Essentials of Fitness

Posted on April 7, 2022July 10, 2024 by Dustin Fontaine

Essentials of Fitness

> Insert obligatory ‘consult your doctor’ stuff here. <

First of all, let me just say I am by no means an expert or guru or anything else, I’m just a guy that wanted to do better. I’ve made progress of my own and have had people approach me asking for advice or tips. So this is mainly a brain dump of what I’ve learned, from my own perspective. There is no reason you can’t work toward fitness no matter what you do. I work in technology and data, and this is not what I look like.

One thing I’ve found when trying to learn everything I can about fitness is, there is A LOT of information out there. Much of it is very unnecessarily complex, some of it is not entirely accurate or doesn’t encompass certain elements that should be considered, and some of it is just dumb.

The thing about being in an industry, is many fitness professionals have differing ways of doing things and that is what I feel like is one of the the biggest contributing factors for people just wanting to get off the couch and turn themselves around. They find all this content and it’s so absurdly overwhelming that it ends up causing them to just plop back down and turn that TV back on. I have certainly been one of these people, so I definitely understand the plight.

Luckily, I don’t blog to make money. I primarily keep this site as an evolving resume, and my blog is mostly just a big FAQ. If someone asks me about privacy online, I send this, it’s nice and organized and has handy-dandy links.

Now the human body has not changed a whole lot in the past several thousand years and even though there may be a whole lot more to what I say, the basic concepts behind fitness are still pretty simple to apply.

Diets

The most important thing here is, you guessed it, calories! The thing nobody wants to count or even acknowledge exists! The good news is it does not need to be anywhere near as complex as some might make it seem. Though as a fair warning, if you’re like most Americans you are likely eating larger portions than you should be.

Now, download the app for either MyFitnessPal or Cronometer (or any other counter you like). I like Cronometer because it lets you scan the bar codes and track net carbs in the free version if you decide to go the keto route. Don’t go cold turkey on this. Start with logging what you are eating so you can see what you are currently eating. Include all the little stuff like the butter you used to make your eggs. Get a food scale.

Now we need to start adjusting those numbers. If your goal is fat loss, you can use a calorie calculator and look at the maintenance numbers and different weight loss metrics. This is just a starting point though, and should only be treated as an estimate. Your own body will tell you what you need a lot better than any calculator you can find. I wouldn’t recommend doing more than a 200-300 calorie difference at first.

One thing that is common to do is to eat at a deficit five days a week, then have two re-feed days. If you have a target of 1900 calories for five days, and a target of 2200 calories on re-feed days, you average about 2014 calories for the week, not too far from the “recommended 2000 calorie diet” that most labels are based on. Oh, and don’t trust those, get a food scale, measure in grams (I’ve had some way off counts in the past).

The next most important thing is protein. You can calculate using this protein calculator or estimate via lean body mass or you can just set your actual weight as this goal. This will largely depend on what makes sense for you, but protein is the one thing you can have an excess of an not hurt your progress. Be reasonable though, if you’re 200+ pounds and your goal is fat loss, you won’t need that much protein and trying to hit that will only mean more calories.

All that is left is carbs vs fats. Once you have the numbers from above, you can allocate to whatever kind of diet you want. There are good fats and bad fats, just like there are good carbs and bad carbs. This is something you’ll want to investigate more as you formulate your meal plan. However, to get a good understanding of how America has become so obese, I’d give the links in the Fun Facts below a read.

If you are trying to “bulk up” then you might already have guessed, you need to eat in a calorie surplus. The Calorie Calculator has an option to show gains. Start there, also start SLOW. You don’t need to go from eating ~2100 calories to ~5000 like you’re the Rock or something. Start with +200/300 from maintenance and go from there. Same for the protein.

Exercise

If you thought there was fluff about diets, there is even more about exercise. High/low rep ranges and weights, different training programs, splits, hypertrophy, etc. O-M-Goodness, how do I decide? Now, there are a lot more qualified resources out there if you are trying to get into bodybuilding and all kinds of more advanced stuff, so I’m keeping with the tone of this post and making it simple.

