How-to: Improve your online privacy – level 2 – encrypted email

1. Introduction

In my last “online privacy” article, I looked at how we can improve our privacy while browsing the web. So far, so good. But what about email? As it happens, email is problematic.

Growing from one of the oldest-established internet standards, email has changed very little from its inception. Email content is sent in plain text, just as it was on day one. Attachments are encoded to facilitate transmission, but any old email program can decode them.

Given the widespread use of email, we might wonder that there is no universally-agreed standard for transmitting messages securely. The big problem here is complexity. Email is used by people from all walks of life and all levels of computing ability. For universal acceptance, the barrier to entry must be kept very low (this is one reason why Dropbox is so successful – it’s easy). But security almost always increases complexity and decreases usability. We have options, but they all make email harder to use (even if that might be just slightly).

2. Simple but limited encryption: SecureGmail

SecureGmailI’ve recently come across a pretty simple option for encrypting email. Unfortunately simplicity comes with limitations. SecureGmail is an extension for the Chrome browser that enables encryption of email between Gmail users. So immediately you can see two limitations: firstly, the sender and recipient must both be using Gmail and secondly, they must both be using Chrome. You can’t use this to send a single email securely to all your contacts (unless they all happen to fit those criteria).

Also, SecureGmail does not encrypt attachments – just the text in the email. Still, you could zip the attachment, encrypting it with a password, and include that password in the secure part of the email.

A further limitation is that SecureGmail uses a single key to encrypt and decrypt the message. This differs from PGP encryption, where the sender uses a recipient’s “public key” to encrypt an email and the recipient uses a “private key” (known to no one else) to decrypt the message. PGP gives you a reasonably high degree of certainty that only the recipent can read the message, assuming the private key is kept safe (everything depends on this).

So there are some sacrifices to be made, in order to use SecureGmail. If you can live with that, it’s a great option – because it’s easy. Head over to SecureGmail and follow the instructions there.

3. Robust encryption: Enigmail

If you want to do this right, you have to use something like PGP encryption. I say “something like”, because although PGP is the standard more people have heard of, it is actually less common than the alternative GPG. Oh, and GPG is an implementation of the OpenPGP standard. Confusing, huh? PGP (“Pretty Good Privacy”) is proprietary and not free for commercial use. GPG (“Gnu Privacy Guard”) and OpenPGP were originally intended to provide a free, open source alternative to PGP. In fact GPG is more secure than PGP, since it uses a better encryption algorithm. Because it’s free and more secure than than PGP, I will focus here on GPG. Also, there are many different ways of skinning this cat, so I’ll just point you in a direction that’s free and one of the easiest ways of doing this. Note that the following instructions are for Windows.

3.1 Setting up your Enigmail environment

You’ll need:

Install Thunderbird. When installing Gpg4Win, you don’t need any of the optional extras, but you may install them if you wish. When you get to the “Define trustable root certificates” dialogue, you can select “Root certificate defined or skip configuration” and click “Next”.

If you’re using Firefox as your browser, make sure you right-click and save Enigmail, otherwise Firefox will try to install the extension. All other browsers will normally just download the file.

Run Thunderbird and click the menu (triple horizontal lines icon, top right), then Add-ons. Then click the cog icon (near the search box, top right) and “Install add-on from file”. Locate and install the Enigmail add-on you downloaded previously. You will need to restart Thunderbird to complete the installation. Then, if you’ve not already set up your email account in Thunderbird, do so now.

Add-ons Manager - Mozilla Thunderbird

Go to Thunderbird’s menu –> OpenPGP

Enigmail

–> Key Management

Enigmail_02

In the OpenPGP Key Management window, click Generate –> New Key Pair.

Enigmail_03

Choose and enter a secure passphrase. This should be hard for anyone else to guess. I tend to pick a line from a song. Yes, it takes a while to type, but it’s highly unlikely that anyone will ever crack it through brute force. Bear in mind though that if you forget the phrase, you’re stuck.

Back in the Key Management window, if you check the box “Display All Keys by Default”, you’ll see your new key along with its 8 character identifier.

Enigmail_04

Next click the key, then Keyserver –> Upload Public Keys. This permanently publishes the “public” part of your key (which people use to encrypt messages to you). Accept the default keyserver when prompted.

Enigmail_06

3.2 Key exchange with Enigmail

In order to send and receive emails securely, both you and your correspondent must have a public/private key pair. Whoever you’re writing to, they’ll need to have gone through the steps above (or something similar). Once you’re ready, you need to pass to each other your public keys.

Sometimes this public/private thing confuses people. But it’s pretty easy to remember what to do with each key. Your public key – well that’s public. Give it away as much as you like. There’s no shame in it. 😉 Your private key? Guard it with your life. Hopefully you will have chosen a secure passphrase, which will make it difficult for anyone else to use your private key, but you don’t want to weaken your two-factor authentication at any time (something you have – the private key, and something you know – the passphrase) by letting go of the “something you have” part.

Anyway, you don’t really need to know or understand how this works. Just make sure you and your correspondent have both published your keys to a key server. Next, tell each other your key ids (remember the 8 character code generated with the key?) and/or email addresses. Import a public key like this:

Go to Thunderbird’s menu –> OpenPGP

Enigmail

–> Key Management

Enigmail_02

In the OpenPGP Key Management window, click Keyserver –> Search for Keys.

Enigmail_08

You can search by email address or by key id. If you’re searching by id, it must always start with “0x” (that just indicates that the key is in hexadecimal).

Enigmail_09

You should see your correspondent’s key in the next dialogue. Click “OK” to import it. This places your correspondent’s public key in a data store that is colloquially referred to as your “keyring”.

3.3 Sending encrypted email with Enigmail

You can only send encrypted email to someone whose public key is on your keyring. See the previous step for details. We use the public key to encrypt the contents of the email, meaning that only someone with access to the corresponding private key can decrypt and read the email. This gives you a high degree of certainty that no one other than your correspondent can see your message.

Compose your message in plain text. You can send in HTML, but it’s much harder to encrypt correctly.

Remember that while the contents of the email will be encrypted, the subject will not be. Before sending it, you need to tell Thunderbird to encrypt the email. There are three easy ways of doing this.

  1. Click OpenPGP –> Encrypt Message.
  2. Press Ctrl-Shift-E.
  3. Click the key icon, bottom right.

Enigmail_11

Enigmail will search for the public key that corresponds to your recipient’s address. If you don’t have the correct public key on your keyring (or you’ve typed the address incorrectly or whatever), you will be warned that there was no match.

