<?xml version="1.0" encoding="utf-8" standalone="yes"?>
<rss version="2.0" xmlns:atom="http://www.w3.org/2005/Atom">
  <channel>
    <title>Mike Zornek</title>
    <link>https://mikezornek.com/tags/privacy/</link>
    <description>Recent content in privacy on Mike Zornek</description>
    <generator>Hugo -- gohugo.io</generator>
    <language>en-us</language>
    <managingEditor>mike@mikezornek.com (Mike Zornek)</managingEditor>
    <webMaster>mike@mikezornek.com (Mike Zornek)</webMaster>
    <lastBuildDate>Tue, 15 Apr 2025 08:19:13 -0400</lastBuildDate>
    
	<atom:link href="https://mikezornek.com/tags/privacy/index.xml" rel="self" type="application/rss+xml" />
    
    
    <item>
      <title>How I Got Rid of My Google-Hosted Web Fonts</title>
      <link>https://mikezornek.com/posts/2025/4/custom-fonts-without-google/</link>
      <pubDate>Tue, 15 Apr 2025 08:19:13 -0400</pubDate>
      <author>mike@mikezornek.com (Mike Zornek)</author>
      <guid>https://mikezornek.com/posts/2025/4/custom-fonts-without-google/</guid>
      <description>&lt;p&gt;Over the last few weeks, I&amp;rsquo;ve been doing some infrastructure updates to the website, and one of those changes was to drop the use of &lt;a href=&#34;https://fonts.google.com/&#34;&gt;Google&amp;rsquo;s linked web fonts&lt;/a&gt; and instead host custom fonts from my own server in the spirit of improving the privacy of my site visitors.&lt;/p&gt;
&lt;p&gt;Here is how I did it and some of the problems I ran into.&lt;/p&gt;
&lt;h2 id=&#34;picking-your-font&#34;&gt;Picking your font&lt;/h2&gt;
&lt;p&gt;The first custom font I had in mind was &lt;code&gt;Ubuntu&lt;/code&gt;, a bold sans-serif font that I like for my name in the header. You can see samples of this &lt;a href=&#34;https://fonts.google.com/specimen/Ubuntu&#34;&gt;on Google&amp;rsquo;s site&lt;/a&gt;, but to download it, I take advantage of the &lt;a href=&#34;https://gwfh.mranftl.com/fonts/ubuntu&#34;&gt;google-webfont-helper&lt;/a&gt; site, which lets me quickly customize the exact styles I am interested in using and offers me a list of various CSS methods of use. I use the more modern CSS approach, as seen in the following snippet.&lt;/p&gt;
&lt;div class=&#34;highlight&#34;&gt;&lt;pre tabindex=&#34;0&#34; style=&#34;color:#f8f8f2;background-color:#272822;-moz-tab-size:4;-o-tab-size:4;tab-size:4;-webkit-text-size-adjust:none;&#34;&gt;&lt;code class=&#34;language-css&#34; data-lang=&#34;css&#34;&gt;&lt;span style=&#34;display:flex;&#34;&gt;&lt;span&gt;&lt;span style=&#34;color:#75715e&#34;&gt;/* ubuntu-regular - latin */&lt;/span&gt;
&lt;/span&gt;&lt;/span&gt;&lt;span style=&#34;display:flex;&#34;&gt;&lt;span&gt;@&lt;span style=&#34;color:#66d9ef&#34;&gt;font-face&lt;/span&gt; {
&lt;/span&gt;&lt;/span&gt;&lt;span style=&#34;display:flex;&#34;&gt;&lt;span&gt;  &lt;span style=&#34;color:#f92672&#34;&gt;font-display&lt;/span&gt;&lt;span style=&#34;color:#f92672&#34;&gt;:&lt;/span&gt; &lt;span style=&#34;color:#f92672&#34;&gt;swap&lt;/span&gt;&lt;span style=&#34;color:#f92672&#34;&gt;;&lt;/span&gt; &lt;span style=&#34;color:#75715e&#34;&gt;/* Check https://developer.mozilla.org/en-US/docs/Web/CSS/@font-face/font-display for other options. */&lt;/span&gt;
&lt;/span&gt;&lt;/span&gt;&lt;span style=&#34;display:flex;&#34;&gt;&lt;span&gt;  &lt;span style=&#34;color:#f92672&#34;&gt;font-family&lt;/span&gt;&lt;span style=&#34;color:#f92672&#34;&gt;:&lt;/span&gt; &lt;span style=&#34;color:#e6db74&#34;&gt;&amp;#34;Ubuntu&amp;#34;&lt;/span&gt;&lt;span style=&#34;color:#f92672&#34;&gt;;&lt;/span&gt;
&lt;/span&gt;&lt;/span&gt;&lt;span style=&#34;display:flex;&#34;&gt;&lt;span&gt;  &lt;span style=&#34;color:#f92672&#34;&gt;font-style&lt;/span&gt;&lt;span style=&#34;color:#f92672&#34;&gt;:&lt;/span&gt; &lt;span style=&#34;color:#f92672&#34;&gt;normal&lt;/span&gt;&lt;span style=&#34;color:#f92672&#34;&gt;;&lt;/span&gt;
&lt;/span&gt;&lt;/span&gt;&lt;span style=&#34;display:flex;&#34;&gt;&lt;span&gt;  &lt;span style=&#34;color:#f92672&#34;&gt;font-weight&lt;/span&gt;&lt;span style=&#34;color:#f92672&#34;&gt;:&lt;/span&gt; &lt;span style=&#34;color:#f92672&#34;&gt;400&lt;/span&gt;&lt;span style=&#34;color:#f92672&#34;&gt;;&lt;/span&gt;
&lt;/span&gt;&lt;/span&gt;&lt;span style=&#34;display:flex;&#34;&gt;&lt;span&gt;  &lt;span style=&#34;color:#f92672&#34;&gt;src&lt;/span&gt;&lt;span style=&#34;color:#f92672&#34;&gt;:&lt;/span&gt; &lt;span style=&#34;color:#f92672&#34;&gt;url&lt;/span&gt;&lt;span style=&#34;color:#f92672&#34;&gt;(&lt;/span&gt;&lt;span style=&#34;color:#e6db74&#34;&gt;&amp;#34;../fonts/ubuntu-v20-latin-regular.woff2&amp;#34;&lt;/span&gt;&lt;span style=&#34;color:#f92672&#34;&gt;)&lt;/span&gt; &lt;span style=&#34;color:#f92672&#34;&gt;format&lt;/span&gt;&lt;span style=&#34;color:#f92672&#34;&gt;(&lt;/span&gt;&lt;span style=&#34;color:#e6db74&#34;&gt;&amp;#34;woff2&amp;#34;&lt;/span&gt;&lt;span style=&#34;color:#f92672&#34;&gt;);&lt;/span&gt; &lt;span style=&#34;color:#75715e&#34;&gt;/* Chrome 36+, Opera 23+, Firefox 39+, Safari 12+, iOS 10+ */&lt;/span&gt;
&lt;/span&gt;&lt;/span&gt;&lt;span style=&#34;display:flex;&#34;&gt;&lt;span&gt;}
&lt;/span&gt;&lt;/span&gt;&lt;span style=&#34;display:flex;&#34;&gt;&lt;span&gt;
&lt;/span&gt;&lt;/span&gt;&lt;span style=&#34;display:flex;&#34;&gt;&lt;span&gt;&lt;span style=&#34;color:#75715e&#34;&gt;/* ubuntu-700 - latin */&lt;/span&gt;
&lt;/span&gt;&lt;/span&gt;&lt;span style=&#34;display:flex;&#34;&gt;&lt;span&gt;@&lt;span style=&#34;color:#66d9ef&#34;&gt;font-face&lt;/span&gt; {
&lt;/span&gt;&lt;/span&gt;&lt;span style=&#34;display:flex;&#34;&gt;&lt;span&gt;  &lt;span style=&#34;color:#f92672&#34;&gt;font-display&lt;/span&gt;&lt;span style=&#34;color:#f92672&#34;&gt;:&lt;/span&gt; &lt;span style=&#34;color:#f92672&#34;&gt;swap&lt;/span&gt;&lt;span style=&#34;color:#f92672&#34;&gt;;&lt;/span&gt; &lt;span style=&#34;color:#75715e&#34;&gt;/* Check https://developer.mozilla.org/en-US/docs/Web/CSS/@font-face/font-display for other options. */&lt;/span&gt;
