Category Archives: Technology

Ulysses 18.7 and WordPress 5.4

Aside

Reply

I just had a devil of a time with my Ulysses to WordPress integration. Something underhanded happened on the way to the Forum. Either it was something that WordPress tweaked in 5.4, or my host did something clever to get in the way and didn’t tell me. Someone left a very important bit out, which broke Ulysses, my editor of choice for blogging.

The solution was to be found in these two sites:

David Bosman’s Blog – Ulysses and WordPress and

Hans Bruins’s Medium Post – Ulysses and WordPress

So if you were using Ulysses all along, and it suddenly crapped out on you with WordPress, these instructions seem to do the trick, it did so for me!

YubiKey NFC 5 – Disappointing & Useless

Aside

Reply

It doesn’t take much for a technology to excite me and then subsequently fail me. Case in point, a YubiKey 5 NFC security key. I bought it on November 6, 2019 for $51.94. I was excited to use this new bit of technology, thinking that it would at least be a valuable experience for me when it came to 2 factor authentication and honing my security skills. The NFC bits were very attractive and the website clearly displayed iPhone as compatible, so why not? Chip in all the way, it’s only $50!

What I got did not at all match my expectations. The NFC doesn’t work, or at least required at the time a different kind of iPhone than the one I had, which was an iPhone 6S Plus, so that was deceptive advertising leading me nowhere. The NFC part works nowhere, so it’s just marketing mumbo-jumbo for me. I then plugged it in to my USB port on my MacBook and was dismayed to see that it doesn’t really do what I thought it would, no way to get any of my TOTP settings onto the device, no applications to make it convenient to use on my MacBook Pro, but there was a way that I could put my GPG Key for my main account on there. So I did that. Then after doing that I realized that the private key had been moved onto the Yubikey and a stub left on my MacBook Pro, meaning any time I wanted to decrypt anything I needed the YubiKey. I didn’t have a choice when it came to having it in both places, and I accepted that because I rarely if ever use my GPG key since it’s a dead-on-arrival technology itself.

All of this was an immense flash in the pan. I did learn a lot, and I guess it was worth the $50 I spent on it. Maybe I can return it to the manufacturer, as I have returned it to factory specs. If they don’t allow that, then I’ll likely put it up for sale on Facebook, Craigslist, or eBay.

What I got out of Yubico and their Yubikey is that it is like a lot of other security tools, pretty much meant for a very niche marketplace where people who would buy into these sorts of things are sold on the how, just looking for the what. I wouldn’t recommend Yubikey to anyone, it is not easy to use and completely unreliable. A little sidebar to mention here as well, if you wanted to use a YubiKey to secure your desktop or laptop computer, which you could do, they strongly recommend you buy two of them, in case you lose one or one gets stolen. The all-or-nothing deal is a huge cold shower.

New Editor: Ulysses

Aside

Reply

For what seems like ages, I have been on the witless search for the best text editor for my MacBook Pro. Trying BBEdit, TextWrangler, Atom, MacVim, Pages, TextEdit… the list just goes on and on. Along with this fools errand, I’ve also been searching for the best font to use. What a pile of wet monkey spit this entire task has been.

So enter Ulysses. I was interested in this a while back, but the app wouldn’t function on my system at the time because I was living in denial about Mac OSX Mojave. I was happy with Yosemite and I was going to be damned if I was going to upset every apple cart I had and upgrade to Mojave. But then app after app started to upgrade on me, and over time it was easier to capitulate to Mojave and upgrade to it. Now that I’m using Mojave, I decided to give Ulysses another shot. So far, I don’t hate it, which is about as much as I was expecting honestly. It’ll take more time to actually see how it works as a new text editor, so right now I will just say that the jury is out.

Next to that is the font issue. There is a theme that covers editors, fonts, and even can be extended to movies, music, and comic books, and that is that there are so many options that someone who is on the outside looking in simply cannot choose one place to start. Websites are full of suggestions and sometimes those are handy, you can spot a font that you’ve seen in your application and you can try it out, while other times you get advice that Font XYZ is really quite amazing and then you discover that you have to pay for it, or the application you want to use simply won’t let you use that font. So instead of fretting over endless font choices I just threw a dart and ended up with Open Sans. Maybe it’ll work for me, maybe it will drive me bananas. Although maybe the editors will do that first.

