Category: Technology

Tools I use: tmux

Readers of this blog will know that I’m a big fan of GNU screen. While screen is a great tool, it hasn’t seen any major development or feature addition in quite some time. The code base is pretty old, there are some ancient bugs that still linger, and support for modern terminals (such as 256 colors by default) is not quite up to speed. I recently discovered byobu and was extremely happy with it — it completely overhauled my screen user experience. You can read all about byobu here.

I thought I had attained screen nirvana… until I found tmux (hat tip xed). So what exactly is tmux?

tmux is intended to be a modern, BSD-licensed alternative to programs such as GNU screen. Major features include:

  • A powerful, consistent, well-documented and easily scriptable command interface.
  • A window may be split horizontally and vertically into panes.
  • Panes can be freely moved and resized, or arranged into one of four preset layouts.
  • Support for UTF-8 and 256-colour terminals.
  • Copy and paste with multiple buffers.
  • Interactive menus to select windows, sessions or clients.
  • Change the current window by searching for text in the target.
  • Terminal locking, manually or after a timeout.
  • A clean, easily extended, BSD-licensed codebase, under active development.

And how is tmux better than screen? Thats question #1 in the FAQ:

tmux offers several advantages over screen:
- a clearly-defined client-server model: windows are independent entities which may be attached simultaneously to multiple sessions and viewed from multiple clients (terminals), as well as moved freely between sessions within the same tmux server;
- a consistent, well-documented command interface, with the same syntax whether used interactively, as a key binding, or from the shell;
- easily scriptable from the shell;
- multiple paste buffers;
- choice of vi or emacs key layouts;
- an option to limit the window size;
- a more usable status line syntax, with the ability to display the first line of output of a specific command;
- a cleaner, modern, easily extended, BSD-licensed codebase.
There are still a few features screen includes that tmux omits:
- builtin serial and telnet support; this is bloat and is unlikely to be added to tmux;
- wider platform support, for example IRIX and HP-UX, and for odd terminals.
I’ve been using tmux exclusively for the last couple of weeks and I really like it so far. For once, I can actually understand the configuration file :) But there are a few things that I miss from screen:
  • I found the screen way of scrolling in a buffer and copying text much easier to use than tmux’s. Unless I’m missing something, the only way to scroll a buffer in tmux and copy some text is by using vi-like keyboard commands. While this is doable, it is not always quick or convenient.
  • byobu made it really easy to add various status indicators. Wish I had something similar for tmux.

Web based password managers: 3 years later

Almost three years ago (yes, I was quite surprised myself), I wrote about my requirements from a web based password manager. That post generated a lot of discussion, and we have come a long long way since then. I figured it was a good time to step back and present what I feel are some of the best solutions out there.

First, let us recap some basic requirements:

  • Security: this is a no-brainer. If I’m going to trust my passwords to a software, it better be secure. In particular, the developer/owners of the software should not be able to look at my passwords.
  • Online and offline access: I want access to my password regardless of whether or not I have internet connectivity. I should also be able to get to my passwords from any of my devices from anywhere in the world. This usually translates to a web-based system where passwords are stored at some server(s) in the “cloud”.
  • Export: My password data is mine and mine alone, and I want to be able to export it out of the system (for personal backups, for instance).
  • Desktop, Tools, API: I would prefer an open system, one that provides rich access interfaces. I’d love to have a desktop app, plugins for Do or QuickSilver etc. You get the idea.
  • Simple to use: The password manager should not get in my way. Adding new passwords should be a breeze. Using stored passwords should be equally simple. Ideally, I shouldn’t even notice that I’m using a web-based password manager and not the stored passwords from my browser.

Without further ado, here are the top three web-based password managers.

clipperz
clipperz

If you are really paranoid about security, clipperz might be a good option. clipperz is open-source, so you can audit the code yourself should you so desire. It is also a measure of confidence from clipperz — by revealing their source code, they are basically saying, “Hey, we are clean, you can check us out yourself”. It also signals that clippers does not believe in security by obscurity. Apart from being open source, clipperz has all the other expected goodies: you can export your data, it supports one-click logins, you can download an offline copy etc.

I personally did not end up using clipperz because a variety of small problems: I did not like the interface; when I started using clipperz, the one-click login was barely functional; and overall I found the user experience of PassPack much better (read below).

PassPack
PassPack

PassPack is the first web-based password manager that I used seriously, and so far it has worked out great! The team is very responsive and constantly rolling out new features. I think PassPack did a really good job of promoting and educating the public on “host-proof hosting“, meaning that even the service provider does not have access to your data. This is something that most web-based password managers now support, but at least in my mind, PassPack really led the way in terms of awareness.

Some features that really drew me to PassPack: password tagging; I can mark certain passwords as “favorites” so they are loaded first; the two-level security; the desktop app based on Adobe AIR; the ability to store arbitrary notes (such as routing numbers or PINs). PassPack is particularly well-suited for groups. You can share passwords in a secure manner with people in your group. Recently they even added a feature to allow sending passwords securely via email. Now you no longer need to copy/paste your passwords into chats and emails.

