Do we have any frequent travellers or digital nomads here?
If so where have you been and do you have any tips to share? (Particularly in terms of keeping data and dev machines secure or any special considerations to factor while working with Elixir or Erlang etc)
If you’ve haven’t worked while travelling yourself, is it something you’ve considered? If so where would you like to go and do you have any tips of your own to share?
For those who don’t know what a digital nomad is it is essentially someone who works away from their home country/location. Many countries offer digital nomad visas, with the main condition usually being that you do not work for a local company (so you are not taking jobs away from the local population). It’s attractive for remote workers not just because you get to pick your setting, but it is often more affordable than a person’s home country too.
Do you have any tips for securing your machine/keeping your data safe?
Currently my thoughts are using something like Apple Remote Desktop and a VPN - so your data stays at home and you only access what you need as and when you need it. The base M4 Mac Mini is great for this - a cheap and efficient server. It has an option which reboots it after a power cut so I think it would be pretty reliable, and of course you could always get someone to manually reboot it if there’s someone you can leave your keys with (or just buy two, clone your data and have two up and running at two different locations).
I think it also removes the worry of your laptop getting stolen or damaged, and since your data will remain at home you won’t need an expensive machine with lots of storage. Curious if anyone if any frequent travellers or nomads are doing something like this, or whether there are any pitfalls I haven’t thought of?
Not frequent nor long but when I bikepacked for a week last year, I had the goal of advancing a personal project a bit every day.
I brought a secondhand Lenovo x270 with a danish keymap, the cheapest okay laptop I could find, and ran it (well run it, I still use it) under Lubuntu, fully encrypted with LUKS. I had a temporary private key, encrypted with a separate password on it, and deleted it from the authorized keys of my origins after the trip.
It was fine to work on elixir projects on it . Endorphines from all the cycling made it quite smooth but I must say I skipped some days. Now I daydream about a three week long bikepacking + coding trip.
This time I think I would bring my macbook air and large enough battery to tether from my phone. I also would deal an arrangement with a freelance friend to handle any alert if I want to hike in a no-reception zone. There’s a tacit law that says that production incidents happen the one day of the year I drop my phone in a fire by accident.
Everything always runs super smoothly with more nines than contractually set, then if you go off-grid a one-in-ten-million condition happens the next second.
Sounds like you had a fantastic experience - definitely do it again if you can!
Where did you go? Was there anything in particular you found challenging?
Do you mean like a separate power bank?
Do you mean the whole section on security or just the first bit:
I generally don’t own anything of real value, besides my MacBook
If so I would definitely agree - it’s a major reason why I’d look into using something like Remote Desktop as it eradicates the need for a large disk, which usually bumps up the cost quite significantly of a Mac.
Personally I would not as I don’t see any advantages, perhaps particularly as I am a macOS user and MBAs have excellent batteries, are super lightweight, etc
If you were keeping your data home then you may also be limited to ssh for file transfers, which isn’t a bad idea (and I’m sure @Lucassifoni (and maybe @ruslandoga) could provide further insight) but part of the reason I like the idea of Apple Remote Desktop is you dial into your home machine and can basically do anything on/from it - so you could even send mail from your home machine, or browse the web… so it could be even better than just using a VPN as there would be no browser history on your local device or via local networks/ISPs. I need to look into it more but the more I think of it the more it sounds like a really good approach
I think it would be helpful to ask yourself whether the location you’re planning to work from has more - or less - physical security risks than your home location. This conversation seems to make the assumption that “it’s all safe and secure at home, but risky and unsafe in ‘other places’”. I’m not sure that assertion stands up to scrutiny.
For anyone interested in running macOS off an external drive, some advantages:
You can bolt it on to a wall or under your desk and if there is a break in chances are a petty thief will be more interested in nicking your Mac than a hard drive that they won’t be able to easily/quickly remove.
You can purchase good quality TB cables so could mount your HD somewhere out of sight, and, from what I know, it’s very likely a petty thief will be more interested in an expensive Mac than a tiny HD, particularly if you make it difficult to remove and particularly if the cable to it is amongst other cables (petty thieves often just cut cables attached to more valuable devices to make a quick exit).
You can do other things too, install an alarm, CCTV, or even get someone to house-sit/lodge. Some of which I have already done and some I am personally considering. Again, macOS here is great because you can remotely wipe your data on a compromised/stolen device.
