Posts

I finally started using Molly to send and receive messages via Signal. Molly is a hardened fork of Signal for Android, offering features such as an encrypted message database, automatic locking, shredding no longer needed secrets from RAM, notifications via UnifiedPush, and Tor / SOCKS proxy support. This is by no means an alternative to Signal itself, but rather an alternative (and hardened) Android client for Signal. While these extra security features are great, my main motivation to use Molly was battery saving, actually. I’m on GrapheneOS, which does offer sandboxed Google Play (opt-in), yet I’ve chosen not to use it. This means I’m not using Google’s Firebase Cloud Messaging (FCM) for notifications either, which Signal by default heavily relies on. However, it continues to make me very glad I can still use a secure and open source mobile operating system (GrapheneOS) in 2025, without needing to rely on proprietary and privacy-impairing functionality. ...

OpenWrt is an open source Linux project aimed at embedded devices to route network traffic (e.g. routers). I’ve consistently run OpenWrt on my home routers for over a decade now (I still remember the brief LEDE split), and it has since been my preferred home router OS. While I’ve also wanted to experiment with OPNsense (and pfSense before), I’ve never had a real reason to thus far, but I digress…​ It might be interesting to add some network security such as intrusion prevention to your residential gateway directly. You might of old be familiar with Fail2Ban, and I’ve happily used Fail2Ban for years. CrowdSec is a similar solution, albeit more community-driven. Klaus Agnoletti, then (still?) head of community at CrowdSec, summarised the similarities and differences between the two: ...

When using NvChad, you may have come across the peculiar behaviour of Neovim exiting Insert mode when typing the letters j, and k, consecutively. This can be pretty annoying when writing in Dutch, using the -(e)lijk suffix (e.g. begrijpelijk, namelijk, wezenlijk), which is pretty common. I found the following line (8) in ~/.config/nvim/lua/mappings.lua to be the culprit: 1 2 3 4 5 6 7 8 9 10 require "nvchad.mappings" -- add yours here local map = vim.keymap.set map("n", ";", ":", { desc = "CMD enter command mode" }) map("i", "jk", "<ESC>") -- map({ "n", "i", "v" }, "<C-s>", "<cmd> w <cr>") ...

Some time ago I documented how I configured WireGuard on my OpenWrt router at home, to connect securely to my home network (and the Internet, really) from wherever I am. I feel safer connecting to public Wi-Fi this way, also abroad when it allows me to save extra roaming costs. However, during my travels I sometimes come across networks which seem to block VPN connections, sometimes including my own personal WireGuard tunnel. For such cases I managed to tunnel my WireGuard connection over HTTPS, which is typically (far) less often blocked. ...

My previous post described how I migrated my girlfriend’s father from Windows 10 to Linux Mint. While doing so, I used the default Ext4 filesystem, as opposed to Btrfs, for the root partition. No big deal, but Btrfs makes it a whole lot easier snapshotting the filesystem and rolling back if needed. Timeshift can automatically take care of all that, and it allows for some more peace of mind while configuring automatic OS updates. ...

The other day my girlfriend’s father briefly mentioned he was considering buying a new computer, because of Windows 10 being end-of-life soon, and his current computer’s specifications would be too low to upgrade to Windows 11 (I suspect the lack of TPM 2.0, but I’m not sure). The man is in his mid 70s and regularly uses his computer to browse the Internet, communicate using social media, reply on emails, play solitaire, et cetera. I therefore suspected he wouldn’t really need to buy a brand-new computer for his use cases, only to satisfy the income of a Big Tech company. ...

Last Friday, just before closing my laptop and enjoying my weekend I managed to break my EndeavourOS VM by accidentally shutting it down while it was still updating the kernel in another terminal session. It no longer booted as a result. To fix it, I found a helpful blog post by Edmund Goodman which proved useful, albeit slightly different from my environment. Goodman was using GRUB and Ext4, whereas my environment is using Systemd-boot and Btrfs. ...

Troubling times ahead: Chat Control 2.0 is coming up, a law that would force all EU citizens to surrender their private messages, effectively breaking end-to-end encryption for everyone. I’m sad to see this issue is back on the table again (after previous failed attempts), and even more saddened by the severe lack of critical thinking and media coverage around this topic. Just in case you missed it, here’s a brief explainer, courtesy of stopscanningme.eu: ...

My previous post discussed the importance of EU’s digital sovereignty, especially considering historical and recent geopolitical developments, namely our overdependence on (US) Big Tech. This post will focus on the Dutch elections coming up next month. So far I’ve seen some but overall little interest from most major parties to invest heavily in digital sovereignty, apart from of course the Pirate Party. I do understand, we sadly have more matters to attend to. The housing crisis for one, which is much more tangible to most voters, because it directly affects a large part of our population, and their children. We should’ve built much more housing over the last decade, but at the very least it is one of the more popular election topics this time around. And rightfully so, I do believe housing is indeed a crisis, affecting our demographic personally. ...

In an effort to practise digital sovereignty and reduce being dependent on (US) Big Tech, the EU is very, very slowly looking for secure digital alternatives, on its own soil. While the EU acknowledges this threat, it is not a new one, really. The classic example being Europe’s overdependence on Microsoft, and being turned into a Software Colony as a result. Even more so when Europe increasingly migrated its data to US-based cloud services for more than a decade ago now. ...