Enigmail_12

If you’ve forgotten to compose in plain text, you will be warned about the problems of using HTML.

Enigmail_13

I would recommend configuring Thunderbird to use plain text by default, at least for your fellow users of encrypted email. In Account Settings under Composition & Addressing, just uncheck “Compose messages in HTML format”.

When your correspondent receives the encrypted message, it can only be read by using the correspondent’s private key. Until the message has been decrypted, it will look something like this:

-----BEGIN PGP MESSAGE-----
Charset: ISO-8859-1
Version: GnuPG v2.0.20 (MingW32)
Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/

hQEMA/dOFDapHX5yAQf/YbYJz+vm2AnzWDn08sOP66gVVoCBh/qnbcAcdSYkCTA2
WjuWfV3ZSFVwV+lYyr/VqgcHl607a7KIJEQh251RSQEJmNg56gC/JYNtj9frhaIT
Ay46xhyz2Ebj8EjcvSX+wcUh8Qd/YPMqZDFB/wBNnA48JxkwuxXBU0AFLYw2Osc2
gvUttSZfN/Dn3Mq0fMxqr2s+YZA9qZebfzzjfVIfDWvbtqTFo1HhWKkuCqgPbYQ2
SuinDVtzlQRSTbbygvWVltd7miKsb19hZS9KQRda5XpaaWC3FHrLBeeUf9FvhIIq
kzF53oXv/Tp/fcbnujp5A4cyy8Bkw8RFi6xbQ9Baw4UBCwOnkycIVlt3QQEH+JKi
HB4VqC6i/N8sL7stR063yE0RYcIn18th+zDbZtTt2QlaSyzoCHwDqYo4R8o8VXAo
oe68jO2N9c/FyX7iSzYpKVKW26UL2SaWk0yd40Gae1XoEfHozZ8lmz7c4cO/ionU
81MYqcMdqdIg948OE6if2yb3Cl65p70jOQ/Ep6h9tw33Iu+ukj8r7MCPYRNPxIGh
EvrwktK0Ej1qbDP296i+C6QgJxsV9qDeGbPIs5q54Bni60qnMeSV1ttxit7bOgMF
xCQR3XbwXU1qeLvfWa1sdhqBq0zbEXxWeBT/9Gq3EJ8ca8JXeaTAV4Ry26oHL5Cf
ZrH+kIMrYo6g0Agg2dJ2AYjfvS2bDRoOsvlNoUQj8X+VIlyR9XqiLTnyEeanzL0f
79dH5Rfk0yPURl1pqOT6Dv5ioHyQjtJuF1qt+pO6NSbVwuE9xeoU4KhdmnMAkeIX
y7adNBCKr6zhpElhdkt1kfWDeW0mqyshYU/aetFDbW0l3XzIcQ==
=w5DD
-----END PGP MESSAGE-----

Following decryption, the content of the message will be visible as usual. A padlock icon indicates that this message was encrypted before transmission.

Enigmail_14

3.4 Enigmail – conclusion

So this is all you need, to send and receive email securely. Not even the mighty PRISM can unlock the treasures in your encrypted email. And this solution isn’t merely limited to users of Thunderbird. The Gpg4Win project referred to above has a plugin for Outlook, which covers the vast majority of corporate users.

All is not sweetness and light however. Due to security limitations of browsers, there isn’t really a solution for webmail users. And there aren’t any bulletproof solutions for mobile users. To start with, Apple’s terms of use are incompatible with open source (GPL) software, so GnuPG is automatically excluded. There will probably never be a solution for a non-jailbroken iPhone or iPad.

With Android, you do have some options, using Android Privacy Guard and K-9 Mail. The end user experience is not perfect though and you’re still left with a fundamental problem: you have to put your private key on your mobile device. The private key is the one thing you really don’t want to risk losing, so is this a good idea anyway?

Personally, I would say if the email is so sensitive that you need to encrypt it, you probably should wait to read it, until you have access to your desktop/laptop and your secure email environment. But then that decreases usability of encrypted email, which is the main reason this has not yet gained significant traction.

As you can see, there do remain some technical and social obstacles to overcome before we see encrypted email in widespread use. But as long as you understand its limitations, and if you care about keeping your email private, the GPG/Enigmail proposition is really very compelling.

How-to: Laravel 4 tutorial; part 3 – using external libraries

[easyreview title=”Complexity rating” icon=”geek” cat1title=”Level of experience required, to follow this how-to.” cat1detail=”With Composer, installing libraries in Laravel 4 is easy peasy.” cat1rating=”1″ overall=”false”]

Laravel Tutorials

Library

I’m in the process of moving from CodeIgniter to Laravel. I still use CodeIgniter if I need to do something in a hurry. I was very pleased when the Sparks project came on the CodeIgniter scene, offering a relatively easy way to integrate third-party libraries/classes into your project. When I first looked at Laravel, I saw that it offered something similar, in “Bundles”.

Laravel 4 has matured. It is now using Composer for package management. Composer is itself an external library of sorts. It is not framework dependent. You can use Composer virtually anywhere you can use PHP. Which is great, because that means not only can you use Composer to install Laravel, you can use it to pull in other libraries too and track dependencies. With a bit of luck, the third-party library you require has already been made available at Packagist making installation of that library a doddle.

As I mentioned earlier, I’m going to be creating a web-scraping application during this tutorial. We’ve already seen how we can use Composer to make jQuery and Twitter’s Bootstrap available. Let’s now use it to add Goutte, a straightforward web scraping library for PHP. Goutte itself depends on several other libraries. The beauty of Composer is that it will make all those additional libraries available automatically.

Open up an SSH shell connection to your web server and navigate to the laravel directory. Utter the following incantation:

composer require "fabpot/goutte":"*"

Installation will take a while as it hauls in all the various related libraries. But who cares – this is a cinch! Make yourself a coffee or something. I saw the following output:

composer.json has been updated
Loading composer repositories with package information
Updating dependencies (including require-dev)
- Installing guzzle/common (v3.6.0)
Downloading: 100%

- Installing guzzle/stream (v3.6.0)
Downloading: 100%

- Installing guzzle/parser (v3.6.0)
Downloading: 100%

- Installing guzzle/http (v3.6.0)
Downloading: 100%

- Installing fabpot/goutte (dev-master 2f51047)
Cloning 2f5104765152d51b501de452a83153ac0b1492df

Writing lock file
Generating autoload files
Compiling component files
Generating optimized class loader
Compiling common classes

All very impressive and difficult-sounding.

