Skip to main content

Jonas Voss

Festive indieweb and selfhosting

3 min read

Holiday is on, and apart from relaxing with the family, I aim to look into a bunch of stuff before I'm back at the factory in January.

My Indieweb life is coming on well, thanks to Known, and the community in London. I attended my first couple of Homebrew Website Club meetups in town in 2018, and although my contributions to the community so far is non-existant, I'm very glad to have met a handful of people to talk indieweb stuff with in person, on a regular basis. I've also logged onto the Indieweb slack/IRC channel where I'm a regular lurker.

One thing I'd like to do is, to import all the posts from my homegrown CMS into Known, so they get equipped with all the indieweb goodness which is part and parcel of Known. I've had comments turned off on my own CMS for years, because I gave up dealing with the deluge of spam coming in through the comments form. I'd like to have comments back. Known has an import feature which will let me import Wordpress RSS-feeds (which my old blog produces), so it should be possible. I did try a few weeks ago and wasn't successful, but I gather with a bit of tinkering I can make it work.

On the selfhosting front I'm very happy with my current inventory (bookmark service from Shaarli, Tiny Tiny RSS for reading feeds, dokuWiki for documenting/notes), but I also want to host more stuff. In particular, I'd like to try to run my own instance of Mattermost. With my current hosting provider, that option is a bit limited. As long as whatever service I want to selfhost has very standard requirements, such as PHP and MySQL, to run, then I'm fine. But I find that more and more of the things I would like to try to selfhost, requires a bit more, such as artisan, go, docker, and a bunch of other things that I either a) never heard of before or b), have heard of before, but have no clue about.

I will sign up for a month of VPS with one of the providers in the field, and try out a few things. It might be overkill, but then at least I'll know I'm in way over my head, and I can return to my shared hosting, and whatever that allows me to install.

Happy holidays (:

Jonas Voss

Space

1 min read

"I wonder if my car will fit in that little parking spot? I better park in the middle to make sure I don't spill over onto the road."

Jonas Voss

Genome the size of an SSD

1 min read

https://en.wikipedia.org/wiki/Genome#Genome_size

HIV can easily fit on a floppy disk.

Jonas Voss

Sticky links - May 7th, 2018

2 min read

  • Take the power back is about how we can work our way back to the independent decentralised internet we were supposed to get. The method? "Changing from passive, to active. From scroll to search, from react to rethink, from like and retweet to write and link."  Also, turns out that teenagers today don't know what browsers or URLs are. To them, a browser is this weird app that sometimes pops up, and URLs are these cryptic things you have to write to go somewhere, it's just bad UX really. Proprietary apps is where the internet is, according to them [insert "old man yells at cloud" image here].
  • Want to leave Facebook, but don't want to lose the easy access to your friends, relatives and acquaintances? Do you also find it a bit FOMO inducing to leave it all behind? How about making it not worth going there in the first place? I followed a tip on Quora to effectively unfollow everybody in my newsfeed. Now, even when I load Facebook, my feed is empty, but I can keep Facebook as my interactive, self-correcting address book, which it is still very good at.
  • Last time I recommended installing EFF's Privacy Badger. I should have also recommended the Disconnect browser extension, which stops a lot of trackers from working on the sites you visit.
  • In Cuba, where internet penetration is at 5%, the Sneakernet is one of the most efficient ways of getting information to the rural areas. It's pretty much a weekly "Best of the Internet" on a USB stick that gets distributed around the country. It's called "El Paquete Setimanal", and shows what a curated, infrastructure-less internet can look like. You can see a directory of what was in the one from October 10th, 2016. Informational 7 mins YouTube video on the topic. Academic paper on Cuba's offline internet.
  • Do you think it's ok for your 9-year old to take public transport on their own? If you do it in the US, you might end up getting the Child Protection Services sprung on you by concerned citizens, while in Japan, your kid could be part of a TV show about sending kids on their first errand. The reason? A larger sense of social trust and self-reliance in the latter.