As for the high rep/low weight or low rep/high weight thing, I got the link from the Physiqonomics article below, but it’s sourced here. Basically it doesn’t matter. If you do either to failure it will have the same result. Now there is a lot of varying methods here involving “drop sets” and “negatives” and other things that you would focus on for building hypertrophy and the like, but again – this is for day-one beginners so we aren’t worrying about that now.

Anyway, I think a good place to start is to find a basic full-body routine and do a weight that you can do about 8-15 reps to failure because I certainly don’t want to be at the gym half the day and I’m sure the average person doesn’t want to either. And you don’t want to do max all the time – that will end up hurting you. Also if you are not training for some sort of competition you really don’t need to do max, just make steady progress. One of the best ways to lose fat is to build muscle.

Here is a site with a ton of free routines.

Also a couple notes, if you are starting a caloric deficit, you will typically do worse workouts the first few weeks before your body gets in the groove. Don’t let that discourage you. And ladies, without hormone injection or some other steroid, you will not get absurdly buff from just strength training an hour a day, 5 days a week.

The trick to working out and keeping it consistent, is you need to make it a habit. I like to do it first thing in the morning Monday through Friday and that works for me. After a few weeks of making myself go to the gym, eventually it just became something I do as part of the morning wake-up routine.

Cheat Days

I’m going to wrap up with this widely debated topic.

I personally define a cheat day as a day where you have something that is not part of your normal diet. I do not consider gorging all day – maybe have a half dozen donuts for breakfast, a Big Mac for lunch and a pizza for dinner – to be an acceptable cheat day. That’s just bad and your body will hate you for it. But having cake at your kid’s birthday party after having a light breakfast and lunch is perfectly fine in my opinion.

Sure you have a bit of a hiccup in your progress, but I think one of the main reasons people can’t maintain a diet is because they restrict themselves too much or make it just a miserable thing to begin with. Now I don’t go making a habit of this, but you have to be able to maintain your overall diet and it’s much easier to do if you allow yourself to bend the boundaries a little once in a while.

I don’t recommend doing this in the early stages of your diet, however – you can easily fall back into bad habits. Best to at least spend a couple months in strict mode or even start off on a particular diet as a ‘sprint’ such as doing keto for fat loss. Then after a few months, you can drop off, but still keep a diet that is easier to maintain.

Fin

Okay, that all seems like a lot all at once, but just take the basic numbers and a basic workout and get started. If you literally just do that, you’ll have made a serious move in your life. If you want something more advanced, there is plenty of material out there.

Also, if you are the type of person that doesn’t stay on track, create an accountability. This can be just a few people that you ask to check in with you, or a support group of others in your area that may want the same in return. Work out together, share recipes, whatever. Just having someone to nag you about it might be just the thing you need to keep moving.

Finally, I’ve left some good reads below and a lot of them were linked above, so do give them a read.

Handy-Dandy Links

Essentials

Counters

Calculators

Workout Routines

Fun Facts

My Personal Privacy Framework

Posted on September 9, 2021July 10, 2024 by Dustin Fontaine

My Personal Privacy Framework

We live in a data-centric world, with constant services vying for our attention (or subscriptions). We know that data is being collected and given to various affiliates or government agencies, and it can be mind boggling to try to keep up with it all. Some people on the other hand, don’t care or are convinced they cannot do anything about it.

Now I’m not entirely naïve to think that you can be completely private without foregoing cell phones, TV, and everything else that modern civilization has to offer. You can however, take steps to control your data and more or less have a say on who sees what, if at all. This is a happy medium to me, and I’ve taken it upon myself to perform all the steps I outline in this post. You can take what you like or leave it be, whatever is good for you. I’m going to briefly mention each item and link so you may need to conduct your own research on these items to learn more about them.

Big Item: The Mobile Phone

If you have an Android or iPhone – which you likely do – you are already at significant risk. Google and Apple collect data about basically everything you do on your phone. You can however, obtain an Android phone without the Google services. This will require a lot of research beforehand and ultimately there are two wants: 1, a very active development community and 2, a vendor that actively maintains updates (which in turn, incentivizes the community).

