You can view the previous quarterly report here.

How did you spend your time?

Describe your progress and accomplishments since the last report. Include links to pull requests, commits, and other work.

This quarter I split my time between my social backup tool Horcrux and contributing to the Nostr community space project Flotilla. Horcrux is nearly ready for an open beta release, but I jumped full time into Flotilla a bit earlier than planned to try to capitalize on the exodus from Discord following the announcement of their new age verification policies.

Horcrux got a full UI rework based on user testing along with a couple quality of life features and a ton of bugfixes. Here is the detailed list in roughly chronological order:

• Improved invitations links to work when Horcrux is not installed
• Fixed several synchronization bugs related to invitations and recovery plan changes
• Improved relay communication with an persistent publishing queue and retry system.
• Reworked Recovery Status and Recovery Request screens based on user feedback.
• Implement feature to auto-distribute vault keys to peers instead of requiring user interaction.
• Add UI for vault owners to distribute out-of-band contact info for each steward.
• Added Linux build of the desktop app (along with AI harness for cloud agents to test the app)
• Improved status banner on the Vault Details screen to more clearly explain the current state of the vault and any pending action items for the user.
• Improved the presentation of vault invitations according to user feedback.

You can find all 33 merged PRs here.

On Flotilla my main project was implementing Voice Rooms, which are similar in behavior to Discord’s voice channels. The full list of contributions I made in rough chronological order are as follows:

• Helped fix a bug related to signing in with Primal’s new signer.
• Fixed navigation bug in Settings menu mobile devices.
• Helped fix an issue with uploading images on Android.
• Fixed a bug related to deploying a self-hosted instance Flotilla and improved documentation.
• Added voice channels (modeled after Discord) that integrate a Livekit server for WebRTC calls from within Flotilla. Contributed to NIP updates to standardize AV calls in NIP-29 groups.
• Deployed an instance of the pomade distributed signer to support email-based login w/ Flotilla.
• Working on starting a Nostr builder community-of-practice with a couple friends which will help me dogfood Flotilla as a space steward.

These changes were split into 12 pull requests across two repositories:

• Flotilla
• Zooid

What are your plans for next quarter?

Outline your goals and plans for the next quarter. Be specific about what you aim to accomplish.

For Horcrux my plan is to do a full release of the app in relevant app stores. The major tasks to complete include:

• Implement background checking for notifications
• Conduct (internal) security audit
• Deploy public beta
• Submit NIP for shamir’s secret sharing over Nostr
• Create marketing materials and website
• Deploy release to App Stores

On Flotilla my plan is to:

• Run usability trials with 3 existing non-Nostr communities who are exploring Discord alternatives. Their needs may shift the remaining goals considerably.
• Add video calls and screen sharing.
• Improve notification delivery options and reliability.
• Build a tool for consent-based decision-making (potentially as a third-party addon/bot)

Overview

I am just completing my first quarter of work on Horcrux, the best way to back up sensitive data to friends and family. This project was called Keydex for most of the first quarter, but I renamed it Horcrux about a month ago. To refresh your memory, this is a cross-platform mobile app that uses Shamir’s Secret Sharing algorithm to split sensitive data into shares, then uses Nostr to backup those shares to trusted “stewards”. This creates a secure backup where no computer or person has a full copy of the data, and restoring is only possible by consent of the stewards.

I’m pretty happy overall with the state of the app after 3 months. The app has basic versions of all the main features I wanted to implement, and I have been testing it in a private beta with several early adopters which gives me confidence that it will meet their needs. The app is far from done or perfect, and I have cut many features that I wanted, but having a complex cryptography app that’s almost consumer-ready after 3 months is something I am very satisfied with.

Key Learnings / Product Story

In my experience the most important part of building software is to always be learning from your users. I want to summarize what I have learned and how my plans have changed over the first 3 months of this product. For the TLDR; of what has been built feel free to skip to the next section.

Before I even submitted my grant application I started conducting user interviews and I have kept up the practice of interviewing at least one user every two weeks throughout the project. My initial timeline had me releasing a public beta at the two months mark, but I have opted instead for these private testing sessions because 1) I learn more from them than an open beta 2) I want the freedom to keep changing the data schema 3) this is an app for very sensitive data, and I don’t want people putting real data in until I have had a chance to do extensive testing and a security audit.

