No Longer a Slave of the Horned Society

Dew dripped heavily from the twigs of the surrounding trees as the warlocks chanted. The clerics burned bits of incense that stank like the fourth circle as they wove the spell together. It was a ceremony, and would take nearly an hour for the first candidate to be ready.

As the ritual neared the first milestone, the temperature in the glade dropped, and as the hierarch raised the ornate dagger and plunged it into the chest of the candidate, the dripping stopped altogether, the dewdrops frozen with the blast of cold that emanated from the weathered stone slab.

Bloodsip shivered inside his woolen robes, and focused on the chant. He wasn’t sure it was required — certainly he felt no power flowing through him. At least, it felt nothing like the power he channeled when he unleashed an eldritch blast, but he was not going to be responsible for the failure of this ritual.

Snerdbane Edgeslice opened his eyes, vaguely aware that the blood dripping from the dagger above his face was his own. An aching pain in his chest made him think he knew where he had been stabbed, and he tried to lash out at the masked figure above him. However, it wasn’t the ropes that bound him to the stone slab that prevented him. Other chains, resting on his soul rather than his limbs, bound him.

As the ropes fell free from his body, he rose from the slab and knelt before the Dread Hierarch. He hated the man with every fiber of his being, but he could only obey. The hierarch extended a sword to him, the surface of which writhed with runes that glowed in Snerdbane’s vision. He reached out and took the sword, and his body was wracked with pains as the blade became his soul. Or possessed his soul. Or — he wasn’t sure exactly what had happened. However, strength now flowed into his body from the blade, and he stood, aware that the Hierarch had granted him permission.

Hate and rage flowed through his mind, and the smug look on the face of a nearby hobgoblin drove him into a frenzy. Hardly knowing what he was doing — had he been a fighter, once? — he clove the humanoid practically in two, swinging the runeblade with a heavy two-handed arc that took the creature completely by surprise.

A sharp cry of surprise — dismay? — broke from one of the surrounding, cloaked figures. Snerdbane smiled with what was more like a sneer and turned to the Dread Hierarch.

“You have done well,” that man said, his voice echoing hollowly in the mask he wore. “You have survived the transformation, and you have killed. Did you feel strength flow into you from the hobgoblin?”

Snerdbane thought a moment, then nodded. Something had flowed up the blade from the creature when he struck it. Glancing down, he saw that the wound over his sternum had closed.

“Good. You have become a Death Knight, and death is your master. When you serve him well, he will reward you with renewed health and vigor. Take the armor that the guard was wearing. It is yours, now, and you will need it shortly.”

Puzzled, the new Death Knight pulled the armor off of the hobgoblin. It fit him passably well, but was damaged from the blow he had given it. No one told me that this would be the way for me to get equipment he grumbled inwardly.

He had hardly finished fastening the final working straps of the leather armor when there was a cry from the stone behind him. Turning, he saw the Hierarch’s knife rising from the chest of another man.

This man, too, rose from the stone and knelt to the Hierarch, but when he took the sword from the hiearch’s hands, he cried out aloud and the blade shattered, leaving him nothing but a shard — hardly a dagger or short sword.

“Gutterspawn!” the Hierarch shouted in fury and disdain. “Worthless wretch! You are unable to hold the gift you have been given!” He turned to Snerdbane, but the Death Knight needed no order. He strode forward quickly and slashed at the gutterspawn, surprised when the wretch blocked with his feeble blade.

The fight was soon over, even with this unexpected resistance. With the creature’s demise, Snerdbane felt even stronger than before, and he seethed when the Hierarch told him to stand aside while others were processed. Some of the clerics were beginning to sound hoarse from chanting so long, although most of them were accustomed to this sort of duty.

After a half-dozen men had been transformed into either Death Knights or gutterspawn, and the latter had been dispatched by the former, one of the newer Death Knights noticed that Snerdbane was wearing armor, and immediately attacked him.

The first Knight was surprised at this action, and suffered a wound before bringing his own runeblade into play, parrying and riposting, slashing at his enemy’s unprotected flesh. It wasn’t long before he had defeated the newcomer, but although he felt more powerful from this victory, he noticed that the wound had not been healed.

Snerdbane approached a cleric that was observing rather than participating in the ritual and demanded that the priest explain what was happening.

“Only the living are able to heal you when you strike them with your runeblade,” the priest said with a cruel smile. Seeming to divine Snerdbane’s next thought, he said, “You are forbidden to harm one of our order.” Indeed, the invisible bonds on Snerdbane’s soul? prevented him from as much as slapping the man.

Furious, he stormed away from the ceremony until he found a small group of humanoids clustered around a smoky fire. He struck one of them down, and was immediately healed of the wound he had received from the other Death Knight. However, he had been careless again, and the armor of this victim was in even worse shape than that he was wearing.

Undeterred, he set upon the entire group, who had attacked him with the death of their comrade, and when he had slain all of them, he was able to piece together a more complete set of armor.

He was puzzled by only one thing. Although the blows he rained on the hobgoblins seemed to heal him, he didn’t feel the increased strength he had felt from killing gutterspawn or Death Knights.

Hardly had fitted the new armor to his body than he was set upon by another Death Knight. This one moved more swiftly than the last, and Snerdbane was soon fighting desperately, growing weary as he fended off the furious attacks of the other.

Finally, the attacker paused and said, “Bow before Delphus Shadowblade, and you shall live.” Snerdbane bowed reluctantly, and Shadowblade inhaled sharply, as though a surge of pleasure had moved him.

Turning from Snerdbane, Shadowblade searched for a new adversary, and the former gripped his sword, ready to run the previous victor through from behind. However, he soon realized that he was completely incapable of striking the one to whom he had bowed. Instead, he followed the victor and joined him in attacking some of the other wandering Death Knights, some of whom had, themselves, joined into small groups.

Luna was still high when Delphus Shadowblade took his place on one of the standing stones to the right of the Dread Hierarch. He had been given a suit of armor after defeating many of the other Knights, and was now called Master of Sorrow. Gutterborn and the lesser Death Knights still fought in the shadows beyond the fire pots, and there were no humanoids left within the circle that was permitted to the undead warriors. Generally, those Death Knights who had made the transition first were able to defeat the newer recruits, having collected gear from the unfortunate humanoid soldiers and guards who had surrounded the ritual circle. Others, like the unfortunate Snerdbane, were eventually cut down by warriors with finer mettle, and some of these waited with Shadowblade for the last of the victims to be processed.

In between the fighters and knights who were slaughtered to change them into Death Knights (or gutterborn, for the less fortunate) the clerics slaughtered sacrifices to the dread powers that were granting these transformations. As the Hierarch oversaw the last of these sacrifices — a young girl taken from the lands of the Bandit Kings — the sounds of combat from beyond the grove changed in tone.

While there had been a more-or-less constant clash of arms in the surrounding darkness, there were now the sound of thundering hooves and the shouts of living voices. Light bloomed in the darkness here and there as light spells were cast into the melee, and other lights cast black shadows from tree or standing stone as they emanated from unsheathed blade or uncovered shield.

Before Shadowblade could completely reckon what was happening, a great warhorse charged into the very circle, a tiny elf-maiden clad in shining armor on its back. In her right hand was a heavy lance and on her left arm a shield bearing the emblem of a rose encircled by thorns. She swept past the lesser Death Knights, ignoring even Shadowblade, to charge right up to the Dread Hierarch and strike him with her lance.

The blow would have killed a normal man, but the Dread Hierarch of the Horned Society was no normal man. Possessed of arcane powers and filled with the strength of the Hells, he flew a few feet through the air and landed on his feet.

