diff --git a/www/.layout.gohtml b/www/.layout.gohtml
index 1df13ef..44ef065 100644
--- a/www/.layout.gohtml
+++ b/www/.layout.gohtml
@@ -95,6 +95,7 @@
 				<ul class="list-unstyled">
 					<li>&#0187; <a href="/">Homepage</a> <small>(<a href="/blog.rss">RSS</a>/<a href="/blog.atom">Atom</a>)</small></li>
 					<li>&#0187; <a href="/about">About Me</a></li>
+					<li>&#0187; <a href="/ask">Ask Me Anything</a></li>
 					<!-- <li>&#0187; <a href="/photos/albums">Photo Albums</a></li> -->
 					<li>&#0187; <a href="/current-projects">Current Projects</a></li>
 					<li>&#0187; <a href="/wiki/Main-Page">My Wiki</a></li>
diff --git a/www/current-projects.md b/www/current-projects.md
index 59cbf56..52a75e7 100644
--- a/www/current-projects.md
+++ b/www/current-projects.md
@@ -12,6 +12,9 @@ These are the personal projects I'm currently working on.
 
 ### Open Source
 
+* [sonar](https://git.kirsle.net/apps/sonar) is an alarm clock program that plays
+  a folder of random music. Mine currently wakes me up to speeches from the
+  philosopher [Alan Watts](https://www.youtube.com/watch?v=y_I3Iqx8GY0&list=PLX5WbxWCSYilmAemBeEqz-zBqbcEF62w_).
 * [kirsle/blog](https://github.com/kirsle/blog): the Go software that currently
   powers the back-end of kirsle.net.
 * [rivescript-js](https://github.com/aichaos/rivescript-js): the JavaScript port
diff --git a/www/msdos.gohtml b/www/msdos.gohtml
index 2946e18..34239a4 100644
--- a/www/msdos.gohtml
+++ b/www/msdos.gohtml
@@ -51,8 +51,8 @@ with VirtualBox's emulated hardware. Drivers include:
 
 <h1>Comments</h1>
 
-For tips, tricks, or to leave comments, see the relevant blog post "<a href="/blog/kirsle/ms-dos-and-windows-3-1">MS-DOS and Windows 3.1</a>". The comments on that blog post are shared to this page as well (so comments on either page show up in both places).<p>
+For tips, tricks, or to leave comments, see the relevant blog post "<a href="/ms-dos-and-windows-3-1">MS-DOS and Windows 3.1</a>". The comments on that blog post are shared to this page as well (so comments on either page show up in both places).<p>
 
-{{ RenderComments "MS-DOS" "post-42" }}
+{{ RenderComments .Request "MS-DOS" "post" "42" }}
 
 {{ end }}
diff --git a/www/wiki/Bookmarks/Corporate-Sins.md b/www/wiki/Bookmarks/Corporate-Sins.md
index c89e2b1..2975cf2 100644
--- a/www/wiki/Bookmarks/Corporate-Sins.md
+++ b/www/wiki/Bookmarks/Corporate-Sins.md
@@ -5,6 +5,7 @@ corporations over the years.
 
 * [Chick-fil-A](#chick-fil-a)
 * [Cisco](#cisco)
+* [Facebook](#facebook)
 * [Symantec](#symantec)
 
 ---
@@ -45,12 +46,29 @@ entire career in tech.
 >
 > — [Tom's Hardware](https://www.tomshardware.com/news/cisco-backdoor-hardcoded-accounts-software,37480.html)
 
+* [Cisco: We've killed another critical hard-coded root password bug, patch urgently](https://www.zdnet.com/google-amp/article/cisco-weve-killed-another-critical-hard-coded-root-password-bug-patch-urgently/) (Sept 2018) — this makes what, six now in 2018?
 * [Backdoors Keep Appearing in Cisco's Routers](https://www.tomshardware.com/news/cisco-backdoor-hardcoded-accounts-software,37480.html) (July 2018) —
   five backdoors discovered in five months in 2018.
 * [Cisco Removes Backdoor Account, Fourth in the Last Four Months](https://www.bleepingcomputer.com/news/security/cisco-removes-backdoor-account-fourth-in-the-last-four-months/) (June 2018)
 * [Cisco fixes hard-coded password 'backdoor' flaw in Wi-Fi access points](https://www.zdnet.com/article/cisco-fixes-wi-fi-access-points-with-hard-coded-backdoor-access/) (2016)
 * [Malicious Cisco router backdoor found on 79 more devices, 25 in the US](https://arstechnica.com/information-technology/2015/09/malicious-cisco-router-backdoor-found-on-79-more-devices-25-in-the-us/) (2015) — Security researchers discovered a hidden "knock sequence" that allowed remote access to the Cisco routers. When confronted, Cisco "fixed" the problem by shuffling the knock sequence around. The security researches discovered the new sequence again because *of course they did.*
 
+# Facebook
+
+Facebook has been having a really bad 2018 since the Cambridge Analytica scandal began.
+Only started collecting links here 12/6/18, needs some backfilling.
+
+* [Facebook accused of striking 'secret deals over user data' - BBC News](https://www.bbc.com/news/technology-46456695) ‒ leaked internal exec emails about their purposefully privacy-infringing business practices.
+  * Allowed some companies to retain full access to users' friends' data, *even after* closing the general privacy hole in 2014/2015 as related to the Cambridge Analytica leaks.
+  * They were aware the Android permission change to log users' call and text history *would be controversial* before they even launched it, and purposefully directed users attention away from the feature.
+
+    > Michael LeBeau (Facebook product manager):
+    >
+    > "As you know all the growth team is planning on shipping a permissions update on Android at the end of this month. They are going to include the 'read call log' permission... This is a pretty high-risk thing to do from a PR perspective but it appears that the growth team will charge ahead and do it...[The danger is] screenshot of the scary Android permissions screen becomes a meme (as it has in the past), propagates around the web, it gets press attention, and enterprising journalists dig into what exactly the new update is requesting, then write stories about "Facebook uses new Android update to pry into your private life in ever more terrifying ways".
+
+* [As Facebook Raised a Privacy Wall, It Carved an Opening for Tech Giants](https://www.nytimes.com/2018/12/18/technology/facebook-privacy.html) (NY Times) ‒ "Facebook allowed Microsoft’s Bing search engine to see the names of virtually all Facebook users’ friends without consent, the records show, and gave Netflix and Spotify the ability to read Facebook users’ private messages."
+  * Non-NY Times article: [Facebook let tons of companies get info about you, including Amazon, Netflix, and Microsoft](https://www.cnbc.com/2018/12/19/facebook-gave-amazon-microsoft-netflix-special-access-to-data-nyt.html) (CNBC)
+
 # Symantec
 
