I’ve been trying out Skype 5 for Mac for the past few weeks to see if it’s really as bad as people say. I don’t use Skype very often so the new interface didn’t bother me so much, but there were some things that really stood out to me and were unpleasant.

This is what Skype 5 looks like on my desktop. This is the smallest that I can make it. Why can’t I make the window even smaller? Probably because of all the whitespace being wasted. To analyze this, let’s just focus on the Skype window itself.

Most of my contact’s names are cut off here, and this is the widest that I can expand the name column. The width of the status column is fixed and over half of it is whitespace.

My suggestion here is to first cut the width of the status column in half, and then give me back that extra width by letting my expand the name column even wider. Secondly, give me the option to disable both the contact picture and the status message. I don’t see a point in having the contact picture, and it’s completely redundant for it to tell me in writing that someone is online when there is already an online icon right there (also, I don’t particularly care to see other people’s self-updated messages).

Just making these changes should make it much easier to see who I’m talking to because then I can read their name, and maybe will even shrink the minimum size of the main window.

Oh, and one more thing:

Changing view tabs resets all of the column sizes. Please make these sizes persist.

Edit: I’m not a designer, but I think it looks terrible that Skype Home is cut off at the smallest left-pane width. Maybe this could just be simply renamed Home? Better yet, let me disable the text and just keep the icons.

Happy New Year! Or in German: Frohes Neues.

I’ve completely redesigned the look of this website, again. I’m really happy with this design this time. Unlike the other two designs that were here, I did this one completely from scratch. I didn’t use another website as a guide like in the first design, and I didn’t copy another website like I did the previous design. The only tool I used was 960 Gridder to meticulously line up all the elements vertically to create a nice vertical rhythm.

Also, I’ve moved the blog from ericnchen.com to sudoeric.com, no reason really.

The Stratum Security Blog has a pretty good guide on how to set up a personal VPN on Amazon EC2. I’ve been using my EC2 VPN for several months now without any problems, and best of all: it’s free.

I can activate my VPN using Tunnelblick to give me system wide tunneling, good for when I’m using untrusted networks, or I can simply forward a single port if I need to be more surgical.

$ ssh -ND 3787 -i /path/to/key.pem user@amazon.com

The latter option is needed, for example, when I want to do any work on my university’s supercomputer (one can not ssh into it without being on a university network), but still want to have a tunnel open to access things that I can’t access from my country.

I recently discovered that the native Terminal (OS X) application doesn’t do vertical splits, so I decided to look for something that does (up until this point, I just had multiple windows arranged side-by-side). This led me to iTerm2. I’m really digging the quick shortcuts to split and maximize screens, and I especially like that the fullscreen mode isn’t the OS X Lion type where it takes over the entire computer.

Here you can see a real life screenshot of me using it with multiple splits at the same time in fullscreen mode.

A better writeup of iTerm2 can be found here.

I already talked about system encryption, which will secure all of the data on your harddrive, but what about securing your data online? We’re putting more and more things online now, yet most people fail at protecting them. Even worse, a lot of people use the same weak passwords on multiple websites.

To be as safe as possible, one should use a randomly generated password full of letters, numbers, and symbols, as long as possible. Even then, your data is only as safe as the security of the website in question (which is why you shouldn’t use the same password on multiple websites, in case one website is compromised).

But using a different randomized password for every website is so confusing! How do you remember them all? You don’t. You let a password manager remember them for you.

I’ve been using 1Password on my MacBook Pro for a while now. With it, I can easily generate a randomized 50 character password and automatically save them. When I need to log in to a website, I just press the shortcut key to have my details automatically filled in. The only password I need to remember, and the only password I actually know, is the the password I made to lock and unlock my 1Password keychain.

That said, I went through and purged my 1Password keychain today and changed every password that was left. Most websites gave me no troubles in creating strong passwords, but quite a few complained about my passwords being too long or that I was using illegal characters. I just don’t understand why banking websites would limit my password strength by posing arbitrarily low character limits and declaring common symbols to be illegal.

Bank of America, Wells Fargo, PayPal, I’m looking at you.

One last thing: when websites ask for a security question and answer, treat this field as yet another password. It’s extremely easy to find out information such as first grade teacher or mother's maiden name. Instead, choose an arbitrary question and generate another 50 character password for it.

I’m going to go through how to install Arch Linux on an encrypted disk. Arch is a simple, lightweight [Linux] distribution that leaves you with nothing more than a terminal, and disk encryption is something everyone should utilize to protect their data.

To better explain why you should use disk encryption—without it, anyone who gets their hands on your computer will have access to everything stored on it. This is more realistic than it seems because most of us have laptops that we take everywhere and it’s quite easy to forget it in public places.

With disk encryption, the data on a harddrive will look like random noise, unless it’s decrypted with a password. We should first write over the entire harddrive with random noise, effectively making it impossible to tell if there’s even legitimate data on the disk. This guide explains how to do that.

Next, download and prepare the installation media, then boot into it and log in.

If this doesn’t look like Linux to you then it’s because it’s not. I’m connected to the computer that I want to install Arch on through ssh on my MacBook Pro, ergo it looks like I’m on a Mac, but everything within the screen should be just as you see it.

First, the harddrive needs to be partitioned. Type cfdisk and press enter.

