>127.0.0.1
</span>port </span>= </span>80
</span>keys </span>= anon-website.dat
</span></code></pre>
Restart i2pd:</p>
sudo</span> systemctl restart i2pd.service
</span></code></pre>
Open the webconsole, and go to the tunnels page (http://127.0.0.1:7070/?page=i2p_tunnels</code>), you should see a subheading saying anon-website</code> followed by a long string with *.b32.i2p:80</code> at the end. That’s the address to the website (you should be able to open it in the browser after a while).</p>
Step 3 (Optional) - Get a human-readable address for your fancy new website</h2>
Congratulations! You are now hosting your own website on the darkweb.</p>
But that long string is rather ugly, wouldn’t it be nice to have a nice human-readable address?</p>
To do that, go into the webconsole > I2P tunnels > anon-website. On this page, click on “Address registration line” and fill out which domain you’d like. If the generation is successful, it should take you to another page, asking to add a small description. Submit it, and wait a bit until the new address works (it could be a couple of days, so don’t stand there refreshing in despair).</p>
You shouldn’t need anything else. But if at any point you need to generate an authentication string, you’ll need to use i2pd-tools, in particular readdr</a>:</p>
./regaddr</span> anon-website.dat <your-domain>.i2p > auth_string.txt
</span>cat</span> auth_string.txt
</span></code></pre>
The anon-website.dat</code> file can be found in the same directory as the tunnels.conf</code> file. Follow the instructions on the project’s repo on how to compile i2pd-tools.</p>
After a few days, you should be able to see the website being announced on planet.i2p</code> and identiguy.i2p</code>.</p>
And that’s it! Enjoy your own piece of virtual real estate on the darkweb.</p>


How to browse I2P from a Raspberry Pi
2023-01-16T00:00:00+00:00
In this post, I’ll outline how I have set up a Raspberry Pi I had laying around the house to act as an I2P node, allowing me not only to browse I2P, but to help the network as well.</p>
I’m not claiming this is the best way to do it. In fact, if you have any ideas on how to make it better, please let me know! But it’s probably a good starting point if you’re planing to play around with anonymous networks.</p>
I’m assuming that you are familiar with the Linux command line, and have a Raspberry Pi already running on your home network. If there is interest in any of those topics, I can write some posts about them in the future.</p>
Before you proceed</strong></p>
Please be aware that there are things on the darkweb that you’d rather not see, or are down right illegal and reprehensible. Fortunately, I have not run into any of them. I have been using I2P to browse random blogs and tinkering with the technology, but you may not be as lucky. Proceed at your own risk.</p>
A few questions you might have before we start</h2>

What is I2P?</p>
</blockquote>
I2P is a network layer, that allows anonymous and encrypted peer-to-peer communication. It’s similar to tor, but it won’t allow one to browse websites on the clearnet (at least, not directly). You can think of I2P as its own separate internet, where the sun always shines1</a></sup></p>
For a more detailed comparison, check out the official website</a>.</p>

Why a Raspberry Pi? Can’t I just install it on a regular computer? I have an old laptop I’m not using.</p>
</blockquote>
You can, but you probably don’t want to.</p>
Another difference between tor and I2P is that each node also contributes to the network (even the people just browsing), while tor has dedicated machines acting as relays. In other words, you don’t just browse the network, but you contribute to it as well, by being one of the nodes which traffic flows through.</p>
This means that when you connect to I2P, you won’t be able to browse any sites at first, as your node is not integrated with the network yet. It can take several hours until you start seeing some sites. Therefore, you want to keep it connected for long periods of time (ideally, 24/7). With the current energy prices, you may want to avoid doing this on a regular computer.</p>