 [Symantec](https://www.symantec.com/) is a security company most known for
diff --git a/www/wiki/Bookmarks/Development.md b/www/wiki/Bookmarks/Development.md
index 38fe72c..03009c1 100644
--- a/www/wiki/Bookmarks/Development.md
+++ b/www/wiki/Bookmarks/Development.md
@@ -80,6 +80,7 @@
   * [2D Game Art for Programmers](http://www.2dgameartguru.com/) — Guides on vector art using Inkscape, GIMP &amp; co.
   * [Developer's **Music Making** Guide](http://ruoyusun.com/2017/08/29/make-some-music.html)
   * [Tips for Building Mobile Games in HTML5](https://thomashunter.name/blog/tips-for-building-mobile-games-in-html5/)
+  * [256-Color VGA Programming in DOS](http://www.brackeen.com/vga/) — tutorial and guide for building DOS programs and their low-level direct memory access to VGA graphics.
 * Tools
   * [Game Mechanic Explorer](https://gamemechanicexplorer.com/) — Interactive demos and code samples for common game mechanics.
   * [GifCam](http://blog.bahraniapps.com/gifcam/) — Like FRAPS, to make gifs from your games
@@ -121,6 +122,7 @@
 
 * [JavaScript Module Pattern: In-Depth](http://www.adequatelygood.com/JavaScript-Module-Pattern-In-Depth.html) — How to write self-contained JavaScript modules in raw ES5.
 * [Deploying ES2015+ Code in Production Today](https://philipwalton.com/articles/deploying-es2015-code-in-production-today/) — Using `<script type="module">` and `<script nomodule>` to ship native ES6 code to the browser, with pre-browserified fallback for legacy users.
+* [A JavaScript-Free Frontend](https://dev.to/winduptoy/a-javascript-free-frontend-2d3e) — Modals, drop-downs and other <abbr title="Single Page App">SPA</abbr> features in pure HTML and CSS without JavaScript.
 
 ## PHP
 
diff --git a/www/wiki/Bookmarks/index.md b/www/wiki/Bookmarks/index.md
index 89d09d7..cbd55aa 100644
--- a/www/wiki/Bookmarks/index.md
+++ b/www/wiki/Bookmarks/index.md
@@ -41,8 +41,11 @@ sub-pages when this list gets too long.
   * [NSA](#nsa) — Stories of the NSA, Edward Snowden, and related OpSec topics.
 * [Philosophy](#philosophy)
   * [DP/DR](#dp-dr) — Depersonalization/derealization.
+* [Politics](#politics)
 * [Privacy](#privacy)
 * [Short Stories](#short-stories)
+* [Spirituality](#spirituality)
+  * [Gnostic](#gnostic)
 * [Reddit](#reddit) — Miscellaneous cool Reddit threads and comments.
 
 # Gaming
@@ -134,6 +137,10 @@ in nature so I categorize these links as a sub-genre of [Philosophy](#philosophy
   * [Alan Watts Proves You Don't Exist](https://www.youtube.com/watch?v=vNKOUhx-7qk)
   * [Alan Watts - Are you ready to 'wake up'?](https://www.youtube.com/watch?v=YFzeCv_WFnY)
 
+# Politics
+
+* [Voting lines between Democrats and Republicans on many key issues](https://np.reddit.com/r/technology/comments/6pc5qu/democrats_propose_rules_to_break_up_broadband/dkon8t4/) — and they say both sides are the same. Republicans and Democrats voted polar opposites (-100%...+100%) on many key controversial issues like Net Neutrality, economy/jobs, "war on terror", civil rights, family planning and environmentalism.
+
 # Privacy
 
 This topic has some overlap with my [NSA](#nsa) category; check those links too.
@@ -152,6 +159,16 @@ This topic has some overlap with my [NSA](#nsa) category; check those links too.
 * [The Machine](http://existentialcomics.com/comic/1) — A webcomic about teleporters and whether they murder &amp; re-materialize their users.
 * [25 Lives](https://s2b2.livejournal.com/142934.html) — A touching webcomic about reincarnation.
 
