contact Me

Use the form on the right to contact me.

You are welcome, to contact me regarding the topics of this page, my open source projects, or my work. Please use the contact form and leave a valid email address for me to respond to.

Thank you.

Egidestr. 9
44892 Bochum
Germany

render01.png

/brain/dump

Random thoughts, bright ideas and interesting experiments. In short the ramblings of a fulltime nerd.

 

On the road with an external display

Jakob Westhoff

Due to my job I am quite often on the road. Sitting in trains or airplanes, as well as working from a customers office for one or two days are situations, which happen quite often to me. Of course when at a customer I could ask for workspace with a separate monitor, which I could attach to my laptop, but most of the time this is just to much hassle.

During our last Hackathon Thomas Weinert showed me a portable external screen, the Asus MB168B+. It's a light weight 15" screen with a full hd (1920x1080) resolution. The display is connected using an USB 3.0 port. The connection is used for data as well as power transfer. Therefore only one cable is needed between the display and my laptop. The displays maximum brightness is quite sufficient to be comfortably used in all environments I encountered with it so far.

The picture transfer using USB 3.0 is realized using a DisplayLink chipset. Delays between separate refresh cycles, as well as the perceived frame rate is enough for normal day to day work. In most situations you don't notice any encoding or processing delay. I haven't tested it, but I am quite sure gaming is not an option with this display. However watching a video on it works quite well.

The display is shipped including a travel case. In addition to being the displays transport protection it serves as a stand. Using the case two different inclinations can be achieved for the screen. It is a good fit and has a firm stand within the case.

This stand takes up quite a lot of space behind the screen, as the whole case needs to lie on the table. After a short research session I therefore ordered an Amazon Basics Tablet Stand, which is a perfect fit for the display as well. It is small, provides a firm stand and is completely adjustable.

I really much enjoy the combination of display and stand. I wouldn't want to miss my second display anymore, when I am on the road.

OSX Full Disk Encryption separated from your User Account

Jakob Westhoff

Using Apples FileVault as a full disk encryption solution for my notebook, I quickly had to realize, that Apple associates the encryption key with your user account for convenience reasons. This is done, by storing the HDD encryption key within your keychain, which is afterwards encrypted with your account password.

This technique allows for a lot of comfort, which may not easily be realized if the hdd encryption password would be separated from your account. Apple for example allows multiple users on the same machine to have the rights to decrypt the HDD. Furthermore a Recovery Key can be generated and stored with Apple, which allows to decrypt the HDD should you forget your account password. Other features include the usage of Institution keys, which allow business laptops to be decrypted utilizing either a user account, or a key known to the company.

Regardless of the obvious security implications, which are not part of this article, I don't need any of those features. I am the sole user of my notebook. I don't want or need a recovery key stored at Apple. Furthermore I would love separated HDD encryption and user account keys. I am not really concerned about a Cold boot attack, or someone with evil intentions having physical access to my laptop in a running or standby state. Therefore I would like to have a complex HDD encryption key ideally supported by my YubiKey. My user account password on the other hand may be a lot less complex, allowing me to easily enter it to unlock my system, while still providing reasonable security.

Full Disk Encryption without FileVault

After some research I found a way to utilize full disk encryption without using the full FileVault stack. As FileVault essentially is nothing else, then a 128bit AES encryption using XTS for block chaining, with all the mentioned comfort features on top, it is not more or less secure, then an encrypted manually created CoreStorage device.

Some time ago I realized, that I was able to boot from an encrypted external drive, which holds a mirror of my system. Trying to boot from this device I am asked for the encryption passphrase of the disk. Once I provided that OSX boots to the usual login screen allowing me to enter my user credentials.

I thought if this is working with external drives it will most likely work with my internal drive as well.

Converting your HDD to an encrypted CoreStorage device

In order to utilize simple full disk encryption without FileVault on top the first thing needed is an unencrypted hard drive. Therefore if FileVault is active on your system you first need to disable it.

After FileVault has been disabled you need to reboot your system to have a fully decrypted clean state again.