&lt;/span&gt;&lt;/span&gt;&lt;span style=&#34;display:flex;&#34;&gt;&lt;span&gt;  &lt;span style=&#34;color:#f92672&#34;&gt;font-family&lt;/span&gt;&lt;span style=&#34;color:#f92672&#34;&gt;:&lt;/span&gt; &lt;span style=&#34;color:#e6db74&#34;&gt;&amp;#34;Ubuntu&amp;#34;&lt;/span&gt;&lt;span style=&#34;color:#f92672&#34;&gt;;&lt;/span&gt;
&lt;/span&gt;&lt;/span&gt;&lt;span style=&#34;display:flex;&#34;&gt;&lt;span&gt;  &lt;span style=&#34;color:#f92672&#34;&gt;font-style&lt;/span&gt;&lt;span style=&#34;color:#f92672&#34;&gt;:&lt;/span&gt; &lt;span style=&#34;color:#f92672&#34;&gt;normal&lt;/span&gt;&lt;span style=&#34;color:#f92672&#34;&gt;;&lt;/span&gt;
&lt;/span&gt;&lt;/span&gt;&lt;span style=&#34;display:flex;&#34;&gt;&lt;span&gt;  &lt;span style=&#34;color:#f92672&#34;&gt;font-weight&lt;/span&gt;&lt;span style=&#34;color:#f92672&#34;&gt;:&lt;/span&gt; &lt;span style=&#34;color:#f92672&#34;&gt;700&lt;/span&gt;&lt;span style=&#34;color:#f92672&#34;&gt;;&lt;/span&gt;
&lt;/span&gt;&lt;/span&gt;&lt;span style=&#34;display:flex;&#34;&gt;&lt;span&gt;  &lt;span style=&#34;color:#f92672&#34;&gt;src&lt;/span&gt;&lt;span style=&#34;color:#f92672&#34;&gt;:&lt;/span&gt; &lt;span style=&#34;color:#f92672&#34;&gt;url&lt;/span&gt;&lt;span style=&#34;color:#f92672&#34;&gt;(&lt;/span&gt;&lt;span style=&#34;color:#e6db74&#34;&gt;&amp;#34;../fonts/ubuntu-v20-latin-700.woff2&amp;#34;&lt;/span&gt;&lt;span style=&#34;color:#f92672&#34;&gt;)&lt;/span&gt; &lt;span style=&#34;color:#f92672&#34;&gt;format&lt;/span&gt;&lt;span style=&#34;color:#f92672&#34;&gt;(&lt;/span&gt;&lt;span style=&#34;color:#e6db74&#34;&gt;&amp;#34;woff2&amp;#34;&lt;/span&gt;&lt;span style=&#34;color:#f92672&#34;&gt;);&lt;/span&gt; &lt;span style=&#34;color:#75715e&#34;&gt;/* Chrome 36+, Opera 23+, Firefox 39+, Safari 12+, iOS 10+ */&lt;/span&gt;
&lt;/span&gt;&lt;/span&gt;&lt;span style=&#34;display:flex;&#34;&gt;&lt;span&gt;}
&lt;/span&gt;&lt;/span&gt;&lt;/code&gt;&lt;/pre&gt;&lt;/div&gt;&lt;p&gt;Source: &lt;a href=&#34;https://github.com/zorn/mikezornek.com/blob/4f3faf6c41540e93ae3cd61e28a7a09bcd08749d/assets/css/main.css&#34;&gt;assets/css/main.css&lt;/a&gt;&lt;/p&gt;
&lt;p&gt;&lt;strong&gt;Aside:&lt;/strong&gt; I still need to add a proper &lt;a href=&#34;https://assets.ubuntu.com/v1/81e5605d-ubuntu-font-licence-1.0.txt&#34;&gt;license&lt;/a&gt; display for this font usage. That is still forthcoming.&lt;/p&gt;
&lt;h2 id=&#34;using-your-font-with-tailwind&#34;&gt;Using your font with Tailwind&lt;/h2&gt;
&lt;p&gt;The other notable infrastructure update was to make it so I could use Tailwind within my Hugo templates. To reference my font, I use the following &lt;a href=&#34;https://tailwindcss.com/docs/font-family#using-a-custom-value&#34;&gt;Tailwind utility class&lt;/a&gt;:&lt;/p&gt;
&lt;div class=&#34;highlight&#34;&gt;&lt;pre tabindex=&#34;0&#34; style=&#34;color:#f8f8f2;background-color:#272822;-moz-tab-size:4;-o-tab-size:4;tab-size:4;-webkit-text-size-adjust:none;&#34;&gt;&lt;code class=&#34;language-html&#34; data-lang=&#34;html&#34;&gt;&lt;span style=&#34;display:flex;&#34;&gt;&lt;span&gt;&amp;lt;&lt;span style=&#34;color:#f92672&#34;&gt;h1&lt;/span&gt; &lt;span style=&#34;color:#a6e22e&#34;&gt;class&lt;/span&gt;&lt;span style=&#34;color:#f92672&#34;&gt;=&lt;/span&gt;&lt;span style=&#34;color:#e6db74&#34;&gt;&amp;#34;font-[Ubuntu] text-6xl font-bold&amp;#34;&lt;/span&gt;&amp;gt;{{ site.Title }}&amp;lt;/&lt;span style=&#34;color:#f92672&#34;&gt;h1&lt;/span&gt;&amp;gt;
&lt;/span&gt;&lt;/span&gt;&lt;/code&gt;&lt;/pre&gt;&lt;/div&gt;&lt;p&gt;If you want to use a font more broadly, I&amp;rsquo;d recommend &lt;a href=&#34;https://tailwindcss.com/docs/adding-custom-styles#customizing-your-theme&#34;&gt;editing Tailwind configuration&lt;/a&gt; so you can express fonts with better abstractions at call sites, but for this one-off header, this is fine.&lt;/p&gt;
&lt;h2 id=&#34;avoiding-flash-of-unstyled-content-fouc&#34;&gt;Avoiding Flash of Unstyled Content (FOUC)&lt;/h2&gt;
&lt;p&gt;After deploying my new self-hosted fonts, I observed flashes of unstyled content. Specifically, Safari would display the header copy in a serif font and then swap it into Ubuntu. Both Safari and Firefox would flash the new header background texture image as I clicked from page to page.&lt;/p&gt;
&lt;p&gt;I did a little reading and landed on the following solution, which has me use &lt;a href=&#34;https://developer.mozilla.org/en-US/docs/Web/HTML/Reference/Elements/link&#34;&gt;&lt;code&gt;&amp;lt;link&amp;gt;&lt;/code&gt;&lt;/a&gt; elements included in my &lt;code&gt;&amp;lt;head&amp;gt;&lt;/code&gt; to help hint to the web rendering systems more early in the drawing process that it will need these resources before the first paint.&lt;/p&gt;
&lt;div class=&#34;highlight&#34;&gt;&lt;pre tabindex=&#34;0&#34; style=&#34;color:#f8f8f2;background-color:#272822;-moz-tab-size:4;-o-tab-size:4;tab-size:4;-webkit-text-size-adjust:none;&#34;&gt;&lt;code class=&#34;language-html&#34; data-lang=&#34;html&#34;&gt;&lt;span style=&#34;display:flex;&#34;&gt;&lt;span&gt;&amp;lt;&lt;span style=&#34;color:#f92672&#34;&gt;link&lt;/span&gt;
&lt;/span&gt;&lt;/span&gt;&lt;span style=&#34;display:flex;&#34;&gt;&lt;span&gt;  &lt;span style=&#34;color:#a6e22e&#34;&gt;rel&lt;/span&gt;&lt;span style=&#34;color:#f92672&#34;&gt;=&lt;/span&gt;&lt;span style=&#34;color:#e6db74&#34;&gt;&amp;#34;preload&amp;#34;&lt;/span&gt;
