Stavros' Stuff

Angry rants of programming and other things.

Provisioning your computer with one command: awesome

Seriously do this right now, it's amazing.

This post is about how I wrote a fantastically useful script. If you have multiple computers, you will be thanking me by the end of it. Bold words, but what I’m going to describe here is that good.

The problem

The problem is that, like many of you, I have multiple computers. I have two desktops and two laptops (I just like keeping my old computers, they work), and installing a program on one was always a hassle, because I’d then have to remember to install it on the others and configure it the same way. Not only that, but, when I sometimes had to reformat (for performance, or to solve a problem, or whatever), I had to spend ages getting all the programs and their preferences working just the way I wanted them again.

I needed a better way to do this, and this is the post where I describe that way and how you can do it too. Here it is:

Continue reading…

Building a cheap home sensor/controller

Sense light and motion in every room!

After designing my first PCB, I went on a designing spree. It turns out that making PCBs (printed circuit boards, basically a piece of plastic that includes all the connections of your components in it. It helps make your project smaller and cut down on the amount of wires floating around) is so enjoyable, I’m PCBing all the things! The next victim for PCBfication is a circuit I had originally built on an Arduino and subsequently migrated to an ESP8266.

The circuit is a home sensor and controller. It can sense light, temperature, humidity and motion, and includes an RF controller (at 433 MHz) and an infrared LED so you can control your TV and other home devices. In this post, I’ll go into some detail about the build and how it connects to other sensors and controllers around the house.

This post is also a test of my new Expounder concept library. Throughout the post, various terms will be underlined like this (with a dashed underline), and you can click on them if you’re unfamiliar with the underlined term. After clicking, some text will expand and explain the term.

Let’s continue to

Continue reading…

Open letter to Mozilla: Bring back Persona

What do we want? Mozilla Persona. When do we want it? None of your business!

It was on the news this mroing, Mozilla will stop developing FirefoxOS phones, and the top Hacker News comment really resonated with me. Sure, IoT is the future, and it would be great if we had more nifty stuff there (shameless IoT privacy plug), but these headlines make the bad taste that I’ve had in my mouth ever since Mozilla shuttered Persona stronger, and I can’t stay silent any more.

What Persona was

For those of you who don’t know, Persona was a private, decentralized authentication protocol that Mozilla developed. It’s pretty much those “Log in with Facebook” buttons that you see on some sites, except that, instead of Facebook, you just log in with your email provider. So, if you enter a Gmail address, you’ll be redirected to Gmail and be asked to allow the site to see your address, and you’ll be logged in, without Gmail ever knowing which sites you are logging in to.

Put all your eggs in one basket and stick the basket in Fort Knox.

This means that you’ll ever only have one password for all websites and applications. Many people point to this as a flaw, as someone with access to your email account can log in to any site you have an account on, but they miss the fact that that’s the case today. Anyone with access to your email account can simply reset any password on any site. The right solution is to make your email account very, very secure. As security people like to say, “put all your eggs in one basket and stick the basket in Fort Knox”.

Persona was (and still is) a great idea all around, and I would like to officially (that’s right, it’s official) urge Mozilla to reconsider its stance on shuttering Persona, because reasons. Reasons will be explained after a brief retrospective:

Continue reading…

Hungry? There's a button for that!

The amazing, the delightful emergency food button!

I recently received my shipment of the ESP8266 and NodeMCUs I had ordered, and I started playing with them. My overall experience is coming soon in another post, but the verdict so far is that it’s fantastic and I love it for ever.

Since the ESP8266 is pretty much a $2, postage-stamp sized powerhouse, it’s usable in a wide variety of projects. I’ve been intrigued by the Amazon dash button ever since I saw it, and I wanted a hackable button like that for my own projects. So, I set out to

Continue reading…

Private contact and calendar sync on Android

Finally, a way to stop Google from knowing what I'm doing on Monday

Like most people with a smartphone, I like to keep my contacts and calendars backed up somewhere and synchronized between devices. To do that, I’ve been using Google, which integrates very well with Android, my preferred phone OS (as well it should, since they make the damn thing). The problem is that I don’t really want Google having all the data on my contacts and calendars if I can help it, because why should they?