His disciples immediately sprang into action to defend their master, while Shanks ran up behind the horse to attack the knight from the ground. However, before he could even swing his sword, several other horses charged in to the glade.

Each warhorse carried a warrior, and each warrior was hedged about with a power that made the Master of Sorrow tremble. A good-looking man in impeccable armor charged at Shadowblade, but the Master avoided the wicked-looking lance with ease. In return, he swung his massive hand-and-a-half sword over his head and brought it down upon the Cavalier. Although the runeblade guided his hand in the most effective blow possible, the opposing horseman seemed relatively unfazed by the attack.

Arrius Boldblade slid from his steed, simultaneously drawing his gleaming sword from its sheath as he did so. If the brooding Knight he faced wanted swordplay, he was more than up to the challenge.

To his left, Alianna Glimmersky leaped from her steed’s back as well, calling to the beast to retreat for the time-being. There was an aura of fear around these foes that made the horse restive, and she needed to concentrate on stopping this ritual.

Behind the two of them, Theobaldus the Observant, Guderwinda Everbright, and Clatriel Redmain repeated the maneuver, one they had rehearsed in training until it was as straightforward as breathing.

Calling forth a power he had never used, the Master of Sorrow mentally commanded the foes to despair. Although the elf and another of the warriors blanched for a moment, they pushed their assault on the Death Knights in the glade.

One of the other Knights unleashed a freezing blast of cold. While one of his comrades was inconvenienced by this, the Cavaliers were severely injured, the frost only slowly melting from the polished surfaces of their armor.

Shadowblade considered the cocky horseman before him. The man’s gleaming armor was clearly bound with arcane power that was proof against all but the mightiest swordsman, but he would see if it was protected against elemental forces. Like the lesser Knight had done, Shadowblade focused his power into a blast of cold that staggered his foe, though the man showed great courage on his face.

Across the glade two of the other Death Knights copied this action, blasting the cavaliers just as their joints were beginning to unfreeze from the earlier blast. Another of the Death Knights — Shadowblade couldn’t remember his name — was caught in these cones of cold as well, but if he wasn’t strong enough to shrug the bitter frost off, he wasn’t fit for the title.

The Dread Hierophant called upon his minions to deal with the intruders and vanished, while one of the Warlocks flew up into the sky, pointing his finger at the Elven Paladin to no apparent effect. The Death Knight behind the elf had been swinging his sword at her to no effect, and having lost her primary target, she turned her attention on him. With two mighty blows, she cut viciously through the Knight’s armor, her sword blazing redly as though enjoying the carnage.

The three interlopers across the glade were also hacking away at their foes, seemingly undeterred by the ferocious cold that had sapped them again and again. While Shadowblade glanced around to see what had become of the other Warlock, the one in the air cast a fireball at the elf.

At another time, the Master of Sorrow would have been entertained and impressed at the way the flames broke around the elf without harming her, bringing the Death Knight she faced to his knees as they scorched his cold undead flesh. Now, he was only angry, and unleashed a second blast of cold at the infuriating Cavalier who dared face him. The man staggered and blanched, and the Death Knight took comfort in knowing that his bravery now was mostly bravado. Still, the human warrior’s sword was beginning to take its toll of the Master’s health, and he seemed to be protected from the runeblade’s life-leaching ability.

A lightning bolt tore through the glade, removing the elf’s opponent from the fight, but Shadowblade couldn’t tell if the Paladin had been badly hurt or not. His senses told him not only that she was alive, but that she bore life within her, and he burned with a hate, and a desire to end her.

Keeping his final blast of cold for the elf, he swung at the Cavalier again, but the man deftly caught the blade on his shield and countered with a wounding thrust below Shadowblade’s guard.

Two of the other Death Knights were down, now, though he thought he had seen one of the female Paladins — of Pholtus, by the look of her — go down to a blast of cold. He looked to his right and saw the Elf approaching at the top of her speed, the glowing red sword held in a way that made his insides ache with anticipation.

While planes of shifting colored lights suddenly appeared throughout the glade — no one ever learned what had caused them or what purpose they were intended to serve — the Master of Sorrow focused his rage on the elf and called out, “Die!”

To his surprise, although the frost blasted her fiercely, instead of attacking him, she stretched out her hand to the Cavalier he had been fighting and said, “Courage, my friend,” the touch seeming to revive him.

As the last two of the lesser Death Knights went down before the Paladins, Alianna Glimmersky tested her blade against the skill and armor of the Master of Sorrows. Soon, Theobaldus and Clatriel had joined her, and with the combined attacks of the group, the Master soon lay lifeless, the mockery of undeath ended.

The flying Warlock had headed off around this time, and the other Warlock, on foot, was beginning to run away. Whistling for her steed, Alianna charged her followers to take care of Guderwinda’s body, then swung into the saddle to pursue the fleeing warlock. It wasn’t long before she returned, his senseless, bound body draped across the rear of her horse.

Arrius and the others were guarding a small group of “prisoners”. Alianna’s infravision told her that they were not alive, but undead of the sort she had lately been fighting. Clatriel told her that they had been herded this way by the rest of the force, and that they did not have the same spirit as the Death Knights they had been fighting.

“They don’t have any armor, to speak of, and no swords — look.” She pointed with her glowing longsword at the dagger-like shard one of the fiends was clutching to his chest.

Alianna’s look suddenly changed, as though she were listening to someone else speak, who was not present for the rest of the party, and she smiled.

Spurring forward, she leveled Fedifensor at one of the groveling prisoners, noting the way he avoided looking at the glowing red blade.

“You, there,” she said, accepting the sidelong glance he gave her. “If you wish to be freed of this corruption, and to be avenged on the Horned Society, seek out Pholtus.”

Several of the other gutterspawn murmured that they would also seek out Pholtus, but Alianna stopped a few of them. “No,” she said, commandingly, “you four are to seek out Pelor.” They crept away, seemingly accepting this word.

When the Paladin was about to turn her horse away from the wretches, one of them stood boldly up. Hate filled his face, but there was something else there, too. Perhaps a thirst for vengeance? He was broader than the others, and didn’t seem to fit with them in a number of ways.

“Where would you have me go, mistress?” he asked.

Something like a smile broke on the elf’s face as she saw his boldness. He didn’t cower like the others, although he cradled the broken scrap of a sword against his chest like the rest.

“Heironeous,” she said, emotion touching her voice. With a nod, the gutterspawn turned and strode through the midst of his fellows as though he had a mind to find Heironeous that very night.

Alianna turned her steed and saw that her companions were looking at her with amazement. “Come,” she said, “this one,” she nodded to the shape across her horse’s rump, “has information that the mages can reach, and Goodie needs a cleric to help her rejoin the fight.

“I also need to ask her forgiveness for leading her to a death. The next time we face these monsters, we must be prepared for their cold attacks.”

“What of the ones you released?” asked Theobaldus.

“I don’t know,” she laughed. “My God has a use for them, but what it is is beyond me. Perhaps my husband will be able to tell me when we see him again. In any case, I almost wish I could be there when the undead present themselves at a temple of Pholtus.” She laughed again at the thought, and taking the reins of Guderwinda’s horse in her left hand, she started the way back to the rest of the force, where she hoped to find a cleric who could return her herald to life. Failing that, they would need to return to the fortress before Goodie would be able to ride the horse again, instead of being carried like a sack.

Password Management

A necessity in the digital age

A while back, password management was one of those things that “I suppose some people do that”. Most people had at most one or two online accounts, and it was a whole lot harder to get around the Internet and find useful things to compromise or steal.

Things have changed. My currently used password manager tracks 1,692 items, and while there are some duplicates and items that aren’t passwords, not to mention passwords for accounts that I no longer have, that’s way too many passwords for me to manage on my own.

