Damn shortcuts, where are you?
This post is on Hacker News. Join discussion:
Hacker News link
Muscle memory is a powerful thing.
I think it’s safe to assume, that most of us, HN readers, are able to touch type. As a developer, I’m barely aware of saving a file that i’m working on at given time, but it probably happens every 30 seconds or so. That is, until I try to execute non-existing command, or a command that I did not intend to:
It’s been over a month since I started working remotely from my own PC machine instead of office Mac, but still, more often than I’d like to, I find myself trying to hit command+s to save a document/file that I’m currently working on. Obviously, PC’s have alt in place of command key, so hitting that combination and continuing to type code ends up selecting some random option from the menu bar and destroying parts of my work.
Unfortunately, my IDE of choice is not the only place where I’m subconsciously trying to save a document.
The most annoying example is Evernote (web app), used on a regular basis by thousands.
Working on a new blog post draft or describing yet another business idea, I’m hitting ctrl+s on the keyboard to save what I wrote so far and guess what happens? My browser is trying to save the whole page on my disk. Oooops, I just wanted to save changes in my note!
The good example of proper implementation of shortcuts is Gmail.
Whilst typing a new email you can hit ctrl+s and the draft will be saved. But if you hit ctrl+s again, without making any changes to the email, you’ll see good old “save page as” dialog box. I like this solution, as it gives me a shortcut that I often use (that behaves exactly as I expect it to), but also leaves the possibility to trigger original browser action. Well planned, well executed.
Here, at GatherContent headquarters, we applied slightly different stragety, letting users choose if they want to use shortcuts or not, and we’re binding both ctrl+[key] and cmd+[key] at the same time.
Evernote Web is a prime example where simple implementation (it really is simple!) of ctrl+s/cmd+s could work wonders. No one likes to lose their work, definitely not me. Adding ctrl+n for a new note would also be nice, but I’m willing to settle on ctrl+s only if this will make any difference for Evernote developers.
Do you know other popular web apps with good/bad keyboard shortcuts support? Share them in the comments below.
If you read this far, you should follow me on Twitter.
You can also read:
How to Convert Bookmarklet to Chrome Extension
World’s Largest Wi-Fi Network Keeps Passwords in Plain Text
Logging in with QR codes
How to Convert Bookmarklet to Chrome Extension
This post is on Hacker News and Life Hacker. Join discussion:
Hacker News link
Life Hacker link
Click here to use Bookmarklet to Chrome Extension Converter
I ran into the problem of converting from one to another a while ago and all I could find was a bunch of tutorials that didn’t help too much, half of them outdated or with missing pieces of code.
There was no way that simple copy-paste will solve my problem. Surely, I can’t be the only person that has few useful bookmarklets, but want to save up space and hide bookmarks bar altogether.
Now it turns out that I somehow skipped this piece of code that looks pretty similar to code generated by converter, but before that discovery, I thought: I’m a developer, so there is only one reasonable solution to my problem:
I will create my own bookmarklet to Chrome extension converter.
It’s ready and you can find it here. All you have to do is to figure out some clever name and description, drag bookmarklet into textarea and hit “Generate” button.
You can also download zipped source code.
I think it’s pretty good start point to see how simple Chrome extension looks like and develop it further, if you fancy learning basics of something new over the weekend. Want to use your own icon? Replace three png files in the folder and you’re good to go!
If you read this far, you should follow me on Twitter.
You can also read about:
World’s Largest Wi-Fi Network Keeps Passwords in Plain Text
Have you ever heard about FON Community?
I will be surprised if your answer is “no”. It’s world’s largest Wi-Fi network with over 4 million users, as they claim on their website. The idea behind it is pretty simple - you agree to share a fraction of your Wi-Fi signal with the community and in exchange you can access any other Wi-Fi router in the community - with over 4 million users in the network around the world it gives you a pretty good alternative to internet cafe’s/hotel internet if you’re travelling or want to work from park on a nice sunny day.
Check out their coverage map, it’s pretty impressive, at least in UK:
http://maps.fon.com/
Ok, ok, why are you telling me all this?
I’m a member of FON Community myself and recently was trying to log into my account, without luck. I used “Forgotten password” option that is available on pretty much any website that stores users’ credentials. I typed my email address and was expecting to receive an email with randomly generated string as my new password. What I found in my mailbox instead?
It was my old password in plain text! I love the network and use it quite often, but still can’t believe that they keep passwords of 4 million of their users in format that can be easily accessed in (or decrypted to) plain text - something I would expect from a complete amateurs that never gave a single thought to password protection. Shame on you, FON.
I urge you to change your password
if you’re also a member of FON Community. We’ve read enough about websites that keep passwords in plain text. It’s yet another reason to generate unique credentials to each web service we use and store them in some safe place, like 1Password or change the way we’re accessing them, eg. using QR codes.