I haven’t been able to find a good solution to this problem, but I wasn’t really looking for one very hard. That all changed (except the last part) when I stumbled upon someone recommending an open-source synchronization solution that’s very easy to set up. Starting out, I thought it would be pretty complicated, but it turned out to consist of installing one program and changing three lines of a configuration file.

This has all the advantages of Google for me (since I don’t share calendars with anyone) with none of the privacy issues, so I decided to try it out. I did, and I was amazed at both how easy it was to set up and how well it worked, so I decided to write the general gist up in a post in the hopes that it would help someone else. Here are the

Continue reading…

Introducing: String Phone

"Nothing is as secure as a string phone" –The NSA

As you can probably tell from previous posts, I’ve been pretty into hardware lately. I’ve especially been building things like home sensors and controllers, so I have a central computer reading motion, temperature, humidity, light and other values in the house and deciding whether the lights or air conditioning need to be on or off.

I also want to be able to turn these on and off from my mobile phone, from anywhere in the world. The problem with that is that I need a way to ensure that only my phone can turn things on in my house. I wouldn’t want someone to be able to turn the heating on in my house at full blast when I’m not there and waste all my electricity bill (or set fire to something).

TLS is a pretty good solution, as it ensures confidentiality between client and server, but it does nothing for verifying the client or securing communications against a malicious server. I needed something better, and I couldn’t find something readily available. So I set out to write it. Thus, string phone was born.

String phone is a

Continue reading…

Review: CodeBug

Reviewing today: The CodeBug wearable computer

So, I just received a CodeBug in the mail, graciously provided by Newark element14 for a review. This is that review.

Before I start, I should say that Newark didn’t pay me, they only sent me the devices for free and with the understanding that I would be very truthful in my review, even about things I don’t like. So, hopefully this won’t read like I’m a paid shill, and all biases are my own. Now, we can proceed to the actual thing!

I have to admit that I had never heard of the CodeBug until Newark offered to send me one, but, now that it arrived, I find myself pretty excited about it. In case you are not familiar with it (the default), the CodeBug is an embedded, wearable computer that aims to teach programming to children by being easy and fun to program. It comes with various features that help with that, which I am going to get into more detail about later on.

It started as a Kickstarter project by three guys who aimed to bring programming to everyone in a cute, wearable form factor, and it apparently succeeded in getting funded, because I am holding one right now, which proves it exists! Also, the Kickstarter page says it got funded, so that’s also an indication.

Unfortunately, I’m not great at researching things before tearing open their packages, so I’ll jump directly to the unboxing and hope everything works out for you in the end.

Continue reading…

Shufflecast - Your own TV station

Your own, personal TV station

I very recently discovered the very useful pychromecast library, and, being the owner of a Chromecast, I started wondering what I could do with it. Since there aren’t that many things a Chromecast can do (it pretty much only plays videos over the network, although there are some other things as well), I decided to make my own TV station. Thus, Shufflecast was born.

Continue reading…

Open source password management

Or: How to migrate from LastPass without fuss

As you may have heard, LogMeIn has acquired LastPass. This would normally not be very interesting news, but LogMeIn have turned out to be a bit shady, which means that I trust LastPass much less under its new owner. Also, since Persona, the solution to all authentication problems never panned out (damn you, Mozilla, damn you to hell!), I am forced to find a new password manager.

To give you a bit of history, I started out, as many of us do, using only one or two passwords for everything. This was, of course, entirely insecure, because I was giving my email and Dropbox password to every shady game site and bank out there. One day, I decided I should switch to something else, but I didn’t like carrying and synchronizing a file every time I added a password, so I opted with something with less state: SuperGenPass

Continue reading…

The microservices cargo cult

"They're doing everything right. The form is perfect. It looks exactly the way it looked before. But it doesn't work."

Microservices are awesome. We know this because of all the success stories that are circulating lately. The news is full of such stories, of people taking large, monolithic codebases, breaking them up, adding HTTP APIs and enjoying all the benefits.

As with all fashionable practices, it starts out innocently enough, someone tries it, it works out very well for them, they present it in an eloquent way that outlines all the advantages of the new practice, and everyone is excited and eager to try it out. Soon, you have a deluge of articles saying how well it works, and how more people tried it with great results. What you don’t hear, though, is the cases where it didn’t work, simply because people aren’t as motivated to write about their failures.

Continue reading…