Self-Hosting

Defense in Depth

Thoughts after a Hacker News post on a docker vulnerability.

Data Sovreignty, Engineering

The Article

I read Hacker News every day. A story on home server security made the front page recently and got me thinking about Tealok security and defense in depth in computing. This primarily came about due to the (excellent) Hacker News discussion of the article.

The story is pretty simple - you don’t need to read the entirety of the original article to get it. Here’s a summary

  • The author starts up a Docker container running Postgres
  • Docker by default exposes the container to the internet
  • An attacker leveraged the default password in Postgres to get RCE within the container
  • Attacker installs Kinsing malware to extract value from the exploited server.

One may be tempted to just say this is a “skills issue” on the part of the original author. If they’d known better, they wouldn’t have exposed the database container and there’d be no story here. I think that’s a valid take to a point - the world is full of dangers and experts are experts in part because they avoid dangers. But that’s missing import lessons.

Elevator Pitch

After a remarkable meeting where we celebrated the sensational numbers from Eli’s hit blog post on better container orchestration, our advisory board hit us with a challenge: 'Please give us an elevator pitch so we can explain Tealok to our friends and colleagues.' Confidently, I promised to deliver before the next board meeting. But several days and a few bike/brainstorming (bikestorming?) sessions later, I’ve realized two things: I’m not a marketing person. Writing an elevator pitch for Tealok is incredibly hard.

Engineering, Internet Service Providers

TL;DR

Tealok is a personal cloud technology that empowers you to seamlessly manage your data, connect your devices, and organize your digital tools—all without the need for technical expertise, restrictive systems, or the hassle of platform decay. Imagine it as the smartphone in a world of payphones: always connected, unrestricted, and free from the high fees and limitations imposed by traditional solutions. With Tealok, you’re in control and ready to thrive in today’s digital age.

Port 80

Handling requests on port 80 is a basic building block of web applications. Too bad we can't all just...do that.

Engineering, Internet Service Providers

I live in Gilbert Arizona. I have access to fiber-to-the-home. The fiber is owned by Cox. This means that even though I hate them, Cox is the best option for my home Internet service.

Recently I was working on Tealok, specifically trying to figure out if it’s possible to run a group of containers within Docker Swarm on a single node using IPv6 for incoming traffic. The goal is for Traefik to terminate TLS and run as a reverse proxy for a number of different services that have a web frontend.

Docker Compose Isn't Enough

Docker Compose creates problems as you scale a single server to many applications. We should learn from it and build something better.

Engineering, Ideas

Summary

Docker-compose is a tool for working with Docker containers. It solves very real problems with deploying complex applications. By itself it is not enough to make self-hosting applications simple enough for the mass-market. What we need is something like docker-compose, but at a higher level of abstraction that has a concept of SQL databases, local caches, durable storage, service discovery, and resource management.

The Business Model That's Controlling Your Life -- And How to Break Free

Discover the hidden costs of digital convenience and how Tealok simplifies reclaiming your privacy and autonomy without the technical hassle.

Data Sovreignty, Business

In today’s digital age, nearly every aspect of our lives is connected to technology. While these connections offer unparalleled convenience, they also come with a hidden cost: our privacy, autonomy, and freedom of choice. Big tech companies like Google, Facebook, and Amazon have built their fortunes by collecting vast amounts of data from us—often without our full understanding or consent. This practice, known as surveillance capitalism, goes far beyond targeted ads. It’s about creating detailed behavioral profiles that predict—and manipulate—our behavior.