Once your system is ready for usage again. Open up Applications -> Utilities -> Terminal. Having a command console at your fingertips the first info required is the device name of your boot volume. Issuing the following command will output everything needed:

$ diskutil list

Look for a device with the size of your main drive, as well as the filesystem TYPE Apple_HFS. Disconnecting external devices before issuing the command may help to reduce the noise of the output. Once you found your main device note down its IDENTIFIER. In my case this is disk0s2.

Next up is moving the device over to CoreStorage, while enabling encryption again. Please make sure you have a backup of all your relevant data before continuing, in case anything goes wrong.

The following command will mark the hard disk for encryption again:

$ diskutil cs convert /dev/disk0s2 -stdinpassphrase

You will be prompted for the passphrase to be used for encryption. There will be no retype check. You will only be prompted once. Therefore be careful while entering the password to ensure it is correct. After you are back at the command prompt, reboot your system again in order to start the encryption process. During reboot you will be asked for your Disk Password. Once entered the system will boot up to your usual login screen.

Congratulations you have now encrypted your disk with a different key then the one used for your user account. Actually the encryption is still running in the background at this point. The current progress can be accessed using the diskutil cs list command. Look for the Conversion Progress property in the provided output.

Conclusion

I hope this solution is working for you as well as it has been for me. Currently I have only tested this in OSX Mavericks. However I don't see any reason, why the same way shouldn't be working with OSX Yosemite as well.

My Desktop Setup

Jakob Westhoff

As the response to my evaluation of iPad keyboards and personal workflow has been very positive I decided to do some kind of follow up. In this post I am going to introduce you to my workspace setup I am using for day to day work.

Retina Macbook Pro 13"

As main workhorse for all my computational needs I am using a Retina Macbook Pro 13" (first generation). I am quite satisfied with its capabilities. Furthermore it is compact and light weight enough to be carried around by me to customers on a regular basis. Instead of having different machines for mobile as well as stationary usage, which required quite some synching effort, I decided to use only one system for both situations years ago. While being at my desk at home I am of course using a lot of additional hardware to make my life easier.

Apple Thunderbold Display 27"

In order to have adequate screen estate I am using a 27" Apple Thunderbold display, which does not only provide me with more pixels, but with several USB ports as well as a gigabit network connection. All of this connected using only a single Thunderbold cable to my laptop. Unfortunately the USB connection is only version 2.0, which is kind of slow with regards to current USB 3.0 being available. But more on this later on.

I am really happy with the display. It definitely is one of the best screens I ever bought with regards to picture quality as well as manufacturing quality. Furthermore it kind of looks good on my desk ;).

Since the day I got this display I thought about buying another one of those for even more screen space. However I decided to wait until the next generation of those displays was released. I always hoped for Apple to incorporate the changes made to the latest iMac model into their displays. Unfortunately this hasn't happened yet. Currently I am hoping for some display with a 4k resolution, or retina, how Apple will most likely call it, to appear in the near future. I would most certainly need a new laptop to power such a display. Nevertheless I think I would invest the money, as the difference between my retina laptop screen and the Thunderbold Display is quite significant. Even though the picture quality of the Thunderbold Display is quite astonishing, as I said earlier.

External USB 3.0 Storage

The storage capabilities of my notebook (256 GB) are usually quite sufficient to hold all kinds of work related applications and documents. However it does not suffice for all my storage needs, when I am at home. In addition to several different Virtual Machines holding all kinds of different browsers and environments, I sometimes need some scratch space for video editing or other work. To solve my storage dilemma I am using several NAS systems, which I might detail in another post in the future, as well as a bunch of external SSDs connected via USB 3.0. While I of course could have used Thunderbold to attach the external storage devices, I decided for USB, for different reasons:

Price

USB 3.0 storage pods are A LOT cheaper than Thunderbold enclosures.

Speed

While being slower than Thunderbold of course the USB 3.0 solution is quite enough for me with regards to speed. My external SSDs provide me with read/write rates between 200 and 270 Mb/sec. That is enough for everything I would like to do with them.