Early on I identified a few different use cases for this type of tool:

• inheritance planning - backing up essential passwords, backup codes, cryptographic keys, and other instructions for giving others access to your digital life/assets after death.
• border crossings - some users are interested in crossing international borders with sensitive data they do not have the keys to unlock. Think journalists, activists, etc.
• cryptographic key backup - although many good solutions exist for backing up cryptographic keys, social backup of Nostr keys, web3 wallets, or other key pairs is a desirable security/convenience tradeoff for some users and threat models.
• credential management for organizations - some businesses have ultra-sensitive permissions gated by traditional passwords (think root AWS account for a fintech company). Shamir’s Secret Sharing with a special sandbox could help them grant temporary access to these systems only by consent of several parties.

I decided to focus on the inheritance planning use case because:

1. The users I interviewed were most interested in that.
2. It seemed the easiest to dovetail with an ethical business model.
3. It is a tool that I would like to use personally.

This focus helped me clarify design decisions and prioritize feature building. Some key insights for this user group from my interviews:

• Although the users setting up digital inheritance plans are generally very technical, the stewards holding their data are usually not. Even password managers are too complex for many of these users. This means the user experience for them must be extremely smooth and clear.
• Although there is a very high initial effort to set up inheritance planning, most competing solutions neglect the maintenance (social and otherwise) to keep such a system healthy.
• Although there are many physical metaphors that can help users understand how Shamir’s Secret Sharing behaves, all of them have drawbacks. Initially I went with the terms “lockbox”, “keys”, and, “key holders” to describe the metaphor of putting things in a box that requires multiple keys to open. After some testing I switched to “vault”, “keys”, and “stewards”. But I considered and tested several other metaphors like puzzles, shards, shares, mosaic tiles, mailboxes, and crystals.

So far on the project the biggest challenge has been making the UI intuitive enough for non-technical stewards to use. I had the basic backup and restore functionality working after just 3 weeks of programming. But making that functionality easy, accessible, and difficult to misuse has taken another 11 weeks and it probably needs another 11 to really be great (more on the future timeline later). This follows the old software adage that building the first 80% of the app takes 20% of the time and building the last 20% takes 80% of the time.

About 2 months into my 4 month timeline for this project I began to panic realizing that I was only going to be able to get about half of my planned features implemented. I was worried that this would turn into some half-finished software that no one except me would use. At this point I had done many user interviews but I hadn’t really tested the app with any potential users because there weren’t really enough features there to do a real test. I was able to push through and get all the basic features covered: creating a vault, inviting stewards via links, distributing keys to stewards, initiating vault recovery, responding to recovery requests, and fully recovering the data. Once I got to this point I scheduled more interviews to show folks the app.

These interviews were tremendously clarifying. They confirmed that I had the basics right, but also confirmed what I was feeling already: I was going to have to cut features. I decided to lean more into the cryptographic key backup use case because it was a slightly simpler use case. It doesn’t require backing up large files, which meant I could punt on implementing encrypted blob storage with Blossom. Because users don’t need to do as much text editing in this use case I could get away without shipping to all desktop platforms and keep the app mobile-only for now. And I also decided to cut the P2P features I was trying to build - namely that no data would be stored on relays long-term to improve forward security. This greatly simplified account management, device migration, and the number of round trips needed to distribute keys and recover. The app will still work for the inheritance planning use case (and border crossings) but the UI won’t be as optimized for those use cases.

I hope this was a good summary of why I have built Horcrux the way I have. Below you’ll find more detailed lists of my progress and some notes on future plans.

Feature List

Here is roughly what the app can do today. There is no open beta yet, but I would be happy to give a live demo to anyone who would like one.

• Login with your existing Nostr key, create a new account, or use without an account.
• Create an encrypted vault with arbitrary text (up to 4 kilobytes).
• Make a recovery plan for your vault, specify how many keys your vault will need to be opened, what relay servers you will use, etc.
• Invite stewards via an invitation link that prompts them to download Horcrux if they don’t have it installed, and displays the invitation in app if they do have it installed.
• Initiate recovery of a vault.
• Respond to recovery requests to assist vault owners or stewards with recovery.
• Practice the recovery flow without exchanging real data.
• Wipe the vault contents from your own device and hold a key to your own vault for maximum security.

