An independent operator.
Writing in the open.
I’m Justin. I build private infrastructure for a living and document what I learn here, in public. The site you’re reading is the manual I wish I’d had ten years ago, written for the kind of operator who would rather understand a system than trust one.
Four principles. No exceptions.
Privacy is architecture, not hiding.
If your security depends on staying unseen, you've already lost. Build a system that survives observation.
Own your infrastructure.
Every layer you don't control is a layer someone else does. Pull the stack inward, one node at a time.
Default to first principles.
Trust the protocol, not the marketing. If you can't explain why a tool works, you can't trust it when it matters.
Build for the long game.
Threat models rotate. Discipline doesn't. The point isn't to be untouchable today, it's to still be standing in five years.
For serious engagements.
When something here doesn’t fit your threat model and you need it built for you, I take a small number of private clients each year through a separate practice.
Greyshrine, private advisoryOtherwise, everything I know is in the manual.
→ Read the Field Manual