After using Google Blogger for nearly 9 years to host my blog, I decided to migrate to a Git-based blog. My blog is now primarily hosted on GitHub using GitHub Pages for ease of viewing via a Web browser. I shall stress, however, the blog is Git-based, not necessarily GitHub-based!
This move offers several important advantages:
- Independence on the underlying hosting company
- Flexibility of distribution
- Integrity protection
- Easily accessible edits history
The statement about independence on hosting might sound a bit surprising,
because one could point out that I still depend on GitHub to host my blog repo.
However, this is really just a technicality. I might trivially (via
move to another Git hosting platform, shall there be any problems with GitHub
While the use of Markdown and Jekyll, which is natively used by GitHub Pages to render nicely looking static HTML, makes this repo somehow GitHub-specific, special care has been taken to make all the content human readable even without Jekyll pre-processing and when viewed using standard plaintext editors.
Moreover, it’s not just me who can move this blog to some other hosting
platform, but this could be anybody, thanks to the ease of Git repo cloning
(irrelevant whether through GitHub web interface or just using
pull manually). This, combined with integrity protection discussed
below, allows anybody to create mirrors offering this blog to different groups
of people, without losing ability to prove its authenticity, which no longer
needs to be implied by DNS record ownership.
Somebody suggested recently that I should be distributing my blog as a bunch of text files over a Tor Hidden service. Of course I don’t have time and enough incentive to do that myself. However, thanks to git-based nature of this blog, it is easy for somebody else to setup a script that would be regularly pull’ing my blog, verifying authenticity, and then e.g. publishing it as a Tor Hidden Service.
Or somebody might not like the blog is served over plaintext HTTP connections when accessible via the blog.invisiblethings.org DNS (which sadly is a limitation of GitHub pages) and might want to setup own server with proper SSL certificate to serve it. Again, no problem, and there is no action required on my side! That’s the beauty of maintaining this as an easily clone-able git repo.
And, no, realistically, I don’t think I am, or this blog is, that important or controversial, that the US or other government, or whoever, will likely want to block, censor or tamper with it in any way. This is more about principles. About the feeling that even if They wanted, they could not. It’s a nice feeling.
Integrity protection of this blog
End-to-end integrity protection of any distributed information (code, documents, etc) is an extremely important aspect in the digital world, unfortunately way too often ignored by the industry today.
End-to-end integrity protection (as well as end-to-end encryption) is the only solution that allows to keep the infrastructure (servers, admins, networks) out of the trust base. Sadly most of the Internet and its services have been designed with the assumption that integrity and confidentiality is to be provided by the infrastructure (e.g. via SSL, VPNs, etc). Such approach necessarily puts individuals, who often are not able to fully control the infrastructure, out of control with regards to who they trust. Lots of problems arises from lack of end-to-end integrity and confidentiality guarantees.
This blog is integrity protected. The integrity protection utilizes Git signed tags on the underlying repo commits. These are signed with by Blog Signing Key.
It’s worth noting, however, for the record, that the 2006-2014 posts have been automatically downloaded from my Google Blogger account and have been included in this repo as HTML files (as generated by Jekyll Importer) without a thorough manual inspection after the conversion. My Git tags still cover them, of course.
Distribution, Hosting, Notifications
This blog is now available for traditional Web-based viewing via the following URL:
One can get notifications about new posts/updates via:
The source of this repo is currently available via my GitHub account here