Okay, so that’s great – I’ve got the library here somewhere; how do I load and use it? Loading the class is ridiculously easy. Composer and Laravel make use of PHP’s autoload function. You don’t even have to think about where the files ended up. Just do:

$client = new Goutte\Client();

To put that in context, here’s a new function for our ScrapeController class:

	public function getPages() {
		$client = new Goutte\Client();
		$crawler = $client->request('GET', 'https://pomeroy.me/');
		var_dump($crawler);
	}

If I visit the /scrape/pages URL, I see this:


object(Symfony\Component\DomCrawler\Crawler)#171 (2) { ["uri":protected]=> string(24) "https://pomeroy.me/" ["storage":"SplObjectStorage":private]=> array(1) { ["00000000061dd4ed000000000c2f13de"]=> array(2) { ["obj"]=> object(DOMElement)#173 (0) { } ["inf"]=> NULL } } }

I reckon even Dummy could do this! There are lots more sophisticated things you can do. I keep reading about the “IoC Container” but to be honest I’m finding the official documentation somewhat impenetrable. Once I’ve worked it out, I may post an update. Before that, I’m going to work on the next post in this series – managing databases.

Library image copyright © Janne Moren, licensed under Creative Commons. Used with permission.

How-to: Laravel 4 tutorial; part 2 – orientation

[easyreview title=”Complexity rating” icon=”geek” cat1title=”Level of experience required, to follow this how-to.” cat1detail=”This series really is for web programmers only, though not a great deal of prior experience is required.” cat1rating=”3.5″ overall=”false”]

Laravel Tutorials

Signpost at North Point, Barbados, Feb.1998

I’ve used CodeIgniter for many years, but I have always, I confess, proceeded knowing just enough to get by. So forgive me if my approach seems a little clunky. I have never, for example, used CodeIgniter’s routes. I like my web application files nicely categorised into Model, View, Controller, Library and, if absolutely necessary, Helper. (Google an MVC primer if you’re not familar with these terms. These are concepts that will really aid your web development.)

Controllers

So for now, I want to carry on using Controllers, if that’s okay with you. Controllers are stored under app/controllers. To anyone coming from CodeIgniter, that’s probably going to sound familiar!

As I go through the editions of this tutorial, I will be creating a small application that scrapes data from another website and represents it. More on that anon. Bearing that in mind, here’s a sample controller:

In CodeIgniter, that’s all you would have needed to do, due to automatic routing. In Laravel, you need also to add the following to app/routes.php:

Route::controller('scrape', 'ScrapeController');

To view these pages, you just visit yourdomain/scrape (/index is implied) and yourdomain/scrape/node/x (where x will probably refer to a specific node, possibly by database id).

This all bears explanation; the controllers page in the Laravel documentation does not currently expand on this. The names of the functions in the controller are significant. The first part of the camelCase style name is the HTTP verb that will be used to access the page. This may be an unfamiliar concept, but it’s great once you get used to it.

Most web pages will be accessed by the browser using the HTTP method “GET”. This is just the default. If you’re sending form data (you’ve clicked on a submit button), the chances are we’re dealing with the HTTP method “POST”. This makes it very easy to respond appropriately based on how the URL was reached.

Note: this is scratching the surface of RESTful web development. You may have heard the term bandied about. Wikipedia‘s not a bad place to start if you want to learn more about this.

We’ll reach the getIndex() function if we simply browse to /scrape. Following the age-old convention, “Index” is the default. If we browse to /scrape/node, the getNode() function comes into play. That function is expecting a single parameter, which would be passed along with the URL: /scrape/node/1.

You only reach the pages though through the magic of routing. In the Route::controller('scrape', 'ScrapeController');, we’re telling Laravel that calls to the URL /scrape need to be handed to the ScrapeController class.

Views

Views are pretty straightforward and similar to CodeIgniter. Place them in app/views. Extending the example above, our controller could now look like this:

 $node);
		return View::make('node', $data);
	}

}
?>

The second paramater in View::make is the data (typically a multi-dimensional array) sent to that view. Note that data can also be passed through to a view like this:

	public function getNode($node) {
		return View::make('node', $data)
		    ->with('node' => $node);
	}

And then your view (app/views/node.php) could be like this:

Node

This is node .

Obviously your real views will be more syntactically complete. You can see that the array is flattened one level so that $data('node'); in the controller is accessed a $node in the view.

Models

Models are created under app/models. Unlike CodeIgniter, Laravel comes with its own object relational mapper. In case you’ve not encountered the concept before, an ORM gives you a convenient way of dealing with database tables as objects, rather than merely thinking in terms of SQL queries. CodeIgniter has plenty of ORMs, by the way, it just doesn’t ship with one as standard.

Laravel’s built-in ORM is called “Eloquent”. If you choose to use it (there are others available), when creating a model, you extend the Eloquent class. Eloquent makes some assumptions:

  • Each table contains a primary key called id.
  • Each Eloquent model is named in the singular, while the corresponding table is named in the plural. E.g. table name “nodes”; Eloquent model name “node”.

You can override this behaviour if you like, it just makes things a bit more convenient in many cases.

Example model app/models/node.php:


(You can omit the closing ?> tag.)

Because the Eloquent class already contains a lot of methods, you do not necessarily need to do more than this. In your controllers, you could for example now do this:

$nodes = Node::all();

foreach ($nodes as $node) {
  // Do stuff here
}

This is a whistle-stop tour preparatory to building a real application. Head on over to the official Laravel documentation for much more on all this.

Signposts image copyright © Andrea_44, licensed under Creative Commons. Used with permission.

How-to: Improve your online privacy – level 1 – Tor

[easyreview title=”Complexity rating” icon=”geek” cat1title=”Level of experience required, to follow this how-to.” cat1detail=”Your granny could do it. :-)” cat1rating=”1″ overall=”false”]

Introduction to Tor

It seems that not a day goes by now without reading some news about this or that government’s ability to scrutinise your internet activity. Our very own Dummy blogged about PRISM not so long ago. He concluded that at some level, we probably already suspected our every online move was being tracked. It’s just that we’re now sure of it. The worst that’s happened is we’ve sacrificed the illusion of privacy for the illusion of security, right?

The thing that’s making me distinctly uncomfortable though is that my data seems to be available to foreign powers. I am not a citizen of the U.S., but with vast quantities of my email sat on Google or Microsoft’s servers, it seems that for U.S. intelligence agencies, it’s open season on Geek’s mailbox. Now I can probably wrap my head around that, but what about other governments – governments with poor track records when it comes to human rights and civil liberties? If the U.S. can see my data, why not them too? It’s worrying because I have absolutely no doubt that some of my views would be viewed as offensive and immoral by those states. No names no pack drill, but the feeling is mutual.