This post is on Hacker News and Reddit. Join discussion:
Hacker News link
Reddit link
If you read this far, you should follow me on Twitter.
Logging in with QR codes (proof of concept)
Picture the scene:
It’s Monday morning, you’ve arrived to the office, brand new MacBook Air is waiting for you on your desk - the amazing product you’ve been working on flat-out for the last 4 months has just been approved by the client and your boss, being generous enough decided to reward you for all your overtime and working weekends during this period by buying you one of those shiny, sleek machines…
…but, that sounds rather unlikely, let’s go back to reality; It’s Monday morning, your head is quite painful after last night’s party that finished at 5am, and your desktop computer died on Friday afternoon, while you were trying to do as much as possible, before the deadline that has been already moved twice. Bummer.
The broken computer has been replaced by your manager’s private laptop, that by all chance has thousands of suspicious apps, keyloggers and it’s running Vista. Ugh… Now, how do you log into your mailbox or your company’s web app without risking that all your passwords will be stolen and your accounts compromised?
Here comes the QR-logging-in idea:
The said web app is displaying QR code on the login screen, right next to regular username/password login form. You’re taking out your phone, snapping a photo with any QR reader app for your iPhone/Android device and in less than 5 seconds you’re logged into the web app on the computer. No passwords, no hassle. And you didn’t even have to touch the keyboard! After that you can log into another app. And another one. And another…
Do you like this idea? Yeah, me too.
So, how to achieve that?
(you can see a quick proof of concept here)
The main goal was to avoid typing in anything and let users log in from any machine, even the one they haven’t used before, having only their phone within easy reach.
For the purposes of this post I’m assuming that the phone has built-in camera, installed QR reader app, a browser capable of saving cookies and some internet connection (wifi/3g/gprs/whatever). That fits most iPhone/Android/Windows Phone/Blackberry users out there.
As previously mentioned, the web app is showing QR code. The code contains address to the central server + unique identifier of the token that has been assigned by server to the session on the desktop computer. After scanning the code, the phone is opening a page that checks if it has been used with this service before by looking for a cookie containing encrypted information about the user’s credentials (hash of username/user id). The hash is being checked against server’s database and if it’s valid - token in database is being updated with information that the access is granted to user X. Phone shows information that the user has logged to site XYZ. Browser on desktop is constantly checking status of the token and once it says that the user has “logged in” - it’s redirecting to secure part of website. Job done!
What happens if you want to use your phone for the first time?
If the phone is not paired with any user account - the desktop computer will show regular log in form, so it would be good idea to log in first time from machine that you trust. After filling out the log-in form - user can log in automatically, as described above. Want to make it safer (but less convenient) ? Log in form for first time users could be displayed on the phone instead.
This idea could probably work much better than OpenID/BrowserID. Multiple websites could use one centralised system, that would allow user to pair his/her phone once and use it everywhere, without typing anything anywhere. No more typos, no more forgotten username/passwords.
All that said, I believe that QR-logging-in should be an additional way to log into the system, not the only available, because not every user has capable enough phone, also the phone could be lost, discharged etc.
I’d love to hear what you think about this idea, and don’t forget to check out the demo!
The post is on Hacker News and found its way to Reddit, if you like it, then bump it up and join discussion:
Update:
Few people mentioned that the phone could be stolen - if that happens, user could go to a website, log in using regular username/password form and unpair his/her phone with one click.
If you read this far, you should follow me on Twitter.
How to start writing a blog?
It’s 2:37 AM and I’ve just finished writing draft of my first legitimate, technical blog post for self.li ! I have to say it feels really good and it’s huge satisfaction already! Now I hope I won’t run out of enthusiasm and will keep posting regularly. So, going back to main question in this post:
How to start writing a blog?
Honestly, I don’t know ;)
What I do know is that I’ve tried it already 4 times (if memory serves) and each time I failed, mainly due to an overwhelming feeling of pointlessness of the blog. All these previous attempts were focussed on my private life, willingness to document what I’m doing at that specific point in time - to be able to go back in few years time and see how stupid and naive teenager I was, or to write down all my tales and adventures after I changed the country I lived in.
Maybe you’ll notice you have/had the same problem.
I always felt about blogging just like I felt about building websites 6-7 years ago: I had tools, I had resources, I even had knowledge (according to 80/20 Pareto principle) to build things, but I didn’t have any idea WHAT to build!
This time it’s different
I’m going to focus on technical posts, professional part of my life, geekery and gadgets - topics that should be far more interesting and for broader audience than my closest family.
So, without further ado - the self.li blog!
Oh, and don’t forget to follow me on Twitter.
self.li - Peter Legierski - @peterlegierski