Future Plans

Here is roughly what I would like to accomplish before shipping Horcrux 1.0:

• rework recovery UX
• finalize data format and submit NIP spec draft
• add the ability for vault owners to share out-of-band contact info for each steward
• (internal) security audit. I would love to pay for an independent audit, but I will need to secure more funding for this in the future.
• automated deployments
• public website, support email, privacy policy
• app store publishing

My OpenSats grant proposal included two projects, first Horcrux and then a Nostr group communication app. My rough timeline was to work on Horcrux for 4 months and the Nostr group app for 8 months. I plan to extend my work on Horcrux to at least 5 months to finish the above features and get a full release done. I will be interleaving work for the Nostr groups app at the same time, in fact I have already been putting some hours into it.

Project Timeline

Below is a summary of my work with links to relevant commits and PRs, grouped into phases.

• Startup (2 weeks, Sept 7-20)
  • User interviews
  • name, design, branding research
• Initial backup & restore functionality (3 weeks, Sept 21-Oct 11)
  • Create a vault
  • Add stewards
  • Backup vault
  • Restore vault
  • Major PRs:
    • Add Nostr key generation and secure storage
    • Add encryption and persistence of lockboxes
    • Add tests and helpers for KeyService and LockboxService
    • Add backup of shares to relays
    • Basic lockbox recovery
• Invitation links, UI/UX pass, refactoring (7 weeks, Oct 12-Nov 29)
  • Added invitation links that can be shared with stewards to add them to a vault
  • UI pass on all screens to improve intuitiveness and functionality
  • Full refactor service layer, adopted Riverpod state management
  • Automatic relay management
  • Basic onboarding screens
  • Set up development relay
  • Initial deployment to Testflight
  • Major PRs:
    • 004-invitation-links
    • Scan-relays-automatically
    • Add names to vault owners and stewards
    • Add Instructions field for stewards
    • Initial testflight deployment
    • Design Refresh
    • Add basic onboarding screen
    • Add vault explainer screen before lockbox creation
    • UI Cleanup
    • Add Screenshot / Golden Tests
• Better onboarding, Practice Recovery, Self-stewardship (4 weeks, Nov 30-Dec 20)
  • Added separate onboarding flows for vault owners and stewards.
  • Added tutorial for backing up Nostr key during onboarding.
  • Added ability for vault owners to “practice” recovery (to test system without decrypting real vault data)
  • Added ability for vault owners to hold a key to their own vault
  • Reworked app colors and fonts
  • Rebranded app from Keydex to Horcrux
  • Major PRs:
    • New theme
    • Onboarding Flow Redesign: User-Choice Account Management
    • Add account management screen with logout functionality
    • Practice Recovery
    • Fastlane: iOS and Android beta deployment automation
    • feat: Implement owner self-shard feature (006-owner-shard)

I recently ran my first experiment: a website for following professional Counter-Strike 2 tournaments without the spoilers found on other sites, SpoilerFree.gg. I learned a lot and had a great time building it! I’m sharing my rough notes in case it’s helpful or interesting, but mostly to generate discussion with friends or anyone who is interested! So please if you have advice, comments, or questions find me on social media.

Summary

I ran this experiment over 3 weeks, with the weeks roughly divided into: exploration and user research, building, and launch. Overall I had about 1000 people visit the site, the vast majority of which were from Reddit ads that I bought. I only had 1 person click the painted door experiment I put up for a pro subscription service. I also have 1 user (a different person) who signed up for an account and has been using the site for several days, but doesn’t seem interested in the pro version.

So overall something like a 0.01%-0.04% conversion rate, my success criteria was 5%, which was maybe too high, but in any case I didn’t get a strong signal that this was solving a pain people want to pay to solve.

The biggest takeaways for me:

• I should look for problems that people are already spending significant money or time to work around.
• I should budget more money for user interviews at the outset, and also after launch.