I think it is worth highlighting that part of the reason people might focus on security abroad is, understandably, because it will be unfamiliar territory, and in many cases, unfamiliar laws. While I am not one to automatically trust the narratives of mainstream media I do personally think we should keep our wits about us and not take anything for granted and exercise caution - whether at home or abroad. Prevention is better than cure, especially if you are involved in sensitive fields. I have heard horror stories of people having to give passwords to their laptops at airport security (which appear to then have their data copied) or risk being refused entry and their equipment seized. And I’ve heard this is happening in our own countries too, sometimes even to nationals returning from a trip abroad.
One of the most famous cases is when the partner of the Guardian’s editor who interviewed Edward Snowden had his laptop and other equipment seized on returning back to the UK under a controversial law which applies only at airports (and ports/borders):
Miranda was released, but officials confiscated electronics equipment including his mobile phone, laptop, camera, memory sticks, DVDs and games consoles.
So my personal take is to be careful and cautious everywhere, even if you feel like you’re going somewhere relatively safe. You could go to a ‘safe zone’ and be subject to a severe and intrusive breach of privacy, or go somewhere that has a ‘bad reputation’ and be treated with nothing but respect.
A bit part of the reason I am thinking along this path is because I would prefer to take an inexpensive machine with me where I won’t worry about getting scratched, or damaged, or lost. Another advantage with sticking to macOS is, from what I know, there aren’t any fakes or compromised units - so if you did lose one you could purchase a new replacement and be relatively confident it has not been hampered with…
I rode a small-ish distance over a week, about 360km, from southwest france to the mediterranean sea, then went south along the sea until I crossed to spain ! I would have liked to prepare a bit better, lacked a bit of time, and needed to do exercises for a knee for two months after that - still totally worth it;
Re : encryption and backup, I had the canonical experience in 2022 : 3 hour long meeting, super productive, took a lot of notes and user feedback. We go for lunch with the client team, someone in the street grabs my bag and runs. No more notes and no more laptop. The laptop was fully encrypted but I thought that I would sync the notes at the end of the day at the hotel. My paper notes were gone too since they were in the bag.
Now when I’m travelling I constantly sync my work and only take with me what I’m okay with losing.
Over the years, as much of my career has been in professional services in one form or another, I’ve done a fair amount of travel carrying computing equipment. There have been stretches for several years running where I’d be on the road during the weekdays and then back home for the weekend. In fact, I just got off a plane ~45 minutes ago, will spend ~6 hours here at home, and then will be back at the airport to jump an early morning flight for another week away in a different place.
I think there’s a lot to this. I don’t take huge special precautions just because I’m travelling. I do take different kinds of precautions based on the particular sensitivity of information I might be carrying around on my travel laptops (my main working computer is a very stationary desktop workstation). Most of my travelling is project management/business analysis with limited secret-sauce/disclosure-sensitive information needing to be with me. So the basic thing I’m typically guarding against isn’t so much disclosure as much as it is simply losing access to my needed work products. So I use MFA everywhere possible, I tend to avoid biometric access, I encrypt data a rest (basic effort, not heroic efforts), and ensure that I’m syncing my data to a sufficiently trusted cloud service. Crossing borders, I will typically strip information down to bear minimum required for the trip just because those have a higher risk of highly invasive searches. With good encryption and access to various online storage options… there’s usually a way not to carry data on-device today.
There have been times where I have carried more sensitive information which did carry real disclosure risk where I took extra precautions, but I took those on my non-travelling systems as well because the travel aspect didn’t matter: the information determined my security needs overall.
Finally, I did have a work laptop stolen once from the back office of a large retail store I was travelling to help open. We actually ended up getting it back because I was working in a pretty secure back office (under security cameras, which did catch the act) and the laptop had some very specialized and very, very expensive networking gear (at least for the time) installed into it which apparently was enough to elevate the chargeable offense enough to really pursue. Perhaps the irony is that tomorrow’s trip is taking me back to the city where that happened for the first time since that trip… ~30 years ago :-).
I have a Mac Mini M1 sitting in my office, and a new’ish Macbook Air for home/travel. This forces me to have good developer habits: everything goes into Github (except secrets), along with my Neovim config.
I use a super standard MacOS setup with very few plugins/changes, so I can setup a new machine in an hour. It’s mostly iTerm + Window Manager + Hide the Dock, then install mise(asdf), and then I have .tool-versions in all repo’s. Only issue is I use US keyboard on all machines, so might take a little while to get a new one depending on location.
