Posts

With COVID-extra spring cleaning time, a PSA post on updating your security keys. We’re going to move your ssh and gpg keys from RSA algos to the more compact, efficient ECC (Elliptical Curve Cryptography) keys of ED59515. This is how you create them and how to swap them out on services and tools you use.

Most security experts now say to switch from RSA keys to using curves derived from the mathematical properties of elliptical curves, ECC (Elliptical Curve Cryptography). Increasing computing power, has made RSA style keys below 4096 bits vulnerable as well as their now being purpose-made tools around cracking passwords on those secret keys (there are countermeasures).

I’ve been using an early 2016 Macbook 12" for 4 years now. It’s been a fantastic laptop and my biggest issue has been not being able to find another piece of hardware I like as much. I finally had to replace it with a maxed out Macbook Air as the closest substitute, but still missing the Macbook. I decided to put Linux on it to see if I might still be able to resurrect it as a daily driver.

While I’ve been using passpie for some time as a CLI password manager, it lacked mobile and browser integration and an ecosystem for leveraging other tools. This is what I replaced it with duplicating the functionality range you’d see in commercial apps like 1Password and Dashlane, while being free, open source, cross platform, more portable, and developer-friendly.

Often, oldest solutions to problems are the best. They provide a common, battle-tested standard for everyone to work with. Pass, the standard unix password manager has been around for ages and follows the unix philosophy of a simple, robust tool which does one thing well and integrates with other tools for composable toolchains.

For those who followed my original post a year ago on how to get a site up with a static site generator, serverlessly, that is blazing fast, you’re going to need to renew your security certificate soon. This is how that’s done through Amazon Certificate Manager via Let’s Encrypt.

In truth, Amazon’s Certificate Manager (ACM) does a good job of taking something that used to be a painful, nail-biting, horrible experience around changing your web site’s SSL cert and makes it much easier. Especially if you’re running your own domain, ACM combined with the geniuses at Lets Encrypt , it’s now semi-painless (with a little knowledge) to secure your sites with SSL. It’s not obvious, however, how to change or renew once you’re set up, so we’ll doing the walkthrough.

You’re awash in a sea of information. How do you pay attention to the vital information you need to? How do you acquire quality new information when the volume on everything is at 11? This is what I’m experimenting with from a GTD perspective to deal with the firehose.

Information overload is an insidious problem. It’s ridiculously easy to rabbit hole digitally. The internet is a vast resource, but it’s also a gigantic attention suck. Between links, email newsletters, messaging, mail, and on-screen information and notifications you still need to research and keep up to date in your métier and get work done. Filtering the signal from the noise is no mean feat with people demanding your attention to monetize eyeballs. Modernity is a constant stream of information shouted at you and you still needing to be productive.

Every year, I post on the software tools and workflows I’m using. I always pick up tips from seeing other people’s posts outlining their tools and workflows and it’s helped tweak and improve my toolchain to squeeze out extra productivity. This is what the end of 2019 looked like in tooling.

I’m always mildly surprised when I do this post how much my setup evolves over the course of a year. Sure, there’s innovation in software, and slow changes are often the hardest to see, but as I’m always trying to simplify things GTD-wise changes can be pretty dramatic year to year. For the interested, you can see the 2019 , 2018 , and 2017 editions of these posts as well if you’re digging for some better ways to do things, especially as we’re in the new year (and decade!).

It’s New Year’s Resolution time. Yes, they don’t work for a lot of people, but that’s generally a problem with execution rather than intent. This is what worked for me in 2019 and the keystone habits and strategies that made the past year better.

Sure, I get it. New Year’s is just a date and you can pick any Day 0 date and start to change, but there is something a little easier about picking Jan 1 (or the day after Chinese New Year, as I’ve done some years to hack a slow January return to reality.).

I managed to read 43 books in 2019. These are the ones you may want to read and why. There’s also a Do Not Read list to save you valuable time.

2019 started off really strong, with a bunch of 5 star ratings of books that I was seriously impressed with. I’m not sure if this is because I changed up my habit of how I add books to the reading list, but I definitely felt like I read better books on whole this year the last. I even enjoyed a programming book (Programming Crystal) which has not happened since Why’s Poignant Guide (though worried that was more about the language, than the book itself.).

With a little leave time around XMas and a flight back to Canada, I had a bit more time to play around with Rust, and managed to fix an irksome timezone bug that was plaguing habitctl, the minimalist habit tracker CLI.

I’m really enjoying coding in Rust. As a language, I find it makes sense, is performant, and its prescient compiler checking on types and such makes it hard to shoot yourself in the face.

Rust is addictive. Added a warning sigil feature into the Rust-based habitctl minimalist habit tracker CLI.

Continuing on from a couple of weeks back , I decided to add the Warns feature I’d been wanting in habitctl .

The original author has still not merged my feature PRs, so I’ve just continued to add in the features I wanted.

Up his week, I sometimes have this issue where I don’t notice a habit is about to be broken from being satisfied (or skipped). Mostly this is because the usual “?” sigil for the latest day ends up not letting you know if that would potentially be the last chance you have to not bfreak the chain in your Seinfeld chain/consistency graph.