Below are some of my rough notes on how the 3 weeks played out:

Week 1 - Research

Market research, Figma prototypes, and user interviews

• 2 expert interviews with folks who had built similar sites
  • 1 expert who had a similar site with a lot of users, but the site was free (they made the most money off associated Youtube videos). I should not have ignored the fact that users didn’t pay. Although I could make decent ad money if I could grow my site to their size.
  • the other expert also hadn’t made a lot of money or gotten as much traffic, but did share their source code(!) with me.
• Prototyping
  • I took the advice from Michael Margolis on this podcast and sketched out 3 mockups using UXPilot and Figma and used these to generate discussion in my user interviews.
• 2 user interviews
  • 1 was not a bullseye customer. This was a failure in my screener survey. I need to get even more specific without being leading!
  • 1 was a bullseye customer and organically mentioned spoilers as a problem, but didn’t have strong alternate solution. The fact that they didn’t spend significant time or money working around the problem is a signal I missed.
• Legal research
  • The main problem I had was matches being spoiled by the length of the match on youtube. There were a lot of other, smaller problems related to spoilers but this was the problem I wanted to solve for myself and it felt like the solution didn’t exist. But research made me realize my solution (a custom player with the scrubber hidden) might violate the Youtube ToS. This led me towards minimizing this solution in the build, which weakened my value proposition.

Week 2 - Build

• This part went super well. Was able to build really quickly with next.js and AI.
• Started with 3 1-shot prototypes (claude code (winner), v0, something else), picked my favorite and jumped into Cursor.
• Using vibe-tools to make plans for large features with gemini worked really well. Then I’d have Claude implement the plan one step at a time and check its work after each step.
• Updating cursor rules as I went
• I’m hosting the site on the free plans of Vercel, Railway, and Supabase. All three are new to me but seem fine.

Week 3 - Launch

• I’ve never run an ad campaign but it was pretty easy to get started on Reddit.
• Got just over 1000 eyeballs on the site for ~$100
• Had some trouble figuring out why people weren’t sticking around based on analytics alone. Wanted to do more user interviews, but the cost seems high for something that I think I stopped believing in.

Conclusion

Overall I’m pretty happy with how things went. I enjoyed it a lot and learned a lot. I really believed this could be successful, and maybe it could be if I put more effort into it, but for now I’m moving on to the next thing.

Summary

Nostr is “The simplest open protocol that is able to create a censorship-resistant global ‘social’ network once and for all.” Nostr is very young and the protocol is still in its infancy. It’s unclear whether its simplicity is naive or elegant, whether it can scale to millions of users both in technical performance and preventing spam and abuse. Nevertheless the protocol is easy to work with and has a vibrant community quickly growing around it.

The key difference at a protocol level is that SSB posts are signed and published to an ordered append-only log, while Nostr posts are just signed and sent to to relay servers. There are many other differences most of them hinge on this fact.

The main advantages it has over Scuttlebutt are:

• Onboarding is quick and easy.
• The protocol already supports editing, deleting, and ephemeral posts.
• You can use the same account with multiple devices.
• It is much easier to understand and implement.
• It has more active users, momentum, apps, and tools.

The main disadvantages it has vs. Scuttlebutt are:

• There are not yet any good systems to prevent abuse on public relays. There is no way to block or hide abusive accounts or posts in most apps, there is no standard way to report abusive accounts to relay owners, there are no blocklists being shared by relay owners, etc.
• There is not yet any good solution to preventing spam on the network. The leading idea so far is adding a proof-of-work cost to publish a message, which is isn’t a great solution imo.
• Nostr messages are unordered. This is what gives the protocol its simplicity and power, but it creates some side effects:
  • You can never know if you have all the messages from a given account, even your own.
  • You can’t efficiently sync messages between relays (yet). This results in awkward flows where users may not be sure where their data is or how to move it.
  • It may not be obvious when a relay is omitting some content on purpose.
  • Faking the timestamp on a message is much easier.

Here are some other contrasts that don’t fall clearly into advantage/disadvantage:

Technical Feature Comparison

I’ve been wanting to write down some more thoughts about the book Reinventing Organizations which I finished several months ago, but I’m just getting around to doing it now. Huge thanks to @jeukku for the recommendation, I’m so glad I picked this one up!

Reinventing Organizations was a real eye opener for me, and it completely convinced me of the premise: that companies of self-managing employees can exist at all sizes, in various industries, and can outperform traditionally-managed organizations.

I have never worked for a cooperative or other type of organization where ultimate authority and ownership come from the workers, not a CEO or board of directors. My desire when I asked this question was to learn more about them and hear real stories about how they solve the tough problems. Hiring, firing, compensation, budgets. How can large groups of people manage themselves in situations where people disagree and compromise is not effective?