&lt;/span&gt;&lt;/span&gt;&lt;span style=&#34;display:flex;&#34;&gt;&lt;span&gt;  &lt;span style=&#34;color:#a6e22e&#34;&gt;href&lt;/span&gt;&lt;span style=&#34;color:#f92672&#34;&gt;=&lt;/span&gt;&lt;span style=&#34;color:#e6db74&#34;&gt;&amp;#34;/fonts/ubuntu-v20-latin-700.woff2&amp;#34;&lt;/span&gt;
&lt;/span&gt;&lt;/span&gt;&lt;span style=&#34;display:flex;&#34;&gt;&lt;span&gt;  &lt;span style=&#34;color:#a6e22e&#34;&gt;as&lt;/span&gt;&lt;span style=&#34;color:#f92672&#34;&gt;=&lt;/span&gt;&lt;span style=&#34;color:#e6db74&#34;&gt;&amp;#34;font&amp;#34;&lt;/span&gt;
&lt;/span&gt;&lt;/span&gt;&lt;span style=&#34;display:flex;&#34;&gt;&lt;span&gt;  &lt;span style=&#34;color:#a6e22e&#34;&gt;type&lt;/span&gt;&lt;span style=&#34;color:#f92672&#34;&gt;=&lt;/span&gt;&lt;span style=&#34;color:#e6db74&#34;&gt;&amp;#34;font/woff2&amp;#34;&lt;/span&gt;
&lt;/span&gt;&lt;/span&gt;&lt;span style=&#34;display:flex;&#34;&gt;&lt;span&gt;  &lt;span style=&#34;color:#a6e22e&#34;&gt;crossorigin&lt;/span&gt;
&lt;/span&gt;&lt;/span&gt;&lt;span style=&#34;display:flex;&#34;&gt;&lt;span&gt;&amp;gt;
&lt;/span&gt;&lt;/span&gt;&lt;span style=&#34;display:flex;&#34;&gt;&lt;span&gt;&amp;lt;&lt;span style=&#34;color:#f92672&#34;&gt;link&lt;/span&gt;
&lt;/span&gt;&lt;/span&gt;&lt;span style=&#34;display:flex;&#34;&gt;&lt;span&gt;  &lt;span style=&#34;color:#a6e22e&#34;&gt;rel&lt;/span&gt;&lt;span style=&#34;color:#f92672&#34;&gt;=&lt;/span&gt;&lt;span style=&#34;color:#e6db74&#34;&gt;&amp;#34;preload&amp;#34;&lt;/span&gt;
&lt;/span&gt;&lt;/span&gt;&lt;span style=&#34;display:flex;&#34;&gt;&lt;span&gt;  &lt;span style=&#34;color:#a6e22e&#34;&gt;href&lt;/span&gt;&lt;span style=&#34;color:#f92672&#34;&gt;=&lt;/span&gt;&lt;span style=&#34;color:#e6db74&#34;&gt;&amp;#34;/fonts/ubuntu-v20-latin-regular.woff2&amp;#34;&lt;/span&gt;
&lt;/span&gt;&lt;/span&gt;&lt;span style=&#34;display:flex;&#34;&gt;&lt;span&gt;  &lt;span style=&#34;color:#a6e22e&#34;&gt;as&lt;/span&gt;&lt;span style=&#34;color:#f92672&#34;&gt;=&lt;/span&gt;&lt;span style=&#34;color:#e6db74&#34;&gt;&amp;#34;font&amp;#34;&lt;/span&gt;
&lt;/span&gt;&lt;/span&gt;&lt;span style=&#34;display:flex;&#34;&gt;&lt;span&gt;  &lt;span style=&#34;color:#a6e22e&#34;&gt;type&lt;/span&gt;&lt;span style=&#34;color:#f92672&#34;&gt;=&lt;/span&gt;&lt;span style=&#34;color:#e6db74&#34;&gt;&amp;#34;font/woff2&amp;#34;&lt;/span&gt;
&lt;/span&gt;&lt;/span&gt;&lt;span style=&#34;display:flex;&#34;&gt;&lt;span&gt;  &lt;span style=&#34;color:#a6e22e&#34;&gt;crossorigin&lt;/span&gt;
&lt;/span&gt;&lt;/span&gt;&lt;span style=&#34;display:flex;&#34;&gt;&lt;span&gt;&amp;gt;
&lt;/span&gt;&lt;/span&gt;&lt;span style=&#34;display:flex;&#34;&gt;&lt;span&gt;&amp;lt;&lt;span style=&#34;color:#f92672&#34;&gt;link&lt;/span&gt; &lt;span style=&#34;color:#a6e22e&#34;&gt;rel&lt;/span&gt;&lt;span style=&#34;color:#f92672&#34;&gt;=&lt;/span&gt;&lt;span style=&#34;color:#e6db74&#34;&gt;&amp;#34;preload&amp;#34;&lt;/span&gt; &lt;span style=&#34;color:#a6e22e&#34;&gt;href&lt;/span&gt;&lt;span style=&#34;color:#f92672&#34;&gt;=&lt;/span&gt;&lt;span style=&#34;color:#e6db74&#34;&gt;&amp;#34;/images/dark-mosaic.png&amp;#34;&lt;/span&gt; &lt;span style=&#34;color:#a6e22e&#34;&gt;as&lt;/span&gt;&lt;span style=&#34;color:#f92672&#34;&gt;=&lt;/span&gt;&lt;span style=&#34;color:#e6db74&#34;&gt;&amp;#34;image&amp;#34;&lt;/span&gt;&amp;gt;
&lt;/span&gt;&lt;/span&gt;&lt;/code&gt;&lt;/pre&gt;&lt;/div&gt;&lt;p&gt;I think these are working well.&lt;/p&gt;
&lt;p&gt;The font preload &lt;a href=&#34;https://developer.mozilla.org/en-US/docs/Web/HTML/Reference/Attributes/rel/preload#cors-enabled_fetches&#34;&gt;explicitly&lt;/a&gt; needs &lt;code&gt;crossorigin&lt;/code&gt; for CORS things, but the image did not, which I find interesting.&lt;/p&gt;
&lt;hr&gt;
&lt;p&gt;I&amp;rsquo;ll probably be doing more with my fonts and the overall design of the site in the coming weeks, but this was a good nugget of progress.&lt;/p&gt;
&lt;h2 id=&#34;resources&#34;&gt;Resources&lt;/h2&gt;
&lt;ul&gt;
&lt;li&gt;If you want to avoid hosting a font, consider limiting your options to more likely supported options from the OS. Dreamhost has &lt;a href=&#34;https://www.dreamhost.com/blog/web-safe-fonts/&#34;&gt;a blog post&lt;/a&gt; outlining some good choices for each family style.&lt;/li&gt;
&lt;li&gt;If you want to learn more about fonts (and basic design), I highly recommend &lt;a href=&#34;https://www.goodreads.com/book/show/22251142-the-non-designer-s-design-book&#34;&gt;The Non-Designer&amp;rsquo;s Design Book&lt;/a&gt; by Robin P. Williams. Its teachings stand the test of time.&lt;/li&gt;
&lt;li&gt;I mentioned background textures, and if you are looking for some, check out this &lt;a href=&#34;https://www.transparenttextures.com/&#34;&gt;helpful gallery&lt;/a&gt;.&lt;/li&gt;
&lt;/ul&gt;
</description>
    </item>
    
    <item>
      <title>What is Local-first Software?</title>
      <link>https://mikezornek.com/posts/2025/2/what-is-local-first-software/</link>
      <pubDate>Mon, 03 Feb 2025 09:11:28 -0500</pubDate>
      <author>mike@mikezornek.com (Mike Zornek)</author>
      <guid>https://mikezornek.com/posts/2025/2/what-is-local-first-software/</guid>
      <description>&lt;p&gt;Local-first software is a term that came out of a research lab called Ink &amp;amp; Switch back in April 2019. In a &lt;a href=&#34;https://www.inkandswitch.com/local-first&#34;&gt;wonderful paper&lt;/a&gt;, they explored some ideas that resonated with me.&lt;/p&gt;
&lt;p&gt;In today&amp;rsquo;s post, I want to talk a bit about the problems local-first software solves and explore an abbreviated definition of how to identify local-first software. I&amp;rsquo;ll close with some resources to learn more and a quick review of my next side project.&lt;/p&gt;
&lt;p&gt;Let&amp;rsquo;s start by talking about the problem.&lt;/p&gt;
&lt;h2 id=&#34;the-problem&#34;&gt;The Problem&lt;/h2&gt;
