Oddbean new post about | logout
. | 2 months ago (raw) | export | reply | flag +49
 Beef up your online bitcoin security by using a private home network 🥷

Self custody is important, now ensure you can always interact & transact without censorship ⚡️

Below is the hardware and software I chose for my simple private home #bitcoin network 🧶

https://image.nostr.build/dfa75637632d09ffdf5226613dac512942a269d36f44db5266af19b214834bd6.jpg

1) APC 1500 

https://cdn.nostr.build/i/b43843a1a473d8e856da8047e73bc000d9dbb119196f37bbea64d063e177ee06.jpg 

Surge protection and battery backup for loss of power without downtime to the network & allowing for proper shutdown of hardware/software.

Plug all your hardware into this. 

Screw your internet cable into the back and run an internet cable out.

2) Arris Surfboard SVB3202 

https://cdn.nostr.build/i/aecc1437703955352ebaac5eb723eafdee26c3e77e4f670c2c687b0ef1902dc3.jpg 

This is just a modem, no wifi, no bullshit. Just a nice, but really stupid modem that is just a modem.

Stop using your ISP gateway. 

Screw the internet cable from APC into this modem and plug a WAN ethernet line out.

3) Protectli Vault fw4b

https://cdn.nostr.build/i/8018d2d86568f9abe850aa60218c394e7cb72db7bc3a794e2215800f19ac4d8f.jpg

This is a four port firewall router plus an auxiliary wifi interface.

This device runs FOSS OPNsense firewall software to protect your home network.

You can decide what comes in and out, separate devices on the network and so much more with this firewall.

Free Open Source Software runs on this dedicated micro computer to control your internet flow.

This is bad ass hardware and Protectli has been rock solid with customer support.

Plug your WAN ethernet from the modem into the WAN port of the vault and plug a LAN ethernet line out.

4) GliNet Flint 1800 WiFi router

https://cdn.nostr.build/i/7edc8f1850e6aa57cb99f59243fc34c32868f60ee2009d59ce1521a7aa14f56b.jpg

This sleek piece of hardware is the ultimate wifi router!

Take complete control of your home internet all from a very nice web based GUI.

This wifi router has four ports and four separate wifi networks each with own password protection.

Easy to add VPN with wiregaurd on the router and run tor on router. Covers every device connected.

Too many features to list including Adguard & DNS.

Plug the LAN ethernet from firewall vault into the LAN port on this wifi router.

5) Start9 DIY home server

https://image.nostr.build/e6f4320a192a8598b223c1b627f5ec3dd3f5303930325201c67d428f69b5ca12.jpg

I took a used Dell Optiplex 9020 with 8G and put in a 1T SSD in it. 

Flashed it with StartOS and added Bitcoin Core.

Sovereignty in bitcoin is to have your own keys and your own copy of the blockchain and verify your uxto sets against your copy that is in consensus.

Tor web GUI allows you full configurations of what services you wish to add such as LND and mempool.

Pair with your lightning wallet and Sparrow Wallet on laptop.

Plug an ethernet line from your server / nodes into an ethernet port on the GliNET WiFi router.

6) Classic X Thinkpad 

https://cdn.nostr.build/i/0c869a70a89e2f97344a20e0fa755fbe9578bce39be24d0b611437154b0c4145.jpg 

This is a Bitcoin only dedicated laptop.

No bullshit, only necessary bitcoin things on this device. I got mine from MiniFree. 

Coreboot/ Intel ME disabled
Debian
Sparrow Wallet
Tor
Terminal 
 
OPNsense GUI
GLiNET GUI
Start9 GUI

This is the work station you interact with the Bitcoin network on...a clean linux laptop, behind a fire wall, thru a VPN and over TOR on private network isolated network!

All on hardware you own, running FOSS, in your own home. 

7) De googled Pixel 

Purchase unlocked with cash so as to not have identity tied to an ime number.

Run Graphene, wifi only, airplane mode

This is a secure private mobile device simply for running your hot/ lightning wallet, #nostr and connecting back to Start9 server away from home. 

Can add Silent link service if needed.

Now is the time to take back control of your home network. Build a private home network that is representative of the value of what you hold. 

Ensure you can always transact without censorship!