The answer lies in a few simple principles. (These aren’t directly from the book, these are my own takeaways).

1. People will generally work hard, and work towards the higher purposes of the organization when they feel responsible for its future and empowered to effect change. This is the foundation of self-management. Traditional organizations are stuck in industrial era mindsets in their views of workers: that workers are mostly lazy, dishonest, unintelligent, and must not be trusted. But viewing workers this way is a self-fulfilling prophecy.
2. The goal is not to eliminate all power hierarchies. The goal is to move away from having a single org-chart style hierarchy. Instead, create many hierarchies with different people at the top of each, and be flexible in rearranging them as circumstances evolve. People take on well-defined roles and changing one’s list of active roles is done much more frequently than changing a job title or org chart in a traditional organization.
3. The advice protocol. The advice protocol says “any person can make any decision after seeking advice from 1) everyone who will be meaningfully affected, and 2) people with expertise in the matter. Advice received must be taken into consideration.” This radically empowers people to solve problems without getting bogged down trying to focus on unanimous approval. The advice protocol is sacred and violating it is one of the worst offenses you can commit in a self-managing organization.
4. Peer to peer conflict resolution is essential and every effort must be taken to ensure that it stays effective. This involves: robust training in conflict-resolution for all members, creating a culture of psychological safety, supporting processes like standing meetings for processing tension, peer reviews, check-in and check-out processes at meetings, etc.

The whole first part of the book was a strange broad-stroke history of the world, which I found reductive and not well-supported. I don’t think the author’s goal was so much to make an argument with historical backing as to tell stories about different types of organizational worldviews to draw on throughout the rest of the book. If you find it off-putting just power through or skip it and read the summary paragraphs at the end.

I highly recommend the book to anyone interested in healthier ways of working. I have found myself using some of the concepts and processes from the book in my day-to-day work at Planetary, even though we aren’t a self-managed organization (although management processes are very lightweight and informal). There is a wiki for the book that I found helpful and drew on to write this. For anyone looking to start or transition to a self-managing organization there is also Holacracy, a company that provides training, consulting, and example processes and documents that can be adopted.

My Routine

My current routine includes a scheduled 90 minute “work bout” in the morning, and sometimes another in the afternoon. The morning bout is scheduled to coincide with the part of my circadian rhythm when it is easiest for my brain to focus.

I track the 90 minutes as three pomodoro sessions during which I mute almost all notifications.

Despite having a lot of tools and software to control notifications, getting everything into the state I wanted took more effort than I thought. I want to share my setup in case its useful to others.

Goals

In order to get into this habit I wanted to be able to put my computer into “distraction-free” mode as easily as possible. My requirements were:

• Launch distraction free mode via a single command or keyboard shortcut.
• Only be interrupted for emergencies.
• Communicate the fact that I’m doing focused work to coworkers and family.

Implementation

• I start off my 90 minute work session using Alfred. I type “pomo” into the launch bar which runs a custom workflow I made.
• The custom workflow runs some AppleScript that starts my Pomodoro timer. I use the Flow timer app because it’s free and has AppleScript support.
• The AppleScript also sets my Slack status to “🎧 focused” and puts Slack into Do Not Disturb mode. This lets my coworkers know that I’m doing focused work and may not see their message right away. Slack gives them the option to punch through Do Not Disturb if their message is truly urgent. Slack doesn’t support AppleScript, but fortunately there is a good tool for it on Microsoft Github.
• Finally, the Alfred workflow sets my macOS/iOS Focus Mode. Focus Modes are a new feature in iOS 15/macOS 12 and it was this feature that actually gave me the motivation to set up this whole system. I have a custom Focus called “Coding” that allows notifications from Xcode, my calendar, and my wife. The ability to allow notifications from certain people rather than certain applications through is an awesome feature that I didn’t know I wanted until I had it. Unfortunately even macOS doesn’t support AppleScript anymore, at least when it comes to Focus mode 😢. So to turn my Coding Focus on automatically the Alfred workflow runs a bash script that runs a simple Shortcut I created in Apple’s Shortcuts app. The shortcut uses the “Set Focus” action.
• At this point I engage in 25 minutes of focused work - generally writing code. I try to minimize context-switching during this time to keep my focus. I find that staring at the compiler progress bar is better than switching to Slack, social media, etc.
• After 25 minutes are up, I take a 5 minute break to stand up, stretch, and check Slack.
• After 3 pomodoro sessions I run another Alfred workflow I created that clears my Slack status and Focus.