&lt;p&gt;Over the last twenty years, the balance of power between software users and software providers has become incredibly one-sided.&lt;/p&gt;
&lt;p&gt;Modern companies, through the software they provide, have tremendous leverage against their users. This power shift comes primarily through ubiquitous centralized data. The outcome of this is that the user is disenfranchised through loss of data sovereignty, privacy, security, and long-term software availability.&lt;/p&gt;
&lt;p&gt;Why did users give up this power so easily? For collaboration. Collaboration is the killer feature of the modern web, and frankly, it was much easier to build when we agreed to centralize the data.&lt;/p&gt;
&lt;p&gt;I can only speak for myself, but I don&amp;rsquo;t think we as a whole really knew what we were building in those early days. We used language like &amp;ldquo;connecting people,&amp;rdquo; and it was never about gatekeeping. But as collaboration and social networking features started to mature, we found ourselves in a world that was off balance.&lt;/p&gt;
&lt;h2 id=&#34;the-solution&#34;&gt;The Solution&lt;/h2&gt;
&lt;p&gt;Local-first software aims to describe an approach to software that better empowers users. From &lt;a href=&#34;https://www.inkandswitch.com/local-first/&#34;&gt;the paper&lt;/a&gt;:&lt;/p&gt;
&lt;blockquote&gt;
&lt;p&gt;We believe that data ownership and real-time collaboration are not at odds with each other. It is possible to create software that has all the advantages of cloud apps, while also allowing you to retain full ownership of the data, documents and files you create.&lt;/p&gt;
&lt;p&gt;We call this type of software &lt;strong&gt;local-first software&lt;/strong&gt;, since it prioritizes the use of local storage (the disk built into your computer) and local networks (such as your home WiFi) over servers in remote datacenters.&lt;/p&gt;
&lt;/blockquote&gt;
&lt;p&gt;Later in &lt;a href=&#34;https://www.youtube.com/watch?v=NMq0vncHJvU&#34;&gt;a conference talk&lt;/a&gt;, Martin Kleppmann provided a more succinct definition:&lt;/p&gt;
&lt;blockquote&gt;
&lt;p&gt;In local-first software, the availability of another computer should never prevent you from working.&lt;/p&gt;
&lt;/blockquote&gt;
&lt;p&gt;He expanded:&lt;/p&gt;
&lt;blockquote&gt;
&lt;p&gt;&lt;strong&gt;If it&amp;rsquo;s local-only, it&amp;rsquo;s not local first.&lt;/strong&gt;&lt;br&gt;
(Local-first implies multiplayer, or at least multi-device among a user&amp;rsquo;s devices)&lt;/p&gt;
&lt;/blockquote&gt;
&lt;blockquote&gt;
&lt;p&gt;&lt;strong&gt;If it doesn&amp;rsquo;t work with the wifi off, it&amp;rsquo;s not local-first.&lt;/strong&gt;&lt;br&gt;
(Local-first implies offline support.)&lt;/p&gt;
&lt;/blockquote&gt;
&lt;blockquote&gt;
&lt;p&gt;&lt;strong&gt;If it doesn&amp;rsquo;t work when the app developer goes out of business and shuts down their servers, it&amp;rsquo;s not local-first.&lt;/strong&gt;&lt;/p&gt;
&lt;/blockquote&gt;
&lt;p&gt;For more, I highly recommend reading the &lt;a href=&#34;https://www.inkandswitch.com/local-first&#34;&gt;original paper&lt;/a&gt; and watching &lt;a href=&#34;https://www.youtube.com/watch?v=NMq0vncHJvU&#34;&gt;the recent conference talk&lt;/a&gt;.&lt;/p&gt;
&lt;h2 id=&#34;the-technologies-that-seeds-this-dream&#34;&gt;The Technologies That Seeds this Dream&lt;/h2&gt;
&lt;p&gt;If you have ever been involved in data distribution, data integrity, syncing, merging, resolving conflicts, or any of the other nightmares that surround this story, you might read the definition of local-first and walk away thinking it&amp;rsquo;s a pipe dream. Yes, this is a very challenging technical problem, but exciting advancements exist in Conflict-free Replicated Data Types (CRDTs).&lt;/p&gt;
&lt;p&gt;Wikipedia &lt;a href=&#34;https://en.wikipedia.org/wiki/Conflict-free_replicated_data_type&#34;&gt;summarizes&lt;/a&gt;:&lt;/p&gt;
&lt;blockquote&gt;
&lt;p&gt;In distributed computing, a conflict-free replicated data type (CRDT) is a data structure that is replicated across multiple computers in a network, with the following features:&lt;/p&gt;
&lt;ol&gt;
&lt;li&gt;The application can update any replica independently, concurrently and without coordinating with other replicas.&lt;/li&gt;
&lt;li&gt;An algorithm (itself part of the data type) automatically resolves any inconsistencies that might occur.&lt;/li&gt;
&lt;li&gt;Although replicas may have different state at any particular point in time, they are guaranteed to eventually converge.&lt;/li&gt;
&lt;/ol&gt;
&lt;/blockquote&gt;
&lt;p&gt;Over the last decade, research and development on these algorithms have matured, making real-world production deployments possible.&lt;/p&gt;
&lt;p&gt;Multiple implementations of these algorithms exist, with &lt;a href=&#34;https://automerge.org&#34;&gt;Automerge&lt;/a&gt; being a popular starting point.&lt;/p&gt;
&lt;p&gt;If you want to learn more about Conflict-free Replicated Data Types I recommend watching &lt;a href=&#34;https://www.youtube.com/watch?v=B5NULPSiOGw&#34;&gt;CRDTs and the Quest for Distributed Consistency&lt;/a&gt; and the follow up &lt;a href=&#34;https://www.youtube.com/watch?v=x7drE24geUw&#34;&gt;CRDTs: The Hard Parts&lt;/a&gt;&lt;/p&gt;
&lt;p&gt;To be clear, local-first does not require specifically CRDTs, nor does using CRDTs make your software local-first.&lt;/p&gt;
&lt;h2 id=&#34;why-this-excites-me&#34;&gt;Why this Excites Me&lt;/h2&gt;
&lt;p&gt;In my senior years, I have become very cynical and negative about the technical industry I participate in. Overall, I question whether all of this has made our lives better. When I compare the positive and the negative, I have trouble finding balance.&lt;/p&gt;