So we’ll see just what we have in store for Ulysses in the days and weeks to come. This editor also comes with a method that might be able to publish to my WordPress Blog, and that will be the next test, to see if it does what it promises.

Hidden Killer

Posted on by
Reply

While working on Scott’s Thermal Cap, the brim, the band around the head, involved 32 discrete stitches per row. The pattern I was using demurred on chaining up the side and instead relied on the natural height of the SCTS to provide the height required as rows were added. Because the chain was omitted, every stitch requires attention, because usually when a chain appears on the side, it “uses up” whatever stitch was next in line, and so you customarily have to skip “where you should go” for the “next spot”. Without the chain on the side, progress is slower, the weave is thicker, and counting becomes rather picky. You want to make sure you have 32 in each row, lest you have decreases where there shouldn’t be any, and your hat comes out looking obviously wrong.

There are a lot of tools for maintaining counts in Crochet. Little plastic barrel counters, clickers, and a few apps for the iPhone. There was one of these apps, that among all the other features also had a verbal input mechanism. The app was updated and the verbal input mechanism was deprecated for Voice Control in iOS.

I have another app, called MultiTimer, in it are counters with audio feedback when you tap them. I had been using this app to count stitches in my work, but its a little annoying to have my hands on the work and then reach over to tap the phone. So I did a little poking around:

  1. Settings
  2. Accessibility
  3. Voice Control (turn it on, it downloads extra iOS components)
  4. ON: Show Confirmation, Show Hints, Overlay: Item Numbers. OFF the rest.
  5. Back to Settings, then to Control Center
  6. Customize Controls
  7. Add Accessibility Shortcuts
  8. Out to Home Screen

So, when I am working on a project, I plug the phone in (since Voice Control is a battery pig), start MultiTimer, switch to my Crochet panel where I have set up all my counters. Then I swipe up from the bottom, tap Accessibility Shortcuts icon, tap on Voice Control, then swipe down to hide the Control Center panel. Overlaid on top of all the screen items are little shaded numbers, so I focus in on the counter that I care about, “Stitch Count” and then I can say “Single Tap” to advance the counter, or “Tap 6” to clear the counter, or “Tap 4” to decrease the counter. That enables me to keep my hands on my work, and my eyes, and just say clearly what I want and the phone makes a little click sound when it does what I want. That way I can concentrate on the work, and then look at the display for the count. When my work session is done, I swipe up from the bottom, tap the Accessibility Shortcut icon, turn off Voice Control, and exit the MultiTimer app. Done and done. This way I can keep my mind focused on the work, I don’t lose count due to interruptions or cats, and it makes my phone do one singular task really well. After I started using this feature, I took back a little bit of the gripes I had previously issued against iOS, just a few. 🙂

We’re Always Shufflin

Posted on by
Reply

Yesterday I came home and like many precursors to the weekend we talk about what sort of meal plan we would like for the coming week. Along with that, we put together the shopping list for our weekend supply chores.

Ever since Apple released iOS 13, we’ve had nothing but headaches with their Reminder app. So the two places we usually go are named lists in the Apple Reminders app. My partner rattled off that there were four items in one list, and I saw none of them. After we wasted an hour resetting and screwing around with Reminders I went to look for alternatives. I found one, an app called “Remember The Milk” and I chiuckled as I had seen it before. Apparently I had an account there a long time ago, so instead of creating a new account, I reccovered the old one. I invited my partner to the app, he installed it, and then I created two lists for our two spots we usually go to, and then I shared them both out to him. Then we sat back and chuckled because with this alternative, proper sync was happening, which was everything we wanted. So we have turned our backs on the Reminder app.

As I started to look through Remember The Milk, I noticed that it had grown up a lot in the time I had been away from it. I’ve been having a headache with the ToDo App from Microsoft, which is actually Wunderlist rebranded. I had split some of my work tasks into ToDo from Microsoft because it was free with my work email, an Office 365 account. ToDo from Microsoft was having serious problems, mostly whenever I had to check off a task, a zombie task would reappear and I’d have to check each task off twice. There were only a few tasks there, so converting them over to Remember The Milk was really easy.