Jonas Voss

Sticky links - April 14, 2018

2 min read

  • Ad nauseam is a browser extension meant to click on all the ads that you come across when browsing the web. The philosophy behind it is, that if you click on all the ads that you come across, the advertising profile that will be built from this data, about you, is useless. You have no characteristics. You like everything. If that kind of stuff is interesting to you, you should read the article “Monkeywrenching the Machine”, it's about how you can make it harder for corporate AIs to mine your data. Both are relevant in this day and age. If you prefer something less reactive, you should install EFF's Privacy Badger in your browser. It minimises how much of your activity is trackable online, by blocking ads and trackers. You can also make some internet noise to confuse data collection algorithms.
  • I recently spent 3 weeks in Costa Rica on vacation. Fascinating country, warm people, and exotic animals. The Costa Rican address system is also exotic. They don’t really have a formal one, as you do in a city like London. One guesthouse we stayed at had the address “200 meters past the intersection with the church, on a particular road, in this town.” Their address system typically uses recognisable landmarks, and navigates you from there via directions. It turns out that 4 billion people in the world, live without an address, and one company trying to tackle this is What 3 Words. They do this by putting a 3mx3m grid over the entire world, and give each square a unique name, which is a combination of 3 words. It’s genius. We should all use it, it’s even good enough for Switzerland! Surprisingly Awesome did an episode on postal addresses worth a listen if you find this interesting.
  • More geography fun. The United States has 10 cities where the population is more than 1 million people. For China, that number is 102. I might know a handful of them. This helped me better understand exactly how populous China is, and how concentrated the population in the US is.

Jonas Voss

When customer support goes bad

11 min read

TL;DR: I supported a Kickstarter project in 2014, and never received my product. When I got pushy on Twitter in 2017, the company blocked me, and stopped responding to my emails and tweets. I'm not the only one in this situation, but what can you actually do, except for posting extremely long and overly detailed posts like the below, to warn everyone else from doing business with lattis.io?

----

The Skylock sounded like a promising product aiming to IoT'ing bikelocks, making them network enabled, more convenient, and safer. Here's their marketing video from 3 years ago: https://www.youtube.com/watch?v=6gyLPjDakAc. Gizmodo loved the idea (https://gizmodo.com/skylock-is-the-bike-lock-of-the-future-and-its-awesome-1576515407), The Verge was similarly excited (https://www.theverge.com/2014/5/15/5718442/skylock-is-a-keyless-solar-powered-bike-lock-that-just-la...)

As a happy bikecommuter having had a few bikes stolen in the past (and liking gadgets very much), I jumped on it as soon as I was made aware of it (by my friend Keith). In August 2014 I contributed money to back the Skylock, a Kickstarter project by Velo Labs, and I was looking forward to getting my sentient bike lock at the planned date. According to the Wayback machine snapshot from August 2014, it was supposed to ship in early 2015 (https://web.archive.org/web/20140807032952/https://skylock.cc/).

In the following year, Velo Labs regularly updated backers and beta users about progress, delays (it quickly became at least 1 year delayed), and roadmap. All things expected from a Kickstarter project.

In late September 2016 Skylock became Ellipse, by Lattis. Velo Labs was out, Lattis was in. The CEO explained the reason for the change, with the following paragraph in an announcement email, which also appeared on their website (https://lattis.io/blogs/posts/introducing-lattis):

We start anew as Lattis because this better captures our enthusiasm for simplifying life through an interconnected network of technologies. It’s bigger than just bikes. We’re here to serve urbanites who take pride in their city and understand their role in making it great. People who embrace design, technology, and change. There will be a lot more coming from us in the near future, so stay tuned.

A week later, I was asked to confirm my shipping details, so they could make sure I was still at the same address I had given when I backed it. I confirmed the details. A week later still, I got an email offering pre-orders for the Ellipse. Not relevant for me, but nevertheless exciting, because it meant they were closer to shipping!

In November 2016 I got an email saying that they had run into some more delays, but that they were sending the locks to the fulfilment centers on the 2nd of December, 2017. After that, it would take around 30 days to get the lock to the new owners. Given the amount of setbacks (remember, initially they operated with an early 2015 shipping date), I conservatively expected the lock to be in my hand by February 2017.

On the 22nd of December 2016 a new holiday email update arrived from Lattis. The first batch of Ellipse locks were now on a freighter on its way to North America, expected to arrive in January. It looked like my guess about a February arrival date for my lock might stick. They hadn't mentioned anything about European shipping dates, so just to be certain, I reach out to them on twitter, and asked them: https://twitter.com/voss/status/811732955525746688 - they replied that batches of the locks leaving the manufacturer in January, would be going to Europe. Shiny!

February 2017 comes around, and I write their support email to hear of any news regarding European shipping dates. I'm told, that demand has been so big, that their vendors couldn't cope with the volume. Still, their first European pre-orders will now start shipping in a few weeks, and I can expect 4-6 week delivery time after shipping, and more information in their next update.

Mid February, another email update rolls around. This time with their shipping schedule. Europe and international shipping will now start in March for the grey and blue lock, while the white lock will start shipping in June. I ordered the grey lock, so March it is for me. I then set my sight on April as the arrival for my lock.