&lt;p&gt;I am also a realist, understanding that I am a grain of sand on the beach of civilization. I try to focus on the things I can positively impact and not get overwhelmed by the things outside my control.&lt;/p&gt;
&lt;p&gt;Thinking about my work, I align with the problems and solutions local-first software promotes. When I consider how I want to spend my day coding, do I want to code yet another centralized system some private equity firm can crunch and mold to its will and profits above all others? Or do I want to contribute, even a small slice, to the creation of long-lived software that empowers users?&lt;/p&gt;
&lt;h2 id=&#34;whats-next&#34;&gt;What&amp;rsquo;s Next?&lt;/h2&gt;
&lt;p&gt;With work on &lt;a href=&#34;https://github.com/zorn/flick&#34;&gt;Flick&lt;/a&gt; slowing down, I&amp;rsquo;d like to define my next side project, and I think it will be a local-first research project. I want to define a time box and outline experiments and prototypes to test out some of these ideas and see how they can work in practice. In the end, I hope to have a software deliverable of some value and a series of blog posts explaining what I&amp;rsquo;ve learned along the way. I&amp;rsquo;m still shaping what this will be, but I thought I&amp;rsquo;d start the journey with a definition of local-first.&lt;/p&gt;
&lt;h2 id=&#34;resources&#34;&gt;Resources&lt;/h2&gt;
&lt;ul&gt;
&lt;li&gt;&lt;a href=&#34;https://www.inkandswitch.com/local-first/&#34;&gt;Local-first software, You own your data, in spite of the cloud&lt;/a&gt;.&lt;/li&gt;
&lt;li&gt;&lt;a href=&#34;https://www.youtube.com/watch?v=B5NULPSiOGw&#34;&gt;CRDTs and the Quest for Distributed Consistency&lt;/a&gt;&lt;/li&gt;
&lt;li&gt;&lt;a href=&#34;https://www.youtube.com/watch?v=x7drE24geUw&#34;&gt;CRDTs: The Hard Parts&lt;/a&gt;&lt;/li&gt;
&lt;li&gt;&lt;a href=&#34;https://www.youtube.com/watch?v=NMq0vncHJvU&#34;&gt;The past, present, and future of local-first - Martin Kleppmann (Local-First Conf)&lt;/a&gt;&lt;/li&gt;
&lt;li&gt;&lt;a href=&#34;https://automerge.org/&#34;&gt;Automerge&lt;/a&gt;&lt;/li&gt;
&lt;li&gt;&lt;a href=&#34;https://www.localfirst.fm/&#34;&gt;localfirst.fm, a podcast about local-first software development&lt;/a&gt;&lt;/li&gt;
&lt;/ul&gt;
</description>
    </item>
    
    <item>
      <title>Hostname-based Privacy Tools Need to Evolve For Websocket Concerns</title>
      <link>https://mikezornek.com/posts/2021/5/websocket-privacy/</link>
      <pubDate>Thu, 20 May 2021 20:30:00 -0400</pubDate>
      <author>mike@mikezornek.com (Mike Zornek)</author>
      <guid>https://mikezornek.com/posts/2021/5/websocket-privacy/</guid>
      <description>&lt;p&gt;I&amp;rsquo;m a privacy advocate. I use Firefox as my main browser. I install adblock browser extensions. I block ads from within my network router. Most of these privacy tools rely on the fact most ads and tracking happen through JavaScripts which are embedded alongside the websites we are visiting and send tracking data to a third party hostname. We know these hostnames are suspect and so we block the connections outright.&lt;/p&gt;
&lt;p&gt;But what if the ads and tracking were to flow through the same hostname of the original website? What if the ads and tracking were woven though the same websocket connection that the main site ran through? How would we be able to block that?&lt;/p&gt;
&lt;p&gt;Persistent websocket connections are the backbone for anything on the modern web that is collaborative or realtime. &lt;a href=&#34;https://github.com/phoenixframework/phoenix_live_view&#34;&gt;Phoenix LiveView&lt;/a&gt; is a library I personally enjoy using to build websocket-powered apps. A similar library called &lt;a href=&#34;https://github.com/hotwired/turbo&#34;&gt;Turbo&lt;/a&gt; is also out there for Rails.&lt;/p&gt;
&lt;p&gt;Having knowledge of how websockets work, how JavaScript tracking works and how privacy tools work &amp;ndash; I have a growing concern that as we see more prevalent hostname-based privacy tools get traction amongst the casual web userbase the ads and tracking software is likely to evolve and may move into the websocket space. If it does I&amp;rsquo;m concerned it will be very difficult to separate the traffic of the main website one is trying to engage with and the ads and tracking bits that flow inside the same pipe to the same host.&lt;/p&gt;
&lt;p&gt;I don&amp;rsquo;t have much to else to add. I have no answers, just concerns. Is anyone else working on this right now?&lt;/p&gt;
</description>
    </item>
    
    <item>
      <title>Is WebKit Sabotaging the Future of the Open Web?</title>
      <link>https://mikezornek.com/posts/2020/7/webkit-feature-development-and-privacy/</link>
      <pubDate>Mon, 06 Jul 2020 17:10:19 -0400</pubDate>
      <author>mike@mikezornek.com (Mike Zornek)</author>
      <guid>https://mikezornek.com/posts/2020/7/webkit-feature-development-and-privacy/</guid>
      <description>&lt;p&gt;This didn&amp;rsquo;t get much press at the time, but during WWDC the WebKit team listed &lt;a href=&#34;https://webkit.org/tracking-prevention/&#34;&gt;a bunch of web technologies they will apparently not be implementing&lt;/a&gt; in the name of privacy.&lt;/p&gt;
&lt;blockquote&gt;
&lt;p&gt;Fingerprinting involves measuring the uniqueness of static device configuration (e.g. built-in hardware), dynamic device or browser configuration (e.g. user settings or installed peripherals), and user browsing data (e.g. checking which sites the user is logged in to, so-called login fingerprinting).&lt;/p&gt;
&lt;p&gt;WebKit’s first line of defense against fingerprinting is to not implement web features which increase fingerprintability and offer no safe way to protect the user. Here are some examples of features we have decided to not implement in part due to fingerprinting concerns:&lt;/p&gt;