Typically I like to go for OnePlus phones, but I usually buy them used from Swappa. You can do some reading on your desired devices over at XDA to get an idea of how active the development is. You’ll then either want to flash one of the many roms you find there, or LineageOS. You can also opt for a Google Pixel (NOT VERIZON VARIANT), and install GrapheneOS.

At this point you’ll want the F-Droid Android store primarily but if there are certain proprietary apps you need to use, you can use Aurora Store to replace the Google Play Store – and you’ll likely want to install microG, which is an emulation of Google services. (Best to use the Magisk route then install the apk’s.

Of course there is still a certain amount of tracking just because you have to connect to cell towers in order to receive service and are subject to your agreement with that provider, so be aware of that. Of course if your ROM randomizes your MAC address that is one more thing to note.

Big Item: Email

Most big free providers (Google, Microsoft, Yahoo, AOL) will not encrypt your data and will likely read your emails to offer you advertisements *Ahem, Google*, but there are a few freemium options such as Protonmail and Tutanota that are zero-knowledge and have small mailbox sizes for free accounts you can try out. You can also use your own domain if you have one with their premium accounts so that is pretty cool. You can also self-host your own mail server.

One thing to note, business and enterprise Microsoft 365 are encrypted both in transit and at rest using Bitlocker – which TrueCrypt was retired in favor of. The cheapest option being M365 Business Basic at $6/month. It’s not entirely zero-knowledge, but it’s a happy “good enough” solution if you don’t want to build it.

Big Item: Cloud Storage

If you use the same big free provider for cloud that you do email, you’re subject to the same pitfalls. You can either self-host with Nextcloud or sync with Syncthing – or you can use a zero knowledge provider such as Sync or pCloud.

One thing to note, same as above, Onedrive for Business is encrypted in transit and at rest. Onedrive is included with most M365 plans.

Big Item: Password Manager

I’ve covered this in the past, but really if you don’t have one, get one. Don’t forget about delimiters in your logins if the service supports it, and set up MFA.

Other Items

Notes

Nextcloud has its own Notes app for basic notes and categorization. Joplin is a sync-able application that uses Markdown and supports nested folder structures. OneNote also makes a good contender and if you’re using Onedrive for Business it will be encrypted.

Youtube

You can actually still use Youtube, just use a FOSS app like Newpipe or Skytube as your app of choice. Then on the PC, use container tabs or private browsing.

Web Browser and Internet

Firefox, this is without a doubt the best – you can install the Container Tabs addon, which allows you to create containers to isolate cookies that various sites like to use to spy on your other activities. There is even one dedicated to Facebook. You could start by just categorizing things, not get too specific with every single website – banking, shopping, email, school are all good places to start. There is also always the option of private browsing.

You might also consider a VPN, however there is much debate on what providers are actually trusted. Some educated recommendations would be Mullad, ProtonVPN, IVPN, and Private Internet Access.

Maps and Navigation

Okay you got me here. There are plenty of other navigation apps such as Magic Earth and OSMand. For actual navigation they do pretty well, but if you are looking for food in the area or any other random thing you’d typically use G Maps for – you’re best off opening a private window and just using that. Or you can temporarily install the Maps application if you really must. Using MicroG, navigation does work, just don’t ever update it or sign in, or save your home address, etc.

Chat and Social

Okay so, if you MUST use Facebook and other platforms, there are apps that limit how much data is being shared while still providing basic functionality in F-Droid. I myself use Frost, which does a good job of letting me do everything I need – though I don’t use the calls and video chat functions, and they don’t work on this app. There are other types of services as well such as Mastadon, but good luck getting everyone you know on it – and those you have yet to meet. You can also try getting people on Signal or Telegram.

Conclusion

So that for the most part is how I live my life. Feel free to ask me of any specifics that are not covered here or if you are considering a service in particular (I may or may not have referral links).