+# Spirituality
+
+## Gnostic
+
+* **The origin story:** because the book of Genesis is just a fraction of the full story.
+  Gnostic readings that were recommended to me:
+  1. [On the Origin of the World](http://www.gnosis.org/naghamm/origin.html)
+  2. [The Hypostasis of the Archons](http://www.gnosis.org/naghamm/hypostas.html)
+  3. [The Apocryphon of John](http://www.gnosis.org/naghamm/apocjn.html)
+
 # Reddit
 
 * [Surprise psychology on *What is the most cynical thing you honestly believe?*](https://www.reddit.com/r/AskReddit/comments/19hfj3/what_is_the_most_cynical_thing_you_honestly/c8o44w2/)
diff --git a/www/wiki/C&C.md b/www/wiki/C&C.md
new file mode 100644
index 0000000..f22db2e
--- /dev/null
+++ b/www/wiki/C&C.md
@@ -0,0 +1,11 @@
+# C&C Topics
+
+* [ ] Walk through setting up my [home cloud server](/wiki/Self-Hosting) for a
+      high-level crash course on what all that looks like.
+* [ ] Teach about `git` and `git-svn` and deploying code to a server with git hooks.
+* [ ] Network security and VPNs and such
+  * What coffee shop WiFi hackers can do and how to evade that
+* [ ] Tour of Linux desktop environments (GNOME, KDE, Xfce, Cinnamon, MATE, Lxde)
+* [ ] In-depth how the Domain Name System works, `/etc/hosts`, PiHole
+* [ ] In-depth how e-mail systems work
+  * [x] SMTP servers (connect directly to one and spoof an e-mail)
\ No newline at end of file
diff --git a/www/wiki/Doodle-Notes.md b/www/wiki/Doodle-Notes.md
deleted file mode 100644
index d4d33f8..0000000
--- a/www/wiki/Doodle-Notes.md
+++ /dev/null
@@ -1,259 +0,0 @@
-# Ideas
-
-## Table of Contents
-
-* [Major Milestones](#major-milestones)
-* [File Formats](#file-formats)
-* [Text Console](#text-console)
-* [Doodads](#doodads)
-
-# Major Milestones
-
-The major milestones of the game are roughly:
-
-* Prototype: make a simple SDL painting program that does nothing special.
-* Simple Platformer: be able to toggle between "edit mode" and "play mode"
-    and control a character who can walk around your level and bump into the
-    solid geometry you've drawn (no objects yet, just the basics here).
-* Add Doodads (buttons, doors, the player character themself, enemies, ...)
-    * Share a lot in common with map drawings, in that they're hand-drawn, will
-      share a similar file format.
-    * Available doodads can be dragged/dropped into maps.
-    * The player character should be a Doodad under the hood to keep it from
-      becoming too special (read: easier to make the game multiplayer in the
-      future by putting a "networked user" in control of a doodad instead of
-      the keyboard/mouse).
-* **Version 1:** Single Player Campaign and Editor. This is the minimum
-    feature set for a first public release of the game. Required features:
-    * The game should ship with a single-player "campaign mode" of pre-made maps
-      that link to one another in sequence. i.e. 100 levels that the player can
-      play through in a certain order.
-    * It must include the level editor feature so players can create and share
-      their own maps.
-    * Dev tools may be clunky to use at this stage; i.e. players creating custom
-      Doodads will need to use external tools outside the game (i.e. code editors
-      to program the JavaScript logic of the doodad), but everything should be
-      available and possible for modders to extend the game with custom features.
-    * Game should have a good mixture of doodads and features: doors, buttons,
-      switches, etc. and make a usable single player experience.
-    * World sizes might be limited in dimension.
-* **Version 2:** Multiplayer Collaborative World Builder. This is a
-    "pie in the sky" long-term vision for the game, to make it multiplayer,
-    hopefully addicting, and possibly slightly Minecraft-like. Some ideas:
-    * Players can self-host their own multiplayer servers to draw worlds with
-      friends.
-    * A new server would initialize as a blank white level with maybe a single
-      platform (a line) for players to spawn on.
-    * Gameplay is a mixture of players drawing the world and playing on it.
-      * i.e.: one player could be drawing himself a castle and, as he's drawing,
-        another player could be walking on the lines being laid down, etc.
-    * World size should be infinite.
-    * Besides creative mode, other game modes should be explored eventually...
-      * Automatically-spawning enemy doodads that you have to fight?
-      * Procedurally generated default maps? Having a blank white canvas is
-        sorta like Superflat worlds in Minecraft, whereas normal Minecraft worlds
-        come with randomly generated terrain to start from.
-      * Find a way to incorporate drawing into a survival mode game? i.e. instead
-        of a "Creative Mode" style, "unlimited ink to draw as much as you want,"
-        have some natural limiter where players have to spend time in Play Mode
-        to be able to change the map.
-
-# File Formats
-
-* The file formats should eventually have a **Protocol Buffers** binary
-    representation before we go live. JSON support shall remain, but the
-    production application will not _write_ JSON files, only read them.
-    (This way we can ship drawings in the git repo as text files).
-
-## Common Drawing Files
-
-* A common base format should be shared between Levels and Doodads. You should
-    be able to use the Editor mode and draw a map *or* draw a doodad like a
-    button. The drawing data should be a common structure between Level and
-    Doodad files.
-* The drawing is separated between a **Palette** and the **Pixels**
-    themselves. The Pixels reference the Palette values and their X,Y
-    coordinate.
-* The _color_ and the _behavior_ of the palette are decoupled.
-    * In the base game, all the solid lines you draw may be black and red
-      lines are fire, but these aren't hard and fast rules. You could hack a
-      custom map file that makes black lines fire and red lines water if
-      you wanted.
-    * The Palette in the map file stores the attributes and colors of each
-      distinct type of pixel used in the map. Here it says "color 0 is
-      black and is solid", "color 1 is red and is fire and is not solid",
-      etc.
-    * A mod tool could be written to produce a full-color pixel art level
-      that still behaves and follows the normal rules of the Doodle game
-      with regards to geometry and collisions.
-* Ideas for pixel attributes:
-    * Brush: what shape brush to draw the pixel with.
-    * Solid: can't collide with other solid pixels.
-    * Fire: applies fire damage to doodads that intersect with it.
-    * Water: If a doodad passes through a blue pixel, they toggle their
-      underwater physics. This way pools can be entered from ANY side (top,
-      bottom, sides) and the physics should toggle on and off.
-    * Slippery: when a doodad is standing on a slippery pixel, do some extra
-      checks to find a slope and slide the doodad down it. Makes the pixels
-      act like ice.
-* Standard palette:
-    * The base game's map editor will tend toward hand-drawn style, at least
-      at first.
-    * Black lines are solid.
-    * Dashed black lines are slippery.
-    * Red lines are fire.
-    * Blue lines are water.
-    * Light grey lines are decoration (non solid, background geometry)
-    * May make it possible to choose arbitrary colors separately from the