&lt;ul&gt;
&lt;li&gt;Web Bluetooth&lt;/li&gt;
&lt;li&gt;Web MIDI API&lt;/li&gt;
&lt;li&gt;Magnetometer API&lt;/li&gt;
&lt;li&gt;Web NFC API&lt;/li&gt;
&lt;li&gt;Device Memory API&lt;/li&gt;
&lt;li&gt;Network Information API&lt;/li&gt;
&lt;li&gt;Battery Status API&lt;/li&gt;
&lt;li&gt;Ambient Light Sensor&lt;/li&gt;
&lt;li&gt;HDCP Policy Check extension for EME&lt;/li&gt;
&lt;li&gt;Proximity Sensor&lt;/li&gt;
&lt;li&gt;WebHID&lt;/li&gt;
&lt;li&gt;Serial API&lt;/li&gt;
&lt;li&gt;Web USB&lt;/li&gt;
&lt;li&gt;Geolocation Sensor (background geolocation)&lt;/li&gt;
&lt;li&gt;User Idle Detection&lt;/li&gt;
&lt;/ul&gt;
&lt;/blockquote&gt;
&lt;p&gt;Just to be clear, I am a privacy advocate. I use DuckDuckGo. I use Firefox. I block ads. I encrypt my DNS lookups. I&amp;rsquo;m building &lt;a href=&#34;https://mikezornek.com/projects/guildflow/&#34;&gt;a privacy-focused tool for meetups.&lt;/a&gt; And with all that said, this worries me.&lt;/p&gt;
&lt;p&gt;Right now, many mobile developers would argue that for a rich user experience you need to build a native app and I would agree, at least I would as of today.&lt;/p&gt;
&lt;p&gt;But if I&amp;rsquo;m reading the tea leaves right, and history is a model to follow, what requires &amp;ldquo;native device&amp;rdquo; code today will be possible in the web browser of the future. &lt;a href=&#34;https://webassembly.org/&#34;&gt;WebAssembly&lt;/a&gt; shows great early promise in providing rich cross-platform code opportunities. If you are a 1Password user like me, &lt;a href=&#34;https://blog.1password.com/1password-x-may-2019-update/&#34;&gt;you are probably already enjoying some WebAssembly&lt;/a&gt; today.&lt;/p&gt;
&lt;p&gt;However, to build rich user experiences on a mobile device using WebAssembly or inside a normal web app requires access to the sensors and systems of that device. With this collective blocking of access (along with the &lt;a href=&#34;https://mjtsai.com/blog/2020/06/16/hey-rejected-from-the-app-store/&#34;&gt;lack of side loading options&lt;/a&gt; on iOS and the &lt;a href=&#34;https://en.wikipedia.org/wiki/Firefox_for_iOS&#34;&gt;ban of non-WebKit rendering in App Store apps&lt;/a&gt;) Apple has positioned their own native and financial interests over the favor of an open web.&lt;/p&gt;
&lt;p&gt;Why can&amp;rsquo;t the WebKit developer energy be spent on building these great new APIs and connect them with user empowering privacy tools. A great example of what I mean is website location tracking. If a website wants access you your location (for say driving directions) you can grant it access. I don&amp;rsquo;t understand why a similar approach could not be applied for things like Web Bluetooth access or Proximity sensor access.&lt;/p&gt;
&lt;p&gt;I applaud many of the privacy decisions the WebKit team has made over the past couple of years, but this one feels wrong.&lt;/p&gt;
&lt;p&gt;When I was learning to program in the late 90s we had another &lt;a href=&#34;https://en.wikipedia.org/wiki/United_States_v._Microsoft_Corp.&#34;&gt;big platform vendor who sabotaged the web browser market&lt;/a&gt; for their own interests and I do not want a repeat.&lt;/p&gt;
</description>
    </item>
    
    <item>
      <title>Putting Zoom in Quarantine</title>
      <link>https://mikezornek.com/posts/2020/4/putting-zoom-in-quarantine/</link>
      <pubDate>Thu, 09 Apr 2020 16:03:22 -0400</pubDate>
      <author>mike@mikezornek.com (Mike Zornek)</author>
      <guid>https://mikezornek.com/posts/2020/4/putting-zoom-in-quarantine/</guid>
      <description>&lt;p&gt;I&amp;rsquo;ve already blogged about my &lt;a href=&#34;http://mikezornek.com/posts/2020/3/zoom-google-hangout-alternatives/&#34;&gt;interest in finding a Zoom alternative&lt;/a&gt; for my own &lt;a href=&#34;https://www.meetup.com/PhillyElixir/&#34;&gt;groups&lt;/a&gt; and &lt;a href=&#34;http://mikezornek.com/posts/2020/4/open-office-hours/&#34;&gt;meetings&lt;/a&gt; but sadly it&amp;rsquo;s not a platform I can completely shun since I have personal connections that still use it heavily.&lt;/p&gt;
&lt;p&gt;First a small update on my alternatives&amp;hellip;&lt;/p&gt;
&lt;p&gt;I had high hopes for &lt;a href=&#34;https://jitsi.org/&#34;&gt;Jitsi&lt;/a&gt;. Being open source was a huge plus for me, but sadly when we tried it out at my Elixir meeting, we ran into multiple technical problems.&lt;/p&gt;
&lt;p&gt;At said meeting we eventually jumped to &lt;a href=&#34;https://whereby.com/&#34;&gt;Whereby&lt;/a&gt;. Whereby feels like it&amp;rsquo;s more suited for small groups, and our group is small so we were able to use it without issue.&lt;/p&gt;
&lt;p&gt;In addition to the technical success, the user experience of Whereby was also enjoyed by the attendees. It was fully featured and worked well in our personal web browser of choice. Today while doing some more research I was also happy to see Whereby&amp;rsquo;s &lt;a href=&#34;https://whereby.com/information/tos/privacy-policy/&#34;&gt;privacy statement&lt;/a&gt; was written in plain English and seemed reasonable.&lt;/p&gt;
&lt;p&gt;Moving forward, I think I&amp;rsquo;ll be leaning on Whereby when I have control.&lt;/p&gt;
&lt;p&gt;For my Zoom-choosing communities, I first tried just using the browser version with my copy of Firefox, but that &lt;a href=&#34;https://microblog.mikezornek.com/2020/04/07/tried-to-join.html&#34;&gt;did not go over well&lt;/a&gt;. Zoom web wants Chrome and once again, I would prefer not to install Chrome for privacy reasons.&lt;/p&gt;
&lt;p&gt;I then tried a &lt;a href=&#34;https://github.com/mdouchement/docker-zoom-us&#34;&gt;Docker containerized version of Zoom&lt;/a&gt; but quickly discovered it expects a Linux host and does not work with Mac OS.&lt;/p&gt;