I don’t have a Raspberry Pi, but I do have a server that I already use for something else. Can I run it there?</p>
</blockquote>
You certainly can!</p>
I haven’t tried it yet. So I’ll focus on a Raspberry Pi for now.</p>
Setting up</h2>
You can get the java version on the official website</a>. However, I’ve found it to be unnecessarily heavy on my puny Raspberry Pi, so I switched to i2pd</code></a>. Even though it comes with less features out of the box (e.g. it does not include torrent or email capabilities built in), it’s written in C++, and is much lighter.</p>
Installing i2pd</code> and running it</h3>
On a Debian system, you can install it by running the following</a>:</p>
sudo</span> apt-get install apt-transport-https
</span>wget -q -O</span> - https://repo.i2pd.xyz/.help/add_repo | </span>sudo</span> bash</span> -s</span> -
</span>sudo</span> apt-get update
</span>sudo</span> apt-get install i2pd
</span></code></pre>
To start it, you can simply run:</p>
i2pd
</span></code></pre>
However, you probably want to start it in the background every time the Raspberry Pi boots up</a>:</p>
sudo</span> systemctl enable i2pd.service </span># enable i2pd autostart
</span>sudo</span> systemctl disable i2pd.service </span># disable i2pd autostart
</span></code></pre>
Browsing I2P</h3>
Great! You have i2pd up and running now. But how can you browse I2P websites (also known as eepsites)?</p>
Unlike tor, i2pd does not ship with a dedicated browser, you have to configure your own browser to use it.</p>
I prefer to have a separate browser just for I2P. So I installed librewolf</a> and configured the connection settings as follows:
</p>
Once that’s done, you should be able to see your i2pd console by going to http://127.0.0.1:7070/</code> on librewolf.</p>
Browsing on other computers in your home</h3>
So, you’ve got your Raspberry Pi set up, but it’s all the way over there</em>, and you’re pretty comfy sitting on the couch with your laptop. What can you do?</p>
Well, that’s pretty easy. All you have to do is to is run this on the computer you wish to browse I2P on:</p>
ssh -fTNL</span> 4444:127.0.0.1:4444</span> -L</span> 7070:127.0.0.1:7070 <rpi-username>@<rpi-local-ip-address>
</span></code></pre>
You can now browse from anywhere inside your house, as long as you are on the same network as the Raspberry Pi.</p>
Where can I find sites to visit?</h2>
Unfortunately, the amount of sites available on I2P is fairly small, even compared with something like tor hidden services. However, you can find a big list of them here (notice the “http”, not “https”): http://identiguy.i2p. There are also search engines you can use, e.g. http://legwork.i2p.</p>
For an RSS feed of the latest things happening on I2P, check out http://planet.i2p. Or maybe you’d like to browse some quality blogs like this one: http://orizuru.i2p (a bit of a shameless plug 🙂).</p>

Wait, how do you host your own blog on I2P?</p>
</blockquote>
It’s actually pretty easy, and you can do it on the same Raspberry Pi. But I’ll leave that tutorial for another time.</p>
EDIT (2023-01-26)</strong>: Part 2 of this post is now available</a>. It will teach you how to host a website on I2P.</p>
1</a></sup>When trying to stay anonymous on the internet. Do not talk about anything that could be used to find out your location including the weather</a>.</p>


