Monday, February 20, 2017

Yubikey, U2F and protecting your accounts.

Setting up 2-factor authentication is an important step to keeping your online accounts safe.  For many people, this comes in the form of having an additional code that must be entered in addition to their passwords such as those that is sent to their phones through SMS or using an app like Google Authenticator.

Admittedly, this additional security comes with an additional inconvenience of needing to have your phone nearby and looking up the code which probably turns off a lot people.  To simply the process, Google, Yubico and some partners developed Universal 2nd Factor (U2F) which is now handled by the FIDO Alliance.  This open standard uses an hardware key that you insert into the computer's USB slot (or using NFC) instead of typing a code.

Google, Facebook, Dropbox, Github and a host of other services now support this.  The keys can be purchased from Amazon and ranges from $18 to $50 depend on the features you want.  For primarily Fido/U2F support, only the $18 Yubikey is needed.



The most basic Yubikey is enough for Google, Facebook, Github, Dropbox and many common web applications.


This Yubikey supports NFC and a number of other security mechanisms such as storing ssh keys, passwords, etc.



This tiny Yubikey is meant for be left in the computer's USB slot and you touch it to authenticate.  This is useful for machines that you feel is physically safe from phishers and other people trying to steal your accounts.

These keys really reduces the inconveniences of 2-factor authentication and are super easy to use.  I just wish more companies (especially financial institutions) adopt their use.

Sunday, February 19, 2017

Google Wifi, mesh networks, redundancy

Google Wifi is a new device that can create a wireless network "mesh" by simply adding wifi points to your network.  It is super simple to setup.  Simply plug it in and add it to your home network through the mobile app.

Setting up a home network usually involves having a router (likely with wifi capabilities) that devices connect to.  Single router solutions like Asus RT-ac68u and Google OnHubs have very good reach and for most situations are going to be all you need.  The RT-AC68U allows you to tweak and configure to your heart's delight. The OnHub leverages Google's technology to monitor and configure itself for maximum performance thus regulating managing your router to the background.

There is one flaw to the single router solution which I painfully experienced recently:  single point-of-failure.  One day, my router just stopped working and nothing I did could bring it back to life.  When the internet is down in my house... well, the natives are not happy and good 'ol dad will hear about it!  In this situation, it usually mean going out and buying a replacement ASAP and if it happens at night that'll mean finding ways to pacify the citizens' unrest until that replacement can be bought.  Fortunately, in my case, I had an unused router left in storage.

"Redundancy" is a good thing in the technology world.  This brings me back to Google Wifi.  Most discussions about Google Wifi focuses on its wireless mesh capabilities, but each Google Wifi unit can also be a router.  In fact, unless you are using an OnHub as your router, at least one unit has to be the router.  If one unit fails that will just mean the reach of the home network is smaller but the network is still up.  If it is the unit that serves as the router that fails, simply using one of the other units as the router.

Google Wifi works great, but the added benefits of the redundancy makes me really recommend it especially...

(T-shirt available from snorgtees.com)

My System (2015)

In a blink of an eye, two years has passed since I upgraded my primary system and it seems to be true that we've arrived at the end of Moore's Law as I've not felt an urge to upgrade the system.  I've not noticed slow down in performance of what I do on a day-to-day basis on the system which is primarily coding with VIM and browsing with Chrome.  I don't use this system for gaming and Linux is my primary OS which might contribute to everything still being relevant.  It's possible that my next upgrade will be driven by an upgrade to my monitors from dual HD to dual 4k.

This system is very Linux friendly and has an added bonus of having dual gigabit Ethernet which is one reason that I got it over the Asus Vivo Mini that I've also mentioned before.  This system also has dual displayport outputs and an HDMI if you're inclined to power 3 external monitors.  It runs cool and quiet and I've not had any problems with it in the two years that I've been using it.  This particular Shuttle bare bones system is no longer available but there is a newer version which seems identical except with a newer Intel chipset that has improved graphics, allows for more memory and supports newer Intel processors.
  • Shuttle PC DS87
  • Intel Core i7-4790S Processor (8M Cache, 3.2 GHz)
  • Samsung 850 EVO 500GB 2.5-Inch SATA III Internal SSD (MZ-75E500B/AM)
  • 2 of Crucial 16GB Kit (8GBx2) DDR3 1600 MT/s (PC3-12800) CL11 SODIMM 204-Pin 1.35V/1.5V Notebook Memory CT2KIT102464BF160B



Saturday, February 18, 2017

My Favorite "Management" Books

Besides the books that I've previously listed, here are some books that are more focused on management rather then software engineering or technical project management that I've found to still be good reads for engineers.