&lt;p&gt;In lieu of Chrome I finally installed &lt;a href=&#34;https://iridiumbrowser.de/&#34;&gt;Iridium Browser&lt;/a&gt;, which is a open source project that takes the open source base of Chrome, &lt;a href=&#34;https://www.chromium.org/Home&#34;&gt;Chromium&lt;/a&gt;, and removes all of the Google phone home and related features. Today I was able to use Iridium to participate in a Zoom call with moderate success. I still had to sign in to a Zoom account which is not very comforting, and the Zoom web UI is not a 1:1 match to its desktop cousin (one feature it lacks is gallery mode, which I like to use) &amp;ndash; but it did work.&lt;/p&gt;
&lt;p&gt;Despite some improvements, Zoom &lt;a href=&#34;https://citizenlab.ca/2020/04/move-fast-roll-your-own-crypto-a-quick-look-at-the-confidentiality-of-zoom-meetings/&#34;&gt;security issues&lt;/a&gt; continue to come out on regular basis. I hope in time I can drop it entirely, but for now I feel like limiting my interactions with a mostly isolated Iridium Browser will do.&lt;/p&gt;
&lt;p&gt;If you are in control of a Zoom meeting, please consider researching you own replacement. Hopefully this info will help towards that end.&lt;/p&gt;
</description>
    </item>
    
    <item>
      <title>Zoom / Google Hangout Alternatives</title>
      <link>https://mikezornek.com/posts/2020/3/zoom-google-hangout-alternatives/</link>
      <pubDate>Fri, 27 Mar 2020 14:02:41 -0400</pubDate>
      <author>mike@mikezornek.com (Mike Zornek)</author>
      <guid>https://mikezornek.com/posts/2020/3/zoom-google-hangout-alternatives/</guid>
      <description>&lt;p&gt;With the need to do more video conferences and meetings many are turning to Zoom and Google Hangouts. Technically I&amp;rsquo;ve always thought Google Hangouts was pretty mediocre and Zoom, while a better user experience has shown &lt;a href=&#34;https://arstechnica.com/information-technology/2019/07/zoom-makes-it-too-easy-for-hackers-to-access-webcams-heres-what-to-do/&#34;&gt;time&lt;/a&gt; and &lt;a href=&#34;https://words.philpin.com/collection-of-your-personal-data-by-zoom&#34;&gt;time&lt;/a&gt; again not to be trustworthy software.&lt;/p&gt;
&lt;p&gt;One item of homework for myself is to investigate alternatives for my own meetup and &lt;a href=&#34;https://mikezornek.com/projects/guildflow/&#34;&gt;other projects&lt;/a&gt; that better respect the privacy of users. So far some recommendations I&amp;rsquo;ve gotten from friends:&lt;/p&gt;
&lt;ul&gt;
&lt;li&gt;&lt;a href=&#34;https://jitsi.org/&#34;&gt;Jitsi&lt;/a&gt; - Jitsi is a set of open-source projects that allows you to easily build and deploy secure videoconferencing solutions. At the heart of Jitsi are Jitsi Videobridge and Jitsi Meet, which let you have conferences on the internet, while other projects in the community enable other features such as audio, dial-in, recording, and simulcasting.&lt;/li&gt;
&lt;li&gt;&lt;a href=&#34;https://whereby.com/&#34;&gt;Whereby&lt;/a&gt; - Whereby is a flexible tool providing you with video meetings in the browser – no downloads &amp;amp; no logins for guests&lt;/li&gt;
&lt;li&gt;&lt;a href=&#34;https://nextcloud.com/talk/&#34;&gt;Nextcloud Talk&lt;/a&gt; - Screensharing, online meetings &amp;amp; web conferencing without data leaks.&lt;/li&gt;
&lt;/ul&gt;
&lt;p&gt;If you have anymore recommendations please &lt;a href=&#34;https://mikezornek.com/contact/&#34;&gt;let me know&lt;/a&gt;. I&amp;rsquo;ll share my notes when I&amp;rsquo;m done but wanted to get this out now so others can tests the waters as well.&lt;/p&gt;
</description>
    </item>
    
    <item>
      <title>Hello Firefox, Goodbye Chrome</title>
      <link>https://mikezornek.com/posts/2018/10/hello-firefox-goodbye-chrome/</link>
      <pubDate>Mon, 08 Oct 2018 01:46:34 +0000</pubDate>
      <author>mike@mikezornek.com (Mike Zornek)</author>
      <guid>https://mikezornek.com/posts/2018/10/hello-firefox-goodbye-chrome/</guid>
      <description>&lt;p&gt;A few weeks ago I said to myself, enough was enough and dropped the Chrome web browser.&lt;/p&gt;
&lt;p&gt;If you aren’t actively following the web development world it’s easy to miss, but Google and Chrome have really been hostile toward the open web over the last few years. A few examples:&lt;/p&gt;
&lt;p&gt;In 2016 Google introduced Accelerated Mobile Pages. From &lt;a href=&#34;https://en.wikipedia.org/wiki/Accelerated_Mobile_Pages#General_Criticisma&#34;&gt;its wikipedia page&lt;/a&gt;:&lt;/p&gt;
&lt;blockquote&gt;
&lt;p&gt;AMP has been widely criticized by many in the tech industry for being an attempt by Google to exert its dominance on the Web by dictating how websites are built and monetized, and that “AMP is Google’s attempt to lock publishers into its ecosystem”. AMP has also been linked to Google’s attempt to deprecate URLs so that users will not be able to immediately see whether they are viewing a webpage on the open Web or an AMP page that is hosted on Google’s servers. AMP has been described as being “poisonous to the underlying concept of an open internet.”&lt;/p&gt;
&lt;/blockquote&gt;
&lt;p&gt;In Chrome 68 they began to &lt;a href=&#34;http://this.how/googleAndHttp/&#34;&gt;deprecate HTTP&lt;/a&gt; and now list HTTP sites as insecure.&lt;/p&gt;
&lt;p&gt;In Chrome 69 they added a behavior that strips the &lt;code&gt;www&lt;/code&gt; subdomain from the URL bar. (Try visiting &lt;code&gt;www.mikezornek.com&lt;/code&gt; and it becomes &lt;code&gt;mikezornek.com&lt;/code&gt;. This may feel like a small thing for users but as a developer its a firm violation for how the web URL works.&lt;/p&gt;
&lt;p&gt;Just this weekend I read &lt;a href=&#34;https://mjtsai.com/blog/2018/10/05/why-matthew-green-is-done-with-chrome/&#34;&gt;a story&lt;/a&gt; of some more shenanigans:&lt;/p&gt;