What is a Password Manager?

A Password Manager is a computer program (and possibly a service) that helps a computer user to manage the passwords that are needed for a modern digital life. This is necessary because of a couple of very important points.

  1. Passwords should be secure. They should be long, complicated, and difficult for people to guess. In general, they should not contain identifying information about you (birthdate, anniversary, pet’s name, etc.) but should be as random as possible.
  2. You should use a different password for each service you use.

Let’s look at each of these points in turn, and then we’ll talk about how a password manager can help with them.

Passwords Should Be Secure

In the before time, computers were slow and had extremely limited memory. (This is technically true about almost all times, compared to the times that come after, although I believe Moore’s law has failed.) One of the things that this meant was that it was difficult for a computer to crack a password.

If you’ve played the game Portal 2, you’ll possibly remember the scene where Wheatley tries to guess the password to keep GLaDOS from reactivating. He starts by guessing six As, and then goes to five As followed by C. He’s not very fast, and if the password is longer than 6 characters, he’ll never get it.

Today’s computers are able to go through all of the possible combinations in a six character password (including lower case letters and numbers and symbols) in a very short amount of time.

With the larger amounts of memory (and storage) programs designed to pilfer passwords can also use a dictionary attack, using words from a word list to try to guess the password more quickly. Some of these word lists include passwords collected from online server breaches.

In short, to make it more difficult for a program to guess your password, you need to have a password that’s difficult to guess. There are two major techniques used for this.

The first technique is to make a jumble of characters. This password manager believes that this 20 character code containing UPPER and lower case letters, digits (numbers), and symbols is adequately random to be excellent. It is allowing ambiguous characters (i.e. both 0 and O — that’s a zero and a capital O). This type of password is quite secure, but very difficult to remember.

The second technique uses real words, but combines them in ways that are not normal (or grammatically sensical). Although this password is easier to remember, it is also rated excellent because it is quite long, and random enough that a program will have a hard time cracking it. Note that upper and lower case letters are used, as well as digits, to make it more secure. To a computer, E and e are completely different, and not necessarily related.

So, with this kind of password, you can have a relatively secure way to access data that is yours, and that shouldn’t be shared with other people. This includes your email, your bank account, your computer, etc. However, memorizing even one of these passwords is difficult, and I said you should have a different password for every account you use?

Passwords Should Be Unique

Every once in a while, you’ll hear that service XYZ.com got hacked, and that the hackers got away with personal information of the users of that service. If that personal information included passwords, the hackers (or those they sell the information to) will certainly try to use those passwords in other places, especially in combination with the username connected to that account.

Since usernames are often just email addresses, and since most people don’t have lots and lots of email addresses, this basically means that if you reuse your password, you’ll be reusing both password and username.

Logins are like locks that usually require two keys: your username and your password. Since most services ask for your email address, and allow you to login using that address, hackers now only need to have one of the keys, the password, to try to access your information. If your password is always the same, too, they will have both keys to every account you use.

Why Does It Matter?

I’ve heard a lot of people say, “Well, I don’t do anything important on my computer, and I don’t have very much money in my bank account, and so I won’t lose much if someone is able to break in to my account. Besides, why would they want to?”

This ignores several very real harms:

  1. Once a hacker has access to a server using a legitimate account, he can try to use that account to gain access to other parts of the server. By not using his own account, he’s less likely to be caught on failed attempts.
  2. If a hacker empties your bank account (even if there’s not much money in it) you’ll likely be faced with overdraft charges that can be expensive to clean up.
  3. Sometimes, the hacker just wants access to your computer. He can use it to attack other computers around the world without leaving a trail back to him. This slows your computer down (and if he uses your computer for bitcoin mining, will cost you in electricity and failed computer parts) and makes you a participant in, for example, an attack on the Bank of Scotland.
  4. Some people just want to see the world burn. They may not care about your 1,700 pictures of your dog, but they get pleasure from the thought that by deleting or defacing them, they have exercised power over you.
  5. If you use any kind of account to work with someone else’s data, that person can be harmed through the access to your account. Malicious reviews can be posted under your name, or false information can be inserted into online accounts.

In short, it’s more important than you may realize.

It Sounds Complicated

To be fair, it is complicated, but Password Managers make it somewhat less complicated.

Most password managers share two characteristics: they let you generate secure passwords (as shown in the pictures above) and they store username-password pairs for later use. Most of them also use a single password to unlock this store of information, and many of them allow you to synchronize your passwords between your phone and your computer, for example.

How Does it Work, Then?

  1. You go to a website that you use for some purpose (maybe it’s your email).
  2. If the password manager is locked, you will need to type your one password that unlocks it. Many web browsers provide basic password management, and most of them don’t lock the manager when you’re not using it.
  3. The password manager will either let you copy and paste the username and password into the webpage, or will do it for you.

That’s it!

The nice thing is that, for most password managers, the one password never leaves your computer — rather it’s used to unlock the password database/password store.

Most of them will also allow you to generate a secure password, will update the stored password when you change it, etc.

Extra features include checking that the website is the same as the one where you previously used the password. https://microsoft.com and https://microsoft-us.com are not the same place, and one of them might be owned by a hacker trying to get your password.

Some password managers let you store your credit card information securely so it’s available, but not stored in some stranger’s database. Identification information (driver’s license, passport) and software keys can also be stored, and some managers provide special formats for these.

Warnings!

Not all password managers are created equal. In my opinion, there are several things to watch out for when selecting a password manager:

  1. Where are the passwords stored?
    • If the passwords are stored only on your computer, that’s more secure than if they’re stored on someone’s server. The server is not only a bigger target (millions of users’ passwords) but also easier for a hacker to get to.
  2. How are the passwords stored?
    • If they are encrypted, that’s better protection. However, if they’re just in a text file, that’s not very secure, even if it’s on your own hard drive.
  3. Where is the decryption done?
    • If the password is decrypted at a remote server, so just the password is sent back to you, that’s not very secure. However, if the service can’t decrypt your password file, that’s more secure. (Sometimes this is called zero knowledge. The company can’t share your information because they don’t know it. It also means you’ll lose all your passwords if you forget your one password to decrypt them all.
  4. What does it cost?
    • Password managers all cost something. Sometimes it’s just the inconvenience of using one, instead of using the same username and password everywhere on the Internet. However,
      1. Some password managers have a price to buy. This seems to be less common now because
      2. Some password managers have a monthly fee. This means that not only do you have an on-going expense, you may lose access to your passwords if your subscription lapses.
      3. Some password managers have a special format that can’t be exported to a different manager easily. If you decide to change to a different password manager, you could have some problems. (I ran into this when I stopped using the Mac — my password manager was 1Password, which isn’t available off the Mac, and several of the password managers I tried couldn’t make sense of the 1Password export format.)
      4. Some password managers give the serving company access to the password store. This means that if they are hacked, hackers could gain access to all of your passwords.
      5. Some password managers are just plain hard to use.
  5. Does it synchronize with multiple devices?
    • This one bit me with a couple of solutions. If Dropbox (for example) is the only option for synchronizing, a free account will limit you to five devices. Sometimes, the manager itself will require a license for every x devices it’s installed on. It’s best to find that out before you have gotten committed to using a particular password manager.

This is a lot of information to process. I will plan to write a second post comparing some password managers.

Gaming Remotely: challenges

I’ve been playing a D&D game with my kids for the past few years. We are using MapTool for our Virtual Table Top because it’s free, and it’s also pretty impressive. A lot of the number crunching involved in regular Old School D&D is done by the computer, which is what it’s for. (Note, although I’ll generally say D&D, we’re actually playing 1st Edition Advanced D&D. My time with the Basic Set was very short, and I lost interest during 2nd Edition.)