The First 90 Days gives advice on how to transition into new roles with case studies on do's and don't.  I found it useful in helping to develop a learning plan for myself whenever I start on a new team or in a new role.


Who Says Elephants Can't Dance isn't a "how to manage" book or even a "How Louis Gerstner manages" book.  It's presented more as a story of IBM's turn-around.  I like to read this book when I feel frustrated about a company to remind myself that change can happen even in the largest of companies.




Additionally, here are some books that's been recommended to me which I have not yet read but I thought that I'd pass along:



Debugging Teams (formerly Team Geek)


The Five Dysfunctions of a Team (Manga Edition)


The Adventures of Johnny Bunko

Monday, January 2, 2017

Upgrading from Fedora 23 to Fedora 24

With the release of Fedora 25, Fedora 23 reached its end-of-life so I had to upgrade the system.  I'm usually a bit hesitant on upgrading to the latest-and-greatest version so soon after its release so I upgraded to Fedora 24 (also to avoid doing a direct upgrade over multiple versions).

The first thing I usually do is to check the wiki for commonly known problems to see if any will effect me.  Also, a quick Google search might help turn up any issues users are facing.

Upgrading an existing Fedora instance is very simple and can be done from the command line like a package update with DNF.  Fedora Magazine has the simple instruction which is mostly a formatted snippet from the Wiki which has more details such as a FAQ and post upgrade suggestions.

The upgrade went smoothly and felt faster then going from 22 to 23 but I didn't time it.  Once it finished and rebooted, I was able to log in and all the essential functions seemed to be working.

There were two things that didn't work as they did previously with Fedora 23.  Conky, which I use to display a calendar on the desktop, was showing up in the wrong place.  I have a dual monitor setup with my second monitor in a portrait orientation and I had the calendar on the second monitor.  However, now it was showing the calendar near the middle of the first monitor instead as an windowed application.  A quick search revealed that Conky has changed how its configuration format has changed but that wasn't the problem (Conky will try to convert it on the fly if it sees the old format).  The windowed was because of a typo in my config that it ignored before (or maybe Conky changed what it expected).

I'm not sure what's causing the positioning problem though.  It seems like what it thinks is the "top_right" is only on the primary monitor now so I had to assume the offset from the primary monitor (using negative value for the x,y coordinates).

The second problem was that I previously had different wallpapers for each monitor.  Gnome (and specifically Cinnamon which is what I use) doesn't support this feature so I use Nitrogen to set the wallpapers, but in Fedora 24 Nitrogen crashes with "nitrogen --restore" or if run manually with just "nitrogen" it doesn't see the second monitor.  After a lot of searching and going down various paths such as using dconf-editor to change the behavior of the file manager, I suspected that it might be because Fedora 24 is using Nitrogen 1.6 which has a log of changes especially in how it detects which type of desktop is being used.  My solution for now was to install version 1.5.2 instead:

$ sudo dnf --showduplicates list nitrogen
$ sudo dnf remove nitrogen
$ sudo dnf install nitrogen-1.5.2-17.fc24
The first dnf command will shows all the versions of Nitrogen available and the next two is to remove the current version and install the 1.5.2 version.

Thursday, July 21, 2016

Updating VIM for Go (Golang) Development

Since my last post, setting up Vim for Go development is not only easier but also makes developing with VIM much more powerful.  Just a single plugin, vim-go, is all that is needed for the Go-specific stuff and a host of new tools is now available to handle things like refactoring, linting, error checking, and more.