&lt;p&gt;&lt;a href=&#34;https://blog.cryptographyengineering.com/2018/09/23/why-im-leaving-chrome/&#34;&gt;Matthew Green&lt;/a&gt;:&lt;/p&gt;
&lt;blockquote&gt;
&lt;p&gt;A few weeks ago Google shipped an update to Chrome that fundamentally changes the sign-in experience. From now on, every time you log into a Google property (for example, Gmail), Chrome will automatically sign the browser into your Google account for you. It’ll do this without asking, or even explicitly notifying you.&lt;/p&gt;
&lt;/blockquote&gt;
&lt;p&gt;&lt;a href=&#34;https://twitter.com/pfrazee/status/1044265163350843392&#34;&gt;Paul Frazee&lt;/a&gt;:&lt;/p&gt;
&lt;blockquote&gt;
&lt;p&gt;There’s a reason people are reacting to Chrome like this. This isn’t an overreaction over one single event. It’s a delayed reaction to a pattern of bad behavior.&lt;/p&gt;
&lt;p&gt;It’s contextualized by the very messed-up power dynamic between Google and the open Web.&lt;/p&gt;
&lt;/blockquote&gt;
&lt;p&gt;Google’s influence over the web through its search was already over the line in many ways but to see its once celebrated browser go down this road is depressing.&lt;/p&gt;
&lt;p&gt;Actions speak and &lt;a href=&#34;https://www.mozilla.org/en-US/firefox/new/&#34;&gt;Firefox&lt;/a&gt; is treating me well. I now use it across my computers and devices, from MacOS to iOS and even my Windows gaming tower. &lt;a href=&#34;https://duckduckgo.com/&#34;&gt;DuckDuckGo&lt;/a&gt; is my default search engine (and has been for like a year now) and works well too. It feels good to be using products from people who &lt;a href=&#34;https://www.mozilla.org/en-US/about/&#34;&gt;share my interests&lt;/a&gt; to heart.&lt;/p&gt;
</description>
    </item>
    
    <item>
      <title>Staying Secure on OS X with a Few Unsigned Apps</title>
      <link>https://mikezornek.com/posts/2015/10/staying-secure-on-os-x-with-a-few-unsigned-apps/</link>
      <pubDate>Mon, 19 Oct 2015 22:10:33 +0000</pubDate>
      <author>mike@mikezornek.com (Mike Zornek)</author>
      <guid>https://mikezornek.com/posts/2015/10/staying-secure-on-os-x-with-a-few-unsigned-apps/</guid>
      <description>&lt;p&gt;I could get into some real heavy talk regarding Apple’s policies about installing software outside their stores (and maybe I will someday) but for now let us all be thankful that not all Mac software must come to us through Cupertino. Let us also be thankful for &lt;a href=&#34;https://support.apple.com/en-us/HT202491&#34;&gt;Gatekeeper&lt;/a&gt;, a nice compromise Apple offers.&lt;/p&gt;
&lt;p&gt;With Gatekeeper, Apple allows people to distribute Mac software outside the store but requires it be signed with an identity registered with Apple. The general idea being if a developer gets marked as distributing malware Apple can blacklist them so as to not effect users in the future. I’m not aware of any honest developer being wrongfully blacklisted and my general understanding is that the program is working well with &lt;a href=&#34;https://en.wikipedia.org/wiki/Gatekeeper_(OS_X)&#34;&gt;known limitations&lt;/a&gt;.&lt;/p&gt;
&lt;p&gt;OS X ships with a nice safe default via &lt;code&gt;Settings &amp;gt; Security&lt;/code&gt;,&lt;/p&gt;
&lt;p&gt;“Allow apps downloaded from:” set to “Mac App Store and identified developers”. Unfortunately even though Gatekeeper has been around since 10.7 there are some apps that are not signed nor will never ever be signed that you want to run. Most users will sadly turn off the Gatekeeper check entirely at this point, leaving their system vulnerable. Below I’ll walk you though how to allow a unsigned app to run while leaving the security setting as-is.&lt;/p&gt;
&lt;p&gt;By default OS X ships with the setting set to “Mac App Store and identified developers”.&lt;/p&gt;
&lt;p&gt;&lt;img src=&#34;http://mikezornek.com/media/images/security/2.png&#34; alt=&#34;default settings&#34;&gt;&lt;/p&gt;
&lt;p&gt;When you try to open an unsigned app you’ll get a prompt like this:&lt;/p&gt;
&lt;p&gt;&lt;img src=&#34;http://mikezornek.com/media/images/security/3.png&#34; alt=&#34;prompt&#34;&gt;&lt;/p&gt;
&lt;p&gt;Click &lt;code&gt;OK&lt;/code&gt; and then go back to System Preferences and you might notice the pane has changed:&lt;/p&gt;
&lt;p&gt;&lt;img src=&#34;http://mikezornek.com/media/images/security/4.png&#34; alt=&#34;Open Anyway option&#34;&gt;&lt;/p&gt;
&lt;p&gt;Now you can choose to “Open Anyway” for the last app blocked by Gatekeeper. Go back and try to launch the app again. You’ll get a final prompt asking if you sure, and upon clicking &lt;code&gt;Open&lt;/code&gt; you’ll be able to run you unsigned app while still maintaining the default security setting.&lt;/p&gt;
&lt;p&gt;&lt;img src=&#34;http://mikezornek.com/media/images/security/5.png&#34; alt=&#34;Last check&#34;&gt;&lt;/p&gt;
&lt;p&gt;While a little tedious jumping back and fourth for the initial approval, I’d much rather do this and leave Gatekeeper on than to run without the identity check. I highly recommend you do so too, and if you can, maybe a friendly email to your app developer asking him to sign his app.&lt;/p&gt;
&lt;p&gt;&lt;strong&gt;UPDATE:&lt;/strong&gt; Was informed by &lt;a href=&#34;http://twitter.com/boredzo&#34;&gt;@boredzo&lt;/a&gt; and &lt;a href=&#34;http://twitter.com/abrahamvegh&#34;&gt;@ abrahamvegh&lt;/a&gt; that there is a shortcut to this flow if you anticipate the app requiring approval. For example, if you download an app you know will need this special exception you can control-click it and choose Open from the context menu. Doing so will cause a similar prompt that will whitelist the non-signed app and allow you to run it without turning off Gatekeeper. Thanks for the extra info guys!&lt;/p&gt;
</description>
    </item>
    
  </channel>
</rss>