I wish it was more straightforward to set this up, but I have been getting a lot of work done this way. I hope if you are a knowledge worker who doesn’t already schedule “flow” into your work day maybe this has started the gears turning for you.

Is Xcode actually significantly buggier than other IDEs? I don’t know. But I know I’ve spent way too much time on Xcode issues that were solved by some variation of turning it off and on again.

Xplode

Xplode is a bash script that turns the things off and back on again. It takes about 10 seconds to run on my machine, and has saved me hours of debugging time over the past few months. To be specific, Xplode 1.0 will:

• Clean the Build Folder
• Quit Xcode
• Delete Derived Data
• Reset all simulators
• Reopen Xcode

To install:

1. brew tap mplorentz/tap https://gitlab.com/mplorentz/tap
2. brew install xplode

To use:

1. Run xplode in your project’s directory.

Why?

I have always been frustrated with Xcode’s cryptic and sometimes random errors. But on my latest project I found myself spending several hours a week debugging problems that turned out to be Xcode’s fault. More than once I have lost a full working day only to find out that Derived Data was to blame. My co-workers were having a similar experience.

My current client has several Swift frameworks that install one another via CocoaPods. Some of them have Objective-C dependencies and they aren’t always using the same versions of Swift and Xcode. I think this has been the perfect storm to bring out all the weird corner cases in the Xcode toolchain. After making one too many jokes about throwing my computer out the window I decided to take matters into my own hands.

The name “Xplode” (which I think came from my friend Josh, thanks Josh) is leftover from the original design which was supposed to physically blow up your computer and order a new one from Apple, checking out your git repo and rebuilding your project when the new machine arrived. This version probably would have still saved some developers time and money, but was deemed impractical for other reasons. The second prototype used AppleScript to fill your screen with animated GIFs of explosions and people destroying computers while it ran through the steps to restart Xcode in the background. The AppleScript necessary to tile an arbitrary set of GIFs onscreen dwarfed the code that actually turned things off an back on again. Ultimately macOS Mojave’s permission dialogs killed that version too. Thus the current Bash version was born. It isn’t as much fun but gets the job done.

You can find the source code, open issues, and contribute at xplode.computer.

Back in 2013 Google held all the cards in my digital life. They had all my emails, web searches, phone calls, texts, directions to every new place I went, calendar events, most of the documents I worked on, and many of the websites I visited.

It’s now 2019. Google still rules a large swath of the internet. But they have much less power over my online experience and they are making much less money from me.

I feel morally obligated to be part of the current privacy crusade. In 2013 I decided to make a commitment to cut Google out of my life. I was inspired by the Snowden revelations and Steven Frank’s project to take back his own personal data from cloud services. But at the time it seemed like an impossible task. Some services had easy alternatives, but others had nothing of similar quality or price.

In this post I want to review all the Google services I was using then and see what I have replaced them with today. I also want to evaluate who owns my data today and what, if any, further actions I should be taking to protect my privacy.

Gmail

Getting off Gmail is hard and easy at the same time. There are hundreds of decent mail providers out there, and picking a good one is not hard - if you are willing to fork over a few dollars a month. This was a hard commitment to make when I was in college, but I don’t regret it.

I switched to the privacy conscious and non-US based KolabNow (RIP Lavabit). I also changed my email address to use my own domain name, which gives me an address that will last a lifetime and allows me to switch hosts whenever I want.

Some of my friends and relatives still use my old address, so I have to keep it around. That and most email providers want a backup email for account recovery. So the old Gmail address sticks around, but there is a very low volume of mail coming through. Of course Google still has most of my emails, but I’m doing as much as I can to fight it.

• TODO: Consider deleting the Gmail account altogether and paying for (or self-hosting?) a second email for account recovery purposes.
• Replaced with: KolabNow
• Data visible to: KolabNow

GChat

Back in 2010 instant messages were still a very important medium for me. Now if I need to chat with someone I usually end up using iMessage/SMS for personal conversations and Slack for work. iMessage is supposedly end-to-end encrypted, but SMSs aren’t very private at all. I’ve used several other types of chat software over the years like IRC, Signal, Matrix, Keybase, etc., but the problem with picking a chat platform is that popularity is usually the deciding factor.

