Why NFC Keyboard emulators / readers are a bad idea

For a while I was using an NFC Keyboard reader to automatically type my password into linux until one event really changed my perspective on this..

Obviously from a security perspective storing your password in plain text on an NFC tag is suicide, but let’s assume for a second only your computer has the key to read the NDEF record on your NFC Ring so even if someone else was able to read the NFC Ring they wouldn’t be able to figure out your password..

It doesn’t seem like such a bad idea now to emulate a keyboard and type in your password? Wrong.. You see what happens is that your computer can read that data at any point, so let’s say you are on IRC chatting away to your buddies and by accident you scan your NFC Ring. Boom, your password is pasted into the chat window, this is what happened to me and it sucked. To be fair to recover I only had to type passwd and provide my old and new password but still, it could have been way more painful..

Obviously a work around is to only enable keyboard emulation on the login screen but it’s still an interior and inadequete solution for logging into your desktop.

Basically Keyboard emulation for Auth sucks, don’t do it, or if you be fully aware of the pitfalls!

3 reasons I can’t use the Jolla handset

guvcview_image-1

Email slowness

Exchange Emails are horribly slow to come through, emails don’t update in general (after delete event etc.). I recieve/send thousands of emails each day so when this feature is lacking I’m really scuppered. Why no button to SEND emails when composing? This seems like a no brainer.. A task I do many times a day now takes at least 5 times longer, there is no sense in this.. This should be fixed in a software update and maybe it’s being worked on right now, I really hope so…

No NFC Support

Despite the Jolla rocking an NFC chip for some reason you can’t get any NFC functionality, this seems somewhat insane and I hope it’s fixed in a future update. If it is, please comment 🙂

UX overly focused on swipe gestures

The trend away from buttons and towards UI is really bad. The UX is confusing and feels fragmented, it’s not as if the UI is cluttered neither, it just feels like you do it their way or no way at all.. They should check out Tinder as a good UX reference. The simple and right solution here is to introduce buttons aswell as swipe gestures like y’know, every other frigging phone.

Summary

Overall the handset feels okay, I’m pleased it’s built by a European company and that it should serve as a competitor to the US giants but until the 3 key issues above are resolved I can’t use it as a daily driver so I’m switching back to my Huawei (Android). I tried to use it for ~24 hours, probably not long enough to really get used to the UX, I didn’t find anything “nice”, it all felt a bit dissapointing for the price point but I’m not writing Jolla off. The brand and image is strong, the hardware is sturdy, would I recommend it to consumers right now? No. Would I recommend it to developers? No. So who is this phone for? It’s for advocates of open source and believers that we need a numbers of suppliers in the phone market so we don’t fall into the Microsoft style monopoly that we had on the desktops..

Watch out for Google people, they are gonna fsk your shit up.

Top 10 Etherpad Plugins 2014

Etherpad changed a lot in 2013, the new functionality funded by various companies has mostly been released open source and this has meant a lots of new jobs and work availability for plugin developers. Firstly let’s congratulate Etherpad on an amazing 2013, we’re really proud of everyones achievements so far and let’s hope 2014 can be yet another fantastic year.

Etherpad can do that?!?!?

1. Page View

crop
Page View brings in Document / Page Setup style editing to Etherpad.
Top tip: You can insert page breaks using Control Enter.
To get Page View install ep_page_view and either enable by default by editing settings.json or enable on a per pad basis by clicking the Settings button then clicking Page View.
npm install ep_page_view

2. Print a pad

print
Printing a pad before used to leave the toolbar and chat icon on, with this plugin all other editor contents is removed leaving just the pad contents so you can get a lovely printable representation of your pad. Printing also supports page breaks so if you have the Page View plugin installed get breaking those pages up and printing them out.
Top tip: Printing is bad, don’t do it unless you really need to, it is 2014 after all!
npm install ep_print

3. Rich Text Editing

headings
By using the Headings, Font Family, Font Color and Font Size, SuperScript and Subscript plugins you can add rich text editing to your pads. Spot the obvious mistake in the image..
npm install ep_headings2 ep_font_color ep_font_family ep_font_size ep_superscript ep_subscript

4. Page Ruler, Line Height

ruler
Add a page ruler so you can use a ruler type thing to indent lines of text from the left/right. Line Height functionality means you can change the height of um, a line..
Top tip: The page ruler plugin can be used with ep_image_preview or the image branch of Etherpad to resize images
npm install ep_page_ruler ep_line_height

5. File Menu Toolbar and Pad Title

set_title
Get a File Menu style edit bar that includes buttons to do stuff like File > New, Save etc..
Top tip: Are you a plugin developer? File Menu toolbar exposes an EEJS Block that you can write to.
npm install ep_aa_file_menu_toolbar ep_set_title_on_pad

6. Admin Pads

A way to admin and manage pads using Etherpad.
npm install ep_admin_pads

7. Markdown

Use Markup/Markdown stylee editing in Etherpad
npm install ep_markdown

8. Real Time Chat

Get real time chat updates.
npm install ep_real_time_chat

9. Table of Contents

toc
Get a visible Table of contents of the contents of your pad.
Top Tip: Use headings to automatically create a table of contents
npm install ep_table_of_contents ep_headings2

10. Lots more..

I ran out of space but here are some more awesome plugins you should check out..
ep_clear_formatting – Clear the formatting/attributes on a selection
ep_sticky_attributes – See what attributes are applied to a selection
ep_copy_paste_select_all – Put a copy / paste / select all item in the file menu (requires file menu)
ep_special_characters – Insert Special characters into a pad
ep_define – Define and Research a selected word (requires file menu)
ep_text_to_speech – Speak a selection from a pad (requires file menu)
ep_comments – Apply comments to a pad

Publishing to Npm on Git commit using Github Hooks and Travis

Travis-CI can auto “npm publish” your git repo to npmjs, this means that whenever you commit to your github repository your software is always updated and available to users via npm update. This should also work with pull requests so no need to jump onto CLI After a merge, just hit merge and after a few minutes / hours you should see your application updated on npmjs.

Step 1.

Create Travis-CI account, ideally signing in with your github account.

Step 2.

Find the repository you want to auto publish on the Travis Web interface (under your profile) and click Enable.

Step 3.

Install Ruby Gems

sudo apt-get install rubygems

Step 4.

Install travis CLI gem and json gem

sudo gem install json
gem install travis

Step 5.

Create a .travis.yml file in the root of your repository that looks like this (replacing your email)

language: node_js
deploy:
  api_key:
  email: your@emailhere.com
  provider: npm

Step 6.

Get your npmjs api key and copy it into the clip board (Copy the bit after the _auth =)

cat ~/.npmrc | grep _auth

Step 7.

Run the Travis CI secret key generator

travis encrypt --add deploy.api_key

When prompted paste your APIKey then hit Control D, don’t add an additional line break or enter.

Step 8.

Add, Commit and Push the new .travis.yml file, this will trigger a build on Travis

git add .travis.yml && git commit -m "Travis auto publish config" && git push

Step 9.

Head over to your Travis page and wait for your build to begin, if it doesn’t it’s likely you didn’t push correctly up to github.

Doing lots of packages?

You will only need to complete steps 5 to 9 on future packages (assuming you enabled them on travis)