Things have gone pretty well, and we have two players who live off site who join us through the magic of technology. The biggest problem has been our Internet connection. We live in a rural area, and the only Internet options for us have been traditional satellite Internet (bad latency and even worse customer service, coupled with a pricing structure that would make a robber baron blush) and AT&T DSL.

AT&T is one of those companies that has tried its level best to alienate me for years. I pulled the family off of their cell phone service last year, and we’re just waiting for an opportunity to ditch the DSL line as well. The service is poor to start with, but the signal drops several times per day, and that’s just unacceptable.

When the service drops, we lose connection on our voice chat (using Discord) and our remote players also lose their connection to MapTool, and have to be booted and reconnect (once the connection is back up).

We finally have a chance at something better. I’m testing a Starlink setup. It’s not technically available in our area (we’re on the wait list), but I managed to get a chance, and I’ve been running it for just under a week.

The first thing to love is that it’s so much faster than DSL most of the time. The latency isn’t too much worse, and it’s also been quite stable. There’s just one little problem!

Starlink uses the same setup as cell phones for assigning IP addresses. That means, among other things, that the IP address can change, sometimes frequently. It also means that they don’t support (and probably will never support) port forwarding or NAT.

MapTool runs a local server, and unless your machine is directly connected to the Internet, you need that port forwarded to your players for them to connect to the server. (Okay, technically, you need the port forwarded from somewhere else to the server, but let’s not get too OCD about this.)

Last week was a blind role playing session, because we discovered the problem too late. I almost always forget about the port forwarding because it works transparently most of the time, and every time I’ve changed router setups, I generally have a glitch the first game day because I’ve forgotten to redo the port forwards. With most routers, it’s a fairly trivial thing to do.

This time, I’ve spent most of the week working on this issue, and I finally fixed it this morning. I’ll start with what didn’t work.

  1. localtunnel
    • This is an npm installation that should work easily. In fact, it’s very similar to the solution that eventually did work.
    • Unfortunately, my remote machine (tested using a computer connected via my phone’s hotspot) couldn’t connect to the server.
    • I have a need to use/hate relationship with npm. For whatever reason, I seem to have to continually reinstall applications that use it, including npm. All in all, I’m probably just as happy it didn’t work.
  2. Remote.it
    • Oh, how I wanted to like this solution. It has a nice configuration app, it claims to do everything I need, and it even mentions working with Starlink.
    • Nope. Also, nuh uh. Documentation was sparse, and whether I’m just a bonehead or for some other reason, it didn’t work.
    • If someone can tell me how to make it work, I’d be happy to give it another chance.
  3. Tailscale
    • This is a great concept — zero config VPN. Unfortunately, it achieves this by using Single Sign On from Google or MS, or one of those other evil megacorporations. Nope, I spend a fair amount of my life avoiding the monitoring of those beasts, I don’t want to invite them to our games. I didn’t even look far enough to see what costs, if any, there were.
  4. ZeroTier
    • This one is actually pretty amazing. I might go back to it if I get the proper feedback from my group.
    • ZeroTier is an easy-to-configure VPN setup that supports 25 nodes using their free plan.
    • Unfortunately, it requires installation of client software on every connected machine. For a different application, that would be completely worth it. For gaming, where I’ve already asked the players to install MapTool, it’s not going to work. Plus, we’re hoping to move over to Foundry, which will eliminate the need for my players to install any software except a web browser.
  5. SSH Tunnel
    • Technically, all I need for this one is ssh installed on my machine, which I have, and a server that’s not inside my network, which I also have. (An example is this fine website.)
    • I had an application on the Mac that would help with this, but I couldn’t remember the name, so didn’t look for alternatives. (It turns out to have been SSH Tunnel Manager. Now I feel stupid.)
    • I found an app called jEnTunnel. It’s a little java app with a graphical interface that allows me to easily set up tunnels. I haven’t tried to see if it actually works with MapTool yet, but I will update when I have a chance to do that. Chances are it will be my go-to, since I control the other endpoint.
  6. ngrok
    • This is what I ended up using, and what prompted writing this post.
    • ngrok is a tiny little command-line tool that lets me forward a port very simply.
    • In fact, it allows the creation of config files that give a shortcut to opening several ports simultaneously, which could be very useful indeed.
    • They have a ppa, so I can install (and uninstall) using apt.
    • One downside, the external url and port change every time you run it, so it’s a bit more fiddly than some of the other options.

TL/DR

If you have a similar situation where you need to forward a port out of your firewalled Internet connection, ngrok or an ssh tunnel may be what you’re looking for.

Update!

Further experimentation has revealed a couple of unpleasant truths. The first is that, because my server isn’t a VPS, I don’t actually control it. My hosting provider won’t unblock the ports that I need, so forwarding them does nothing good for me. I may decide to pay for a VPS and host my site(s) there, and then I’ll control the ports, but that’s way in the future.

Secondly, I got a response from Remote.it’s support team. It looks like the only way (short of running a VPS) to make it work for my use is to have my players install the Remote.it software on their computers as well. Then, we can link up and have fun. This puts it soundly in the ZeroTier category, and isn’t acceptable right now.

TL/DR 2: ngrok does what I need, albeit not in a pretty fashion.

Phones: The Shipping Wars

I have had a love/hate relationship with my cellular provider for some time. Long enough ago that it could well be the beginning, I was with AT&T, but their customer service irked me fiercely. Between one thing and another, I hadn’t taken the plunge to a different service, but then my son accidentally bought a Tracfone phone that was locked to that service. You see, we had been buying cheap prepaid phones to use with our AT&T sim cards, but he didn’t realize that some of them used different background networks.

Well, he just got another phone, and the Tracfone device lay around our house for a while, seeking purpose. That purpose arrived when AT&T started disabling our older devices. I activated the Tracfone for my wife, ported the number over, and it was smooth sailing.

However, there were storms on the horizon. Tracfone’s customer service rivals AT&T for horror, and there was one complication after another. Finally, they switched off my phone — the one AT&T had sent me when they were shutting down my older phone.

Well, this got me interested in options again, and I found Reach Mobile. I haven’t used them long enough to know if I like them, but they have been marginally more communicative than Tracfone, and they don’t insist on calling back on an unrelated number “within 15 minutes” which is always longer and then making me wait on hold after they call me.

So, to transfer your number from one phone service to another, you need four pieces of information.

  1. The name of the company you’re transferring from. In my case, this was Tracfone.
  2. The account number. This is trickier, especially if you have multiple phones with a vendor. For Tracfone, it’s the last 15 digits of your SIM card number, which you can find with a magnifying glass on the back of your SIM card if you pull it out of the phone.
  3. The PIN code. This was a real stumper. After wasting time with the chat support at Tracfone, waiting for someone to call me back, waiting on hold for the person who called me to pick up, I finally found that I could have gotten it by myself. To get the Number Transfer Pin for a Tracfone, text NTP to 611611 on the phone that has the number you’re transferring from.
  4. The billing zip code.

Well, once I had located these pieces of information, I was set. There was one small snag: since I had activated my SIM card with Reach Mobile, they were unable to change the number on it. Fortunately, they send two SIM cards when you sign up, so I was able to use the second card to receive my old number.

Well, I’m still waiting for the transfer to go through. Reach suggested contacting Tracfone to ask them to hurry it up, but I think I’d rather carry around two phones for a bit longer.

Using Cloud Storage

Okay, so we really need to answer the question, “Should you use cloud storage?” before we get into the weeds on this one.

Simply put, cloud storage is file server space that’s not on your computer. More generally, it is usually owned by someone else, and is physically separate from where you are.