I’m also going to plug two more sites for further reading:

Privacy Tools website

Awesome Privacy List

Understanding Docker, A Comprehension

Posted on May 20, 2021July 10, 2024 by Dustin Fontaine

Understanding Docker, A Comprehension

I was looking for documentation for Docker recently to help someone understand how they were trying to set up their app, and most of what I came across was either too little information or much more detailed than what I was looking for. So I’m making this for those who are somewhere in the middle and trying to bridge the gap. If you went through my Nextcloud setup and had some issues, this will help you understand what you were doing and will enable you to troubleshoot it a bit on your own.

First you need to understand what docker IS though. Docker is an engine that allows you to containerize applications into their own space, without affecting the rest of the system. If you’re familiar with virtualization you already somewhat understand the concept, only you don’t have to spin up and build a whole virtual machine, this application actually runs using your host kernel and resources. It just creates kind of its own file system space that is separate from your host.

This post is going to strictly cover Linux because it’s 1:1 on how the containers are managed. You can run Docker on Windows and Mac too, but there are other factors at play. I’m not going into that for the sake of simplicity.

Now, let’s look at a real practical use. I’m going to use the Nextcloud image that we used in my Personal Cloud post now. You’ll notice that these images all mention tags, this is just the version number. The actual Nextcloud container supports putting tags on to bind your server to a particular version number, but the Linux Server people have theirs set up a bit more simply. We’ll just stick with latest.

Ok, now let’s look at the basic command:

docker run -d \
  --name=nextcloud \
  -e PUID=1000 \
  -e PGID=1000 \
  -e TZ=Europe/London \
  -p 443:443 \
  -v /path/to/appdata:/config \
  -v /path/to/data:/data \
  --restart unless-stopped \
  ghcr.io/linuxserver/nextcloud:latest

It’s important to note, the backslash (\) is a word wrap indicator in Linux. So you can open a text editor and put your command in as many lines as you want, just put that at the end. In reality that command reads as:

docker run -d --name=nextcloud -e PUID=1000 -e PGID=1000 -e TZ=Europe/London -p 443:443 -v /path/to/appdata:/config -v /path/to/data:/data --restart unless-stopped ghcr.io/linuxserver/nextcloud:latest

Just, don’t put spaces AFTER the slash, the command will break entirely.

The ‘-d’ in the command just means to run as detached, otherwise you would be running your command and it will run in real time until you hit CTRL^C which will kill the process as well. If you plan on your image running by itself, you should make sure to add this option.

Another important thing to note is the PUID and PGID, which is entirely dependent on your system. If you are the only admin there is a 99% chance that this will be 1000 because there are other types of “system accounts” that are used prior to that. You can verify by typing this into your command line (do not invoke sudo, run as yourself):

id $user

You will see the uid and gid come back with a numerical value and a name value. This will also probably show you all the gid’s that you are a part of. When you set these values, you are effectively saying: “Whatever the admin account is in the container is equal to this account on the host.” This will effectively declare that you are the owner of that container. This is really useful in creating persistent data, which we’ll get to in a bit. You’ll notice 1000 was taken by autologin when I set up this machine, and my GID is 1001, this is precisely why this is an important step. Don’t worry though, I have a disk encryption passphrase that is supposed to take a quindecillion years to break (90 zeros).

Name and time zone are relatively self-explanatory, if you don’t specify a name it will generate one using two random words. Time zone is UNIX epoch format so you’ll likely need to consult a list like this in order to find that. I’ll cheat a bit though and tell you that CST is America/Chicago. Skipping to the end, you’ll see the restart parameter, which should also be pretty self-explanatory. I pick unless-stopped instead of always (another option) because if there are issues and you need to troubleshoot it’s much easier when the container just stays off when you want it to.

Next comes the part that can trip people up. This is the bindings that relate between the host and container. Now obviously you do not have an actual folder path to /path/to/data. You would instead maybe have that data in /mnt/nextcloud/data so you would fill in your own values. The important part is you figure out which side is the host and container. I am going to borrow the “righty tighty” line and just remember that containers are TIGHT-knit isolated spaces. I’ll let you look back at the command and see if you can visualize that.

