PaperAge: Easy and secure paper backups of secrets

My first Rust-based project, PaperAge, is a solution for making secure paper backups of important secrets. The backups are secured with state-of-the-art cryptography using the age format.

Personally, I use it to make paper backups of the bare minimum credentials I’d need to regain access to all my online accounts and backups. For example, the 1Password recovery kit plus my email account and Apple ID credentials.

One of the requirements for PaperAge was being able to print the backups at any printer without having to trust the printer or whoever operates it. This is why the generated PDF has a blank space for the passphrase. Additionally, this allows you to store the passphrase separately for extra security (either physically or you can trust yourself to remember it).

My personal threat model doesn’t include state actors or extremely tech-savvy burglars, so just relying on physical security and/or obscurity provides a sufficient level of security for my needs. I’m mostly guarding against the unlikely event where I lose access to all my devices at the same time and have to regain access to my accounts and backups from scratch.

Equally, I didn’t want the backup solution to be dependent on any one tool or person. Not even if it was my own project. To this end, you don’t need PaperAge to recover from backups made with it. Instead, you can use either the original age CLI tool or any compatible implementation. Behind the scenes, PaperAge uses rage, the Rust port of age.

Automated releases

The release workflow for PaperAge is highly automated and uses cargo release to tag and publish new releases.

Pushing a release tag to GitHub kicks off a GitHub Actions workflow that will create a new draft release on GitHub, cross compile for macOS, Linux, and Windows, and publish the release once compiled. Finally, it sends a workflow_dispatch event to the matiaskorhonen/homebrew-paper-age repository to kick off a GitHub Action that updates the Homebrew formula for PaperAge.

The Homebrew formula update action will install Homebrew, update the formula based on a template, test that the formula still works, and finally commit and push the updated formula.

Eventually, I’m planning on trying to get a PaperAge formula up-streamed to Homebrew itself, but the current Cask workflow works so well that I haven’t been very motivated to get it done so far.

Reflections on Euruko 2022

Last year finally brought to a close my three-year journey as an Euruko organiser. Euruko Helsinki took place at last, in-person, on the 13th and 14th of October 2022. 640 wonderful Rubyists from all over Europe and beyond descended on Helsinki, and we managed to have a wonderful in-person Euruko for the first time since 2019. Plus, another 200 or so joined the conference remotely.

Many people might not realise just how weird Euruko is on the conference circuit.

The organisers change completely every year. This means that there is very little institutional knowledge about organising the event. Every organiser ends up having to make their own decisions about everything from ticket and sponsorship pricing to venues to finances and taxation.
The country changes. I’m perfectly happy to lend a hand to the organisers of next year’s Euruko in Vilnius, but I have no knowledge whatsoever about venues, laws, or vendors in Lithuania, so my experience from Euruko 2022 will be of limited use. We help where we can, of course, but we have our own events to plan too.

I’m aware of no other event that operates like this, certainly not at this scale. Setting up an event for 500–700 people is a lot of work and involves a lot of moving pieces. Depending on your ticket prices and sponsorship sales, there’s quite a lot of money at stake. For example, the venue and catering alone cost us north of €80K.

As far as ticket and sponsorship sales go, we were able to take advantage of some pent-up demand in the community, so there wasn’t any doubt that the conference would be financially viable. At least not after we’d cleared the hurdle of the 2020 postponement and the 2021 remote-only conference. Even so, 1–2 months out from the conference, it looked like the event wouldn’t sell out. It did in the end, but much closer to the event dates than we would have liked. One of the biggest favours you can do for an event organiser is to buy your ticket as early as possible.

Euruko 2022 was run with an extremely lean organisation with most of the work going to me and Simo Virtanen with assistance from other volunteers as needed. For example, we had a small team of people for talk proposal reviews and a handful of volunteers for the conference days. It would have been a smart move to recruit volunteers earlier and to get them more involved sooner in order to offload some of the workload from my shoulders.

In the end, the event ran just about as well as I could have hoped, and the feedback from participants was overwhelmingly positive. I’m happy we had the chance to bring so many Rubyists together in Helsinki, but I’m not in a rush to organise another event of the same scale again. 😅

PS. I intended to write this blog post a month or two after Euruko 2022 but, as I often do with blogging, I procrastinated. Better late than never, I suppose.

PPS. If you liked Euruko 2022, have a look at our next conference, Oh the Humanity!

Photo Sphere

360° view of the Finnish countryside near Nastola

WWDC22 wishlist

In no particular order and not particularly well organised.

iOS 16

A more comprehensive Map component in SwiftUI (support clustering, custom layers and so forth)
A way to persist list expansion state for deeply nested Swift UI lists
TranslationKit (allow apps to use Apple’s translation service instead of needing to send users to Google Translate)
Better picture and video quality in shared albums (currently limited to 2048px on the long edge and 720p, respectively)
Fix the autocorrect mess
Walking instructions in public transportation navigation. In other words, give me turn-by-turn instructions if I need to walk from the last stop to my destination.

macOS 13

Native collapsing of menu bar items in macOS (please Sherlock Bartender)

Xcode

Code autoformat for Swift & Objective-C (in the vein of gofmt or prettier)
More reliable SwiftUI previews

Moonshots

A Music app that isn’t terrible (both on iOS and macOS)
A redesigned Home app
Having an Apple Watch shouldn’t block iOS app builds if they don’t have a watchOS build target (“Preparing the watch for development”)

Awair PM2.5 sensor repair

Recently the fan on the PM2.5 sensor on my Awair had started to make an annoying amount of noise and no amount of canned air seemed to fix it. As I didn’t want to spend €329 on a new Awair Element, the best option seemed to be to replace the whole sensor (a Honeywell HPMA115S0-XXX).

→ Read more…

DIY Hot Ones

Da Bomb really is as terrible as everyone says…

Cape Town ⛰☁️

View from the Norval Foundation

Untitled Evening Walk

Kumpula, Helsinki

Winter Mist (-11°C)

Photographed from the Mustikkamaa island in Helsinki

Picking the worst year to pitch for Euruko

Happier times

In 2019 I travelled to Rotterdam to attend Euruko 2019 with the intent to pitch Helsinki as the next Euruko host city. While I had a great time at Euruko 2019, in retrospect 2019 turned out to be the worst year to win the privilege of being the next host city.

Matz handing over the Euruko gong to me — Photo credit: Megin Zondervan / Euruko 2019

After bringing home the Euruko gong we quickly got to work planning where and when to host Euruko 2020. In the end, we chose the beautiful Savoy Theatre as the venue and August 2020 as the date.