-      type of pixel. A palette manager UX would be great.
-
-## Level Files
-
-* In the level file, store the `pixelHistory` as the definitive source
-    of pixels rather than the grid of pixels. Let the grid be populated when
-    the level is being inflated. The grid should have `json:"-"` so it doesn't
-    serialize to the JSON.
-    *  This makes it possible to animate levels as they load -- by
-       fast-tracing the original lines that the mapper drew, watching them draw
-       the map before you play it.
-    * Makes the file _slightly_ lighter weight because a lot of lines will have
-      delta positions in the pixelHistory so we don't need to store the middle
-      pixels.
-* It should have space to store copies of any custom Doodads that the user
-    wants to export with the level file itself, for easy sharing.
-* It should have space to store a custom background image.
-
-# Text Console
-
-* Create a rudimentary dev console for entering text commands in-game. It
-    will be helpful until we get a proper UI developed.
-    * The `~` key would open the console.
-    * Draw the console on the bottom of the screen. Show maybe 6 lines of
-      output history (a `[]string` slice) and the command prompt on the
-      bottom.
-* Ideas for console commands:
-    * `save <filename.json>` to save the drawing to disk.
-    * `open <filename.json>`
-    * `clear` to clear the drawing.
-* Make the console scriptable so it can be used as a prompt, in the mean
-    time before we get a UI.
-    * Example: the key binding `Ctrl-S` would be used to save the current
-      drawing, and we want to ask the user for a file name. There is no UI
-      toolkit yet to draw a popup window or anything.
-    * It could be like `console.Prompt("Filename:")` and it would force open
-      the text console (if it wasn't already open) and the command prompt would
-      have that question... and have a callback command to run, like
-      `save <filename.json>` using their answer.
-
-# Doodads
-
-Doodads will be the draggable, droppable, scriptable assets that make the
-mazes interactive.
-
-* They'll need to store multiple frames, for animations or varying states.
-    Example: door opening, button being pressed, switch toggled on or off.
-* They'll need a scripting engine to make them interactive. Authoring the
-    scripts can be done externally of the game itself.
-* The built-in doodads should be scripted the same way as custom doodads,
-    dogfooding the system.
-* Custom doodads will be allowed to bundle with a level file for easy
-    shipping.
-    * Installing new doodads from a level file could be possible too.
-* Doodads within a level file all have a unique ID, probably just an
-    integer. Could be just their array index even.
-
-Some ideas for doodad attributes:
-
-* Name (string)
-* Frames (drawings, like levels)
-
-Doodad instances in level files would have these attributes:
-
-* ID (int)
-* X,Y coordinates
-* Target (optional int; doodad ID):
-    * For buttons and switches and things. The target would be another
-      doodad that can be interacted with.
-    * Self-contained doodads, like trapdoors, won't have a Target.
-* Powered (bool)
-    * Default `false` and most things won't care.
-    * A Button would be default `false` until pressed, then it's `true`
-    * A Switch is `true` if On or `false` if Off
-    * A Door is `true` if Open and `false` if Closed
-    * So when a switch is turned on and it opens a door by pushing a `true`
-      state to the door... this is the underlying system.
-
-## Scripting
-
-* Probably use Otto for a pure Go JavaScript runtime, to avoid a whole world
-    of hurt.
-* Be able to register basic event callbacks like:
-    * On load (to initialize any state if needed)
-    * On visible (for when we support scrolling levels)
-    * On collision with another doodad or the player character
-    * On interaction (player hits a "Use" button, as if to toggle a switch)
-* Doodads should be able to pass each other messages by ID.
-    * Example: a Button should be able to tell a Door to open because the
-      button has been pressed by another doodad or the player character.
-
-Some ideas for API features that should be available to scripts:
-
-* Change the direction and strength of gravity (i.e. Antigravity Boots).
-* Teleport the player doodad to an absolute or relative coordinate.
-* Summon additional doodads at some coordinate.
-* Add and remove items from the player's inventory.
-
-## Ideas for Doodads
-
-Some specific ideas for doodads that should be in the maze game, and what
-sorts of scripting features they might need:
-
-* Items (class)
-    * A class of doodad that is "picked up" when touched by the player
-      character and placed into their inventory.
-    * Scriptable hooks can still apply, callback ideas:
-      * On enter inventory
-      * On leave inventory
-    * Example: Gravity Boots could be scripted to invert the global gravity
-      when the item enters your inventory until you drop the boots.
-    * Some attribute ideas:
-      * Undroppable: player can't remove the item from their inventory.
-    * Item ideas to start with:
-      * Keys to open doors (these would just be mere collectables)
-      * Antigravity Boots (scripted to mess with gravity)
-* Buttons
-    * At least 2 frames: pressed and not pressed.
-    * Needs to associate with a door or something that works with buttons.
-    * On collision with a doodad or player character: send a notification to
-      its associated Door that it should open. (`Powered: true`)
-    * When collision ends, button and its door become unpowered.
-* Sticky Buttons
-    * Buttons that only become `true` once. They stick "On" when activated
-      for the first time.
-    * Once pressed they can't be unpressed. However, there's nothing stopping
-      a switch from targeting a sticky button, so when the switch is turned off
-      the sticky button turns off too.
-* Switches
-    * Like a button. On=`true` and Off=`false`
-    * 2 frames for the On and Off position.
-    * On "use" by the player, toggle the switch and notify the door of the new
-      boolean value.
-      * It would invert the value of the target, not just make it match the
-        value of the switch. i.e. if the switch is `false` and the door is
-        already open (`true`), making the switch `true` closes the door.
-* Powered Doors
-    * Can only be opened when powered.
-    * 2 frames of animation: open and closed.
-    * A switch or button must target the door as a way to open/close it.
-* Locked Doors
-    * Requires a key item to be in the player's inventory.
-    * On collision with the player: if they have the key, the door toggles to
-      its `true` powered state (open) and stays open.
-    * The door takes the key from the player's inventory when opened.
-* Trapdoors
-    * One-way doors that close behind you.
-    * Can be placed horizontally: a doodad falling from above should cause
-      the door to swing open (provided it's a downward-only door) and fall
-      through.
-    * Can be placed vertically and acts as a one-way door.
-    * Needs several frames of animation.
\ No newline at end of file
diff --git a/www/wiki/Fedora-on-Macbook.md b/www/wiki/Fedora-on-Macbook.md
index 8a92803..2e1187c 100644
--- a/www/wiki/Fedora-on-Macbook.md
+++ b/www/wiki/Fedora-on-Macbook.md
@@ -2,25 +2,113 @@
 