Then as I was working with Remember The Milk, I thought that I might finally leave Toodledo, so I bought a yearly subscription to Remember The Milk, which gave me parity features with Toodledo, and then backed up my Toodledo account and imported the entire thing over to Remember The Milk.

So now all my tasks live in one place again, instead of Reminders, ToDo from Microsoft, and Toodledo, now it’s all Remember The Milk. We’ll see how it goes.

Secure Channels

Posted on by
Reply

I explored the challenge of establishing a secure channel in a business-to-business use case a few days ago. Between the company I work for and another company, where the information was very sensitive, the risk of it being compromised was unacceptable, and the requirement that I share the information with the other party undeniable.

The goal was to get a secret string of text from my system into the system of another party. I have explored cryptography for a long while and so I was confident that all the tools I had could do the job very well. The real challenge was in establishing a communications protocol and a secure channel. Amongst my explorations, I had the entire suite of OpenSSL library ciphers at hand, I had GPG, and the answer which I sort of knew already even before I started this foray into cybersecurity, that Signal would eventually be my answer.

It was at first exploration of the challenge of it. How could I get a secret alphanumeric string to another party that had none of the tools or the experience of cryptography that I had in my library? All of it was fated before I even started, but I at least wanted to go through the motions and explore this problem as if I was sitting in the middle of it without any view of the win condition at the end. The first stab was GPG, so I searched for any public keys related to the other company, and there were none. That was worth a smirk, and I nodded because I would have been shocked if there was a hit at all, so GPG was a dead end. The next effort was thinking about what sort of cipher could be used. This selection of a cipher was symmetric cryptography. I would need to encode the message so that it would be suitable for email transmission, and encrypt the data using some standard cipher that I knew would be possible for both parties, and then I spent a while trying to figure out the password for the cipher. I knew that base64 would be great for encoding and decoding the message, and I still have faith in AES-256-CTR, but that left me having to select a password that I could use that both sides knew. Any effort to share that password in any other non-secure channel would render all my efforts for nothing because then the cipher would be a mathematical contrivance because the security of the password then became equivalent to the security of the payload. If the password was passed in clear text, then the entire endeavor was meaningless.

So this entry becomes a love letter to Signal. It covered everything I needed. It used encryption end-to-end and it was vetted and secure, it didn’t require public keys, or specifically, the user wasn’t involved with that part of the process, and I could trust that the inbound mobile number matched the intended recipient. I didn’t need to exchange passwords or agree on a cipher or a protocol. The application and service are free as well, so there wasn’t even a cost barrier to this solution! It checks off every box on my list. I was able to copy and paste the secure string of data over Signal to the other person and conclude the task that I set for myself at the beginning of all of this. There is more to Signal than just this use case and I encourage everyone I know to download it, sign in, and start using it.

Upgraded Mac Mini, Contacts Woes

Posted on by
1

A dear family member upgraded their old Mac Mini to a new Mac Mini over the holiday break and from afar, I helped by making some key suggestions on how to get the data moved from the old machine to the new machine. Specifically, using Apple’s own Time Machine to restore the data back to where it belonged on the new computer. I did this through another person, by fielding technical questions from remote.

Everything appeared to go well, except Contacts was a problem. But after a few restarts, Contacts wasn’t a problem. So everything was fine and we moved on. Then I got a new call for help, that the Contacts application had crashed and refused to restart. I started my remote assistance program and shared the desktop session with the faraway computer. The Contacts app was well and truly not opening. I went to ~/Library/Application Support/AddressBook and moved the folder to the Desktop, started Contacts app, and it started with the owners details and the entry for Apple. Then I closed the Contacts app, deleted the AddressBook folder that was created by default because I had moved the previous one to the Desktop, and I undid that. I then started Contacts and it opened. The user went to an entry they wanted to remove, and the app crashed. And then it was stuck again. I did the AddressBook folder out/delete/in two-step and got it back to work, but then figured out that some of the entries worked fine, while others caused the application to crash.

So after I got everything back and running in Contacts, I backed up the contacts using the Export Contacts feature. I then emptied the AddressBook folder again, started Contacts, and then Imported from the backup. Once again, the entry that was causing the crash made the application crash. So whatever it was, it was data driven and somehow got included in the backup feature. I had another option, a long shot, but I tried it. So I got everything in Contacts up and running, selected everything, saved everything as a VCARD file instead, then used TextEdit to find the entry that the end user really didn’t want and removed it manually. Then I restarted an empty version of Contacts, which ran fine, imported the VCARD data back into Contacts, and then after that, everything was fine.