Because the “cloud” is not typically owned by you, you need to be aware that what you store there might be examined by whoever is providing the storage, that they may change their policies and force you to find other solutions, they might be raided by law enforcement in such a way that your (innocent) files are swept up with those of the target, etc. In other words, don’t blindly trust a cloud.

That said, there are good reasons to use cloud storage. One thing that makes it “cloud” is the ease of access. You can access your files on a number of different devices, and changes in one place are quickly reflected elsewhere. (This can be a problem, too, if things change in a bad way, but there are ways to mitigate that, too.)

For as much of a “cloud skeptic” as I am, I have accounts with several cloud providers. I’m going to briefly recount which ones, why, and then discuss how.

The oldest cloud account I have is with Apple’s iCloud service. I got it when it was a free .Mac account, kept paying for it for quite a while, and now have stopped paying for, and using, it. I don’t use a Mac very much at all, and my Macs tend to be well behind the current OS and hardware. Because of that, Apple won’t let me use two-factor authentication, and iCloud is pretty useless without it. So, I don’t even try to access my iCloud storage anymore, and I long since took my data out of it. I still have the account because it’s connected to my Apple ID, which is connected to my Apple Developer ID, etc.

The second oldest account I have is with Dropbox. Dropbox was one of the first, and I was always able to function within the limits of the free account. I don’t use a cloud to back up most of my data (unless you count a local cloud, which we’ll talk about later) partly because of cost and partly because of time. It takes a long time to upload or download terabytes of data. Dropbox worked well, and I used it for a number of programs on the Mac that were able to use Dropbox for sync. (This was largely during the period when you had to pay for .Mac to use the cloud storage for sync, and I wasn’t paying.)

I mostly stopped using Dropbox a few years ago when they started limiting free accounts to using three devices. The primary purpose for my Dropbox account was to sync my contacts and passwords using a third party whose interest was not in my contacts and passwords. To do that, it needed to sync with close to a dozen devices, so three was not going to cut it. I still have the account, and it can be useful for transferring a file to someone, but I use it only slightly more than the iCloud account.

Now it starts to get hard to say what I got next. It was probably Koofr. I was looking for a privacy-supporting cloud service, and heard about Koofr. It’s hosted in the EU, so it has all the benefits and problems associated with that. I get 10GB free, which isn’t nothing, but is a lot less than some of my folders. It has a Linux app, so that’s nice. I don’t really know why I haven’t used it more.

Box is another of these services that I tried to get the free offer, and wasn’t impressed enough to really do more with. It is something I’ll be using with work, so I may find myself using it more in the future.

OneDrive (Microsoft) and Google Drive (guess who) are two more cloud drives that I only use for work. I hate both of those companies, and don’t trust them in any way, so I share as little of my information with them as possible.

pCloud is my new favorite. There are several reasons for this. First, it is privacy-oriented, being based in Switzerland. Second, Linux is a first-class citizen, with a proper app. (To be fair, Dropbox also has a full Linux app. OneDrive and Google Drive don’t, and iCloud isn’t even accessible using other means.) Second, although it cost me money, I was able to buy 2TB of cloud storage with a lifetime lease. Of course, that’s the lifetime of that lease, and it’s very possible that they will discontinue this service, or be bought out, or something at some point. However, the perpetual license makes it a fixed cost rather than a recurring one, and that’s something I like. They offer encryption as an add-on, which I haven’t purchased yet, but it’s available in the same way with a one-time payment. It syncs nicely with my computer and phone, and the storage is big enough to be useful, especially when considering things like file versioning, which it supports.

OwnCloud/NextCloud are two versions of the same open source software, with NextCloud being a fork of OwnCloud. What is nice about this software is that it’s not necessarily on someone else’s hardware. While I run an instance of one of these on my shared-host web server (that I don’t control) it is trivial to install it on XigmaNAS or HomeAssistant (or many similar open source servers) and use as a cloud within your home. While firewalls and network security are outside the scope of this article, with proper precautions (like a VPN) you could even have a home-based server that you can access while away from home.

Accessing “Unsupported” Clouds

So, how can I access OneDrive, Google Drive, and Box from my Linux computer, since I both need these for work and they don’t support my operating system?

Well, for Box, the answer is deceptive. John Green wrote an article about mounting a Box drive in Ubuntu, and although one of the comments from 2021 says that Box stopped supporting WEBDAV, I find that (in 2022) it still works just fine. Since the credentials are stored in my Gnome Credentials, I’m not sure how I would mount a second Box account using this method.

However, the product ExpanDrive is another solution. This was something I acquired long, long ago in a Mac bundle, and never really got it to do what I needed it to.

ExpanDrive options

It supports a ridiculous number of cloud providers, both free and costly, and it allows me to mount those volumes seamlessly on my Linux computer. It flaked out a certain bit when I was trying to mount two different Box accounts, but that’s why I went looking for, and found, John Green’s solution. Using ExpanDrive I can easily access all of the cloud accounts that don’t have a nice Linux client.


Update 14 April 2022: Another contender in the cloud storage arena appears to be internxt. At this point, I don’t know anything about them except that they advertise on Brave, and they emphasize zero-knowledge file storage for anonymity and security. They offer 10GB on the free plan, which is certainly enough to try them out. If you do, please let me know in the comments.

Filesystem Search in Linux Mint 20.2

When I installed Linux Mint 20.2 Uma for my kids, I was immediately struck that the search panel in Nemo now had a search by contents field.

I work pretty hard to keep my work organized, but there are still times when I can’t quite lay my finger on something I’m looking for, so I upgraded to 20.2 as quickly as was possible (I had been running 20.1)

I figured that I had better take the fetters off of tracker and its kin — after all, a file and content search technology that’s part of the Gnome project would surely be the heart of any similar feature of Nemo, right?

Well, after several weeks of having at least one CPU core pegged 24/7, I decided to do some more research. As far as I can determine, tracker is basically an unwanted orphan. Tracker-GUI, the configuration panel for the utility, is gone from the supported repos (and even in Ubuntu, upstream from Mint).

Clutching my courage with both hands (at the prospect of having to redo those weeks of unprofitable cryptic churning) I reset the tracker database, wiping out its indexes and shutting down its processes. ( tracker daemon -t to terminate all the tracker processes and tracker reset -r to wipe the data cache )

Finally, I typed in sudo apt remove tracker and found, to my delight, that it only removed tracker and its attendants (tracker-miner and tracker-extract). Then, I hopped in to Nemo and did a search for some text I knew existed inside one of the files in a particular folder. Success! After a relatively short time, the window began to be populated with corresponding files.

Above all, I no longer have a mammoth processor hog flailing about, not to mention the disk usage and memory.

So, if you’re concerned that removing tracker from your Linux Mint 20.2 installation will negatively affect Nemo’s search capabilities, worry no more! Go ahead and uninstall the little beast!

Screenshots

Many years ago I worked for a commercial help desk operation, and one of the things I had to do was take screen shots for documentation, or just to show users what they needed to do.

I had my personal Mac at work, and I owned Snapz Pro X, from the now-defunct Ambrosia Software. It was a great program that did screencast captures as well, and I enjoyed using it. Most of the time, I didn’t even need to use it, as the Mac has a great screenshot utility, activated by command-shift-3 and command-shift-4, that allows taking screenshots of the whole screen or a portion of it. However, some of my work required me to take screenshots of Windows screens. I researched and installed Greenshot, and was happy with that. Since that time, Greenshot has expanded their software to work on Macs.

Fast forward to a more recent time, and I’m switching my work environment over to Linux. Among the needs I have is the need to do screenshots, so I went back to work researching. Greenshot wasn’t an option, so I found Shutter. At that time, the project had been abandoned for some years, but I was able to scrounge up the procedure to make it work on my computer, and I was happy again.