Tor logoSo is there anything we can do to reclaim some of our privacy? Turns out that there is. There are a few options in fact. Today I’m going to look at just one such option: boosting your online privacy through the anonymising network, Tor.

Say what now?

Tor used to stand for “The Onion Ring [network]”. Like an onion, Tor provides layers between you and the web sites you’re visiting. Within those layers, your activity is scrambled, redirected and encrypted.

To explain this in simple terms: your web browser sits within the Tor network. All communication within the network is secured. When you browse to a web site, your web traffic is sent to an exit point from the Tor network – any one of several thousand relays – which talks to the internet on your behalf.

Think of it like a middleman who never reveals who he’s working for, but hands messages to and fro. That’s oversimplified, because what actually happens is more like several middlemen between you and the final web site, none of whom know quite who the original “client” is, nor what the message is that the middleman is relaying on behalf of the client. It’s these layers of security and encryption that led to the onion metaphor.

Tor Quick Start

By far the easiest way to get going with Tor is to download the “Browser Bundle”. This includes a specially configured web browser that will send all traffic via the Tor network. Yes, that’s right: Tor cannot magically make all your internet activity private. You have to use tools that know how to make use of the network. The Tor Browser is a version of Firefox that has been configured to use the Tor network. I’m going to assume that you’re using Windows, for the purposes of this tutorial, but there are bundles available for Mac and Linux too.

Download and run the Tor Browser Bundle. Tor isn’t installed as such – you won’t find a link in your Start Menu after this. It extracts all its files wherever you direct and you run it from there. This means that you can put the files (less than 100MB) on a USB thumb drive and take it with you from computer to computer.

Within the “Tor Browser” folder, you’ll find a program called “Start Tor Browser”. When you run that, your system will be initialised to run Tor:

Tor loading

Once you’re connected, the Tor Browser will load:

Tor Browser 1

After that, you can browse the web almost as normal. Web browsing will inevitably be slower than you’re used to; privacy in this case comes with a price. Traversing all those layers of encryption and randomisation takes time, but while you’re waiting for your page to load during that brief delay enjoy the warm sense of anonymised well-being.

Tor Browser 2

Note: web sites will not always function as they do outside the Tor network. This is a by-product of anonymity and safety. See the FAQ to understand some of the issues you may encounter.

Caveats

You need to be aware that Tor is not a panacea. If you wish to prioritise privacy, you may need to change some of your browsing habits. From the Tor’s download page:

Want Tor to really work?

  1. Use the Tor Browser
    Tor does not protect all of your computer’s Internet traffic when you run it. Tor only protects your applications that are properly configured to send their Internet traffic through Tor. To avoid problems with Tor configuration, we strongly recommend you use the Tor Browser Bundle. It is pre-configured to protect your privacy and anonymity on the web as long as you’re browsing with the Tor Browser itself. Almost any other web browser configuration is likely to be unsafe to use with Tor.
  2. Don’t enable or install browser plugins
    The Tor Browser will block browser plugins such as Flash, RealPlayer, Quicktime, and others: they can be manipulated into revealing your IP address. Similarly, we do not recommend installing additional addons or plugins into the Tor Browser, as these may bypass Tor or otherwise harm your anonymity and privacy. The lack of plugins means that Youtube videos are blocked by default, but Youtube does provide an experimental opt-in feature (enable it here) that works for some videos.
  3. Use HTTPS versions of websites
    Tor will encrypt your traffic to and within the Tor network, but the encryption of your traffic to the final destination website depends upon on that website. To help ensure private encryption to websites, the Tor Browser Bundle includes HTTPS Everywhere to force the use of HTTPS encryption with major websites that support it. However, you should still watch the browser URL bar to ensure that websites you provide sensitive information to display a blue or green URL bar button, include https:// in the URL, and display the proper expected name for the website.
  4. Don’t open documents downloaded through Tor while online
    The Tor Browser will warn you before automatically opening documents that are handled by external applications. DO NOT IGNORE THIS WARNING. You should be very careful when downloading documents via Tor (especially DOC and PDF files) as these documents can contain Internet resources that will be downloaded outside of Tor by the application that opens them. This will reveal your non-Tor IP address. If you must work with DOC and/or PDF files, we strongly recommend either using a disconnected computer, downloading the free VirtualBox and using it with a virtual machine image with networking disabled, or using Tails. Under no circumstances is it safe to use BitTorrent and Tor together, however.
  5. Use bridges and/or find company
    Tor tries to prevent attackers from learning what destination websites you connect to. However, by default, it does not prevent somebody watching your Internet traffic from learning that you’re using Tor. If this matters to you, you can reduce this risk by configuring Tor to use a Tor bridge relay rather than connecting directly to the public Tor network. Ultimately the best protection is a social approach: the more Tor users there are near you and the more diverse their interests, the less dangerous it will be that you are one of them. Convince other people to use Tor, too!

Additional point: there’s some anecdotal evidence that using Tor can cause issues for PayPal and eBay.

Bonus: Use Tor with mobile devices

That’s all well and good for desktops and laptops, but what about my phone and my tablet? Good news: you can also use Tor on Android and iOS. For Android, you have the free Orbot, which you can couple with the browser Orweb (also free). You do not need to have rooted your phone to use these, though there are some advantages if you do.

For iOS folks, there’s Onion Browser, which is cheap, but not free.

At the moment, I’m not aware of any Tor packages for BlackBerry or Windows Phone.

Safe browsing

Please remember that no amount of encryption or obfuscation can guarantee your privacy or safety. Nor does it absolve you of moral accountability. Stay safe and keep your nose clean.

How-to: Laravel 4 tutorial; part 1 – installation

[easyreview title=”Complexity rating” icon=”geek” cat1title=”Level of experience required, to follow this how-to.” cat1detail=”A good level of familiarity with web hosting will come in handy here, especially if your hosting environment is different from mine. It will also help if you’re comfortable at the command line.” cat1rating=”4″ overall=”false”]

Laravel Tutorials

Introduction

If, like me, you spend much time coding for the web – for pleasure or profit – sooner or later you’re going to find that you benefit from using a development framework. A framework is a collection of scripts that help you create an application much more quickly. Frameworks typically include a lot of the “nuts and bolts” components – scripts that assist with database connections for example, plus components that impose some structure on your programming.