You’ll use it to make two primary partitions: an unencrypted boot partition at the beginning of the disk, and an LVM partition that we’ll further partition and encrypt later. The boot partition doesn’t need to be big, just 100 MB will do. Be sure to toggle the bootable flag, and set the type to 83 (Linux). The other partition should not be set as bootable, and the type should be set as 8E (Linux LVM). Write the partition table to disk and then quit the program.

Back at the prompt, encrypt the LVM partition with the following commands:

$ modprobe dm_mod
$ cryptsetup -c aes-xts-plain -y -s 512 luksFormat /dev/sda2

The first command loads the encryption module and the second encrypts the LVM partition. You’ll be asked to choose a password, the same one you’ll use to decrypt your harddrive with. It is important to pick a good password and to not lose it as there is absolutely no way to recover data from your harddrive if you lose this password.

Once encrypted, it needs to be opened so that (logical) partitions for Linux can be set up. There are many ways to partition for Linux, but for now just make three partitions: root (10 GB), swap (8 GB), and home (the rest). I chose 10 GB for root because that should be more than enough, and 8 GB for swap because I just doubled the size of my RAM (a general guideline).

Enter the commands:

$ cryptsetup luksOpen /dev/sda2 lvm
$ lvm pvcreate /dev/mapper/lvm
$ lvm vgcreate vgroup /dev/mapper/lvm
$ lvm lvcreate -L 10G -n root vgroup
$ lvm lvcreate -L 8G -n swap vgroup
$ lvm lvcreate -l 100%FREE -n home vgroup

Now that this is done, start the Arch installer by entering /arch/setup into the prompt.

First, select a source by choosing a mirror within your country.

The next screen asks you to setup your network (I hope you’re not using WLAN because I don’t know what to tell you if you are). Choose eth0 as your interface and say yes to DHCP.

Then you’ll be asked to choose a text editor. I chose vi because I use Vim. If you’ve never used Vi or Vim before, choose nano.

Once a text editor is chosen, you can setup your date and time. This one is simple—just choose your region/timezone and select UTC when asked. You’ll be asked to confirm the time.

The next step, prepare hard drive(s), is where you have to start paying attention. Select the option to manually configure block devices and chose to do so by dev.

Start by choosing the first partition, /dev/sda1 raw. This is the boot partition that you made, so select /boot at the next window.

It’ll ask you if you want to (re)create the filesystem—say yes and choose ext2.

Enter boot as a label (without the quotation marks) and enter nothing for additional options and you’ll return back to the first screen.

Now, setup the other three drives in a similar fashion with the following exceptions: for the root and home drives use ext4 and for the swap drive use swap.

Return to the main menu and start selecting packages.

Choose grub as your bootloader, then just press OK at the next screen. The screen after that shows you all the packages that are available. Feel free to look around and read the descriptions, but I suggest you don’t choose anything here and just press OK to install the default packages.

Now, the system needs to be configured.

These are all configuration files that control how Arch operates. Take a look through all of them, but the important ones are /etc/rc.conf and /etc/mkinitcpio.conf.

In /etc/rc.conf, change USELVM="no" to USELVM="yes", and then choose a hostname for your computer. I chose godunov.

In /etc/mkinitcpio.conf, add encrypt lvm2 to the HOOKS line before filesystems.

In /etc/pacman.d/mirrorlist, uncomment out some more mirrors in your country and move on to installing the bootloader. It’ll ask you to edit a file—this is the most important step, otherwise your computer will not boot.

There are two lines that begin with kernel. You need to add cryptdevice=/dev/sda2:vgroup right after vgroup-root, in both instances.

Choose to install the bootloader onto /dev/sda and exit. Arch is now installed (finally), but there’s some more housekeeping to do.

Back at the terminal, type reboot to reboot your computer. If you did the system encryption properly, it should stop and ask you for a password. This is the system password that you choose.

Log in as root with the root password that you made during installation. It’s very dangerous to log in as operate as root, so make a new user with the following command:

$ useradd -m -g users -G audio,optical,storage,video,wheel,power -s /bin/bash username

This will create a new user called username and add him to the group users and the additional groups listed (audio, optical, and so on). The -s /bin/bash option sets bash as the default shell for this new user. By default, a password isn’t set, so type passwd username to set a password. Now you can log out of root and log back in with your new username and password.

Finished.

Although Arch is now installed, this is just the beginning. There’s still obviously so much more that can be done that I won’t get into, because this guide is just menat to be a starting point. For more information, read the ArchWiki.

I have access to, and regularly use, four computers, and before today, it was a total mess because I never took the time to standardize my work environment.

This left me with my laptop and personal server using bash, my work desktop using tcsh, and my university’s supercomputer using zsh, all with different configuration files. In addition, I didn’t have a vimrc file on my server, and the vimrc file I had on my other three computers were all different and contained settings that were added on an as needed basis.

I decided that enough was enough and finally did something about it. First, I switched all my machines to bash. Then I consolidated all of my various shell and Vim configuration files. Finally, I created a git repository to host them.

This is actually the second time that I’ve said Hello World on this website and hopefully it’ll be the last.

This time, this website is powered by Jekyll, a simple, blog aware, static site generator. Unlike other blogging platforms like WordPress and Movable Type where everything is stored in a database, Jekyll posts are stored as plain text files in Markdown format. Jekyll then does its magic and converts everything into static HTML files. From there, I simply commit and push it to GitHub for version control, and then rsync the generated website to my web host.