Towards the end of April 2017 another email arrives, saying that they've fulfilled their North American pre-orders for grey and blue locks, and that the white ones will still ship in June. The email continues:

"We’re now shifting our focus to ramp up production and delivery for our customers around the world. We've already shipped out the first batch to our earliest supporters, with the balance of international pre-orders shipping out in batches over the next couple months".

Since I'm one of the early supporters of the Skylock, aka Ellipse (at least I think I am), I set my expectations for the lock to arrive in a few months. I set July as my target.

June 2017 comes around, and just to make sure everything is ok, I reach out to Lattis on twitter (https://twitter.com/voss/status/870962753258835969), and they tell me to get in touch with their support team, to confirm my address. I get in touch with their support (who answers very quickly (<24hrs) and is very helpful), I confirm my address, they say that the address they had for me, was incomplete. That's weird, because I had just confirmed it in October when they asked me to do so. They tell me they will make sure that my lock will be sent out in the next batch in July, and that I will receive a tracking number along with shipping notification when it happens.

And then, things started to get strange.

July 2017 is silent, both on email and their website, no updates. August 2017 comes around, and I write support to ask for an update on my shipment, as I haven't received a tracking number or a shipping notification yet. Support now takes 5 days to reply, and explain that their international shipping has been paused until further notice. They are in the process of hiring a new shipping company, and will let customers know when shipping resumes. I'm then offered to cancel my order and get a refund, if I'm not happy to wait. I reply that I'm happy to wait, since I've already waited 3 years for the lock. They say great, they are looking forward to getting the lock to me.

September 2017 comes around with no updates, and September becomes October 2017, still with no updates. I'm loosing my patience, and reach out to them on twitter (https://twitter.com/voss/status/918406033529344000). I point out that I've been waiting 3 years for the product, and that I find it weird, if their European shipping is on hold, that I can still order one on their website, without being informed that it's actually not currently shipping to Europe. They reply that they are still in business, and that my lock will ship "as soon as possible". I reply something snarky, pointing out that my lock has been in "as soon as possible" status since February, and that surely this can't be acceptable by their own standards. I don't think I hear anything back from them on that, so I write an email. 10 days later, they reply. They have a backlog, they are working hard, if I wan't to cancel my order they will refund me. I again say that I would very much like to have the lock that I paid for, and that I will continue to hold them accountable for getting the product into my hands.

In October, a week after I ask them for an update on the shipping status, they post an update to their blog (https://lattis.io/blogs/posts/shipping-update), explaining that they have failed their communications and shipping commitment to their backers, and that they are working hard on fixing it. As a case in point, that information was not sent to their customers via email, they only posted it to their website, as far as I know. So, yeh, they are still not fulfilling their communications commitment.

Guess what, it's now November 2017. I still haven't heard any news on my shipment. I reply to one of my emails to their support, where they offered to refund my order, that my patience is up, and that I would like to get a full refund. Surprisingly, I have heard nothing from them since then. They blocked me on Twitter, which I discovered in November as I tried to get in touch with them there, and couldn't mention them.

Per 24th of January 2018 they have a new update on their blog about new inventory being available, and shipping as fast as they can (but really they are most excited about talking about Bikeshare 1.0): https://lattis.io/blogs/posts/new-inventory-lattis-bikeshare-1-0

I wrote and asked them for an update on where my lock was, and got this reply back:

Thanks for reaching out support@lattis.io

Waiting on your order to ship?

We are shipping pre-orders in the order we received them. Please be patient!

We’ve shipped thousands of units to date, and we continue shipping units every week. 

 

An issue with your Ellipse?

That should be an easy fix 😉. Please try our FAQ with most common questions(link) or if you haven’t already provided that information, please reply to this email with the following information:

 

- Are the LEDs on the capacitive touchpad lighting up?

- Are you using a FB or Phone Number account? Do you still have access to that account?

- S/N of your Ellipse located under the QR code of the box (ex: CSD7100031)

 

Bike to the future!

The Lattis team

I'm not the only one in this situation, which does offer some consolation, but only sofar as I'm not the only one miffed. The last post on their Facebook page ((https://www.facebook.com/HelloLattis/posts/1332022596894346)) is from May, and while it announces that the Ellipse is now available in a store in Santa Monica, the comments bear witness to failing their commitment to their backers and pre-orderers.

Reactions to their latest post on their Facebook Page

Some commentators on that post write that they did indeed receive the product, but that it's terrible, and one person left a 1-star product review on Amazon (https://www.amazon.com/gp/customer-reviews/R3O1OJEQGBJO6/ref=cm_cr_getr_d_rvw_ttl?ie=UTF8&ASIN=B...)