Compatibility

The backwards compatibility of USB 3.0 with USB 2.0 allows me to attach the storage to older hardware, which does not support the newer standard. Cables aren't hard to come by and will most likely be lying around, even if I forgot to pack one. Furthermore USB 3.0 has a lot higher availability than Thunderbold with regards to the hardware ports.

Enclosures

After quite some research I found a neat solution for docking my USB enclosures when being at home, while still allowing me to take them out easily. The Fantec DD-25U3 is an external USB 3.0 enclosure made out of aluminum including a 5.25" docking station. I mounted 4 of those docks on my desk and attached them using 2 ExSys 4-Port USB 3.0 hubs, which are mounted to the desk as well. As the Fantec enclosures use a simple USB 3.0 port for connecting with its dock it is possible to simply take it out and on the road, without the need for any special cable or connection adapters. As I attached everything using USB hubs I only need to connect one extra cable to my laptop in order for everything to work.

SSDs

I put different SSDs inside all of the enclosures. Currently I have one OCZ Vertex 3, one Sandisk Extreme 2 and two Crucial MX100. All of those devices are either sized 256 or 240 GB, as those are most cost effective at the moment. I like the pricing as well as performance of the two MX 100s, which have been my last acquisition.

I am very happy with the whole external solution, as it is the perfect compromise between cost and comfort for me at the moment.

External Blu Ray Drives

In order to be able to read DVDs and Blu-rays I am currently using two Samsung SE-506AB drives. Even though the devices are capable of writing all different kinds of formats as well, I haven't been in need to write a CD, DVD or Blu-ray in ages ;).

Keyboard and Mouse

I am not using any external keyboard with my desktop setup, as I positioned my Macbook in a way allowing me to use its integrated keyboard. However I like using an external mouse while sitting on my desk. The hardware of choice is an Apple Magic Mouse. As I don't want to change the batteries all the time I am employing an Artwizz Induction based Charger. As this product seems to have been discontinued, I asked a friend for a recommendation. He is quite happy with the Mobee Magic Charger, which is essentially the same thing :).

iPhone and iPad Docks

While sitting on my desk I want to have my iPhone as well as my iPad at my fingertips. Furthermore I want them to be connected to a power supply, while they are docked. The docks are supposed to be functional as well as good looking, to fit the overall style of my working environment.

ElevationLab iPhone Dock

Quite some time ago an iPhone 4 dock appeared on Kickstarter. Being worked out of a massive aluminum block it caught my attention. I backed the project, which was created by a company called ElevationLab. Some time later the dock arrived at my doorstep. I am still kind of in love with it. By now there is a new version of the dock which works with newer Lightning cable based iPhones as well. In order to allow the iPhone to be removed with one hand, without holding down the dock with the other, a perfectly fitted sticky pad is provided. The pad fuses the dock to your desk, without leaving any residue behind should it be removed again. The dock itself is available in different colors. The one currently used on my desk is black anodized aluminum.

I have tested quite some iPhone docks over time. The ElevationLab Dock is the best I found so far. Even though it might be a little pricey it is of really high quality. The aluminum finish is optically very appealing, while it is manufactured with high precision.

Daxndox for the iPad

My iPad is hold in position by a Daxndox dock. The dock is precision made by an Austrian company out of ceramics. It is quite heavy and manufactured with high precision as well. In addition to holding the iPad in place, a Lightning cable can be mounted inside the dock to provide it with power, while it is put into it.

I bought the Daxndox not that long ago, but up until now I am very satisfied with it.

The right flow of Air

If you are asking yourself what is standing on the right side of my desk, looking like a black ring on a solid footer, it actually is a fan: A Dyson Air Multiplier AM06. It is a fancy blade less fan. I like this thing, because it provides a nice and coherent flow of air, while being quite silent (at least at lower levels of operation). Furthermore it looks really nice and futuristic, while satisfying the gadget nerd in me ;).

Conclusion

It is my hope that this article inspired you with regards to different technological components, which may be used in conjunction. Maybe there are parts of my setup, which are interesting for you as well. If you are using different solutions, please tell me. I am always interested in optimizing my working environment. If you got any questions regarding the described setup, just post a comment. I will get back to you then.