For a long time, my framework of choice was CodeIgniter. CodeIgniter has stagnated of late and concerns have arisen over licensing. Partly as a consequence, many PHP developers like me have searched for an alternative. In the search, I came across a framework that many programmers are turning to: Laravel. My early experiences with Laravel have been extremely positive and I have found many things I prefer about it. In this series of tutorials, I’ll show you how to get up and running with Laravel and begin creating an application. The application will involve some web-scraping, so you may wish to stay tuned for that reason alone.

Before we dive in though, one word of caution: Laravel is a young open source project. Like many such projects, its documentation is less complete than you might wish, particularly when compared to CodeIgniter. In fact CodeIgniter’s great documentation was one of the reasons why I initially chose it as a development framework. Documentation is a core commitment of the Laravel team, but at the time of writing, with the recent release of Laravel 4, I’m finding the documentation is not quite up to scratch. Possibly you’ve found that too, which is why you’ve made it here to this tutorial. In fact one of the worst parts of the documentation at the time of writing is the installation procedure! With that caveat in place, let’s move on – it’s still well worthwhile.

Prerequisites

All my web coding is done within a Linux environment, usually CentOS or Ubuntu Server. For the easiest experience following these tutorials, you may wish to create a similar environment. (I’ve written about that elsewhere.) Alternatively, you should be able to follow the tutorials with some tweaking – but you’re on your own there. At the very least, I recommend you have in place:

  • Apache web server
  • Shell access to the server (preferably SSH)
  • Root access to install Composer globally (not essential)
  • Git must be installed in your environment.

Installing Composer

With the latest release (4) Laravel has taken a leap forward in several areas. One such area is the management of third party libraries and packages. Laravel previously made use of an external project called “Composer“, to install dependent packages. With Laravel 4, you now use Composer to install Laravel itself. To install Composer, from a root login shell, do the following:

cd /usr/local/bin
curl -sS https://getcomposer.org/installer | php
mv composer.phar composer

Provided /usr/local/bin is in your $PATH environment variable, you will now be able to call Composer with “composer [options] command [arguments]“.

Installing Laravel



The beauty of Composer is the simplicity it brings to library/application installation. There is an overwhelming range of tutorials on how to install Laravel with Composer. Please bear in mind that many of these were written while Laravel 4 was in beta or even alpha. Now it has been released, the installation is quite straightforward. Having prepared a new environment for a web site (a virtual host or whatever), navigate to the directory above the default web root directory. Then install using Composer. Eg:

cd /home/geek/domains/test.geekanddummy.com/
composer create-project laravel/laravel

You should see a fair bit of output indicating that Composer is creating a directory “laravel” and pulling in all the dependencies for a basic installation. The laravel directory contains a folder entitled “public“, intended to be your web root. Your easiest way to complete the configuration is to point your web site at that directory. For example, using Virtualmin, you would go to Server Configuration –> Website Options and change “Website documents sub-directory” from “public_html” to “laravel/public”.

Having done that, when I browse to my test web site, I see:

Laravel landing page

Installing other frameworks

Now would be a good time put to put Twitter’s Bootstrap and jQuery in place, if you’re planning to use them. Naturally, we’ll use Composer for this. You might use other frameworks in your web applications – check out Packagist to see if anyone has made a Composer package available.

Composer demands a tutorial all of its own, but I’ll keep it simple here. I’m going to make my new Laravel application depend on the latest compatible branches of Bootstrap and jQuery. This will potentially allow us to upgrade these two frameworks with a simple Composer command at a later date.

In the root of your Laravel application you’ll find the main Composer configuration file, composer.json. You don’t need to get your hands dirty editing the file, just from a shell in that root directory, issue the following commands:

composer require "components/jquery":"*"
composer require "twitter/bootstrap":"*"

This updates the composer.json file to include these dependencies and goes ahead and downloads them. It can take a while – be patient.

You’ll end up with jQuery files under ./components/jquery and Bootstrap files under ./vendor/twitter/bootstrap. These are locations not visible to your web server (the root is at ./public, you’ll recall). This is a particular problem in the case of Bootstrap. For now, here’s a quick-and-dirty way of accessing these files. I’m on the lookout for a more elegant solution, but this will get you up and running rapidly. Navigate to the “public” folder in a login shell and issue the following commands:

mkdir -p assets/css
mkdir assets/img
mkdir assets/js
ln -s ../../../vendor/twitter/bootstrap/img/glyphicons-halflings.png ./assets/img
ln -s ../../../vendor/twitter/bootstrap/docs/assets/css/bootstrap.css ./assets/css
ln -s ../../../vendor/twitter/bootstrap/docs/assets/css/bootstrap-responsive.css ./assets/css
ln -s ../../../components/jquery/jquery.min.js ./assets/js

And so on, for whichever bits you’ll use. This will only work if your web server allows following symbolic links. The .htaccess directive “Options +SymLinksIfOwnerMatch” may help here, but that’s outside the scope of this tutorial.

Configure your development environment

I use NetBeans for development. If you don’t already have a preferred IDE (integrated development environment), I recommend you check it out. Another favourite is Eclipse. You could use an ordinary text editor, but then you’d be missing out on a lot of things that can make your coding more comfortable and efficient.

Having installed Laravel and the other frameworks on my web server, next I use NetBeans to pull the code across to my development environment. In the NetBeans “New Project” wizard, select the option “PHP Application from Remote Server”. In the remote configuration, ensure that you choose as your “upload directory”, the laravel. From there, you’ll want to download the app and public directories.

Conclusion

That’s it for today’s tutorial. Next time, we’ll look at orientating ourself within the framework (“what goes where?”).

How-to: Reinstate the delete button in Android Gmail app

Google’s development philosophy is a process called “evergreening”. Make sure your business profile is always new, always interesting. This is one reason why Google Doodles are actually a big deal for the company. It is also a reason why ultra conservative companies struggle to integrate Google Apps into their I.T. infrastructure. Constant change is unsettling, especially when you need to support end users who are not particularly tech-savvy.

So, Google has done it again. The latest update to the Android Gmail app changes a few things and, most irritatingly, moves the delete button off to a menu. Now, when you select an email, you have three buttons – archive, mark unread and move to folder:

Gmail_01

You can delete, but you need to tap the menu, then select “Delete”. Who has time for that?!

Fortunately, there’s a solution; the delete button can be reinstated through a configurable setting. Go to Settings then “General Settings”:

Gmail_02

Choose “Archive & delete actions”:

Gmail_03


Select “Show archive & delete”:

Gmail_04

Breathe a contented sigh of relief:

Gmail_05

Note to Google: Please think before you release gratuitous changes in future. This busy Geek doesn’t have time to be undoing all your mistakes!