So there is something from probably High Sierra’s Contacts that drives Catalina’s Contacts nuts. Its something that survives backups, but doesn’t survive being shuttled through VCARD. If you have any problems with toxic entries causing Contacts to crash, select all the cards, export them as VCARD, empty out ~/Library/Application Support/AddressBook and then reimport everything. It works. I don’t know why, but it works.

This is the sort of foolishness that I expect from Microsoft, not Apple. Tsk Tsk Tsk Apple.

Alternatives

Posted on by
Reply

Censorship reminds me that there are a few things really worth buying into for your online peace of mind. The first is a VPN. You should not connect to the Internet without a VPN. There are many great options to choose from, there is NordVPN and Private Internet Access, or PIA. I strongly suggest that people buy a year’s worth of service from a VPN provider and then connect to it every time you use the network.

I also can strongly suggest that people download the Signal application on your Smartphone or Tablet. Signal uses End-to-End Encryption so that whatever you want to talk about is secured from your device to the other device, preventing anyone on the network who may be snooping in, from reading your private conversations.

Since Twitter censored one of my tweets, which resulted in me losing faith in their service, I downloaded the entire Twitter archive for my account and then I set virtual fire to it, burning it to the ground. I then (mostly) left Facebook and found a different community in the Federated Universe or Fediverse based on ActivityPub technology, specifically the Mastodon system. Mastodon is a lot like Twitter, only with better filters and controls and a generally better group of people. After Facebook slapped their gag on me, I went right over to my Mastodon instances and laughed it up.

It goes without saying that everyone should get at least some rudimentary apps for your privacy downloaded into your phone and set up. If you install Signal, it will offer to show you people on the system who are registered, and I will pop right up!

Another Smartphone app that is worth your while is Bridgefy. It allows you to use Bluetooth as a short-range communications radio, about 30 feet. The neat part of Bridgefy is that it creates a Bluetooth Mesh, allowing messages to spread across Bluetooth from participant to participant, so if you are in close proximity with others, and everyone has Bridgefy, you can have an ad-hoc mesh network where you can communicate with your phones without the need of the Internet. This is really important if the government or the Internet providers try to control the flow of information by active denial of service. While the Internet provider can simply just turn off their data services, they cannot touch Bluetooth radio. The Bridgefy app really leverages large populations of people, enabling long-range communications over the mesh network. It is really something everyone should have, just in case.

The Future of Power?

Posted on by
Reply

The California PG&E outage is a clear note about what happens when you ignore your infrastructure and you don’t have a regular preventative maintenance schedule. PM can cost a lot, but as we see in California, does it really?

I started wondering about alternatives to high tension power lines in California. You couldn’t really bury any of it, with so many quakes, maybe. So what else? Microwave transmission? Maybe make it auto-aiming so if there is a quake and the tower moves a little, it can reacquire the source faster? Or perhaps spread out the generation stations, like solar reflector installations, to distribute the load and increase the production rate…

But then these ideas lead me to truly knackers ideas. If you are going to go this far, why not just also install immense Tesla coils and then outfit cars with wireless AC receivers and then the entire automobile fleet can be electric and not need charging, since you can skip batteries, it’s much easier and cheaper.

But if we did — then we might be able to use addressable frequencies per vehicle or overlay a data stream on top of the power itself, so a car that did a hit and run or is involved in an OJ chase could be remotely turned off. But man, with enough coils dotting the landscape, powered by solar reflector stations you could drive from coast to coast with ease. We could possibly make covered tunneled roadways and then increase the speed, then automate the entire thing so after you get past human reaction limits, your car can accelerate to a comfy cruising speed of 350mph or higher.

