Categories
Uncategorized

CryptPad Setup

CryptPad Complete Setup Guide

Secure Document Collaboration for Privacy-Conscious Users and Organizations

↑ Top Next →

What is CryptPad?

CryptPad is a privacy-first, open-source collaboration platform that provides end-to-end encrypted document editing, file storage, and team collaboration. Unlike Google Docs or Microsoft 365, CryptPad ensures that your documents are encrypted in your browser before being sent to the server.

Key Privacy Features

  • Zero-knowledge encryption - Only you and collaborators can decrypt documents
  • No tracking or analytics - Your activity remains private
  • Anonymous usage possible - No email required for basic accounts
  • Open source - Code is publicly auditable
  • GDPR compliant - Based in France with strong privacy protections
  • Real-time collaboration - Multiple users can edit simultaneously

Document Types Available

TypeDescriptionBest For
Rich TextWord processor with formattingReports, letters, documents
SpreadsheetExcel-like calculationsBudgets, data analysis
PresentationSlide-based presentationsMeetings, training
Kanban BoardTask managementProject workflows
WhiteboardCollaborative drawingBrainstorming, planning

Choosing a CryptPad Instance

Official CryptPad.fr (Recommended)

  • URL: https://cryptpad.fr
  • Pros: Official, reliable, supports development
  • Pricing: Free tier available, paid plans for more storage

⚠️ Important Security Considerations

  • URL security - Document URLs contain encryption keys; treat like passwords
  • Browser security - Keep your browser secure and updated
  • Account backup - Anonymous accounts cannot be recovered if browser data is lost
← Prev ↑ Top Next →

Individual User Accounts

Creating Your CryptPad Account

1Navigate to CryptPad

  • Go to https://cryptpad.fr
  • Click "Sign up" in the top-right corner

2Choose Registration Method

Option A: Anonymous Account (Maximum Privacy)
  • No email required - account tied to browser only
  • Warning: Cannot be recovered if you lose browser data
  • Best for: Testing or maximum privacy with manual backup
Option B: Email Registration (Recommended)
  • Enter secure email address (ProtonMail, Tutanota recommended)
  • Create strong, unique password (use password manager)
  • Benefit: Account recovery possible
  • Best for: Regular use and team collaboration

3Complete Registration

  • Username: Choose something that doesn't reveal identity
  • Password: Minimum 12 characters, use password manager
  • Display Name: Use initials or pseudonym initially

Essential Security Settings

  1. Access Settings: Click avatar → Settings
  2. Privacy Configuration:
    • Disable contact requests from strangers
    • Hide your online status
    • Disable usage feedback
  3. Security Settings:
    • Enable automatic logout (1-4 hours)
    • Keep unsafe links warning enabled
    • Enable safe links

Critical: Backup Your Account

  1. Go to Settings → Account
  2. Click "Download my account data"
  3. Save the file securely - enables account recovery
  4. Store in encrypted location (password manager, encrypted drive)

Without this backup, you may lose access permanently.

Sharing Your Identity for Team Invitations

Safe to Share:

  • ✅ Your CryptPad profile link
  • ✅ Your display name
  • ✅ Preferred contact method
  • ✅ Which instance you're using

NEVER Share:

  • ❌ Password or credentials
  • ❌ Email address (unless requested by trusted admin)
  • ❌ Private document links
  • ❌ Account backup file

Email Template for Team Invitation

Subject: CryptPad Identity for Team Invitation
Hello [Team Administrator],
I've created my CryptPad account and am ready to join [Team Name].
My CryptPad Information:

Profile Link: https://cryptpad.fr/profile/#/1/view/[your-unique-id]/
Display Name: [Your Display Name]
Instance: CryptPad.fr

Please let me know if you need additional information.
Best regards,
[Your Name]

Accepting Team Invitations

  1. Check Notifications: Look for bell icon in CryptPad
  2. Review Details: Verify team name and inviter identity
  3. Verify Authenticity: Contact admin via separate channel if suspicious
  4. Accept Invitation: Click "Accept" to join team workspace

Document Classification Understanding

  • 🟢 PUBLIC: Can be shared outside team
  • 🔵 INTERNAL: Team-only information
  • 🟠 CONFIDENTIAL: Sensitive, special handling required
  • 🔴 RESTRICTED: Highest security, limited access
← Prev ↑ Top

Team Owner / Administrator

Creating and Setting Up Teams

1Create New Team

  1. Click avatar → Teams → "Create a Team"
  2. Configure team name (descriptive but not revealing)
  3. Set privacy settings (private, invitation-only recommended)
  4. Configure initial permissions

