This is a colophon — a description about the production and details of this site.


Design

Main header fonts are generally Helvetica Neue Light, or if that’s not available, Arial (or another system sans-serif) is used instead.

The body and sub-header font is Gentium Basic. Custom fonts (including Gentium Basic) are loaded via the CSS3 @font-face tag. You can read about that technique here or here.

Code related to the front-end design is open source. You can find the design-specific files here and here within the repository.


Backend

The meat-and-potatoes of the site consist of a custom-built backend built in Python and powered by the Django framework. (Currently: Python 2.7.10, Django 1.10.7.)

Unlike most Django sites, this is compiled into static HTML pages by django-medusa, a tool I wrote that allows "baking out" a Django site into a completely static set of HTML files that can then be served without the need of dynamic, server-side code.

In addition to django-medusa and django-gpg-sign-middleware (explained below), some older code, design files, and server configuration are also open source on GitHub.

Verifiability

Many pages on this site (and the Onion Browser site) are signed with my PGP key when the page is "baked" in django-medusa. (Check it out: view the source of this page right now!) This uses django-gpg-sign-middleware: a Django middleware that utilizes the gnupg package; check out the repo for the middleware to see how to do something like this yourself.

If you trust that my PGP key is legitimate, then PGP verification of these pages ensures that you can be certain that the pages you are viewing are legitimate and have not been surreptitiously tampered with -- on top of any guarantees of HTTPS or Tor hidden services.

Due to the sheer number of archival pages, not all blog pages are signed. All non-blog pages (like contact info, colophon page, etc) are signed, all posts since 2013 are signed, and all posts relating to digital security or other important topics are signed, using a whitelist/blacklist in the GNUPG_PATH_FILTER middleware setting.

You can check that a page is signed by viewing the page source and seeing that the BEGIN PGP SIGNED MESSAGE header appears in an HTML comment within the first couple lines of the file. (Try it on this page!)

You can check the validity of a page by running curl $URL | gpg, saving the page to your computer and opening it in gpg, or manually copying-and-pasting the source code into your PGP program.


Hosting

Since the site is statically compiled, hosting is fairly straightforward: files are stored and served from a couple of basic VPS servers. One is running Arch Linux and another runs Ubuntu. Both are fairly simple and run nginx to host the static files. The server configuration is available here.

One server is configured with Tor (nginx.conf, torrc) to provide access to this site via a Tor onion site — an encrypted, anonymous connection to the site: tigas3l7uusztiqu.onion (An onion domain name is normally a random 16 character string — this domain was customized by using shallot to brute-force the "tigas" prefix string.)


Legal

All content here is © 2001–2017 Mike Tigas. All rights reserved. But some content may be reused for free without needing to ask: check out the license info below.

If you’re confused about all this or if you can’t use the terms below (i.e. you can’t use “viral” ShareAlike licensing), just get in touch and I can give you explicit permission to reuse & republish stuff.

Text content:

Photos:

  • Flickr photos are under a variety licenses — check the Flickr photo page for details.
    • Lots of my photos use Creative Commons licenses.
    • Some of my photos are in the public domain and don’t even require credit.
    • If the Flickr page says "© All Rights Reserved" or if you can’t locate the license information, you may not reuse it without asking.
  • Photos outside of Flickr are All Rights Reserved unless they mention licensing on the page, or if the photo links to a Flickr page with a license.

Code:

  • Some of this site’s backend is on github, but it’s a bit outdated. There is also a repo for django-medusa, which powers part of the current site. See the LICENSE file in those repositories.
  • All other materials on my GitHub should contain a file named "LICENSE" or "COPYING", or otherwise note some license terms in the "README". If it does not, you are not allowed to reuse it without asking for permission.
  • As of 2016, a growing portion of my personal work is available under “copyleft” licenses. If you encounter any such code under GNU GPL, GNU AGPL, Mozilla Public License, or Creative Commons "ShareAlike" licenses, please consider the requirements of the license: Give credit where it’s due, share your own code if you use that copyleft work, and allow others to similarly use your code, too!

Questions?

Questions about any of this? Seek out my contact information and ask me — I’d be glad to tell you more.