More recently, Shutter has been adopted, and installation is straightforward, and there really seems to be no reason to look elsewhere, but I did. In looking around I found Flameshot, which is available for Linux, Mac, and Windows, and seems really nice. I didn’t really need to explore it in depth, since Shutter works, but I took it for a spin or two.

For Windows, I’ve installed ShareX, which gets enthusiastic reviews. I haven’t actually had occasion to use it, as I take most of my Windows screenshots from Linux these days, but I thought it worth mentioning.

Finally, as I was fiddling around with trying to assign a key combination (Ctrl-Shift-3 and Ctrl-Shift-4, as it happens) to my screen capture utility, I discovered that I had already done so. In activating the combo, I found that it didn’t activate Shutter, nor did it activate Flameshot or any of the other screenshot utilities I had installed.

Linux Mint has a built-in screen capture utility that works similarly to the one built in to macOS. On activating the screen capture command (I have no idea what the default key combo is, and I’m too lazy to look right now) a screen capture is taken, and the user is prompted with a save dialog that also has a Copy to Clipboard button. (On the Mac, copying the screenshot to the clipboard was accomplished by holding Option along with the other keys.)

Now, while I say that I don’t know what the default combo is, that’s not strictly true. You can certainly use the PrtSc key on most keyboards for this. However, because of the settings I had put in to Mint, on my computer Ctrl-Shift-4 allows me to select a portion of the screen to capture.

Now it’s true that this built-in utility has no editing capability, and that I can’t do timed captures to select active menus, etc. For that, I’ll probably continue to use Shutter, which has some really nice controls for that. I may even just paste screenshots from the native tool into Shutter for editing.

However, for many people, the built-in function is good enough, as it was on the Mac for me for many years. I’m thrilled to see this kind of simple usability making its way into the notoriously difficult to use Linux ecosystem.

Installing Linux Mint on an Acer Nitro 5 laptop

This journey isn’t over yet, but it’s been adventurous enough so far that I thought I’d better start documenting things. Otherwise, I’ll never be able to recreate what I’ve done.

My daughter bought herself a new Acer Nitro 5 (AND515-44-R99Q) because her old MacBook is getting very long in the tooth. The new system comes with 16GB RAM, a 256GB NVME SSD (with Windows 10) and a 1 TB Hard Drive.

Her brother had recently picked up an Acer Aspire 3, and apart from some silliness with the secure boot options, it was a piece of cake to throw Linux Mint 20.2 on there.

The Nitro, however, has a new hybrid graphics setup, using the AMD Renoir chip for low-powered stuff, and an Nvidia GTX 1650 as the high-powered graphics engine. That’s the same card I have in my desktop, so I didn’t have any questions about whether it would run.

Well, the live disk installer wouldn’t get to desktop using the “standard” setup. Using compatibility mode, however, I was able to get the desktop to appear. There was a little bit of wonkiness — the trackpad wasn’t recognized, apparently, but I threw an old Kensington trackball on there and was installing in no time.

I’ve learned from past experience that you sometimes have pain on first boot if you don’t install the extra media stuff right away, so I hooked up an ethernet cable and off we went.

Installation is a lot faster on this newer hardware than on a lot of machines I’ve worked with, but I still tend to walk away and let it churn after I’ve gotten it configured. (And hope I didn’t forget anything to come back to it patiently waiting for input to start.)

Installation finished, I rebooted the machine, and …

So, ctrl-alt-F2 to open a console, log in and sudo apt update

Now there are a bunch of upgrades, so sudo apt upgrade

To be honest, I’m about 50/50 at this point whether I want to just install ssh before I get any deeper in the weeds (because the laptop is mounted two feet above my desk, to the right, and I could just ssh in instead of reaching over there to type the commands). However, I want to follow a “normal” process before I get to that, though I’m sure it will come soon.

Well, the upgrade stalled, so it’s ctrl-alt-del and let it reboot. It’s nice at this stage, because while it’s frustrating to have to redo things, at least we’re not worried about losing any data.

So, on this reboot, after getting into the console to log in again (because of the same black screen / non-blinking cursor issue), I’m going to sudo install openssh-server. This will allow me to connect to a console from my own computer, which will allow me to interact with the Nitro without stretching or getting out of my chair, and also will allow me to do other things while it’s going.

So, ssh lets me connect to the laptop even when the display is funky, and even if the keyboard on the laptop starts misbehaving. I can install and uninstall stuff, and even reboot if I need to. One of the first tools I install on a computer, even if I intend to sit in front of it most of the time.

At this point, the Nitro is behaving very badly, and even with moderate edits to the grub file that controls the boot process, it’s not allowing me to log in (graphically). I’m going to switch over to Ubuntu. If I recall correctly, it worked in early tests with this machine. If it shows any sign of trouble, I’ll install ssh first 🙂

There are a couple of reasons that I use Mint instead of Ubuntu, even though Mint is based upon Ubuntu.

The first is Unity. Ubuntu’s default Desktop Environment is clunky, wastes space, and is needlessly obstructive. That’s okay, I know I can install Cinnamon[1]Mint’s default Desktop after I install Ubuntu, and they actually have an installer that uses the Mate environment (which is not bad).

The second is more complicated. Ubuntu has really been pushing the Snap install infrastructure. While it sounds great, the more I delve into it, the more I agree with Mint’s developers that it is the kind of oppressive centralization that caused many of us to leave Apple and Microsoft.

The good news is that Ubuntu starts right up without needing compatibility mode, and the trackpad works. (I actually still prefer using the trackball, since it’s right on the desk next to me.) I installed using Mate, installed ssh, updated drivers, and everything worked. With that in mind, I took careful note of the settings (using the inxi -Fxz command) so that I can try to replicate them in Mint.

So, back to the Mint installer. As before, it only boots in compatibility mode. Bummer. Oh, well, let’s wipe that partition and get it installed again.

So, install is done. We’re doing the first reboot… As expected, black screen. Well ctrl-alt-F2 still works, and after logging in I quickly install ssh.

One advantage of doing some of this work behind the screens is that I get to see the error messages dumped into the console. Wow, the nouveau driver is buggy on Mint Cinnamon with this hardware! A simple difference is the linux kernel being used, however. Ubuntu is using kernel 5.11.0-34, while Mint is using 5.4.0-74. This should be relatively easy to test.

So, from the ssh session: sudo apt update (I actually already did this before installing ssh) and then sudo apt upgrade to apply the upgrades available. This can be kind of important because some things might break with the new kernel otherwise (not that we would notice, since it looks pretty broken as it is).

And, as it happens, Linux Mint 20.2 with kernel 5.11.0-34 still breaks under Cinnamon or Mate when using the Nvidia drivers. Oh, well, I’ll try to figure that out some other time — right now my daughter wants to use her computer.

So, I wipe the partition again, reboot to the Ubuntu Mate installer, and quickly run the install. I’ll have to get to the drivers at another time, but she did use the laptop during our D&D game today, so at least there’s that.

References

References
1 Mint’s default Desktop

Computer Build

Well, I wanted to look something up regarding my computer today, so it’s a good day to share what I used to build my computer.

Motherboard: Gigabyte B365M DS3H

I like this motherboard a lot. It supports 8th and 9th gen processors, so was a good fit for my i5 processor. It has four slots for DDR4 RAM, a full-size PCI-E slot and two smaller PCI-E slots. (Not enough of a wirehead to be able to tell you the difference off the top of my head. The full-size slot is for the graphics card…)

The onboard audio is decent, it has USB 3 onboard, and it comes with an M2A connector for an M.2 Socket 3 NVME SSD drive. In addition, there is support for five other SATA3 drives on traditional SATA connectors. (You can attach six SATA3 drives if you don’t use the M2A connector.) The manual says you can use all six SATA connectors if you use an M.2 PCIe SSD, but I’m not sure if that means installing it in a PCIe slot… Again, perhaps a real wirehead could tell me.

