Using a Windows 10 and SurfaceBook with Performance Base…The first week

Well, for a variety of reasons, I’m using the Windows 10 and SurfaceBook with Performance Base (what a name?!). Anyway, here are the key learnings:

  1. The gooseneck thing is a little weird to use in actual practice. It doesn’t fold down flat and you want move the screen all the way back.
  2. I’m an idiot and finding the power button was really confusing. I kept pressing keys on the keyboard before finally realizing the power is a nearly invisible button at the top.
  3. The brightness is the same way, I’m sure there is a button for it, but it isn’t anything on the keyboard. I suspect it is those two buttons I never touch at the top of the screen.
  4. The power supply is a strange connector. Sigh, I’ve actually gotten used to USB C charging everything (how quickly things change and love the way my Nexus 5 and and MacBook Pro 2016 can share a charger).
  5. Extra chargers by the way are hard to figure out. But it looks like there are several 65 watt power supplies out there. Microsoft makes one for $99 but $30 for a clone sounds way better.
  6. The Pen I haven’t used yet, but there is no place to store it, It is nice it hooks to the tablet magnetically, but otherwise I’m not sure how to do it.
  7. Detaching the tablet isn’t obvious at all. There is a button as it turns out on the keyboard, but it is hard to figure out where it.
  8. The fit and finish…well, let’s say I’ve gotten use to the tight tolerances of MacBook Pros. The keyboard seems to rattle a bit.
  9. The coolest feature (for developers) is buried though, turn on the Developer Mode and then type in bash and you get a Ubuntu subsytem. You can apt-get to your hearts content. Wow, this is sort of like having a Unix development environment in Windows.
  10. The search thing actually is useful which is great because I remain really confused about where settings live.
  11. The Hello face recognition is cool, but does take setup.

Quick guide to making your Mac safe

Well now that we don’t have privacy, here’s a quick review of what to do to harden your Mac:

  1. Install 1Password using Dropbox because it’s a pain to remember all the passwords.
  2. Turn on System Preferences/Security & Privacy/FileVault. This encrypts your hard disk, so in evil hands, they at least need your password.
  3. Turn on System Preferences/Security & Privacy/Firewall. This keeps some of the bad things out
  4. Download and install Sophos for Home a free antivirus package
  5. Download and install Adguard to keep ads out. You can uninstall individual browser pieces, but if you do not want a system level thing, then use uBlock Origins.
  6. Download and install DNSCrypt to make your DNS queries private
  7. Download and install Private Internet Access
  8. Make Startpage your search engine on your browser to mask your queries

From Vi to Atom Vim-Mode

OK, I admit it I mainly use Vi for editing mainly because it is just so fast to edit things from the keyboard. You don’t ever need to leave the keyboard when moving around. It is arcane and terrible yet, I actually got running (thanks syntactic) an coding environment that let’s you lint and then run through javascript and python code.

But there has to be something newer, I’ve tried sublime and I’ve tried slickedit, but I was looking for something more new age. What the heck, I saw Dean ask on Facebook and atom came up quite a lot, so now I’m trying to figure out how to use it. First some great things:

  1. Type atom foo.txt actually works from the command line. Seems like a small thing, but nice to CMD-W and then get back to the terminal window. Turns out that like Emacs and other modeless editors, Atom does have some big keys like CTRL-SHIFT-W to select a word, so eventually I’ll memorize those instead of yW 🙂
  2. There is a vim mode so I can still use my favorite keys, although you still can’t those fancy g/test/s//foo/g commands at least I haven’t found out how. I normally do this way more than graphical edits.
  3. They have a zillion packages and a nice apm modeled after npm to manage it.

Unifi Tips and Tricks

I’ve got now five homes where I’m helping folks run their networks. Unifi is pretty awesome because you can configure the AP at home and then take it to someone and it is completely configured for them. It is so unlikely that a regular human can figure out the access point systems, so it is better to preconfigure and then wrap it up.

The UniFi software is pretty weird and hard to figure out. Here are the tips:

  1. You download a UniFi console and it becomes the center. All Access points connect to a single computer. They will operate on their own, but they are linked to that computer. Even if this is just a laptop, the good news is that you can configure and if they can’t find that console they just keep running.
  2. The UniFi console is actually an application that runs on socket 8443, so you use a web browser (Chrome seems to work best) to use it. So when you start, you get a small little box that says, launch browser
  3. The application itself is pretty confusing. The upper right has the “Site” id. The idea is that each site has a different layout.
  4. You need to click on the upper right click the + sign and then you create one. Deleting one is really confusing because there is no delete button instead when you go to a Site, you click on the setting icon on the lower left as a gear icon and then you will see delete at the bottom.
  5. Finally within each site, you can setup a network group. You can attach any number of Wifi networks against any site. So for instance, if you have a work network set and a home network set then you can have multiple sites with just work, just home or both.
  6. Finally the APs themselves are linux boxes, they have an ssh port and have a single password set against them. You need to store this in 1Password or somewhere because that is how you get in to reprovision the APs.
  7. And when you want to use another laptop, you need to make sure that you have done a backup which creates a INF file and you can use that to restore the whole setup.

