Server backups to kDrive using Duplicacy

IT news

The best backups are automated (hence frequent), versioned (so you can recover from accidentally deleted or hacked files) and off-site (no worries about natural disasters or the host going bust).

To set them up you’ll obviously need somewhere to store them, and this post updates an earlier version that used Microsoft OneDrive to use Infomaniak kDrive instead – a European company with hopefully better privacy, environmental, reliability and ethical credentials. The rest of this post assumes you will use that, but other cloud providers are supported.

Unfortunately, many control panels can’t use this sort of cloud storage – they expect to backup by SFTP rather than S3 or WebDAV. This is where Duplicacy comes in – it’s fast, efficient and secure, available for Linux, OSX and Windows and the command line version is free for personal use. The catch is it’s a bit tricky to set up and the documentation is sparse, so that’s what this post is about.

This post is specifically about backing up websites from a Linux server – for backing up a PC or laptop it’s probably better to use Infomaniak’s official kDrive app.

Continue reading Server backups to kDrive using Duplicacy

Reasons to Avoid WhatsApp

IT news

This post from Bruce Schneier quoting Dan Goodin at Arstechnica is pretty scary – known vulnerabilities in WhatsApp unfixed, 400,000 accounts being hacked every day at one stage. WhatsApp started as a great alternative to email and SMS – secure, fast, free, easy to use – but has gradually deteriorated since Facebook acquired it. If I could avoid it completely I would, but convincing other people to change their workflow is a big deal and isn’t going to happen quickly.

I recommend Signal instead. It’s very similar from a user perspective, except run by people who actually understand security and privacy. Unfortunately it seems hardly anyone has heard of it. Check it out!

Lawsuit About WhatsApp Security

Migrating CiviCRM to standalone

IT news

It has recently become possible to run CiviCRM as a standalone site, rather than as a plugin inside a CMS like Drupal or WordPress. This is great news (I’ve wanted this for a long time) and it works really well for a clean installation but migrating an existing site remains difficult, which will limit adoption. There is a “Standalone Migrate” extension that sometimes helps but the instructions didn’t work for me, it’s not always applicable and I couldn’t find any other documentation for this process. Nevertheless I did eventually achieve a migration on several sites (with or without the plugin), so here’s what worked and didn’t work in case it helps others.

Continue reading Migrating CiviCRM to standalone

Support for TLS 1.0 encryption ending

IT news
Did you know that support for TLS 1.0 encryption (which dates from 1990) ends this month, and Office 2010 doesn’t support anything later?
 
Why does this matter? It matters because there are several known exploits for this old encryption standard, which means that a determined hacker could “sniff” your login passwords. And a hacked email account can be used to reset the password on other online accounts, so there is a strong financial incentive for hackers.
 
The solution, as always, is to keep your software updated and make sure you have good backups.
 

Don’t panic about GDPR and make it worse

IT news
Customers are asking me whether they need to do anything about the new GDPR regulations. They want me to tell them that either they don’t need to worry because they don’t have a mailing list, or they just need to send everyone their privacy policy and everything will be fine. It’s not as simple as that because data can be stored in many ways and for many reasons – you need to actually read the guidelines to decide what applies to you.
 
The best explanation I’ve seen is here so take a few minutes to read that. In particular, you may have “legitimate interests” for storing personal data even if you can’t demonstrate consent.
 
Don’t just email all your contacts “to be safe” as everyone seems to be doing this week. That in itself may be illegal and make the problem worse. But that doesn’t mean you have to wipe your address book either. The following link has more details:
 

Fix email problems, in a nutshell

IT news

Here are some quick solutions for common email problems including unreliable or slow delivery, spam, no backups and using personal addresses.

Step 1. Get a “cloud” account for storage

If you don’t already have an online account with plenty of storage at somewhere like Gmail (or hotmail.com, live.com, outlook.com, icloud.com, me.com or mac.com) then signing for a free account there will immediately solve three big problems:

  • It allows you to train your spam filter by dragging messages from Inbox to the Spam folder or vice versa if they are misclassified. This can dramatically improve spam filtering accuracy.
  • It allows you to access and search your entire message archive from a mobile phone.
  • It gives you a backup in case your computer is lost or broken.

Continue reading Fix email problems, in a nutshell

Stable patches for the “Spectre” vulnerabilities

IT news
Stable patches for the “Spectre” vulnerabilities are beginning to appear at last. If your computer is only a couple of years old you should check for a BIOS update. They’ll slow down your machine a bit but running unpatched for too long is asking for trouble.
 
It’s pretty scandalous that these bugs (Spectre and Meltdown) were released in the first place, even more scandalous that they went unreported for years and disastrous that for many people the only way to fix them now is to throw away every device that contains one of the affected processors (pretty much anything that connects to the internet) and buy new ones. I hope the CPU manufacturers are ashamed.