Tuesday, 8 March 2016

Digital Spring Cleaning

We're heading into autumn here, but whatever.

I've taken advantage of my change in focus to have a massive clean-up of my data. A whole lot of email and files related to Web stuff I just deleted. After that, it was pretty easy to completely clear my inbox. The hardest part was that to honestly clear it I had to fix a gnarly rr bug breaking Samba tests. For the first time ever, maybe, I went through all my email filters and unsubscribed from almost every email list I was filtering, and removed the filters.

I bought a Yubikey and transferred all my TOTP-using accounts to it. That makes me feel more secure than keeping them on a smartphone. Speaking of which, I need to buy a new Android phone to replace this Nexus S so I can actually get security updates.

I renamed my blog. "Well, I'm Back" might have been confusing for people.


  1. Inbox Zero doesn't require you to _do_ everything in your inbox. "Defer" is also an option. But well done for fixing the bug anyway :-)

  2. I got a couple Yubikeys recently (one for backup if the primary is lost) with the thought of setting them up with things, but it hasn't been quite as pleasant as hoped.

    Google seems to require you have specifically a phone to set up 2FA initially (even if you want to use Yubikey exclusively after that), and it doesn't appear a phone number (that can receive calls but not texts) suffices. Meanwhile, Github's support (if using a Yubikey) requires more than entering a Yubikey OTP in a text field, namely FIDO U2F browser APIs, and so doesn't work with Firefox at all. (Talk about browser lock-in!)

    MIT's system, at least, was the straightforward fill-in-a-text-field process. But they (and Mozilla's 2FA before it) are thus far the only 2FA systems I've used with Yubikey that worked without complications for me.

    1. Oh, and it looks like Google does the Github-style thing with Chrome lock-in, if I read the description of the process correctly. Shocker!