Generate new secrets when needed on each machine.
ProtonVPN is the only VPN provider I trust. I also use their mail for custom domain hosting.
2FA: GoogleAuth with account recovery turned on.
2FA: YubiKeys for all the important stuff (that supports multiple yubikeys). I have minimum two: one for my physical keychain and one is permanently in my office M1.
Apple Keychain/Passwords for passwords.
If my laptop or desktop is stolen/destroyed in a fire it’s fine.
If I’m robbed and lose my Yubikey and my phone I have the other one Yubikey in the office.
Being searched at borders is not something I’ve chosen to defend against so far. You could zero-wipe devices before crossing, but I’m less concerned with this threat.
We’re on the road a few months per year, all within the US, sometimes by road, sometimes by air. Our travel locations are often off-grid, and we’ve spent a fair amount of time tweaking the setup.
What makes it work for me: the ‘desktop layout’ is the same no matter the location. Dual-screen monitor, mechanical keyboard, screens raised to eye level.
In a house, the ‘monitor stand’ is often a cardboard box.
In the van, the ‘monitor stand’ is some built-in shelves. A bosun’s chair works great and packs small. A 300aH LFP battery is enough to go about a week between recharges.
Everything is synced to a cheap VPS in a datacenter. Sensitive data is encrypted with Yubikey 2FA.
Protip: practice! Take your mobile setup across town for an afternoon and see how it works.
I recommend reading up on Mullvad. They actually fight in courts for their customers. Proton seems a lost cause these days to me, they’re pushing their non-free tiers too aggressively for my taste, and I never believed the “we’re in Switzerland so nobody can come knocking on the door for your secrets” thing. And their free tiers are way too limiting to boot.
I think it’s way cheaper to rent a basic server or 2. I have been paying 9 euros a month with Dedibox and that gives me 1TB HDD. Having two makes sense, with a sync between them just in case one dies, and it will still be less than 20 euros a month.
I think working with a VPN is a risky move though, as you cannot do anything when the internet is bad or down, which happens more often than not. Working offline and syncing the changes regularly is more practical IMHO. I also had trouble in the past while working directly on files via SSH. It’s better to work on them locally and have an automatic sync everytime you save them.
Sounds amazing! Post pics (or in our Where do you live thread) if you feel like sharing
For your knee you might want to look into home-made 24 hour bone broths (it’s what I’d turn to for any bone/joint issues, perhaps with some Kefir too).
Nightmare!!! I think you highlight an important issue too - that unfortunately tourists often stand out like a sore thumb and do get targeted by thieves in some popular destinations. We’ve all probably seen the viral videos of the woman who goes around tourist destinations in her country filming and shouting “PICK POCKET” whenever she sees one in action.
Definitely pays to be vigilant, and, as we’re all discussing in this thread, taking precautions.
You’re not on macOS but syncing the Notes app via iCloud is very handy - you can sync between phones/mac/iPad etc and if a device is lost or stolen those notes are still in the cloud.
Just be sure to turn on Advanced Data Protection (it’s criminal that it’s not on by default tbh!)
Thanks for sharing your story Steven! While it could have happened to anyone, I do feel there is an added risk to travellers because many thieves probably feel that when the person goes back home it will all be forgotten. Much better from their perspective to avoid robbing someone who lives there and who they may bump into again in future.
Let’s hope you don’t have a repeat on your return! I’ll keep my fingers crossed for ya
+
I bookmarked a new VPN I saw on DT recently:
I wonder if it’s worth a look?
Personally I would not take the risk given the direction things are going, particularly if you are or work with people or an organisation who is outspoken against your govt or certain injustices in the world. They could use controversial laws just to spite/bully people (as they appear to have in the story I linked to above).
Ah nice! I’d love to do something like that one day!! Or just build a house out in the sticks somewhere. Here in Wales we have a One Planet scheme that lets you build in areas where you’d struggle to get planning permission otherwise, definitely going to look into that as well at some point (it seems very restrictive, shame it just wasn’t a little bit more flexible)
My only concern with this is that your data is at a location where anyone could come or go - which I think is fine for certain types of data but I wouldn’t want everything on there. Hence currently I think I would prefer using Remote Desktop.
My current thinking is to simply copy over what I need, work on it, then copy it back to my home machine when done or at regular intervals. For general notes I’d be happy to use iCloud syncing on the Notes app.