Random software I find on the internet. Part 1: age
2022-11-12T00:00:00+00:00
WARNING #1: I’m not aware if this software has been properly audited. I am also not endorsing its use. My only intent is to share a project which I found interesting. As with every piece of technology (specially with encryption software), be sensible with the amount of trust you put into it.</strong></p>
WARNING #2: Any keys shown in this post are insecure, and should never be used.</strong></p>
While perusing some image boards a few months ago (don’t judge me, there’s some hidden gems out there), I came across a thread where people were exchanging encrypted messages (in this case, invite codes to an email server) using a program called age</code></a>. It was quite interesting to see people exchanging direct private messages anonymously in an open public forum, without using any messaging system with accounts and passwords.</p>
The program itself is a minimalist encryption tool and library written in Go (an alternative Rust implementation is also available</a>). To generate a public-private key pair, you just need to call age-keygen -o</code> and give it the filename where you wish to save the private key. Much simpler and quicker than GPG.</p>
~ $ age-keygen -o key.txt
</span>Public key: age1qjzggcf9jwu5ux9ctfggeghr5rcfxdnw74kvd06ruzdgpxxwputqs4pul5
</span></code></pre>
The public key shown above can then be given to the person who’s going to be sending you encrypted data. If you want to write the encrypted output in PEM format</a>, use the -a</code> flag (this is not mandatory, but it’s necessary to print it to the screen). As with any good unix utility, you can use “|</code>” to pipe the output of echo</code> into the input of age</code>. The -r</code> flag denotes the recipient</em> of the message (i.e. the public key).</p>
~ $ echo "This is a test" |
</span>> age -r age1qjzggcf9jwu5ux9ctfggeghr5rcfxdnw74kvd06ruzdgpxxwputqs4pul5 -a
</span>-----BEGIN AGE ENCRYPTED FILE-----
</span>YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBFNGVJUmhOdGpxUTNvWG9E
</span>V2xNeXhGRm9xSFdqN2lDcndEWTdkTUZrckY4ClM5S01pcEVWMTc5RW85cUtGM2sx
</span>SHV0bFhXa256QnlURGpJZTUvYmozNUEKLS0tIEVsaGxhRFozeWNNdWtFbUg4U1JZ
</span>Y0xkMGxlY1hpODBVenFVSWhxaUxFcDQK2WgZ4pEQbUya/MGgMvuWVkGxZYe4cnrT
</span>ThjB+1RHHbk92bpAUAo0wy41pOjYGbQ=
</span>-----END AGE ENCRYPTED FILE-----
</span></code></pre>
The file with the private key can then be used to decrypt the message, recovering the original text.</p>
~ $ echo "This is a test" |
</span>> age -r age1qjzggcf9jwu5ux9ctfggeghr5rcfxdnw74kvd06ruzdgpxxwputqs4pul5 -a |
</span>> age -d -i key.txt
</span>This is a test
</span></code></pre>
You can also use age</code> with files, not just text.</p>
~ $ age -r age1qjzggcf9jwu5ux9ctfggeghr5rcfxdnw74kvd06ruzdgpxxwputqs4pul5 -o image.png.age image.png
</span></code></pre>
The example above takes an image as input (image.png</code>) and outputs an encrypted file (image.png.age</code>).</p>
The -r</code> flag can also be used multiple times, to encrypt for multiple recipients.</p>
~ $ age -r key1.txt -r key2.txt -o image.png.age image.png
</span></code></pre>
There are lots of other features, such as: specifying multiple recipients in a text file (using the -R</code> flag), password-protect the private key file, encrypt / decrypt using ssh public keys, encrypt / decrypt using yubi keys, etc. Have a look at the full documentation</a> for more details.</p>
Despite all of this, it does not support things like signing (which GPG does). This is by design, as that would introduce more complexity to it. But there’s a bit of nuance here, so I’d recommend reading more about it from one of the authors</a>.</p>
As you might imagine, age</code> was probably developed with higher goals in mind than shit-posting on imageboards. It has indeed better applications, like dealing with secrets in gitops</a>. This actually interests me, and I might dig deeper into it in the future.</p>
I guess the moral of the story is that you can learn new things from unexpected places, and in roundabout ways. So keep your eyes open!</p>


My (semi-)automated backup script
2022-11-08T00:00:00+00:00
In the age of cloud file storage, people often put too much faith into companies like Google, Apple, and Dropbox to keep their important files safe. Even ignoring the possible privacy/security concerns, you’re still trusting them to not cut off your access for some reason beyond your control. Thus, you should seriously consider periodically backing up your important files to an external physical device.</p>
I backup my files on a monthly basis, so having to Ctrl-c</code>/Ctrl-v</code> a bunch of times is not ideal. Fortunately, I can now avoid this with a simple script:</p>
#!/bin/sh
</span>
</span>if </span>[ </span>"$</span>#</span>" != 1 </span>]</span>; </span>then
</span>    </span>printf </span>'</span>ERROR! No path to backup directory provided!\n</span>' >&</span>2
</span>    </span>exit</span> 1
</span>fi
</span>
</span>DATE</span>=$</span>(</span>date</span> +</span>'</span>%Y-%m-%d</span>'</span>)
</span>
</span>cd </span>"$</span>HOME</span>"
</span>crontab -l </span>> crontab.txt
</span>zip -9 -r </span>"$</span>1</span>$</span>DATE</span>.zip</span>" "</span>.ssh/</span>" "</span>crontab.txt</span>"
</span>rm</span> crontab.txt
</span>
</span>zip -9 -r </span>"$</span>1</span>$</span>DATE</span>.zip</span>" \
</span>    "</span>browsing/</span>" \
</span>    "</span>code/</span>" \
</span>    "</span>vimwiki/</span>" \
</span>    -x </span>"</span>code/**/target/*</span>" \
</span>    -x </span>"</span>code/**/.vscode/*</span>" \
</span>    -x </span>"</span>code/**/build/*</span>" \
</span>    -x </span>"</span>code/**/*.swp</span>" \
</span>    -x </span>"</span>*/.git/*</span>"
</span></code></pre>
The script compresses the files that I want recursively (-r</code>) with the maximum compression setting (-9</code>), and ignores some directories (-x</code>) that contain version control information and binaries build from code I’ve worked on. This is then put in the directory passed to the script and named with the current date ($1$DATE.zip</code>).</p>
The backup directory is inside a pen-drive that’s been encrypted with LUKS</a>.</p>
Limitations</h3>
Although the script automates most of the process, there are still a few things that I have to do manually:</p>

