So.. Prism was a wake up call. I’ve been looking to move to more privacy-centric sites for some time now, and this weekend I also decided to cut down on my spending at the same time. I’ve been spending close to $200 on my VPS, email hosting and domain every year. This seemed like overkill for a site that only I visited, although I found the VPS very useful for installing feed readers, analytics, and so on. Anyway, I couldn’t expect a transition to be completely pain free.
I’ve decided to cut back on services hosted in the US, so the VPS was the first to go. I’m now typing this on a free Gandi blog (who handle my domain already). I might switch over to a VPS at Gandi itself, once the dust settles down. The webmail was next: I have no complaints with Fastmail but I decided to move simply for reasons of cost. Gandi, again, has a simple mail service that I’ve switched to for now.
Both my VPS and email are paid up for a few more months so I can always switch back if the transition is too annoying. More importantly, I spent a few hours deleting my accounts in a ton of sites. Accountkiller was a very useful resource, as it tells you which sites require you to delete your data before removing the account, provides direct links to the account deletion page, and so on.
A few weeks back I posted a list of services I used heavily, and my password manager, LastPass was the most worrying in the list.. both because of how accustomed to it I was, and due to it’s proprietary nature. It is with some relief that I can now remove that from my list of concerns. Say hello to Clipperz.
Clipperz may be like LastPass superficially: both are zero-knowledge online password managers where the encryption happens on the client side and only encrypted data is stored and sync’d on the server. The similarities end there.
Clipperz is committed to Free software, and their code is open source and available to any one who wants to self host. Passwords are stored in ‘cards’, and auto login is provided by setting up ‘Direct Logins’ for each card. Since the scrambled password is easy to copy and paste from the card itself, I don’t use the Direct Logins feature much.
An offline version allows you to download the entire database in a self contained html file, which is useful for backups and rare offline moments.
Clipperz is now accepting registrations through Bitcoin only, in an effort to further anonymize the service. I signed up when they were still a free service, and have still not started experimenting with Bitcoin. The developers — a couple of friendly guys in Italy — were nice enough to help me with it.
All in all, it is a pleasure to see such a useful, well built tool from such nice, principled folks.
The folks at the Guardian released a Firefox addon recently. Called Collusion, it silently tracks third party sites that track users across multiple sites. I’ve run it for something like two days so far, and its depressing how I’ve littered my trail all over the web. The UI is very nicely done, and highlighting an icon shows all the sites it connects to and greys out the rest.