 Notes on running Fedora Linux on a Macbook (Air 2015).
 
-# What Doesn't Work
+Updated September 19, 2018 on Fedora 28 (Xfce Desktop).
 
-Most functionality works out of the box: media keys on the keyboard (keyboard backlight brightness, playback keys, volume control).
+# What Works?
 
-Things that don't work: monitor backlight brightness keys (the keyboard brightness DOES work, though) and the Facetime HD camera, which identifies itself as a PCI device rather than USB and there are no generic webcam drivers for Linux that can work with a PCI webcam.
+Most functionality works out of the box. The function keys to control the display
+brightness, keyboard backlight brightness, and media playback control all work
+fine. The keys for Mission Control and Dashboard are recognized by X11 as keys
+named `XF86LaunchA` and `XF86LaunchB` respectively, and could be bound to custom
+application shortcuts or whatever.
+
+For example I bound the Dashboard key to `xfdashboard` which gives me a GNOME 3
+like overview of my desktop that I'll probably never use.
+
+* Function keys: all supported
+* Suspend and Hibernate: works, but Xfce desktop gets confused if you use "suspend when the laptop lid is closed" and enters a suspend-wakeup-suspend cycle; but manual suspending is fine.
+* Bluetooth: recognized but audio quality is flaky
+* WiFi: with proprietary Broadcom `wl` driver
+* Camera: doesn't work, but see below.
+* SD Card Reader: works
+* External Display: works
+
+## WiFi
+
+The WiFi chip in the Macbook Air is a Broadcom device that uses the `wl` driver.
+
+It's easily available from RPMFusion via the `akmod-wl` package and then you
+never need to worry about it again.
+
+Use a USB to Ethernet adapter or use USB tethering from your mobile phone to
+download the `wl` driver.
+
+# What Doesn't Work?
+
+## FaceTime HD Camera
+
+The webcam on the Macbook is a strange device because it's registered on the
+motherboard as a PCIe device rather than USB like what most laptop webcams are.
+
+There are generic USB video drivers that work for all USB cameras but there
+aren't generic PCIe drivers because PCIe cameras are rare.
+
+I found [this project](https://github.com/patjak/bcwc_pcie) for a Linux driver
+that gets the camera to work, but I haven't tested it.
+
+## Bluetooth is flakey
+
+The Bluetooth quality is pretty bad, with audio lagging and hanging and
+disconnecting a lot. I haven't tried other kinds of Bluetooth functionality.
+
+Inserting a USB Bluetooth adapter caused the system to prioritize that device
+over the built-in which worked around any audio problems.
 
 # Installation/Boot
 
-Make a Fedora USB stick like usual. Hold Option when booting the Macbook and choose the Fedora Media from USB to boot.
+Make a Fedora USB stick like usual. Hold Option when booting the Macbook and
+choose the Fedora Media from USB to boot.
 
-I found that rEFIt/rEFInd are no longer necessary when installing Fedora. Just free up some partition space and allow Fedora to automatically create a partition layout, and it sets up a /boot/efi HFS+ partition automatically to make the OS bootable. Manual instructions for this are available for Debian and Arch, etc.
+I found that rEFIt/rEFInd are no longer necessary when installing Fedora.
+Just free up some partition space and allow Fedora to automatically create a
+partition layout, and it sets up a /boot/efi HFS+ partition automatically to
+make the OS bootable. Manual instructions for this are available for Debian
+and Arch, etc.
 
-GRUB installs itself and things work just like any other PC. In Fedora (as of v22), the GRUB menu lists a couple entries for Mac OS X (32-bit and 64-bit) but neither one works. Booting Fedora works though.
+GRUB installs itself and things work just like any other PC. In Fedora
+(as of v22), the GRUB menu lists a couple entries for Mac OS X (32-bit
+and 64-bit) but neither one works. Booting Fedora works though.
 
-To boot OS X, hold down the Option key during boot and pick OS X from the firmware bootloader. If you want OS X to be the default OS you can pick it as the System Disk from within OS X's settings. In this case, to boot Linux you'd hold Option on boot and choose Fedora, which takes you to GRUB and then you boot Fedora from there.
+To boot OS X, hold down the Option key during boot and pick OS X from the
+firmware bootloader. If you want OS X to be the default OS you can pick it
+as the System Disk from within OS X's settings. In this case, to boot Linux
+you'd hold Option on boot and choose Fedora, which takes you to GRUB and then
+you boot Fedora from there.
 