How-to: Administer Active Directory/Windows Server remotely using a privileged account

[easyreview title=”Complexity rating” icon=”geek” cat1title=”Level of experience required, to follow this how-to.” cat1detail=”Though this wasn’t easy to work out, hopefully the how-to is easy-peasy to follow. You may need to do a little research if your platform differs much from mine (Windows 7/Server 2008).” cat1rating=”1.5″ overall=”false”]Oh my, how hard did Microsoft make this?

The scenario: like all good domain administrators, I have a day-to-day non-privileged account, for normal access and a domain account for use as and when I need it.

The objective: use an MMC (Microsoft Management Console) to administer the domain from my normal workstation, with my domain admin account.

This should be easy, right? Fire up the MMC, type in your domain administrator credentials and you’re away? Wrong. What you actually need to do is something like this. This is to administer AD running on Windows Server 2008 from a Windows 7 workstation:

Step 1: Install Remote Server Administration Tools

Install the Administration Tools Pack for the server[s] you intend to administer. For Windows 7, this pack is amongst the features you can install for the o/s. There are however some caveats and you would do well to read the comments on this Technet article, if you get stuck.

Step 2: Configure WinRM

If you want to manage a server such as Windows Server 2008 remotely (not just Active Directory), you’ll need to configure WinRM (Windows Remote Management) on the remote server. Until you do, your attempts to connect may result in error messages like “Server Manager cannot connect to Server1. Click Retry to try to connect again”. Certainly, this is what happened for me:

07 Server Manager cannot connect

On the remote server, in an elevated command prompt:

C:\Users\rob.admin>winrm quickconfig
WinRM already is set up to receive requests on this machine.
WinRM is not set up to allow remote access to this machine for management.
The following changes must be made:

Create a WinRM listener on HTTP://* to accept WS-Man requests to any IP on this machine.
Enable the WinRM firewall exception.

Make these changes [y/n]? y

WinRM has been updated for remote management.

Created a WinRM listener on HTTP://* to accept WS-Man requests to any IP
on this machine. WinRM firewall exception enabled.


That alone, might not be enough. The next hurdle I encountered was similar, but this time the issue concerned the WS-Management catalog (whatever that is):

08 The resource URI was not found in the WS-Management catalog

For Windows Server 2008, you also need to install a feature called “WinRM IIS Extension”. In Server Manager –> Add Features:

09 Add WinRM IIS extension

This feature installation takes forever (well, quarter of an hour, for me). Why? Who knows.

You still might not be able to connect to a Server 2008 box after this. Try installing version 3 of the Windows Management Framework. You can download that here. Note: this depends on Service Pack 2 of Windows Server 2008, the previous version of Windows Management Framework (which gives you PowerShell 2.0) and .NET 4.

If you still can’t connect, shrug your shoulders and just accept the fact that Remote Management is one of the things that Microsoft improved dramatically in R2 of Server 2008. You will still be able to use many MMC snap-ins, but some (like the “Server Manager” snap-in, ironically) will just fail.

Step 3: Create your MMC

I’ll just use a simple example here. First: Start –> Run –> mmc.

Within the console, Add/Remove Snap-in:

01_Add_Remove_Snap-in

Choose your desired snap-in (e.g. AD Users and Computers):

02_Choose_desired_snap-in

Click “Add >”. The snap-in will appear on the right. Continue for all the snap-ins you’ll want to use, then click “OK”.

Save your custom MMC. I would recommend putting it somewhere where you’re not going to be hit by UAC problems – i.e. not in the root of your C: drive, not under C:\Windows, etc.

Step 4: Create a shortcut to your MMC

You can’t directly run the MMC. Don’t try. Create a shortcut. You can put this shortcut on your Desktop, or wherever you like. So, for example, right-click the Desktop and click New –> Shortcut.

You need to specify the shortcut as C:\Windows\System32\runas.exe /netonly /user:your-domain-admin-user@your-domain "mmc C:\Path\To\MMC\DomainAdmin.msc":

04_Create_shortcut

Having created your shortcut, set it always to run as Administrator. Right-click –> Properties –> Advanced:

03_Run_shortcut_elevated

Step 5: Run the shortcut

When you run the shortcut, you should now see a UAC prompt and after that a command prompt, asking you for your domain admin password:

05_Credentials_prompt

For me, it’s not instant, but eventually, the MMC loads and runs as intended:

06_MMC_running

Happy days. No more RDP. 🙂

How-to: Merge multiple RTF files into a single PDF

[easyreview title=”Complexity rating” icon=”geek” cat1title=”Level of experience required, to follow this how-to.” cat1detail=”Linux only. And newbies may find this tricky.” cat1rating=”3.5″ overall=”false”]

I recently needed to generate a large quantity of forms automatically (around 2,500 of them) and printing them. I was using PHP as the generator – it’s great at processing and transforming text. And my base (template) file was originally created as a Word document, converted to RTF for ease of processing.

There is no easy and free way of printing out 2,500 RTF files from Windows, not that I’ve been able to find. It didn’t make sense to pay for a £200 application for something that I do so infrequently. So here is my (free) approach.

Make Linux do the hard work

I’m using an Ubuntu virtual machine for this how-to, but you can use almost any distribution, with a little modification of the steps below. When it comes to command line or scripted activities (which this tutorial lends itself to), Linux/Unix is simply more mature than Windows. This means that someone, somewhere has probably already created a tool for whatever activity you’re thinking of and moreover, made that tool free.

Converting to PDF: Ted

Ted is a fairly full-featured text processor for Linux. We’ll just be using some of Ted’s command line wizardry today.

Installing Ted

Ted logoYou can download a Ted package here. I’m installing this on an Ubuntu 12.04.1 machine so I chose this package: ubuntu12041:ted-2.23-amd64.deb.

I keep all third party packages I install in a directory, /root/installed-packages, for future reference. So this is what I did, from a command line (SSH connection). First, I know that Ted has some dependencies, so I dealt with those:

apt-get update
apt-get install libxpm4 libtiff4 libgtk2.0-0 libpaper1
apt-get -f install

Then downloaded and install Ted:

wget http://ftp.nluug.nl/pub/editors/ted/ubuntu12041:ted-2.23-amd64.deb
dpkg -i ubuntu12041\:ted-2.23-amd64.deb

Combining files: pdfmerge

Abiding by the principle of “do one thing well”, guess what pdfmerge does?