Ad Blockers for Safari

Well with privacy always under assault, besides a VPN, you need an Adblocker and tracking masker. Here are some choices:

  1. Ublock Origins. This isn’t regular Ublock (which isn’t developed anymore), but a new fork that has a Safari build.
  2. Adguard is another one which gets good user reviews

Then the ones that are questionable as they leak information:

  1. Ghostery. They sell your information apparently
  2. Adblock Plus. The one that is the most popular but they let ads through as it’s their business model.

Another question is what about tracking blockers. Well things like Ghostery seem superfluous if you have an Adblock.

Then if you are a power geek, installed JS Blocker, then you get to block specific chunks of Javascript.

Protecting your Privacy from your ISP

Now that there are no limits for ISPs on reselling your personal browsing and other information. What can a person do. Well the easy things are:

  1. Buy a VPN. You need a reputable one. I’ve used Private Internet Access for years and they seem pretty reliable. The main issue is that with iPhones as you traverse networks, the application gets confused and you have to toggle on and off. Also the Mac application can get hung and not allow any connections at all and requires a reboot. Most of the time, though it works fine. Another service we’ve used is ExpressVPN. This one seems to confuse the Mac local networking though, so you can’t see any of your devices. Also beware that on an iPhone it makes it looks like you are always on Wifi, so unless you have an unlimited plan, it is pretty unusable on an iPhone.
  2. Install on all your devices. This is the painful part because it has to be up and going on all your mobile devices.
  3. Install on your router. You should see if this is possible, but some routers allow you to setup a connection from there. The main issue is that if this gets hung, you have to know how to unwedge it.
  4. Install 1Blocker and other Ad Blockers. Not really really related to this, but it is a good idea.
  5. Install opennicproject.org DNS servers, these nasty ISPs track your DNS requests, so you have to spoof that too. If you are on a VPN, this is automatically done, but you have to do this for all your machines as well for those times when you are not on a VPN. DNSCrypt is a tool that you can use for this and it works pretty well although Cisco bought DNSCrypt so who knows how long that will last.

Chevrolet Bolt Oddities

Well, if you are a Chevy Bolt owner and wonder what all those parameters mean, here’s a little bit of a decoder ring (it is incredible in this day and age that even with all that infotainment, there isn’t a simple thing like a Tooltip to tell you what a setting means), but fortunately there are forums:

  1. Hilltop Reserve. I had mistakenly thought this had something to do with hill climbing, but it is incredibly misnamed. What it means is that if you live at the top of a monster hill, the thing will only charge to 90%, so that as you coast downhill you will get more free charge. Now doing that math, this would be a 6kWh hill, so you in other words, it had better be an hour down hill. The side benefit is that it only charges the battery to 90% which helps long term battery life. Just remember to turn this off when you are going on a long, long trip and need the extra 10% (about 24 miles).
  2. Android Auto. Man this is a strange mode, it doesn’t seem to work with Nexus 5X with the latest Android. Not clear why, I wish these modes had some debugging. Also, it make it strange to have the something that has to switch and when you click on it, it detects the phone and then asks if you should switch. Isn’t it obvious if I’ve plugged it in?
  3. Apple CarPlay. What a strange implementation. There is no obvious way to go to the home of the overall system. You just have hit the hard HOME key or go through the Energy system to find it. Plus if you want to open up a non-CarPlay application, Siri refuses to do it even thought it works just fine.

Best Ad Blockers and Private VPNs

Now that there is no more privacy in the US (because ISPs can freely resell all your access information). Here is what you can do to protect yourself:

  1. Get a VPN. There are many that are not so reputable, but Private Internet Access and ExpressVPN seem at least more reputable. You have to load them on each of your computers and mobile devices and they are a bit of a pain, but do mask where you are coming from.
  2. Opennicproject.org. You can use a private DNS server as well. ISPs can see what you are accessing from your DNS queries, so you do not want to use an ISP or carrier CNS.
  3. Finally get an ad blocker so that at least some of the data is hidden.

This probably a lost cause, but might as well make it a bit harder for people to track everything that you do.