The bios is pretty cool for an old guy like me: GUI with mouse driver. I was able to set it up fairly easily to allow me to dual-boot (although I only have Linux installed right now).

The integrated video is very nice. In fact, it would have been all I need except for a couple of games that refuse to run. For work, it is more than sufficient, and supports three screens.

There are power connectors for two fans (CPU and System), and there’s a front panel audio connector. I’ll have to finish this part later, as I’m currently diagnosing a problem with my front-panel audio: The channels are mixed to come in the same on both left and right, but many audio sources (particularly video) seem to drop one channel out. I don’t know if it’s the board, the cable, or the case, but I’ve now tried several headphones and headsets, including one that is the old headphone-with-no-mic variety, so I know it’s stereo only.

RAM: Corsair Vengeance LPX 16GB (2 x 8GB) DDR4 3000 (PC4-24000) C15 1.35v & Corsair Vengeance LPX 32GB (2 x 16GB) (PC4-21300)

With four RAM slots, I started off with 16GB of memory, and then upgraded to 48. If I have spare cash lying around, I may pull the 8s out and go to 64GB, but I haven’t seen a need for that yet.

Power Supply: Thermaltake SMART 600W ATX 12v v2.3/EPS 12v 80 Plus

Nice supply with braided cable covers. Lots of connectors for lots of stuff. 600W, so it handles the cpu and graphics card (and is probably overkill, to be honest).

Fans: Arctic F12 PWM PST Value Pack

Okay, I felt a bit indulgent getting these, but they are very nice fans. They came in a five pack, so I put one on the back and one on the side, and still had three left over (to easily replace a fan whose bearings went out on my NAS). Very quiet, very efficient. (As I write this, my computer reports that system temp is 42° C (~108° F). With a high-temp threshold of 84° C, I’m pretty comfortable.

CPU: Intel i5-9600K 6 Core up to 4.6GHz unlocked LGA1151 socket 300 series 95W

While I do occasionally see a process thrashing this CPU (usually only on a couple of the cores) it’s been a real pleasure to use. It installed nicely, and with the cooling I’ve installed runs cool enough for me. I went with Intel instead of a Ryzen because I’m planning to do some streaming with OBS Studio, and UserBenchmark has some interesting stuff regarding a memory bottleneck on the Ryzens.

CPU Fan: Cooler Master Hyper 212 Evo CPU Cooler

I’m too old to be ready to try liquid cooling on my system, but this guy is enormous! It barely fits in the case, but with two fans attached, I feel like it’s really doing its best to keep the CPU cool.

Optical Drive: ASUS DRW-24F1ST DVD SUPERMULTI Burner – SATA

Yes, I still want an optical drive. Part of the reason is that we buy DVDs of movies that we want to watch again, and I rip them using MakeMKV and put them on our media server, to save wear and tear on the discs. I got this one because it was SATA, and because it supports the M-type discs that supposedly last for 1K years. True, I don’t currently own any of this media, and my backup strategy does not currently include optical disc backup, but better to be prepared, right?

Graphics Card: ASUS TUF Gaming GeForce GTX 1650 4GB GDDR6 PCI-E 3.0

One of the most expensive parts of the system. I finally got one of these from NewEgg, because the prices on Amazon were ridiculous. In fact, after I ordered, I was told they were out of stock, and would I like to cancel my order? I said, no, I’d rather wait and have them ship it when they got it. It was a little delayed this way, but finally arrived. Then, I just about had a heart attack after I installed it and the system wouldn’t start. It turns out that in inserting the card (which required a fair effort) I had pressed down on one of the latches of a RAM card. The card was partially popped, and the system refused to start. After I checked everything, got the DIMM reseated, etc., everything worked fine.

I have had a couple of times when the proprietary Nvidia drivers don’t want to play nice on my system, but it has taken care of itself and I currently have no complaints.

Drives: Well…

I ordered a HGST Ultrastar 8 TB drive for this build, but when it came it had a SAS connector instead of SATA, so I had to return it.

It’s hard to shop for storage these days. Amazon has blown searching on their site to smithereens, and NewEgg isn’t much better. You can specify the type of drive you want as carefully as you like and you’ll still get lists spammed with all sorts of things that are mis-tagged by the Chinese merchants competing for your dollars.

I ended up putting in a WD 1TB Blue SN550 NVMe drive in the M.2 slot on the motherboard. I also had a couple of 128GB SSDs (Crucial 128GB 2.5″ SATA CT128M4SSD2) lying around from a previous project, and a 2TB drive(WD20EARS – apparently a Caviar Green) from another system. I slapped them all together with LVM2 to make one big volume. I’m backing up to a WD My Book 8TB desktop drive connected by USB 3.

I will eventually get something like the Ultrastar to go inside, and the My Book will get shucked and installed in my NAS, and the Caviar Green will get retired to a system that I don’t care about so much (as they have a reputation for failing). I will also likely upgrade to some 3.5″ SATA SSDs and pull the Crucials out to go in something more suited to them.

Case: Antec Mid-Tower Case with 2X USB 3.0 Ports VSK4000E-U3

I don’t need anything fancy in a case. I want something that’s big enough for my motherboard and drives [1]and cpu fan — oh my!. I like steel, although I’ll work with a certain amount of lucite.

This one also sports two USB 3 ports on the front panel, as well as headphone and mic ports. It has three exposable 5¼ in bays for my optical drive (and I could put in a tape drive, floppy with adapter, 5 ¼ in floppy, hot-pluggable hard drive sled, etc.)

In addition to the normal case fan on the back, there’s a place to mount a fan on the side grill, for better air flow.

Everything fit, and although it doesn’t have tool-free drive mounts, it works.

I subsequently found another case that met my needs even better for a bit less, but no regrets.

Keyboard: Cooler Master CK550 V2

I had ordered a Cooler Master SK650, with low-profile Red switches, but the keyboard was defective, and I ordered the CK550 to use while waiting for the SK650 to be RMAed. I like the feel and accuracy of the CK550 a lot. It’s noisier than the SK650, but that’s a trade-off I’m willing to make for a keyboard that types what I want it to type.

The backlighting is a lot more useful than the backlighting on my dinosaur Saitek Eclipse II keyboard, where the lighting was more like mood lighting. It didn’t actually help me to discern letter shapes on the keycaps. In addition, the inclusion of a key puller allowed me to physically move the Control, Alt, and Super keycaps to the places where I actually have them mapped.

I’m keeping the SK650 for now, and it will likely be my travel keyboard, as it has a nice velour bag to travel in, has a detachable USB-C cable (for better packing and less travel stress on the cable) and is lower profile, but even after it came back from the RMA it’s a bit too soft and I tend to repeat bottom-row keys.

Pointing Device: Kensington Expert Mouse

For several years, I have preferred trackballs to mice. I find they bother my broken right wrist less, and they work better than mice on the cluttered desk that always manages to be my work surface. The Expert Mouse has a large ball, which is great for control over large or small distances. The ring around the ball is also nice, as it makes scrolling easier (especially in this new era where software designers hate scroll bars).

Back in the day, there were several companies that made replacement balls for these trackballs (55mm ball, if you’re looking) that were either novelty (8-ball is what I remember, specifically) or of differing weights. I have found someone who still sells replacement balls, but although I have a tendency to drop mine, and have it roll who knows where, I haven’t needed to replace it.