Installing pdfmerge

If you’re using a RedHat-derived distribution, you’re in luck, there’s a pre-built package. If you’re using Ubuntu though, here goes. Download the source [iwrtooltip title=”a compressed archive of files”]tarball[/iwrtooltip] from here. Again, I’m starting in my directory /root/installed-packages.

wget http://dmaphy.github.com/pdfmerge/pdfmerge-1.0.4.tar.bz2
tar jxf pdfmerge-1.0.4.tar.bz2
cp pdfmerge-1.0.4/pdfmerge /usr/local/bin
rm -rf pdfmerge-1.0.4

Put it all together

Now the utilities are installed, you can run the following simple bash script to convert your individual RTF files into PDFs, then merge them all into a single PDF. I put the RTF files in one directory, then the PDF into the directory above it in the directory tree. We use a script that is bundled with Ted – you may need to check the precise location.

for filename in ./*.rtf
do
/usr/share/Ted/examples/rtf2pdf.sh $filename
done;
pdfmerge *.pdf ../all.pdf

Acknowledgements

Thanks to Mark de Does for Ted and to Dominic Hopf for pdfmerge.

Review: SoundWave SW100 Portable Bluetooth Speaker

As for many other people, my phone has become my go-to device for all my mobile entertainment needs. I currently have a Samsung Galaxy Note 2 (yeah, the one with the ludicrously large screen), so it’s great for anything from internet browsing to watching films in HD quality. I also use it as an MP3 player and for listening to podcasts and audiobooks.

I recently started looking around for a portable speaker that I could take on my occasional travels and, not to put too fine a point on it, use in the bathroom. Surely I’m not the only one that likes to listen to audio books while I shower?

The Note 2 isn’t, er, noted for its high quality speakers. Very few smartphone manufacturers have been able to complete with Apple on this front. But even the mighty built-in speakers of an iPhone struggle to compete with the noise of my geyser-like shower or electric shaver.

As Dummy will tell you, I’m a bit of a tightwad when it comes to my technology purchases, so I was looking for a device that could combine the impossible requirements of sound quality, power and cheapness. I wanted the convenience of connecting by Bluetooth, with the option of a 3.5mm socket for greater flexibility.

Having considered many products and read a lot of reviews, the device I settled for was this, the SoundWave SW100:

Rear view
Rear view

Here are some vital statistics:

  • Small – about three inches tall
  • Reasonably light – I haven’t put it on the scales, but it feels about the same weight as my Note 2 + case
  • Loud – I can’t find any official information on wattage, but when I turned it up to max in my small kitchen, it was louder than I could tolerate; at that point, there was some mild distortion
  • Built-in microphone – theoretically you can therefore use this device for conference calls; I have not tried this, but for the sound alone it can only be better than putting your phone into speaker mode
  • A claimed 10 hours music/talk time
  • A claimed 800 hours standby time – I’m not sure what use this figure is though; I’ll either be using it or charging it

Out of the box, the speaker was fully charged in less than an hour. It comes with a microUSB cable for this purpose. For my first trial, I took it into my company’s noisy server room. About 80% volume was sufficient to hear music clearly and without distortion, over the cacophony of fans and aircon.

It paired over Bluetooth without fuss. I have noticed the occasional blip when playing through Bluetooth, but I think this is more likely to be down to the phone (of which I demand a lot!) than to the speaker. In any event, you can use a 3.5mm audio cable (supplied) if you prefer.

SoundWave SW100 and matThe speaker has a non-slip base, great for most surfaces. The manufacturers have thoughtfully included an additional non-slip mat, making the speaker very unlikely to budge during normal usage. The non-slip mat also slightly neutralises the effect of resonance transmitted through the surface on which you place the speaker. Unless you’re an audiophile (I confess I’m not), this probably won’t mean a lot, but for some, it will be important.

For the size of the speaker, I was impressed by the bass response. In fact this was one of the reasons I bought the speaker – to improve bass experience, without having to lug around a sub woofer and without having to spend thousands on a high-end miniaturised speaker system.

Build quality is good. The case is mainly brushed aluminium, and not unattractive. It passed the spouse test; no exclamations of,”Oh how hideous! What horrendous technological monstrosity is that?!”

SoundWave SW100 mic and buttonThere are two controls. First, there’s a button labelled with a phone symbol, for answering calls and setting up the initial pairing. Secondly there’s an on-off switch. There’s an LED to indicate connection status and charging status and there’s a microphone port along with the USB charging port and 3.5mm audio socket.

I paid £20 for the speaker. Although at one time it was available for less, it is still a bargain at this price. It receives favourable reviews (wherever you look) and I can only confirm what other reviewers are saying. Well worth the money, especially when you consider you can pay four times the price for a product that may have a pretty label but is otherwise no better.

Entirely up to you, but you can pick one up from Amazon here, or from eBay,
[easyreview title=”Geek rating” icon=”geek” cat1title=”Ease of use” cat1detail=”BlueTooth synced very easily. There’s an off/off switch. Simples.” cat1rating=”5″ cat2title=”Features” cat2detail=”It has no on-board track control buttons and lacks the ability to daisy-chain other speakers. Higher-quality speakers may handle bass better, but that’s being very nitpicking.” cat2rating=”3.5″ cat3title=”Value for money” cat3detail=”It competes well with speakers three times its price.” cat3rating=”4.5″ cat4title=”Build Quality” cat4detail=”Very solid. Has survived several downward lunges!” cat4rating=”4.5″ summary=”If you want a portable speaker, on the go, don’t mind that the output is mono, and don’t expect the sound to fill a concert hall, this is the device for you. Highly recommended.”]


How-to: Rooting the Nook Simple Touch

UPDATE: If you’re looking for a super-cheap, colour, Android tablet, you might like to know that Amazon has recently slashed the price of the 7″ Kindle Fire to £99. Find out more here.

[easyreview title=”Complexity rating” icon=”geek” cat1title=”Level of experience required, to follow this how-to.” cat1detail=”The latest rooting process is fairly straightforward, if you’re patient and pay attention to all the details.” cat1rating=”1″ overall=”false”]Nook browsing webAt the time of writing, the Nook Simple Touch is still on offer with Barnes & Noble, but out of stock. Which is to say, it’s dirt cheap, but ner ner ne ner nerrr, you can’t have one…

If you were one of the lucky ones to pick up the reduced-price tablet before stocks ran out, or if you already had one of these, you might be interested to know that you can unleash some of its secret powers through a process called “rooting”. The tablet is based on the well-known operating system Android and has hidden talents that Barnes & Noble would rather you didn’t find out about (like loading a Kindle app onto the tablet for example – gasp)!