2Set Up Folder Structure

Recommended Team Folder Structure:

📁 [Team Name] Shared Drive/
├── 📁 00-OPEN/ (🟢 Public Access)
├── 📁 01-INTERNAL/ (🔵 Team Members Only)
├── 📁 02-CONFIDENTIAL/ (🟠 Leadership Only)
└── 📁 03-RESTRICTED/ (🔴 Admin Only)

Member Roles and Permissions

RolePermissionsClassification Access
OwnerFull admin control🟢🔵🟠🔴 All levels
AdminInvite members, manage content🟢🔵🟠 Up to Confidential
MemberCreate/edit documents🟢🔵 Open and Internal
ViewerRead-only access🟢 Open only

Inviting Team Members

Preparation Checklist:

  • Verify member identity through separate channel
  • Confirm member has CryptPad account
  • Obtain member's profile link
  • Determine appropriate role
  • Prepare onboarding materials

Invitation Process:

  1. Access Team Management: Team → Members → "Invite Members"
  2. Add Information: Paste profile URL, select role
  3. Send Invitation: Review details, confirm send
  4. Follow Up: Notify member, provide support

Security Configuration

Essential Security Settings:

  • Set team to "Private" - not discoverable
  • Disable public directory listing
  • Require invitation for all members
  • Restrict external sharing to Admin+ roles
  • Set default link expiration times
  • Enable audit logging

Document Classification Templates

🟢 OPEN Template:

===== CLASSIFICATION: OPEN =====
Public information suitable for external sharing.
Handling: May be shared freely outside team.
Review: Annual

🔵 INTERNAL Template:

===== CLASSIFICATION: INTERNAL =====
Team member information only.
Handling: Team only, no external sharing without approval.
Review: Based on content sensitivity

🟠 CONFIDENTIAL Template:

===== CLASSIFICATION: CONFIDENTIAL =====
Sensitive information requiring special handling.
Handling: Admin+ roles only, owner approval required.
Review: Quarterly

🔴 RESTRICTED Template:

===== CLASSIFICATION: RESTRICTED =====
Highly sensitive information.
Handling: Owner access only, no electronic sharing.
Review: Monthly

Regular Administrative Tasks

Weekly:

  • Review new documents for proper classification
  • Monitor member activity
  • Check team chat for issues
  • Verify backup integrity

Monthly:

  • Conduct comprehensive access audit
  • Review classification compliance
  • Update policies as needed
  • Export and backup critical data

Quarterly:

  • Assess security posture
  • Update classification guidelines
  • Plan for organizational changes
  • Update disaster recovery plans

💡 Administrator Best Practices

  • Zero Trust: Verify everything, trust nothing by default
  • Least Privilege: Minimum access necessary for role
  • Continuous Monitoring: Regular review and audit
  • Incident Preparedness: Plan for when things go wrong

About This Guide

This guide prioritizes privacy and security while enabling effective collaboration through CryptPad. Remember: CryptPad's zero-knowledge encryption means your documents are only as secure as your passwords and security practices.

Additional Resources:

CryptPad Documentation | Community Forum | Privacy Guides

Version: 1.0 | Updated: December 2024

Categories
communication cyber security information technology internet media technology privacy risk management surveillance