 # Backlight Brightness
 
-See <http://sh.kirsle.net/mb-brightness> for this. The keyboard brightness keys (in Xfce at least) don't work; they show a brightness graph but the actual brightness doesn't change. This script uses root to write brightness values to files in /sys.
+When I first started running Fedora on my Macbook it was Fedora 22 and the
+display backlight keys didn't work, so I wrote a script to do this the hard
+way. The script may still be useful if this problem comes back again.
+
+See <https://sh.kirsle.net/mb-brightness> for this. The keyboard brightness
+keys (in Xfce at least) don't work; they show a brightness graph but the
+actual brightness doesn't change. This script uses root to write brightness
+values to files in /sys.
+
+In case that link stops working, it basically manipulates values in these two
+files (writable only to root):
+
+```
+BRIGHTNESS     = "/sys/class/backlight/intel_backlight/brightness"
+MAX_BRIGHTNESS = "/sys/class/backlight/intel_backlight/max_brightness"
+```
+
+`MAX_BRIGHTNESS` has some arbitrary value like `2777` and you just write a
+number between 0 and `MAX_BRIGHTNESS` into the other file.
+
+```bash
+# to set the display to 50% brightness, you get the max brightness
+$ cat /sys/class/backlight/intel_backlight/max_brightness
+2777
+
+# divide it in half
+$ perl -E 'say 2777 / 2'
+1388.5
+
+# write that into the brightness file
+$ echo 1388 | sudo tee /sys/class/backlight/intel_backlight/brightness
+```
 
 # Battery Saving
 
@@ -56,8 +144,8 @@ Create a shell script at `/etc/rc.d/rc.local` with the commands below for the fe
 
 ```bash
 #!/bin/bash
-echo 0 | sudo tee /sys/module/hid_apple/parameters/iso_layout
-echo 1 | sudo tee /sys/module/hid_apple/parameters/swap_opt_cmd
+echo 0 | tee /sys/module/hid_apple/parameters/iso_layout
+echo 1 | tee /sys/module/hid_apple/parameters/swap_opt_cmd
 ```
 
 Make the script executable (`sudo chmod 0755 /etc/rc.d/rc.local`) and reboot.
diff --git a/www/wiki/Main-Page.md b/www/wiki/Main-Page.md
index ddd3c25..8609286 100644
--- a/www/wiki/Main-Page.md
+++ b/www/wiki/Main-Page.md
@@ -21,8 +21,9 @@ See [the index](/wiki/_pages) for the list of all available pages in this wiki.
 * [Built with RiveScript](/wiki/Built-with-RiveScript) - Collection of known RiveScript projects
 * [Protocol Buffers Protocol](/wiki/Protocol-Buffers-Protocol)
 * [Optimize RiveScript](/wiki/Optimize-RiveScript) - So it can support Alice-sized brains
+* [Self Hosting](/wiki/Self-Hosting) - Own your own data + how well Android works in 2018 without Google.
 