In general, the reviews on Amazon are less than favourable (48% 1-star reviews: https://www.amazon.com/Lattis-Ellipse-Keyless-Detection-Charcoal/product-reviews/B01NASEQH6/ref=cm_c...).

So, what to do next? They took my money 3.5 years ago, and I don't have the product I paid for. They don't reply to emails anymore (just automated replies). Last time I spoke with a human via email, they offered a refund. At that point they had been telling me for 6 months, that they would start international shipments very soon.

Can I do more than writing this, way too long, detailed, and for anyone not affected by this, boring, blogpost, to let others know that they should not do business with them?

Edit: I updated the title and TL;DR of my post to better reflect that I'm not criticising Kickstarter or crowdfunding platforms in general, my criticism is squarely pointed at lattis.io. Unfortunately I cannot change the URL of the post.

If you are also waiting for your lock to arrive, or have received a faulty lock, and are not having your support requests met, you can contact lockaction.org to provide them with your information. They are collecting victim information against Velo Labs/Lattis, for possible future actions.

Jonas Voss

No Maps for These Territories (2000)

1 min read

A documentary focusing on the writing and thoughts of William Gibson, about the present, and the future, real or not. Worth a watch, any time.

Jonas Voss

Sticky links, December 30th edition

2 min read

Sharing links for no other reason than having found them useful, entertaining, educating, or all at the same time.

Jonas Voss

Jonas Voss

Migrating from LastPass to KeePass

4 min read

I've been a LastPass Premium user for a couple of years, and I've really enjoyed it. It's a good product, very user-friendly, and the apps are well-done. I've been wanting to switch to another password manager for a while, due to security concerns. Plenty of compromised cloud companies out there, and LastPass might as well be next.

Over the last few days, lastpass has been down, or running a suboptimal service for many users, including myself, and since my last attempt at renewing my LastPass Premium subscription was declined by my bank for some reason, I figured now was as good a time as any, to make a move to something else. 

I've dabbled a bit with Master Password App, which is a stateless password manager. I really like the idea, but then what do I do with all the logins and secure notes I already have stored in my lastpass vault? I don't see a simple way of storing those in Master Password. My alternative then was down to a stateful password manager, and here's where KeePass comes in. KeePass is an open-source password manager from the 00s. Initially for Windows, but ported to a staggering variety of platforms, most likely including the one you are reading this on. It saves its content in an encrypted database, which you can then stick on a server, and get access to it through as many apps as you like.

Getting your vault out of LastPass

I wanted to export my Lastpass vault, and import it into some form of Keepass port. Here are the steps I followed:

  1. Logged into Lastpass on the web, clicked on "More options" and selected "Export"
  2. Saving the resulting page doesn't help you at all, so you have to select the content of your now unencrypted lastpass vault, and paste it into a text file (any empty document in an editor will do)
  3. Save that text file and give it the extension .csv

Getting your vault into KeePass

The next step was to get my LastPass csv-vault into a KeePass database format. It turned out finding an app that supports direct import of plain csv-files was not so easy (most required XML files), but in the end I managed to find one called KeePassXC which accepts csv-files. Handy. Alternatively, if you can't find one that will import csv-files on your platform, you can use lastpass2keepass.py to convert the .csv-file to XML, which will then hopefully work for you.

Once imported, you will have a kdbx-file, which is the encrypted KeePass database, and somewhere along the process you have to create a password for the database-file. Think of it as your master password from LastPass, the one password that gives you access to your vault. Need help picking a good password?

Putting your file where all your apps can access it

Obviously you can keep the file on your local device, being laptop or phone or wherever you'd like it to be, but the real value from password managers are when they are available to you whenever you need them, which means to stick them somewhere on the internet. The benefit of Keepass is that you can stick it on a bunch of different services. Dropbox and Google Drive seems to be the most commonly used, but if you have one, you can also host the database file on your own server, and access it via sftp. You simply upload the database file to a place on your server, and it's then dependent on the app you use, if it supports sftp.

Mobile and web apps and Chrome browser extension

I'm mainly an Android and ChromeOS user, and for Android there's a number of options. I ended up going with KeePass2Android Password, and that does the job for me. If you need access to the file from a computer that is not your own, you can use KeeWeb, and point that to where your file lives (easiest if you have it on Dropbox or Google Drive).

For Chrome (and thus ChromeOS), there's an extension called CKP - which provides you with readonly KeePass password database integration for Chrome. You simply point it to your file, type in your master password, and you are away. 

Jonas Voss

Cphcph

1 min read

An IndieWeb Webring 🕸💍

Jonas Voss