I want to trade an immense battery bank for honeycombed graphene and kevlar car bodies so I’m traveling safely even if I impact at ridiculously high speeds. Or I want a car that automatically fills with a gassy rubber filler and ejects the passenger compartment upon a catastrophic impact event, like we have with fighter jet ejection systems. And an adorable theme-able packed parachute, maybe Hello Kitty? 😉

But an entire truck fleet that is automated and powered by solar reflector stations and tesla coils. Zero emissions. Poof, just like that. I suppose I like solar reflectors more because they mean business. Plus you could put the parabolic mirrors on gantries say twenty feet up, and then have open pasture underneath for cows, chickens, and sheep. Or grow shade-happy crops?

These power stations might, if there are enough of them, raise the albedo of the local area and then you nip greenhouse effect at the beginning of the cycle. You’re channeling the incoming solar radiation elsewhere. It isn’t heating up water or pavement or farmland. It’s being soaked up by hungry devices like trucks and cars and trains.

I sort of wonder what an airplane with a wireless AC box would look like? Different jet technology, based on electrics not on jet fuel. And the tons of carbon saved. You could replace the jet fuel with new safety equipment, like foam bursters and ejection systems in case of some sort of failure in the air. The plane just falls apart, the cabin fills with sticky goop, and it parachutes to earth safely.

We would be free of oil completely. It would rewrite the entire narrative.

Dodgy Clouds

Posted on by
Reply

The recent outage in the Google Cloud infrastructure has certainly revealed a fair amount of vulnerability in their cloud offerings. So many services were affected, and I heard some tales of Nest owners who couldn’t unlock their homes or control their HVAC systems because the system couldn’t function without the other side being up and running.

This has always worried me about cloud infrastructure and beyond that, into IoT designs. We have come to depend on much of this kind of technology recently, and it can be tough for those that understand how all this works to let things like HVAC controls and door lock security go off to be managed by a company without any sort of manual override.

Google Chrome and Ads

It isn’t the first time that Google has turned on us, they used to have as a company motto, “Don’t be Evil,” but then when they ran into a profit wall, they realized that they had to accept evil into their company to make more money. So now, Google is Evil. Recently, the details came to light in regards to how Google will be changing Google Chrome. They are going to disable a programming API that enables some ad-blocking software to function correctly. Honestly, I was expecting this sort of thing long ago. It was the perfect reason to look into moving ad-blocking away from the computer level and further into the network itself. At work, I use Cisco Umbrella, and that places a filter on DNS services. When I was playing around with Raspberry Pi computers a long while back, there was another GitHub project that caught my attention, and that was Pi-Hole.

Pi-Hole

The GitHub project, Pi-Hole is a very straightforward installation that provides DNS filtering for malware and adware based on community-developed blocklists. I originally used it on my Raspberry Pi until I discovered that the Pi wasn’t really all that reliable a platform. Since then I have installed Debian Linux on my original Mac Mini, and that machine, which also serves as a central entertainment hub for my household also provides Pi-Hole services. I have set my home router to refer to the Pi-Hole for it’s upstream DNS requests, so every device attached to my home network funnels all the DNS traffic through the Pi-Hole. In that installation, with all the DNS requests sent to the Pi-Hole, it has liberated my Google Chrome, and any other browser, on my computer, iPhone, iPad, or whatever without any settings to change or fuss around with. To that end, thank you, Google, for giving me the push to help eliminate ads throughout my home.

Sirius/XM Outages

In line with what happened when the Google Cloud malfunctioned, there was another event earlier today that posed a challenge for me, IT wise. I was driving into work and I often times listen to XM’s Channel 33, which is First Wave. I was enjoying all of that music, and the announcer mentioned the channel schedule. That reminded me that I have the XM app on my iPhone and I could stream the XM signal into my workplace just as easily as I can stream Spotify music. So then I tried to use the app and ran into Error 1025. What the hell is that? I eventually got into a chat with a Sirius/XM representative, and they told me that there were system level issues at Sirius/XM that was giving everyone challenges. I have to remind myself frequently that my first stop should be DownDetector.com! I browsed to that site while I was on the chat with the XM representative and there it was, Sirius/XM, with a huge complaint spike. I should have started there! Lesson learned!

The way of things, for cloud infrastructure and all these interconnected devices, will not go away anytime soon. While the settings that you have on your phone and computer might also be causing issues with connectivity, it’s important to always keep in mind that sometimes the biggest systems can also be more fragile. It’s important to keep sites like DownDetector in mind because if you are having a problem with a website, chances are so are a whole lot of other people.