What I always missed in PassPack was browser integration and seamless one-click login. With the PassPack bookmarklet, one-click login is almost seamless, but it never worked very well for me. For some websites it just won’t work. For others I’d have to re-login into my PassPack account. Yet other times there the bookmarklet would work in one browser but not in another. At the end of the day, it was just becoming cumbersome to manage multiple copies of my passwords — one in each of the browsers I used on each of my devices, and one in PassPack.

LastPass
LastPass

I recently discovered LastPass, and right now it is my favorite tool. I found it via its Chrome extension, which is when I realized that they have plugins for Firefox and work with pretty much all the good browsers on all the major platforms. I have to admit though, LastPass is nowhere close to PassPack in terms of the maturity of the UI and the overall user experience. But the killer feature for me was browser integration. With LastPass, adding new websites is exactly like Firefox asking you to store password information for a website. In fact, the FireFox plugin for LastPass allows you to disable and bypass the Firefox password manager altogether. When you come to a website that has already been stored in LastPass, it will fill out your username and password just like your browser would do. No need to click on a bookmarklet or any thing else. Transparent, seamless integration.

Unlike PassPack, LastPass has no group features at this point, which is perfectly fine by me. In the words of Tara Kelly, a co-founder of PassPack:

Passpack is pwd mngr with sharing & workgroups. Lastpass is login tool for individuals. Different strokes 4 different folks.

If there is a better web-based password manager out there that you know of, I’d love to hear about it.

AT&T: How low can you go?

Update: A friend pointed out to me that AT&T is, in fact, technically correct in its “Two phones” ad below. It seems that the CDMA protocol itself has the limitation that it can not simultaneously transmit voice and data, hence the claim. I was under the impression that you couldn’t call a network “3G” (as per Wikipedia) if it could not do voice + data at the same time, but apparently not. In either case, I stand corrected. But I still find that AT&T ads pretty tasteless.

I’m really blown away by AT&T‘s recent commercials attacking Verizon. I’d like to point out that for better or for worse, I’m currently stuck with AT&T (and have been for the past 5 years), so believe me, I’d love to see AT&T succeed in earnest. But looking at these ads, I can’t help but wonder — just how stupid does AT&T think we are?

Consider, for instance, the famous “headless” commercial:

Exactly what does “downloading myself” mean? Anyone can make a video like this but unless you have numbers and real demos to back it up, its just hogwash. Here is what I consider a realistic download test:

And then there is the “two phones” ad:

All AT&T is saying here is that look, we are cool because we have iPhone? Will someone from AT&T put down on paper their claim that you just can’t talk and surf on Verizon at the same time? It is obvious that this is merely a property of the phone itself, not the network. Verizon is going to get iPhone 4G later year — then what? And upcoming Android based phones are already showing how lame this claim really is.

It is clear that the “maps” commercials from Verizon did not go down with AT&T and this is just a knee-jerk reaction. The difference is, the Verizon commercials actually make a very valid point.

Seriously AT&T, you can do better than this. Looking at these ads just makes me frustrated and shows how less you really care about your customers. Pretty much everyone who actually uses cellphones agrees that Verizon has better coverage and in general better speed than AT&T in most areas. I mean forget about small-town US. I’m talking San Francisco downtown — the AT&T coverage and 3G speeds are just pathetic.

Reblog this post [with Zemanta]

gooLego: Google’s software building blocks

Google Inc.
Image via Wikipedia

Over the past few years, Google has open sourced several projects that provide some commonly used building blocks in any large software project. Some of them I was aware of since when they were launched (like protobufs), while others I discovered only recently. I couldn’t find any location where all the projects were listed together and combing through Google Code looking for them was painful, so I’m putting together a list myself. Hope some of you find it useful.

  • protobufs: Platform agnostic messages. Critical for any distributed system. Note that protobufs only provide message serialization/deserialization (for various languages). An important missing piece is an RPC framework built on top of them. There are several projects attempting to build one using protobufs, but none of them are robust or mature enough for production use.
  • style guide: The importance of a style guide is probably understated. It is not about what is the “right” style — it is about consistency. While people may have different opinions, if everyone follows the same style, the code becomes much more readable and maintainable. Google maintains style guides for C++ and Python.
  • config flags: Another important building block for all command line programs.
  • logging: Self-evident. Google’s logging library supports various log levels and other useful macros.
  • core dumper: A very nifty library — it allows you to dump core from within a running application. Extremely useful for debugging production systems.
  • perftools: An extremely useful library for measuring and monitoring performance of programs. By simply linking against perftools, your application gets a much better malloc, heap checking, visual CPU profile of various routines (via graphviz), visualization of memory usage etc.
  • googlemock: A framework to quickly build mock objects — useful for testing.
  • googletest: Google’s C++ unit testing framework, built on top of xUnit. Integrates well with googlemock.

Of course, this is not an exhaustive list. There are numerous other open source projects from Google, some of them probably much more bigger and visible than the ones listed above — such as Wave, Go, GWT etc. If there’s a project that is a software building block that I missed out, do chime in the comments below.

Enhanced by Zemanta