 # Personal Reference
 
 * [Bookmarks](/wiki/Bookmarks) - Pages I found interesting
-* [Publishing RiveScript Modules](/wiki/Publishing-RiveScript-Modules)
\ No newline at end of file
+* [Publishing RiveScript Modules](/wiki/Publishing-RiveScript-Modules)
diff --git a/www/wiki/Self-Hosting.md b/www/wiki/Self-Hosting.md
new file mode 100644
index 0000000..3581b0e
--- /dev/null
+++ b/www/wiki/Self-Hosting.md
@@ -0,0 +1,338 @@
+# Self Hosting
+
+These are my notes from an experiment with running a bunch of self-hosted
+cloud services, and to see how well Android works in 2018 without Google
+services.
+
+My device is a Nexus 7 (2013) w/ LTE (Project Fi) running Lineage OS 14.1
+(Android 7) without Google Play Services installed. My server is running
+Debian 9 (Stretch).
+
+Later on when my Nexus 7's screen took some physical damage and stopped working,
+I re-ran this experiment on a Pixel (1st gen) with Lineage OS 16 (Android 9),
+again **without** Google Play Services installed.
+
+* [Summary of Solutions](#summary-of-solutions)
+* [Play Store Apps](#play-store-apps)
+* [Server Software](#server-software)
+	* [Email: IMAP &amp; SMTP](#email-imap-smtp)
+	* [Webmail](#webmail)
+	* [Calendars and Contacts](#calendars-and-contacts)
+* [File Sync](#file-sync)
+* [Messaging](#messaging)
+
+---
+
+# Summary of Solutions
+
+My Android without Google tablet has the following features now:
+
+* Self-hosted e-mail account.
+* Contacts and Calendar sync from self-hosted WebDAV.
+* File sync for photo backups, password vault, etc.
+* Fennec browser which is just rebranded _Firefox for Android_ with Firefox
+  Sync, uBlock Origin and other familiar features.
+
+Links to software used:
+
+* E-mail Hosting:
+	* Webmail: [Roundcube](https://roundcube.net/)
+	* Android: [K-9 Mail](https://f-droid.org/en/packages/com.fsck.k9/) or any standard mail client (I used <acronym title="Android Open Source Project">AOSP</acronym> Email).
+	* Desktop: [Mozilla Thunderbird](https://www.thunderbird.net/) (cross platform)
+	* Server: [postfix](http://www.postfix.org/) for SMTP and [dovecot](https://www.dovecot.org/) for IMAP.
+* Calendar and Contact Sync:
+	* Run standard WebDAV services (CalDAV and CardDAV)!
+	* Android: [DAVdroid](https://f-droid.org/en/packages/at.bitfire.davdroid/) from F-Droid.
+	* Desktop (Thunderbird): `CardBook` for Contacts and `Lightning` for Calendar, then just add remote CalDAV sources to each.
+	* Server: [Radicale](https://radicale.org/)
+* Password Manager:
+	* KeePass for a complete self-hosted solution.
+	* Desktop: [KeePass XC](https://keepassxc.org/) for Windows, Mac and Linux.
+	* Android: [KeePass DX](https://f-droid.org/en/packages/com.kunzisoft.keepass.libre/)
+	* I sync my password vault with Syncthing.
+* Files and Password Vault Sync:
+	* [Syncthing](https://syncthing.net/) - runs everywhere, works very well, no web access! My preferred pick.
+		* Android (F-Droid): [Syncthing](https://f-droid.org/en/packages/com.nutomic.syncthingandroid/)
+	* [Nextcloud](https://nextcloud.com/) - PHP, if you want web access like Dropbox, but that's not for me.
+		* Android (F-Droid): [Nextcloud](https://f-droid.org/en/packages/com.nextcloud.client/)
+* Open Source Android Apps (Without Google):
+	* App Stores
+		* [F-Droid](https://f-droid.org/) - my preferred pick, only fully open source software.
+		* [Amazon App Store](https://www.amazon.com/gp/mas/blp/install/) - for a market that competes with the Play Store but without Google apps.
+	* [Fennec F-Droid](https://f-droid.org/en/packages/org.mozilla.fennec_fdroid/) is upstream `Firefox for Android` under a different brand. Supports Firefox Sync.
+  * Chromium: [Auto Updater for Chromium](https://f-droid.org/en/packages/com.dosse.chromiumautoupdater)
+	* Calendar and Contact Sync: [DAVdroid](https://f-droid.org/en/packages/at.bitfire.davdroid/) from F-Droid.
+	* KeePass: [KeePass DX](https://f-droid.org/en/packages/com.kunzisoft.keepass.libre/) from F-Droid.
+	* File sync: [Syncthing](https://f-droid.org/en/packages/com.nutomic.syncthingandroid/) or [Nextcloud](https://f-droid.org/en/packages/com.nextcloud.client/) from F-Droid.
+	* Maps &amp; Navigation: [OsmAnd+](https://f-droid.org/en/packages/net.osmand.plus/) seems to be the best contender but is a very clunky app. Will take my tablet on adventures just to see how it does.
+	* Messaging:
+		* [Signal](https://signal.org/android/apk/) is not available on F-Droid but you can download the `.apk` directly from their site, and it will self-update.
+		* [Riot.im](https://f-droid.org/en/packages/im.vector.alpha/) on F-Droid is a client for any [Matrix](https://matrix.org/) server.
+
+---
+
+# Play Store Apps
+
+Most of this page talks about using only open-source software (F-Droid) with no
+Google Play Services or Play Store apps involved. Some things can be found on
+Amazon's App Store but most of the popular apps (Netflix, Hulu, etc) are only on
+Play Store.
+
+A lot of Play Store apps rely on Google Play Services at runtime and might not
+work on a device without Google services installed.
+
+**To install apps from the Play Store,** I used [Aurora Store](https://f-droid.org/en/packages/com.dragons.aurora/)
+from F-Droid. [Yalp Store](https://f-droid.org/en/packages/com.github.yeriomin.yalpstore/)
+is another open source client for the Play Store.
+
+Some notes on testing how well certain apps work once installed (with no Google
+services on the phone):
+
+* **Netflix**
+  * Works well for local playback! I was able to log in and stream shows on my
+    Google-free phone.
+  * The Chromecast button identified my SHARP ROKU TV with built-in Netflix app,
+    but it did not see any Google Chromecast devices on my network.
+* **Hulu**
+  * I was able to log in to the app, but after that it crashes often. My guess
+    is it crashes trying to look for Chromecast devices. If I'm fast I can get
+    it to play back content but haven't tested for extended periods.
+* **Venmo:** was usable, crashes randomly though.
+
+Other apps I use that worked fine on my Google-free device:
+
+* Sync for Reddit
+* Firefox
+* Slack
+* Twitter
+* Snapchat? (didn't log in as I forgot my password but the app didn't crash)
+* Fly Delta? (doesn't crash but I wasn't flying anywhere so haven't fully tested
+              all the app functionality)
+
+Apps that strongly required the Google Play Services and pop up an error message
+right away and won't work:
+
+* YouTube
+* Postmates
+
+# Server Software
+
+## Email: IMAP &amp; SMTP
+
+I used postfix for the SMTP server and Dovecot for the IMAP server.
+