Did you get it? Ok cool so /mnt/nextcloud/data on my host has some files (ls -la will show permissions and hidden), if I enter the container using:

docker exec -it nextcloud bash

Then I view the files located at /data they should be precisely the same thing. But if you look in your container, you won’t see yourself as the user, you’ll see “abc” because that is the admin account they use inside the container.

This is where that UID stuff comes into play. Now abc owns the data as far as the container is concerned, and you have translated that account to mean your own on the host, so now you running that container, give yourself permission to manipulate the data. Otherwise you’ll have probably docker owning the data (960) and that isn’t even a real user.

The port is where you actually go to get to the admin side. You can keep 443 as the port, OR if you use a lot of apps with a reverse proxy, you might specify something like this:

-p 8081:80 \
-p 4341:443 \

Your container will then use the values as it’s prompted by the reverse proxy but you can get to it locally using the IP and specified port in order to get to that point.

That’s essentially the basic makeup of how Docker works. There is a lot more to it, even my personal cloud post mentions creating a network – but if you just want to get going running your own containerized apps either by self-hosting or developing, you’ll be going in the right direction.

An Overview Of Multi Factor Authentication

Posted on May 6, 2021July 10, 2024 by Dustin Fontaine

An Overview Of Multi Factor Authentication

Multi Factor Authentication has many acronyms, MFA, 2FA, TFA. And there are many different ways to implement it, though it is usually entirely dependent on the service what it supports. The idea though is that when you log into a site or service, you have to approve that login after you put in your password. Hence the other factor in the login process.

One note of caution, if you use a password manager, which you should, it is generally advised to set up your MFA elsewhere. This is because if your password manager becomes compromised then the attacker has your MFA codes as well.

So now the biggest question is what is the best way to go about it? You can set yourself up on an account-managed service such as Authy, or you can sign into Google or Microsoft authenticators if you use those services and have accounts already. You would then sync those codes with the respective account.

Though bear in mind this is a second passphrase to remember because you probably don’t want to store that account in your password manager (for the same reason mentioned above). Note, you can also use the Google/Microsoft apps without logging in. How much you trust that is up to you.

You can also go the independent route. If you are on Android you can install Aegis authenticator. This is completely local and does not rely on any services to log in. Though make sure you export your config and back it up somewhere, you can then import it when you get a new phone. Make sure you keep exporting new copies as you add accounts.

Here looks to be a similar iOS app, though I haven’t used it personally I have inquired with my iOS friends and they seem to be in agreement that it works as intended.

I’ve also found an online tool that allows you to put in basic TOTP information. Note that the secret key is part of the otp link that it gives per the example account.

Most sites will allow you to somehow try to enable the app non-automatically. Here is an example with Microsoft 365:

They then give you the information to put here, then that link should work in any TOTP app, including all the ones mentioned above. It also generates a QR code that can be scanned, again by most TOTP apps including those mentioned above.

This is super useful for documenting the important information then sharing it with others (say you have an admin account that your five techs need to access). Then they can all have their TOTP apps and don’t have to rely on someone being available when they need access to the account. They just pull up the site mentioned above, enter in the info, and scan the generated code into their respective apps. Alternatively you can take a screenshot of the QR code and save that.

Unfortunately, just like email filtering, not all sites and services are going to support this universal security protocol. Some sites still force you into either texting a code, or emailing a code. Or maybe not even have any form of 2FA.

I do recommend you set it up for as many sites as you can though, especially important sites (like banks) or frequently-attacked sites (like Facebook). If you combine my advice from my password post and my plus addressing post, you should have a pretty diversified portfolio in terms of login and security, which drastically lowers the chances of any random attack being more than a minor nuisance and a password reset. Of course there is no guarantee, using these methods in conjunction should considerably lower the probability.