I’ve got to plug-in the pen-drive and decrypt it.</li>
The browsing/</code> directory contains a copy of the RSS feeds that I follow (exported manually from Feedly</a>), and the bookmarks manually exported from my browser (brave</a>).</li>
</ol>
Point 1 does not bother me, but point 2 definitely makes me itch.</p>
I might eventually move to a self-hosted solution for my RSS reader needs (maybe Tiny Tiny RSS</a>). It’s more involved, so it makes sense that it requires extra work. However, not being able to export my bookmarks from brave using the command line is seriously frustrating.</p>
From a bit of research, I’ve found that the bookmarks are stored in ~/.config/BraveSoftware/Brave-Browser/Default/Bookmarks</code>, but they are not in the HTML format exported by brave. At some point, I might just write some hacky script to convert between the two.</p>
If you happen to have a better solution, do please let me know</a>. 🙂</p>


Watching YouTube offline, with no ads and/or shilling
2022-05-26T00:00:00+00:00
If you live in the current year, you probably consume a lot of content from YouTube.</p>
During all this consumption, have you ever stopped and think how much of your time is wasted on ads and/or listening to <insert today's sponsor></code>? Fear not, I’m about to save you hours/days of your life (depending on how much time you’re glued to the screen every day).</p>
The essential addons to surf the web these days</h3>
I’m assuming that you’re already familiar with uBlock Origin</a>. It’s probably one of the most popular addons, and an absolute necessity to browse the internet these days (not just YouTube), as it blocks pretty much all the ads. One exception being, the sponsored sections that youtubers put in their videos.</p>
If you cut off all the sponsor / self-promotion / “like and subscribe” sections, you’d save quite a bit of time. Luckily, there’s an addon for that as well: SponsorBlock</a>.</p>
This addon allows regular users to tag sections of the video which belong to categories like the ones mentioned above, and share those tags with the other SponsorBlock users. You can then set the addon’s options to skip the types of sections you’re not interested in.</p>
There’s no need to submit tags yourself, but after using it for a while, I found myself tagging videos that I’m watching (if the video has no tags yet).</p>
Taking it one step further: offline</h3>
Offline?! Who the hell watches videos offline these days?</p>
Lots of people.</p>
Not everyone has a fast and reliable internet connection that allows them to watch videos in 1080p. Also, even if you do have fast/reliable internet and home, think of the times you find yourself without an internet connection (e.g. on a train or a plane). In those situations, it might be a good to catch up with the YouTube videos you were planing to watch; being that lectures or clickbaity gamer videos.</p>
You might already be familiar with youtube-dl</a>. It allows one to download videos from youtube, it ran into a few legal issues, but it’s back now</a>!</p>
However, during youtube-dl’s absence, a fork was created: yt-dlp</a>. This introduced some cool new features, including using SponsorBlock’s API</a> to tag/filter categories in the video</a>.</p>
So, putting it all together, you can use yt-dlp to download youtube videos stripped down from all the nonsense, and watch them whenever you feel like it.</p>


More ranting about useless keys
2022-04-21T00:00:00+00:00
Quick follow-up on my previous rant about useless keys</a>.</p>
When was the last time you used the Insert</code> key? Probably when you accidentally pressed it instead of the Delete</code> key.</p>
Fear not! You can now get rid of it as well, just by running:</p>
xmodmap -e </span>"</span>keycode 118 =</span>"
</span></code></pre>
Add it to your startup scripts, and immediately experience a boost to your quality of life. You’re welcome.</p>