Go Tools

Make sure that you have Go installed and then get the various Go tools.

goimports

Go provides a lot of use packages that can be imported but it doesn't like it when you import a package and not use it.  Goimports will automatically insert the right imports for you by looking at your code and will remove unused imports from your source.  It's a great time saver!

go get golang.org/x/tools/cmd/goimports
godef

Godef lets you jump to the location where a symbol is defined.

go get -v code.google.com/p/rog-go/exp/cmd/godef
go install -v code.google.com/p/rog-go/exp/cmd/godef
golint

Golint will lint your source and warns you of potential issues.
go get github.com/golang/lint/golint
gorename

Gorename helps to refactor Go code.

go get golang.org/x/tools/cmd/gorename
errcheck

Errcheck checks your code for actual errors that isn't just lint issues.

go get github.com/kisielk/errcheck
gocode

Gocode provides autocomplete of your Go code.  When combined with vim-go and YouCompleteMe plugins, it allows autocomplete to appear as you're typing.


go get -u github.com/nsf/gocode (-u flag for "update")
It's a bit different for Windows so follow the instruction from the link for more details.

gotags

Gotags generate tags for Go code.  Combined with Tagbar, it will provide a pretty display of the tags in your code.

go get -u github.com/jstemmer/gotags
Guru

Guru is a tool that integrates with editors to help it understand Go code.

go get golang.org/x/tools/cmd/guru
go build golang.org/x/tools/cmd/guru

Oracle (Deprecated and replaced by Guru)

Oracle is a source analysis tool for Go program.


go get code.google.com/p/go.tools/cmd/oracle

Vim Plugins

It used to be that you would manually install a vim plugin for each of the various Go tools as well as using the the plugins that comes with Go itself.  Now, everything has been consolidated into a single Vim plugin, vim-go, and that's all you really need when it comes to Go-specific plugins.  A few other plug-ins such as Tagbar and YouCompleteMe are useful to complement your development environment, though.  I highly recommend that you use Vundle to manage your plugins.

vim-go

Vim-go brings together all the various plug-ins and feature for Go development in VIM including autocomplete, snippet support, improved syntax highlighting, go toolchain commands, etc. in a single package.

YouCompleteMe

YCM is a fast code completion engine for VIM that works as you type.  YCM requires VIM 7.3.584 or above and CMake (you'll need to compile the extension after it's downloaded).

Tagbar

A great way to view the tags in your code.  This requires that you have Exuberant Ctags and gotags installed.

Bufexplorer

My favorite plugin for navigating between VIM buffers.

.vimrc


" Go Specific Stuff
                                                             
au BufRead,BufNewFile *.go set filetype=go                                     
autocmd FileType go setlocal softtabstop=4
autocmd FileType go setlocal shiftwidth=4
autocmd FileType go setlocal tabstop=4

" go-def settings
let g:godef_split=2
let g:godef_same_file_in_same_window=1

" go-vim settings
let g:go_fmt_command = "goimports"
let g:go_highlight_functions = 1
let g:go_highlight_methods = 1
let g:go_highlight_structs = 1

" tagbar settings                                                                  
let g:tagbar_type_go = {
    \ 'ctagstype' : 'go',
    \ 'kinds'     : [
        \ 'p:package',
        \ 'i:imports:1',
        \ 'c:constants',
        \ 'v:variables',
        \ 't:types',
        \ 'n:interfaces',
        \ 'w:fields',
        \ 'e:embedded',
        \ 'm:methods',
        \ 'r:constructor',
        \ 'f:functions'
    \ ],
    \ 'sro' : '.',
    \ 'kind2scope' : {
        \ 't' : 'ctype',
        \ 'n' : 'ntype'
    \ },
    \ 'scope2kind' : {
        \ 'ctype' : 't',
        \ 'ntype' : 'n'
    \ },
    \ 'ctagsbin'  : 'gotags',
    \ 'ctagsargs' : '-sort -silent'
\ } 

Sunday, March 27, 2016

Upgraded to Fedora 23

Upgraded from Fedora 22 to 23 using the new dnf upgrade.  It was a pretty smooth upgrade almost like it was just upgrading packages.

Only issue I've noticed so far was that I wasn't able to access any of my other machines on the network using their .local name.

To fix this, I had to edit /etc/nsswitch.conf and change the hosts line to be:



hosts:      files mdns4_minimal [NOTFOUND=return] dns myhostname mymachines
Which was what was there previously but changed in the upgrade.  I might have accidentally brought it on myself by telling Fedora to replace my local changes with what is defined in the package.  Putting it back tells the system to try resolving using Avahli multi-cast name.

Once the change is saved, then restart the network manager:

sudo systemctl restart NetworkManager.service