All About Viruses And Malware

Posted on April 22, 2021July 10, 2024 by Dustin Fontaine

All About Viruses And Malware

First off, an obligatory disclaimer. I’m not going to guarantee that you’ll never get a virus, nor is this post a bible for avoiding them entirely. People make mistakes, and click on that thing that you know you shouldn’t have clicked on. Trusted sources get infected on occasion, the list goes on. This post does however, bring awareness to an issue that has plagued computer users for decades.

I also want to dispel some common myths and misconceptions while we’re here:

Yes, Mac’s and even Linux machines can be infected.
No, just having Antivirus isn’t going to keep you from ever getting a virus.
No, it’s not always obvious that you’re infected.
No, the Blue Screen of Death is not a virus.
No, it’s not just the adult sites that are infected.

Also I want to clarify that there are many different types of malware, between viruses, adware, spyware and many other types, the threat is ever-evolving. As with many types of threats, the best way to handle them is to try to prevent them.

What Can I Do?

From the beginning, make the investment to get a decent antivirus. I don’t recommend the free Avast and AVG options, not only because they aren’t very effective but because they also track your data. Also the bundled Avast VPN has terrible performance and will time out sites you visit (I’ve literally resolved network issues by uninstalling this garbage).

You can run a search for the most recent recommendations from PC magazines, but some that I’ve had anecdotal good experiences with include Vipre, Bitdefender, Webroot. Note, Malwarebytes does have an antivirus option but the free one you download is not a virus scanner. I wouldn’t recommend installing these as it only takes up resources and can conflict with your main Antivirus software. I’ve even at times observe that they see each other as viruses and start trying to remove each other.

The next step is my favorite, back up your data! Regardless of what you do, make sure to go into your Antivirus settings and point an additional scan location TO where your backup is. You don’t want to go infecting your backup (or backing up your infection), wipe your computer and then just copy the infection right back.

The next thing you can do is install an ad block called Ublock Origin for your browser of choice. Firefox is the best choice of course, but if you choose Chrome or Edge or some other browser, you should be able to install it on those as well.

You will also want to practice safe browsing habits and not installing sketchy software. I know this one is kind of a catch-22 for a lot of people because it’s kind of a you-don’t-know-what-you-don’t-know situation. Luckily many Antiviruses come with browser add-ons that will check links when you perform a web search. You can also use this site from Google, copy and past the link:

https://transparencyreport.google.com/safe-browsing/search

How Do I Know If I’m Infected?

Depending on the type of infection you have, it may be super obvious, or it may not be. One type of malware that is common is Ransomware, which encrypts your files and promises you the key to unlock if you pay them. They don’t usually give you the key, which is why the backup is so important.

You might also notice a sudden slowness or degradation of performance. I’m specifying ‘sudden’ here because over time most users will experience slowness over time due to various factors impacting their workflow or habits or just plain buildup of local cache. There is a big difference between “Yeah it’s not as quick as it used to be” and “Oh wow, why is my computer so slow all the sudden?”

Your machine might also exhibit extreme random behavior such as opening things that you didn’t open, pop ups and other annoyances. I’m inserting this loosely as it can be an infection, but it might not be. I’ve seen plenty of users allow notifications for various sites in their browser, and it spams notifications on the screen. They think they are infected but it ends up being a simple case of removing the site from having notification permissions.

You may also think something is just off, and only you can really say. Regardless, you will probably want to seek help from someone who knows how to handle these issues, if your Antivirus is unsuccessful.

I Think I’m Infected, What Now?

If you use your computer for work or school, you likely have IT that you can call to help resolve your issues. If you are just the Average Joe I would honestly recommend Geek Squad support, they charge like $200 a year (which is around what you’ll pay on average for two hours of labor in most shops), and then you can take it in as many times as you need. Do once a quarter and you’ve saved yourself around $600. Plus the Antivirus is included, (out of their choices I recommend Webroot), and the whole household is covered.

You also get various other odds and ends like discounts and other services than just malware removal. They run diagnostics of hardware with those malware scans and will wipe and reload if needed as well. They do charge a small fee for on site visits and the tech support does not cover backup services but like I said, if you have a few machines in your house and take them to get scanned and optimized every so often you’ve saved quite a lot that you would have spent elsewhere.