Multi-factor authentication for busy people

Multi-factor authentication (aka “two-factor,” or “two-step,” or 2FA) is a really great way to protect yourself (and anyone you’ve ever emailed). There are excellent and detailed guides out there, but the sheer amount of information about how to do things properly can be daunting for someone who has other important things to get done. I’m not saying don’t read all the nuanced details about security, just don’t put off setting it up right now if it seems too complicated.

If you do nothing else to protect your privacy, do this. (If you do two things, start using a password manager.)

Read more →

Let's Encrypt (updated)

Update: since this was written, the letsencrypt-auto script has improved significantly. When I tried it again today (December 8, 2015), the process was basically just cloning the GitHub repo and running ./letsencrypt-auto. I’ll leave the original (outdated) information here for posterity.

As of today phiffer.org is being served using SSL encryption thanks to a free certificate from Let’s Encrypt. It’s a recently launched service, sponsored by Mozilla and the Electronic Frontier Foundation (among others), intended to make HTTPS encryption ubiquitous on the web.

Hooray for Let's Encrypt!
Hooray for [Let's Encrypt!](https://letsencrypt.org/)

Let’s Encrypt is very new, and there are still some rough edges, but overall I’m impressed by how smoothly the process went. I wanted to document my experience, in case it’s helpful to others (and future-me). This post is a bit more technical than usual and, because the service is new, much of it may not be relevant very long into the future. That said, I hope this might offer some clues for folks trying to get up and running on HTTPS.

Read more →

Configuring jEdit

A good text editor is, by far, the most important tool for programming computers. There are many good options available, and each person has their own reasons for choosing one editor over another. On the Mac, popular choices include BBEdit, TextMate, and Coda. For modest needs, an editor like TextEdit.app can be sufficient, while some opt for a full-blown IDE like Eclipse or XCode. Many coders still work with a console-based editor, such as vim.

I haven’t had a Windows box in so long I’m not sure what the popular choices are any more, but in college I was an UltraEdit guy.

My text editor of choice now is jEdit, which is free and Open Source. jEdit is written in Java, so it works on both Mac and Windows, and it supports many of the same features of non-free editors. It seems to be pretty obscure though, in part because getting jEdit into a usable form takes a little bit of work. Plugins must be installed, settings must be tweaked. It uses ugly non-system native Open and Save dialog boxes, but I don't mind so much because those interfaces let you work with remote files seamlessly via SFTP (using the 'FTP' plugin).

I thought it would be helpful to share my preferred settings, to give my favorite editor a better first impression. Below are a few steps to help you get set up on a Mac or on Windows. Desktop Linux can probably also follow along and improvise where things might diverge from Mac OS X.

jEdit with default configuration
  1. Start by downloading and installing the latest stable release, use either the Windows Installer or Mac OS X package
  2. Download and unzip my baseline configuration: jedit-mac.zip or jedit-win.zip (these have different default fonts and keyboard bindings defined in startup/startup.bsh)
  3. Launch jEdit once to generate some default settings, and then quit (on Windows you may also need to close the jEdit Server from your system tray)
  4. Make a backup of the default settings folder, found in /Users/[username]/Library/jEdit on Macs or C:\Users\\[username]\\.jedit on Windows 7, just rename the folder to jEdit.bak or .jedit.bak (note: your Library folder is hidden by default in Mac OS X 10.7 Lion)
  5. Copy my baseline configuration folder where the default one was (in your Library folder on Macs or in your home directory on Windows)
  6. Launch jEdit again, it should look a lot nicer!
jEdit with my baseline configuration applied

Some notes about what’s different in this configuration:

  • Nicer color scheme and default font (via the Editor Scheme plugin)
  • FTP plugin for seamless remote file management (use a path like sftp://user@hostname/path/to/directory)
  • Tabs UI instead of a drop-down to switch between files (via the BufferTabs plugin)
  • Project Viewer plugin lets you browse files from the sidebar
  • XML plugin provides handy HTML auto-completion, indentation, and entity conversions
  • SuperAbbrevs plugin lets you set up macros for frequently used code snippets (for example type 'a', then shift-tab, set a macro for hyperlinks like <a href="$1">$end</a>—now you can type 'a' followed by a tab and save yourself some repetitive typing)

You also get things like multi-line tab indenting and regular expression search/replace out of the box. Of course you'll want to tweak your own setup further depending on your needs, so be sure to explore the preferences and browse the extensive list of plugins. One thing that's also worth pointing out is that jEdit listens on a random network port when you start it up to determine if other copies of the editor are running. When I first saw this it made me wonder if I should worry that my editor had been hacked, but apparently this is normal behavior and can be disabled.