My website building workflow
2022-03-27T00:00:00+00:00
This website has not existed for long, but I feel like I should share how I build it.</p>
As mentioned on the intro post</a>, I’m using a static website engine written in Rust called zola</a>. It builds a website based on a bunch of markdown files (one for each page), and stores the final result in a directory called public/</code>, along with any files that you might have (e.g. images).</p>
I’m a pretty big proponent of getting rid of bloat, so the default output is just not good enough. However, what people consider bloat is relative (one man’s bloat is another man’s essential feature), so I’ll stick with a definition we can all agree on: any data that does not change the users’ experience, and just drags down performance.</p>
One very easy way of getting rid of useless website data is to just minify minify</a> the HTML, which zola supports by setting minify_html = true</code> in the config.toml</code> file.</p>
Another way of reducing the amount of data (and to increase privacy as well), is to get rid of metadata in your files. For this task, I use mat2</code></a>; which is able to clean the metadata from a variety of filetypes, including: images, audio, video, etc.</p>
To bring all of this together, I have a very simple script that is run to build the release version of this website:</p>
# Build website
</span>zola</span> build
</span># Clean all metadata from images that are going to be uploaded
</span>mat2 --inplace </span>$(</span>find</span> public/</span> -type</span> f</span> -exec</span> file {} </span>\; </span>| </span>awk -F</span>: '</span>{ if ($2 ~/[Ii]mage|EPS/) print $1}</span>')
</span></code></pre>
The first line is pretty self-explanatory.</p>
The second line lists all the files in the public/</code> directory (find public/ -type f -exec file {} \;</code>), filters out just the paths to images (awk -F: '{ if ($2 ~/[Ii]mage|EPS/) print $1}'</code>), and then passes those as inputs to mat2</code>, which proceeds to clean the metadata inplace.</p>
Hopefully you can take some ideas on how to make your own website lighter, without changing a single thing regarding its appearance, or the quality of the images.</p>


Death to Caps Lock
2022-03-16T00:00:00+00:00
Take a moment to recall when was the last time you used the Caps Lock key.</p>
Do you remember?</p>
Unless you’re a boomer posting on Facebook about things you have no knowledge about, then the answer should be “when I accidentally touched it, and then had to backspace and re-write a whole sentence”.</p>
It’s a legacy key from mechanical typewriters</a>, back in the days when you might need a row of upper case letters to define a title. But with today’s cutting edge technological advances like different sized fonts, bold</strong>, and italic</em>; it’s time for it to die.</p>
Making this key actually useful</h3>
In this day and age, it makes no sense for Caps Lock to occupy such a valuable piece of keyboard real estate (or to exist at all). So every machine that I own has the Caps Lock remapped as an extra Ctrl</code>.</p>
Just think about it, how many times do you use the control key per day? You probably use it to copy (Ctrl+c</code>), paste (Ctrl+v</code>), save (Ctrl+s</code>), select all (Ctrl+a</code>), open a tab (Ctrl+t</code>), close a tab (Ctrl+w</code>), etc. All these require you to bend the left little finger awkwardly downwards, and it’s the cause of the mythical “Emacs pinky”</a> injury.</p>
If you are using Linux with Gnome, you can just install gnome tweaks:</p>
$</span> sudo apt-get install gnome-tweaks
</span></code></pre>
And enable the remap option on “Keyboard & Mouse” > “Additional Layout Options”</p>
</p>
If you want a more general solution, you can change .Xmodmap</code> to do it, but I’m not sure this works anymore. I still have an old config around, but can’t vouch for it anymore, so I won’t be posting it. Still happy to provide it for anyone who contacts me</a>.</p>
As for Windows and Mac users, can’t help you there. I’ve only done it on a Windows machine years ago, so my knowledge might be outdated. Nevertheless, a search engine is your friend, and this option should be available on your OS.</p>
Now go forth, and enjoy your newly found productivity. Your little finger will thank you.</p>


Getting Things Done (GTD) and taskwarrior
2022-03-11T00:00:00+00:00
I’m a firm believer in trying out different approaches that may help me be more organised, as that usually means that I can get a lot more output with the same (or even less) input.</p>
If you’re struggling to get yourself on track, I highly recommend having a look at the Getting Things Done</a> (GTD) method.</p>
This won’t be a guide on GTD, there are plenty of guides on the internet on how to do it (you don’t even need to read the book to get the basics). So, I’m going to assume that you’re already familiar with it. If you’re not, do spend a couple of minutes googling it, it’s definitely worth your time.</p>
One of the advantages of the GTD method is that it’s not reliant on one particular app, or even on a computer at all; you can implement it with just pen and paper. The whole system can also be split into several components: an archive, a calendar, a to-do list, etc. So if you decide to build your GTD system in digital form, you can apply the Unix philosophy</a> to choose which piece of software to use for each component.</p>
For the to-do list component, I’ve chosen taskwarrior</a>. It does one thing, and it does it well. It also works on the command line, and saves the data in plaintext format, which for me are huge</strong> advantages. Since I always have one or more terminals open while at work, this means that I can just brain-dump a task and quickly get back to what I was doing.</p>
$</span> task add Write first draft of report due:Friday wait:Wednesday priority:H project:work.secretproject
</span></code></pre>
The command above should be pretty straightforward: “Add a task called ‘Write first draft of report’ under project.subproject “work.secretproject”; the task is due on Friday, set priority to High, and wait until Wednesday before you show it on my task list“. A few important details with this:</p>