When my Nook arrived, it was running firmware version 1.2.0. The Nook has since been silently upgraded by Barnes & Noble to 1.2.1. I mention this because manufacturers tend not to like having their devices’ security bypassed (I’m looking at you, Apple). It’s entirely possible that one day B&N will release an upgrade that makes it significantly harder to root the device. Thankfully, with all versions up to 1.2.1, it’s still possible.

Before you proceed any further, there are a few points to highlight. I apologise for the extreme emphasis, but they’re such important points, I didn’t want you to overlook them.

  1. Rooting your Nook will almost certainly void your warranty. Don’t rely on the possibility that you may be able to reverse the rooting process. By the time you need to call on the warranty, your device may be in such a state that you’re not able to “unroot”. Only root your device if you’re satisfied you can afford to lose the money you just spent on the Nook.
  2. Rooting your Nook may “brick” it, that is, render it inoperable. It’s rare, but it can happen. Once this has happened, you can still use it as a rectangular frisbee, if you wish.
  3. You must, repeat must go through the Barnes & Noble registration process before you attempt to root the NST. Follow the wizards and make sure your Barnes & Noble store is working. Don’t skip this step.
  4. Nook Devs is a great site to visit if you want to know a lot more about this process.

Pre-requisites

You’ll need:

Rooting

  1. This process wipes the MicroSD card you’ll be using. I had already copied some files to my card, so I copied them back to my laptop for now. You may wish to do the same, or you can use a dedicated card for the rooting process.
  2. Download and unzip NookManager. This will leave you with a single file, NookManager.img.
  3. Download and unzip Win32DiskImager.
  4. Insert your MicroSD card and ensure it’s mounted (visible in Explorer).
  5. Run Win32DiskImager.exe. It will probably request elevated permissions. The interface might take a while to appear. Be patient. You’ll eventually see something like this:
    Win32DiskImager
  6. Use the folder icon to browse to the location of NookManager.img. Make sure the “Device” selection is pointing to your mounted MicroSD card.
  7. Make triply sure you’re writing to the correct device and click the “Write” button. Heed the warning and if you’re ready to proceed, click “Yes”. In a little less than 10 seconds, the writing process should be complete.
  8. Unmount the MicroSD card from your computer, but don’t install it in the Nook yet.
  9. Unlock your Nook, then power it down, by holding in the power button for three seconds, then tapping the “Power off” option.
  10. Insert the MicroSD into the Nook, and power it up.
  11. You should see the NookManager loading screen:
    Nook Manager Loading Screen
  12. For this procedure, it really makes little difference whether or not you start with wireless capability. It’s quicker if you don’t:
    NookManager start wireless
  13. When you arrive at the Main Menu, click the button next to “Root->”:
    NookManager root
  14. Next, click the button next to “Root my device->”:
    NookManager root my device
  15. If you’re an Olympic swimmer, you can hold your breath during the next bit:
    NookManager rooting in progress
  16. There’s no progress bar. After a while, you should see the following (note the word “Success!” at the bottom):
    NookManager rooted
  17. Click “Back” then “Exit”:
    NookManager exit
  18. Eject your MicroSD card when prompted:
    NookManager eject
  19. You can and should use NookManager to take a backup during this process. I didn’t, because I didn’t have a spare MicroSD card to dedicate to backups. I possibly need to research this area more. Backups are good. I, obviously, am a Bad Boy. I tried taking a backup (the process took about 15 minutes), but then I wiped the card for other use. Go me.
  20. When first unlocking, post-root, you’ll be presented with a slightly cryptic message: “Complete action using Home/ReLaunch”:
    Nook Complete action using
    The checkbox, when selected, means “Always” do this. Just choose whichever you want at the time and leave the checkbox unticked. “Home” takes you to the Barnes & Noble interface. “ReLaunch” takes you to an Android interface designed for the Nook. You’ll see these this choices again, whenever you press the Nook button, followed by the “home” icon.
  21. Hang onto your NookManager MicroSD card for now. You’ll need it for installing Google apps (next section).

If your first attempt at rooting didn’t work, don’t panic. You can safely repeat this process as many times as you like.

Installing Google Apps

If you still have your NookManager-prepared MicroSD card, you may wish to install some Google apps. This gives you Google Market (the earlier version of the Play Store), Gmail, Calendar and a few other bits and bobs.

  1. Download NGTAppsAttack. The version number you download should be the same as the version of NookManager you’re using.
  2. There are quite a few “gotchas” with this process. I strongly recommend you follow the instructions at the start of this thread at XDA Developers. In particular, note the comment, “Once your Nook has booted you need to follow the next steps without delay. You don’t need to rush but you need to move through them without interruption.”

Despite what I’ve read elsewhere about needing to use a Google account ending in “@gmail.com”. this worked fine with my Google Apps Domain account (which I use for my Android phones). You can now start installing apps using the Google Play web interface (from your computer), but bear in mind that many apps won’t be compatible with the Nook‘s old version of Android.

At this stage, I completely wiped the SD card, removing all existing partitions, using Parted Magic.

Apps to install

Nook with Play Store

Since the Nook is running Android 2.1 that’s a significant limitation. All apps to be installed must support 2.1. Also, the Nook has limited memory, so RAM-hungry apps won’t run at all.

I’d recommend the following apps:

  • The current version of Opera Mobile seems to be about the best web browser for the Nook (better than Opera Mini). But remember that web browsing with an e-ink display is never going to be slick.
  • For reading comics and certain magazines, Perfect Viewer is great. The last version to support Android 2.1 was 1.9.2.2. You can download that direct to your Nook, by using Opera to browse here. In case you’re hand-typing URLs, here’s a shortened URL for your convenience: http://is.gd/m6eSSk
  • If you install the Perfect Viewer PDF Plugin, you can also read PDFs, with full zoom control. The current version of the plugin (1.1.2) is compatible with the Nook, so you can install it via the web.
  • Version 2.1.0 of Aldiko Standard is compatible with the Nook and enables you to read ebooks in many formats other than epub. Download the APK here. Shortcode: http://is.gd/O4j6Wz
  • To give you access to Amazon’s catalogue, install the Android Kindle app. You can install the current version via the. Oh, and yes: ha ha ha.
  • Dropbox seems to me to be of slightly limited usefulness, except maybe for conveniently transferring the odd file to the device, but you can install the current version via the web if you’re so inclined.
  • The current version of Fora Dictionary works well. You’ll probably want to install one of the dictionary packages too.


Conclusion

There you have it. At no extra cost (except a bit of time), you’ve flung wide open the capabilities of your eReader. As long as you continue to bear in mind the limitations (and advantages) of e-ink technology, you can’t fail to be impressed by this fantastic device.