CryptPad vs Nextcloud: Privacy & Security Comparison Matrix

Category CryptPad Nextcloud
Primary Purpose Encrypted collaborative office suite Private cloud storage and collaboration platform
Self-hosting ✅ Yes ✅ Yes
Hosted Option ✅ Yes (cryptpad.fr and others) ✅ Yes (nextcloud.com or third-party providers)
End-to-End Encryption ✅ Default for all content (zero-knowledge encryption) 🔶 Partial (not default, limited to client-side encryption app and some external tools)
Zero-Knowledge Server ✅ Yes 🔴 No (admin/server can access unencrypted content unless encryption is explicitly enabled)
Default Encryption Scope ✅ All documents, messages, and files are encrypted end-to-end 🔶 Optional encryption, limited in scope (E2EE not applied to calendars, contacts, search, etc.)
User Authentication ✅ Pseudonymous accounts possible; no email required ✅ Full user management; integration with LDAP, SSO, etc.
Account Recovery 🔴 Not possible without backup keys ✅ Password reset and admin recovery options
Document Types ✅ Rich suite: Rich text, code, markdown, kanban, whiteboard, poll, slideshow, spreadsheet ✅ Rich suite via Collabora, OnlyOffice, Text, Markdown, Draw.io, etc.
File Sync & Storage 🔶 Limited: some file upload support ✅ Full file sync (desktop & mobile), sharing, versioning, previews
Collaborative Editing ✅ Yes (real-time) ✅ Yes (via plugins like Collabora or OnlyOffice integration)
Chat & Messaging ✅ Built-in encrypted chat ✅ Built-in Talk app (not end-to-end encrypted by default)
Calendar & Contacts 🔴 No ✅ Yes (CalDAV, CardDAV support)
Federation 🔴 No ✅ Yes (federated sharing across instances)
Offline Access 🔴 No ✅ Yes (via mobile apps and desktop sync clients)
Mobile Apps 🔶 Limited mobile usability via browser ✅ Full-featured iOS and Android apps
Plugins & Extensibility 🔴 Not extensible; limited to included tools ✅ Highly extensible: large app ecosystem
Granular Permissions ✅ Share per-document, read/write settings ✅ Granular permissions per file/folder, group access controls
Audit Logs 🔴 No ✅ Yes (with Audit Log app)
Data Residency Control ✅ Full control if self-hosted ✅ Full control if self-hosted
Third-Party App Access 🔴 No (privacy-first: closed system) ✅ Yes (API, OAuth, WebDAV, etc.)
Security Design Philosophy 🟢 Maximum privacy, minimal trust—even the server can’t read your data 🟡 Flexible sharing and access with admin and plugin extensibility, but less private by default
Compliance 🔶 GDPR-friendly, but limited enterprise features ✅ GDPR, HIPAA (with setup), enterprise features
Codebase ✅ Open source (AGPLv3) ✅ Open source (AGPLv3)
Categories
Uncategorized

Work in progress playlist

music.apple.com/us/playlist/emulation/pl.u-2aKLiAzeqq

Categories
book review

Book excerpt review – Daniel, by Thomas Adkins

Daniel: (Excerpt)Daniel: by Thomas Adkins
My rating: 4 of 5 stars

This applies only to the excerpt, which is the first chapter. It’s an intriguing start and gets the storytelling right. I enjoy seeing how authors treat liminal states of mind. Adkins does it well. The PoV character’s identity and nature are mysteries. Something unusual and, apparently, unprecedented has happened to him. I’m interested in knowing what.

I understand this chapter is the product of a workshop held in Albuquerque.

View all my reviews

Categories
biology brain cognition cognitive style communication fear introversion law enforcement mental flexibility mental health personality physical environment psychology risk analysis speech stress

Introversion’s potential risks – temporary language blindness

During the past two weeks, I’ve enjoyed rich conversations with some creative, insightful friends—introverts all. As an introvert with many interests, I can occupy myself with research and other projects for weeks on end without feeling the need to engage directly with others beyond my wife. A few years ago I became more aware of research finding introverts, to be optimally healthy, need to deliberately cultivate regular social interaction with others. We can do this without violating our other needs. Introversion entails both health boosters and detractors. On the downside, according to Laurie Helgoe, Ph.D., introverts

  • may experience more stress in social situations or even when thinking about social situations and avoiding social opportunities may erode health
  • be more realistic about negative realities or fixate on them, presenting more opportunities for negative moods or depression
  • may be less emotionally adaptable to open or crowded living or working environments (introverts tend to prefer living in less populated areas where they can be outdoors without being crowded, as in many mountainous areas)
  • may not benefit as much from fitness and other activities that are organized to emphasize socialization (think Cross Fit or many other popular fitness programs)
  • may have less effective immune systems, though the effect is small
  • may require more time and effort to think through decision scenarios (possibly due to the denser gray matter in their brains)
  • are more easily aroused by sensory stimuli, which can make them seek situations with less stimulation
  • may avoid risk-taking, which can have positive and negative effects (they’re unlikely to become gambling addicts but are also more likely to miss significant opportunities that require them to take chances)
  • may ignore negative health indicators and delay speaking with health care providers about potential health issues
  • may experience slower situational comprehension and response times in loud environments or situations with intensified sounds or urgency signals, such as when exposed to alarms, vehicle horns, or other people yelling commands (think of the spate of recent episodes of police excessive force against people the claim were not obeying their screamed orders)

Regarding the last point above, an introvert friend worries she’ll not be capable of understanding the screamed commands of a threatening policeman and will be arrested, injured, or even killed because of it. There is probably a clinical or technical name for such a temporary inability to process language. I’m unaware of any law enforcement training specifically addressing this issue. If you know more about it, please post a comment.