 
 Excellent suggestions! 
 https://image.nostr.build/842e99ce01dd9ccaf07b34c1e75ad01b2fd0a46fb61c73470d664df71a7d77eb.jpg
nostr:nevent1qqs99ml9kch5f2gs0ts99kzdyy68v4gjql5fmm985l0nj7upkze8hmgpz4mhxue69uhhyetvv9ujuerpd46hxtnfduhsyg8dk3czwy5h43dxrunh70x3fhj5celttnxjpmcdnhefhcvxskasqspsgqqqqqqsnvlac5 
 My next step 🙌🏼 
 Great writeup! Thank you! 🫡 
 nostr:nevent1qqs99ml9kch5f2gs0ts99kzdyy68v4gjql5fmm985l0nj7upkze8hmgpz3mhxw309akx7cmpd35x7um58g6rsd3e9upzpmd5wqn399avtfslyalne52du4xx066ue5sw7rva72d7rp59hvqyqvzqqqqqqypwadys 
 Why imei matters? 
 Because regardless of using other privacy techniques the imei number is linked to your purchase 
 And what can that be used for? 
 everything done from the phone is linked to who purchased it...  
 Can't zap you 🤔 
 We both use minibits that seems weird 
 Indeed,  but the invoice fetching fails from the minibits endpoint. 
 Hhm, got 2 21 sats zaps 
 Works! 🫡 
 Maybe does not like tor 
 But how do they link what is done on the phone to IMEI. As I see, apps can only get this info with special permissions
permissions:
"Android 10 (API level 29) adds restrictions for non-resettable identifiers, which include both IMEI and serial number. Your app must be a device or profile owner app, have special carrier permissions, or have the READ_PRIVILEGED_PHONE_STATE privileged permission in order to access these identifiers." 
 hey, sharing the love!  t-y 
 Morning y'all!

Here are my recent notes of value to #nostr. Hope they continue to help!

https://image.nostr.build/eb84ea1f8a8201485296f8011c6cfcc290ace5a3b9584dba08de748631bbb9e3.jpg 


nostr:nevent1qqszm24y0fjr9uw22wqqjqhhucvznzn3p8v0mhwccwm6mxm6vrz9fzgprfmhxue69uhkvun9v4kxz7fwwdhhvcnfwshxsmmnwshsyg8dk3czwy5h43dxrunh70x3fhj5celttnxjpmcdnhefhcvxskasqspsgqqqqqqsh0q7xh

nostr:nevent1qqswuj4lsstlsdueewhc9g37sfvc40pjzg386fzdu0a4dvu4e6jf0wcpz3mhxw309akx7cmpd35x7um58g6rsd3e9upzpmd5wqn399avtfslyalne52du4xx066ue5sw7rva72d7rp59hvqyqvzqqqqqqysy7ae8

nostr:nevent1qqs99ml9kch5f2gs0ts99kzdyy68v4gjql5fmm985l0nj7upkze8hmgpz3mhxw309akx7cmpd35x7um58g6rsd3e9upzpmd5wqn399avtfslyalne52du4xx066ue5sw7rva72d7rp59hvqyqvzqqqqqqypwadys

nostr:nevent1qqs8wekawm8x7scjrdjcf3gsy7dm6f7my2v4usasysenzu0kya9lgsgpz3mhxw309akx7cmpd35x7um58g6rsd3e9upzpmd5wqn399avtfslyalne52du4xx066ue5sw7rva72d7rp59hvqyqvzqqqqqqyy4erz2

nostr:nevent1qqst3quznpsjvh5crsp90z5el4d7vuqv4ectlf8mr2qgxy9thqsd9gspz3mhxw309akx7cmpd35x7um58g6rsd3e9upzpmd5wqn399avtfslyalne52du4xx066ue5sw7rva72d7rp59hvqyqvzqqqqqqyz9jxw2

nostr:nevent1qqs2qwa3vcayuhrdyrj2m7g7ff5lm00xwpgl0e0r773skun4tevk03qpz3mhxw309akx7cmpd35x7um58g6rsd3e9upzpmd5wqn399avtfslyalne52du4xx066ue5sw7rva72d7rp59hvqyqvzqqqqqqys8jems

nostr:nevent1qqszm9ln9czlp8mgljmwe7gzwfm506zp4my8llq63eu27gztf2kut9spz3mhxw309akx7cmpd35x7um58g6rsd3e9upzpmd5wqn399avtfslyalne52du4xx066ue5sw7rva72d7rp59hvqyqvzqqqqqqywxz7ur

nostr:nevent1qqswtluezhnlywfk5m4z5wzywyemfc9dmcceejlavnsqnhf2ttgks3gpg3mhxw309auhydnn0pehzumwxgehzum8df6xkctwwsmhzuekxverw6350funycf4d9uk6um2de58zmr6dcmkj7ncxesh2mtg09jzummwd9hkutczyrkmgup8z2t6cknp7fml8ng5me2vvl44enfqauxemu5muxrgtwcqgqcyqqqqqqgu7zf9y

nostr:nevent1qqs99ml9kch5f2gs0ts99kzdyy68v4gjql5fmm985l0nj7upkze8hmgpz3mhxw309akx7cmpd35x7um58g6rsd3e9upzpmd5wqn399avtfslyalne52du4xx066ue5sw7rva72d7rp59hvqyqvzqqqqqqypwadys