• TODO: I should use Signal more.
• Replaced with: iMessage, SMS, Slack
• Data visible to: Verizon/everyone on SS7, Slack, maybe Apple

Google Search

There’s a reason Google is a verb, and that reason is Search. I use Duck Duck Go as the default search engine on all my devices these days, but for many queries I have to use the !g command to forward my question to Google. Duck Duck Go just doesn’t understand what I am asking for, especially when I’m searching for programming questions.

Maybe there are search engines that give Google’s results but do more to obfuscate my identity. Or maybe there are better websites than Duck Duck Go. I haven’t looked. I should.

• TODO: Investigate other search engines.
• Replaced with: Duck Duck Go
• Data visible to: Duck Duck Go, Google

Google Voice

Google Voice had one killer feature for me: the ability to send and receive SMS messages from my laptop. iMessage gained this feature in 2014 which made it easy to get rid of. I’ve already discussed iMessage and Signal above.

• Replaced with: SMS, iMessage
• Data visible to: Verizon/Everyone on SS7, maybe Apple

Google Maps

Google Maps was one of the hardest products to replace in 2013. MapQuest had fallen behind and Apple Maps and OpenStreetMap hadn’t taken off yet.

These days I use Apple Maps. Exchanging Google for Apple is a small win but not ideal. The only privacy-respecting alternative I know of is OpenStreetMap, which I have tried very hard to use. But it just doesn’t cut it. Given a phone, a navigation app, and the name of a destination I often can’t get directions with OpenStreetMap in under a minute. Trying to convert a destination’s name to a longitude/latitude is really hard and not always possible.

• TODO: I will try OpenStreetMap again in the future, and maybe try some of the closed-source navigation apps I have spurned so far.
• Replaced with: Apple Maps
• Data visible to: Apple

Google Plus

Just kidding. Nobody used Google Plus.

Google Calendar

Today I use iCloud to sync my calendars between devices. I think KolabNow, who already hosts my email, hosts calendars as well but I’ve never tried it. I should. Or maybe I should self-host.

• TODO: Switch calendar/contact hosting to KolabNow or my own server.
• Replaced with: iCloud Calendar
• Data visible to: maybe Apple

Google Docs

Google Docs was the only document editor with really good concurrent editing support in 2010. Today that’s not the case and without a school assigning group projects I don’t have nearly as much need for it. When I do I usually use hack.md or Etherpad. I tried to self-host hack.md but I couldn’t figure out the administration part of it. Although both are open-source I should still host one of them myself.

• TODO: Self-host a real-time document editor.
• Replaced with: hack.md, Etherpad
• Data visible to: hack.md, Etherpad host

Google Reader

RSS used to be my “social media” where I got my news, followed friends, and learned more about what I’m interested in. But as Twitter, Facebook, and other networks grew I stopped using RSS as much. When Google Reader shut down it wasn’t a big deal for me. Today I use NewsBlur which is hosted by someone else but is open source. I’m pretty happy with it. I may try to self-host it someday.

• Replaced with: NewsBlur
• Data visible to: NewsBlur

Google Ads

I don’t usually think of myself as a “user” of Google Ads when I see them. But Google Ads are the reason all of these other services exist. I use an ad blocker because of the state of online tracking today. I know that denying Google and other sites revenue while I continue to use their services is unfair. But being tracked by ads these days happens across websites, whether you are using the companies services or not. This tracking is done without permission and without many users knowledge, and it is unethical and dangerous. So I use uBlock Origin on desktop and Purify on iOS. I’m also planning to set up a Pi-hole at home when I get a chance.

• Replaced with: Nothing
• Data visible to: No one

YouTube

YouTube has a stranglehold on the online video world and it is where I consume most video content today. PeerTube looks promising but doesn’t have the content that I want to watch. Unlike most of the other Google services I have gotten rid of there is no alternative way to consume the same content. Maybe the best I can do right now is to donate a couple bucks a month to PeerTube.

• TODO: Donate to PeerTube
• Replaced with: N/A
• Data visible to: Google