+Using a tutorial like: <https://www.tecmint.com/install-postfix-mail-server-with-webmail-in-debian/>
+
+> I highly recommend this being the **FIRST** thing you set up and verify working.
+> E-mail is so easy to fuck up.
+
+## Webmail
+
+I installed Roundcube from the official Debian apt repo (`apt install roundcube`)
+and configured it in nginx.
+
+Install MariaDB-server first and get it up and running; Debian's roundcube asks
+questions about the database immediately. Use `dpkg-reconfigure roundcube` to
+reconfigure it later.
+
+I used nginx instead of Apache to host Roundcube. I needed to `apt install php7-fpm`
+and use this config:
+
+```nginx
+# /etc/nginx/sites-enabled/mail.caskir.net
+server {
+	server_name mail.caskir.net;
+	listen 443 ssl;
+	listen [::]:443 ssl;
+
+	index index.cgi index.php index.html index.htm;
+
+	access_log /var/log/nginx/mail-access.log;
+	error_log /var/log/nginx/mail-error.log;
+
+	ssl on;
+	ssl_certificate /etc/letsencrypt/live/caskir.net/fullchain.pem;
+	ssl_certificate_key /etc/letsencrypt/live/caskir.net/privkey.pem;
+	include ssl_params;
+
+	root /var/lib/roundcube;
+
+	# legacy CGI scripts
+	# https://wiki.debian.org/nginx/FastCGI
+	location ~ \.php$ {
+		try_files $uri =404;
+		fastcgi_pass unix:/var/run/php/php7.0-fpm.sock;
+		fastcgi_index index.php;
+		fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+		include fastcgi_params;
+	}
+}
+
+server {
+	server_name mail.caskir.net;
+	listen 80;
+	listen [::]:80;
+	return 301 https://mail.caskir.net$request_uri;
+}
+```
+
+## Calendars and Contacts
+
+I installed [Radicale](https://radicale.org) into a Python3 virtual environment
+as my normal user account.
+
+```bash
+% export WORKON_HOME=~/.virtualenvs
+% mkvirtualenv -p /usr/bin/python3 radicale
+Installing into ~/.virtualenvs/radicale/bin/python...
+(radicale)% pip install radicale
+(radicale)% which radicale
+/home/kirsle/.virtualenvs/radicale/bin/radicale
+```
+
+I put my Radicale config at `~/radicale/config` with these contents:
+
+```ini
+# /home/kirsle/radicale/config
+[server]
+hosts = 127.0.0.1:5232
+
+[auth]
+type = http_x_remote_user
+
+[storage]
+filesystem_folder = ~/.var/lib/radicale/collections
+```
+
+The Radicale service is managed by supervisor which runs it as a low-privileged
+account:
+
+```ini
+# /etc/supervisor/conf.d/radicale.conf
+[program:radicale]
+command = /home/kirsle/.virtualenvs/radicale/bin/radicale --config /home/kirsle/radicale/config
+user = kirsle
+directory = /home/kirsle/radicale
+```
+
+And I put an nginx proxy in front so I can terminate SSL there (using
+[Let's Encrypt](https://letsencrypt.org/) for free automated SSL certs).
+
+```nginx
+# /etc/nginx/sites-enabled/caskir.net
+server {
+	server_name www.caskir.net;
+	listen 443 ssl;
+	listen [::]:443 ssl;
+
+	index index.html index.htm;
+
+	access_log /var/log/nginx/caskir-access.log;
+	error_log /var/log/nginx/caskir-error.log;
+
+	ssl on;
+	ssl_certificate /etc/letsencrypt/live/caskir.net/fullchain.pem;
+	ssl_certificate_key /etc/letsencrypt/live/caskir.net/privkey.pem;
+	include ssl_params;
+
+	root /home/kirsle/www;
+
+	location /dav/ { # The trailing / is important!
+		proxy_pass http://localhost:5232/; # The / is important!
+		proxy_set_header     X-Script-Name /dav;
+		proxy_set_header     X-Forwarded-For $proxy_add_x_forwarded_for;
+		proxy_set_header     X-Remote-User $remote_user;
+		auth_basic           "Radicale - Password Required";
+		auth_basic_user_file /etc/nginx/htpasswd;
+	}
+}
+
+server {
+	server_name caskir.net;
+	listen 443 ssl;
+	listen [::]:443 ssl;
+
+	ssl on;
+	ssl_certificate /etc/letsencrypt/live/caskir.net/fullchain.pem;
+	ssl_certificate_key /etc/letsencrypt/live/caskir.net/privkey.pem;
+	include ssl_params;
+
+	return 301 https://www.caskir.net$request_uri;
+}
+
+server {
+	server_name www.caskir.net caskir.net;
+	listen 80;
+	listen [::]:80;
+	return 301 https://www.caskir.net$request_uri;
+}
+```
+
+HTTP Basic Auth refresher:
+
+```bash
+# To get the htpasswd commands.
+$ apt install apache2-utils
+
+# Create the password database.
+$ htpasswd -c /etc/nginx/htpasswd kirsle
+Password:
+Verify:
+
+# Add another user.
+$ htpasswd /etc/nginx/htpasswd alice
+```
+
+Radicale has a very minimal web interface so you'll need a WebDAV client to
+actually import your data. I used CardBook in Thunderbird and just imported
+my contacts file from [Google Takeout](https://takeout.google.com/settings/takeout).
+
+Thunderbird has CardBook and Lightning add-ons that can sync with the WebDAV
+service. GNOME Calendar works, too, but depends on a full GNOME desktop environment
+(installing it by itself on Xfce leaves it in a broken state as it can't interact
+with GNOME's Online Accounts system).
+
+For Android, [DAVdroid](https://f-droid.org/en/packages/at.bitfire.davdroid/) is
+available on F-Droid and will sync contacts and calendars to your device.
+
+---
+
+# File Sync
+
+I chose Syncthing over Nextcloud because it fit my needs better. Nextcloud is a
+PHP application that has a web interface, like Dropbox, to log in and access your
+files. Nextcloud also syncs contacts and address books (so you don't need Radicale).
+
+I don't require web access to my files, as I'll always have either my phone or
+one of my computers with me, and I really only use Syncthing to sync my password
+database. Having a complicated web app written in PHP would present quite a
+surface area for random drive-by attacks.
+
+I sync between my desktop PC, offsite web server, two laptops and two Android
+devices.
+
+Download Linux packages at [Syncthing.net](https://syncthing.net/); they
+have Debian/Ubuntu APT repositories to keep it updated.
+
+To access its web interface _securely_, tunnel it through SSH like:
+
+```bash
+% ssh -L 8384:localhost:8384 user@hostname
+```
+
+And then accessing <http://localhost:8384/> on your desktop should access the
+web interface on the server.
+
+For Android, [Syncthing](https://f-droid.org/en/packages/com.nutomic.syncthingandroid/)
+is available on F-Droid.
+
+# Messaging
+
+I found out you're not allowed to sync [Signal](https://signal.org/android/apk/)
+between two different mobile devices (like my phone and my Nexus 7 tablet), only
+between my phone and desktop PCs. However, it does seem Signal can be downloaded
+directly from their website and would _probably_ work on a normal phone. I couldn't
+activate it with my tablet's "phone number" because it doesn't receive SMS.
+
+[Riot.im](https://f-droid.org/en/packages/im.vector.alpha/) is available on F-Droid
+and can get you on to the Matrix federated protocol.