Categories
3D modeling artificial intelligence deception fake news imagery information technology internet media forgery media technology persuasion privacy social media social media speech synthesis surveillance video

AI-enables creation of 3D face model from single image

If you’re not sufficiently concerned about people using AI tools to create convincing fake audio and video, now the Computer Vision Lab at Nottingham University has developed an AI system capable of creating fairly accurate 3D faces from single photographs. I uploaded one of my own to the demo tool and a few seconds later it produced the following model (a GIF of captured screen video of me rotating the 3D model):

Imagine what AI can do with multiple images and videos of you (from your social media posts, mobile phone’s images and videos library, surveillance images, etc.). Among other possible take-aways is the need for vigilance and cynicism. If you see or hear something in digital media (online or in media sent to you via email, IM, etc.) that is too terrible, wonderful or just shocking to be true, it probably isn’t. For now, at least, it’s still possible to detect forged media (and fake news, but you probably don’t want to) but soon it will require AI tools to spot the work of other AI tools and we’ll then have to decide which AIs to believe. The make/detect forgeries arms race is accelerating.

Okay, still smarting from me suggesting you may not want to detect when the news you enjoy and agree with is fake? Check out the following video and exercise your media literacy by researching cognitive biases.

Related links (interesting examples of cognitive bias and trolling in many of the comments)
  • https://www.ipscommons.sg/fake-news-mind-traps/
  • https://www.youtube.com/watch?v=4XGTTKJJsEw
  • https://www.youtube.com/watch?v=rrkqZfHOvbE
  • https://en.wikipedia.org/wiki/List_of_cognitive_biases
Categories
Uncategorized

Prosthetic memory system successful in humans

“This is the first time scientists have been able to identify a patient’s own brain cell code or pattern for memory and, in essence, ‘write in’ that code to make existing memory work better, an important first step in potentially restoring memory loss”

We showed that we could tap into a patient’s own memory content, reinforce it and feed it back to the patient,” Hampson said. “Even when a person’s memory is impaired, it is possible to identify the neural firing patterns that indicate correct memory formation and separate them from the patterns that are incorrect. We can then feed in the correct patterns to assist the patient’s brain in accurately forming new memories, not as a replacement for innate memory function, but as a boost to it.”

Source: http://www.wakehealth.edu/News-Releases/2018/Prosthetic_Memory_System_Successful_in_Humans_Study_Finds.htm

Categories
artificial intelligence complexity

We have the wrong paradigm for the complex adaptive system we are part of

This very rich, conversational thought piece asks if we, as participant designers within a complex adaptive ecology, can envision and act on a better paradigm than the ones that propel us toward monocurrency and monoculture. 

We should learn from our history of applying over-reductionist science to society and try to, as Wiener says, “cease to kiss the whip that lashes us.” While it is one of the key drivers of science—to elegantly explain the complex and reduce confusion to understanding—we must also remember what Albert Einstein said, “Everything should be made as simple as possible, but no simpler.” We need to embrace the unknowability—the irreducibility—of the real world that artists, biologists and those who work in the messy world of liberal arts and humanities are familiar with.

 

In order to effectively respond to the significant scientific challenges of our times, I believe we must view the world as many interconnected, complex, self-adaptive systems across scales and dimensions that are unknowable and largely inseparable from the observer and the designer. In other words, we are participants in multiple evolutionary systems with different fitness landscapes at different scales, from our microbes to our individual identities to society and our species. Individuals themselves are systems composed of systems of systems, such as the cells in our bodies that behave more like system-level designers than we do.

Joichi Ito

 

Categories
Uncategorized

Different signaling proteins found instrumental in remembering and forgetting scent-based memories

Understanding how brains actively erase memories may open new understanding of memory loss and aging, and open the possibility of new treatments for neurodegenerative disease.

http://neurosciencenews.com/memory-brain-signals-8002/ 

Categories
artificial intelligence cognition complexity

Book review – Life 3.0: Being Human in the Age of Artificial Intelligence, by Max Tegmark

Max Tegmark’s new book, Life 3.0: Being Human in the Age of Artificial Intelligence, introduces a framework for defining types of life based on the degree of design control that sensing, self-replicating entities have over their own ‘hardware’ (physical forms) and ‘software’ (“all the algorithms and knowledge that you use to process the information from your senses and decide what to do”).

It’s a relatively non-academic read and well worth the effort for anyone interested in the potential to design the next major forms of ‘Life’ to transcend many of the physical and cognitive constraints that have us now on the brink of self-destruction. Tegmark’s forecast is optimistic.