The trackball is optical, so rather than having oil accumulate on the rollers, it tends to have lint accumulate on the sensor. This is easily dealt with, as the ball lifts out easily, and you can blow out the lint in a moment.

I use the USB version, FWIW. Wireless means either constant recharging or replacing batteries when it’s least convenient. Wired means it’s always the fluff when my “mouse” starts behaving erratically.

Also, while the trackball has four buttons, I only use three (currently). When I played WOW I had all four buttons mapped to various things, but I never generally used even the third button until I switched to Linux. Now, I’m addicted to inserting selected text without using the clipboard buffer…

It appears that Logitech has a trackball that also uses a 55mm ball, although it’s not centered (it’s placed under the thumb in a more mouse-like enclosure). That might be better for accessing the buttons. Certainly one reason I haven’t explored the use of the fourth button is that it’s awkward to access.

I like the idea of a multi-touch trackpad, but I haven’t seen a solution that wows me for a price I’m willing to experiment at, so… This is also why I use keyboards with numeric keypads — I would be happy to use a tenkeyless with an external pad, but I haven’t seen a pad that encourages me to spend money on it.

Some people may note that in certain cases I’ve bought something where there’s a comparable product for less money. A lot of the time, that’s because the comparable product is made by a Chinese company. I can’t always control if something is made in China (sourcing is not always straightforward) and I sometimes get tired and just buy what I’ve been able to find. However, I’ve made a decision to avoid the products of Chinese companies when I can[2]which is not the same as “when they’re no more expensive” given the slave labor and predatory practices of that government. When they violated Hong Kong’s autonomy and the big companies like Apple and Google just shrugged is when I decided that I needed to be more proactive. While I do currently have a Motorola phone, and while I like its features, it will be my last. AT&T kindly sent me a Samsung Galaxy S9 to replace it (although the S9 doesn’t have dual SIM slots), and I may end up transitioning to the S9. In any case, that’s the reasoning behind some of the product choices.

I would be happy to put in links to the products, if that’s desired, although you can search as easily as I can. The way technology companies move, a lot of it is already discontinued, though it’s not very old. Also, if I do put in links, I’ll probably try to figure out how to make them affiliate links, so that I can maybe get some money out of this thing. Anyway, it’s worth dropping a comment, maybe.

Next time, I may talk about my monitors and usb hubs, network hardware, VESA mounts, etc.

References

References
1 and cpu fan — oh my!
2 which is not the same as “when they’re no more expensive”

More Tools

2MHost – Web Hosting

For many years now, I’ve maintained my own domain for a variety of reasons. One of the biggest is that I find it very unprofessional for a business to use gmail.com or outlook.com or some other domain for their emails, and a website that is basically a personal site (domain.com/~mybusiness) feels shoddy. It’s also nice to be able to create email accounts and email forwarders — more on that later.

For my hosting, I’ve been using 2MHost.com. Although they advertise rates as low as $2.75/month, they actually have an even cheaper option. They do free SSL certificates (to get the coveted “lock” icon in the address bar, and end-to-end encryption of traffic) and have a number of other perks. Monthly bandwidth is “unlimited”[1]Unreasonable traffic will be flagged and they have a nice webapp installer (including WordPress).

I have found their customer service to be responsive and helpful.

I believe their datacenters are in the US. I have been very pleased with their policy of always renewing at the same price. If it’s a good deal today, it’s likely to remain so.

NameSilo – Domain Name Services

While 2MHost provides Domain Name Registration, I use NameSilo for my registrations. Part of the reason is that I was using them before 2MHost offered the service. Part of the reason is compartmentalization. I prefer not to put all of my eggs in one basket in order to make changes easier. I’ve changed hosts a number of times before settling on 2MHost. Having control of the domain registration separately from the hosting makes that easier.

OwnCloud – Self-Hosted Cloud Services

I previously used NextCloud for my self-hosted cloud services, but something in my server setup changed, and it wasn’t working. OwnCloud is a separate fork of NextCloud [2]technically the other way around, and both are offered in the software installation section of 2MHost. OwnCloud allows me to host my password database on a server that I control, and it also gives me address book and calendar options that are mine. There are other things it can do, some of which are limited by my host (which has graciously grandfathered my “unlimited” account, so limits it to “typical” webhost traffic and use).

Enpass – Password Management

If you’re not using a password management tool, you should be. Enpass is nearly perfect for what I want. It keeps the passwords in an encrypted vault, it has browser plugins, and it even has an Android app with integration to fill passwords in other apps.

The Desktop app is free, and as I noted above, you can easily sync passwords among desktop computers using a service like OwnCloud. (It also works with corporate cloud options, if that’s your thing.) However, if you want to use their cloud, it will cost you from $2-$4/month, depending upon whether you want the individual or the family plan. If you think you’d use it for longer than a few years, it might be worth paying the $80 lifetime license. The one thing you wouldn’t get with that is the easy sharing of passwords with other users, but since you can make multiple vaults, that can be worked around.

I got the license during the beta period, so it didn’t cost me $80. To be honest, I don’t know if I’d pay for it now[3]although I did pay for 1Password on Mac for years. In any case, it’s very flexible, allows me to import my software licenses from 1Password, and generates strong passwords.

Because you can create templates, you can also manage other sensitive information. I will admit that, at least using Brave as my browser, Enpass isn’t good at filling in credit card information. However, it keeps it handy, and I can easily copy and paste from the Enpass window.

Quite frankly, if it weren’t for the license fee, I would recommend Enpass without any hesitation as the Password Manager you should be using.[4]I’ve tried to use and like KeePass and Bitwarden, but the latter is hard (for me) to self-host, and KeePass is difficult to sync. Neither of them is as nice for non-password data as Enpass (or … Continue reading

Brave – Web Browser

Since I mentioned Brave, I’ll say I think everyone should use Brave as their browser. It uses Chromium as its engine, so it’s compatible with most of the sites you want to use, but it comes installed with ad and tracker blocking. In addition, it uses a Basic Attention Token (BAT) crypto-currency — paying you to opt-in to non-tracking ads, and then using that currency to pay tips to sites that you choose. You won’t “get rich from surfing the web”, but it’s a better model than the standard one, which too often tries to install malware on your computer.

Brave supports Chrome plugins, so Enpass (and KeePass and Bitwarden) all work, and it supports Chromium’s multiple profile structure, so you can work even harder to keep certain companies from tracking all of your activity. It’s also helpful for, for example, staying logged in to github on two different accounts at the same time, or using a business Youtube account in one profile and a personal one in another.

Brave also has its own secure sync, so you can sync bookmarks[5]Separate lists for separate profiles and even load pages that are being viewed on a different synced device (including mobile).

Brave supports private windows, multiple search engines (I use both Brave’s own search and DuckDuckGo, for the most part), built-in Tor and Torrent support, etc. The built-in tracking and add protection is claimed to save bandwidth and time: my browser tells me it’s saved me 2.02GB of bandwidth and 1.2 hours of time by blocking 88,783 trackers and ads.

While you can “lower the shields” to use Brave without protection if needed (you can always do it in a private window, if you like), it’s been fascinating to see that, for example, AT&T wants to load 20-some trackers and ads in my browser before it will let me pay my bill.

Well, this update was kind of wordy, so I’ll leave it at that for now. Next time, maybe I’ll talk about my fitness tracker.

References

References
1 Unreasonable traffic will be flagged
2 technically the other way around
3 although I did pay for 1Password on Mac for years
4 I’ve tried to use and like KeePass and Bitwarden, but the latter is hard (for me) to self-host, and KeePass is difficult to sync. Neither of them is as nice for non-password data as Enpass (or 1Password) is.
5 Separate lists for separate profiles