You didn’t have to use all these fields, you just needed a task description. I added them for illustration purposes.</li>
Both Wednesday and Friday will be the future Wednesday and Friday closest in time.</li>
The time will be the start of those days, i.e. midnight (00:00:00).</li>
You can abbreviate the priority</code> command to pri</code> and project</code> to pro</code></li>
You can use relative time.</li>
</ul>
What does this all mean?</p>
Well, let’s say that the task is due on Friday at 5pm, and you just want to be reminded of it 2 days before. You could write it like this:</p>
$</span> task add Write first draft of report due:Friday+17h wait:due-2d pri:H pro:work.secretproject
</span></code></pre>
If you then listed all the tasks with the command task all</code> (not just task</code>, otherwise you won’t get tasks that are waiting), you’d get something like this:</p>
ID St UUID     Age  P Project Wait Due        Description
</span>1  W  7b5dde37 1min H work    4d   2022-03-18 Write first draft of report
</span></code></pre>
The fields listed above are:</p>

ID</code> - which you can use to apply operations to the task, such as: modify</code>, annotate</code>, done</code>, delete</code>, etc. The ID</code> will change as you complete tasks.</li>
St</code> - status. In this case W</code> for “waiting”.</li>
UUID</code> - unique identifier, used for more advanced stuff. Unlike the ID</code>, this never changes.</li>
Age</code> - how old the task is.</li>
P</code> - priority.</li>
Project</code> - self-explanatory.</li>
Wait</code> - how long until it appears on your main to-do list. In other words, how long until it appears when you run the command task</code> instead of task all</code>.</li>
Due</code> - self-explanatory.</li>
Description</code> - self-explanatory.</li>
</ul>
One of the coolest features of taskwarrior is that it uses things like the age, due date, priority, projects, and tags (not covered on this post), to set the Urgency</code> of a task. In other words, when you type task</code>, it will print a task list ordered based on how urgent they are, not on how old they are. Of course, as any program worth its salt, all of the factors that affect the urgency can be configured in the .taskrc</code> file</a>.</p>
This post does not even scratch the surface of what you can do with it. There are tons of other features worth mentioning, such as: queries, reports, task dependencies, contexts, etc. But I’ll leave you to explore the documentation</a>, or watch this talk by one of the developers</a>.</p>
As mentioned above, taskwarrior does one thing, and does it well. So extra features like time tracking, multiline task notes, weekly reviews, etc., does require you to link separate programs to taskwarrior. I may write a few more detailed posts in the future on how I added these in.</p>


Intro
2022-03-09T00:00:00+00:00
Welcome to my little corner on the internet.</p>
This will be attempt #1362 to restart a personal website / blog. For now, it will be pretty bare-bones, at least until I figure out how zola</a> works. All the cool kids are using Rust and static site generators, so why not combine both?</p>
I’d rather build up from a minimalist starting point, than to take one of the thousand themes already available. Which might not be smart, but I enjoy the control it gives me.</p>
If you’re reading this several years from now, and the website is bloated with a tons of javascript: I apologize. But also, that means that attempt #1362 was the one that stuck.</p>

orizuru

OpenAI's data collection

Filter out results from your web searches

Why use just Google, when you can combine the power of multiple search engines?

Chrome-based browsers</h3> For chrome-based browsers (which include Brave), you want to do the following:</p>

How to host your own website on the darkweb

How to browse I2P from a Raspberry Pi

A few questions you might have before we start</h2> What is I2P?</p> </blockquote>

Browsing I2P</h3> Great! You have i2pd up and running now. But how can you browse I2P websites (also known as eepsites)?</p> Unlike tor, i2pd does not ship with a dedicated browser, you have to configure your own browser to use it.</p>

Random software I find on the internet. Part 1: age

My (semi-)automated backup script

Limitations</h3> Although the script automates most of the process, there are still a few things that I have to do manually:</p> I’ve got to plug-in the pen-drive and decrypt it.</li>

Watching YouTube offline, with no ads and/or shilling

More ranting about useless keys

My website building workflow

Death to Caps Lock

Getting Things Done (GTD) and taskwarrior

Intro