Mauro Morales

software developer

Author: Mauro

  • Epomaker Tide75 Keyboard Review

    You know that feeling when you are trying not to buy new mechanical keyboards and still one manages to find its way to your desk? Well, that’s precisely how I felt last week when a package from Epomaker arrived! For about a fortnight, I’ve been putting the Tide75 to the test, let me tell you what I found!

    Disclaimer: Epomaker contacted me to write this review as an exchange for keeping the keyboard. They didn’t have a say on what I wrote, except for the two links to their web and Amazon shop.

    First Impressions

    The first thing I noticed is the weight of this keyboard, it is thick! Immediately then, I knew this was a solid product (pun intended 🥁). The sound is a delight. And overall, it is a very good-looking keyboard. On the other hand, the knob feels a bit loose, and I’m not a fan of the font type they used for the caps.

    But let’s not judge this book only by the cover! I spent almost two weeks with it as my daily driver to find out if this one is a keeper. My main interest in such a device is to write code and prose, so sorry gamers, I don’t have much for you. Here are the 4 areas which I assessed this keyboard on:

    1. Comfort with extended use
    2. Base functionality. I don’t want to be interrupted while I’m working because something is not connecting properly or other similar issues
    3. Extra customizations. Being able to adapt the keyboard to my needs is a great plus for me
    4. Aesthetics. I will be looking at this piece of equipment for at least 8 hours every day

    Comfort

    The distribution of the keys is superb. I have small hands, but it doesn’t feel like an effort to do any key combination. I’ve experienced RSI in the past, and I will invest in a good keyboard rather than experience pain. I spend hours at a time typing, and so far, I haven’t felt any discomfort with the Tide75.

    As a macOS user, the main issue I have with the layout is that it is missing the Cmd key on the right. Thankfully, this can be customized (more on this later)!

    I really enjoy how the keyboard will not move a millimeter while I’m typing. I compared this to my Reform keyboard, which is the closest one in size I have, and the Epomaker Tide75 is significantly better. This boy is so heavy that even my DasKeyboard 4 Professional, which is a full-sized keyboard, couldn’t compete. Now this, of course, is a double-sided sword because it means I would never consider carrying it around in a backpack.

    One thing I still have to get used to, is the minimum touch the keys require to react, but I like it, it just means I have to change some old bad habits, like resting my thumb on the space bar.

    As for the sound, I’m a big fan of loud keyboards (Cherry MX Blue Switches), but you cannot take such a keyboard to an office unless you want to become an outcast, this is why, on my daily drivers I have (Cherry MX Silent Red Switches) with dampers. The sound of the Epomaker Lemon Switch, sits somewhere in between these two, which I would recommend for a single person office, or one that is ok with this level of noise. I tried putting dampers on the keycaps, but it didn’t really have an effect.

    Functionality

    The keyboard can be connected using a cable, a dongle, or via Bluetooth. When connected via cable, the keyboard also charges the 4000mAh battery. I attest to the quality of the charge since I had to use the cable during the different times that I configured the keyboard, I’ll make sure to report that in a later update.

    Connecting with the dongle worked like a charm. The only complaint I have is that the little housing where it stays put feels a bit loose, maybe it’s not so bad but for me, it’s another reason not to put it inside a bag pack.

    Connecting via Bluetooth is super simple. You have 3 presets when pressing Fn + Q/W/R. Switching between them works just fine, and the right preset wakes up my computer as expected. This was very handy since I have multiple devices on my desk and I could switch between them without having to move around the desk as I used to.

    At some point when testing, I started experiencing disconnections, and it turned out to be caused by low battery. A battery indicator could be a great addition. It could even be done with the existing RGB LEDs, I think that would be pretty sick!

    Media keys for macOS can be accessed with the Fn + digit, they are even in the same position as the Apple keyboard, which is a great design choice so you don’t have to learn a new layout. The only minor issue I found was in the manual where it says that Fn + S is Mac mode and Fn + A is Win mode, but for me is the other way around (at least for mac, I don’t have a Windows machine to test).

    Customization

    If I have a keyboard that is comfortable and the basic functionality fits my needs, then I can be happy with it, but being able to customize it, is what can make it a joy to type with a certain keyboard.

    The manual says I can configure the layout by downloading an app from this repository, and there is a homebrew formula for it too. Unfortunately, I wasn’t able to make it work. The app loads, but it never finds the keyboard. Thankfully, the online version did work. In addition to this app, you also need to download the keyboard’s definition file. The link on the manual doesn’t work, but this one does.

    Ok, with everything ready, you can go to the “design” tab and, unlike me, make sure to turn OFF “Use V2 definitions (deprecated)” despite it being a step in the manual 🤦‍♂️. Hit the load button, and select the definition file. If things work correctly, you will see the keyboard’s layout on the page. I have the “Long Spaces” version, which is nice, but the “Split Spaces” must be better in my opinion. Now you can move to the “configure” tab, and you should see the layout with all key definitions.

    All changes you do to the keyboard, take effect in real time, which is pretty cool for playing with the RGB colors and such configurations. For configuring the layout, I’m still not sure if I like it because I like to make all my changes and change them at once. But it’s just a different way of working, and maybe I won’t even notice it after using it a couple of times.

    There are 5 customizable layouts, which means lots of room for making this keyboard your own. For now, I will customize the default layer to have the right Cmd key, and layer 2 for having easier access to the arrow keys on the hjkl keys (yes, Vim has messed up this bad with my head 🙈) and the numbers. This is what it looks like:

    If you like my setup, then feel free to grab it and play with it https://gist.github.com/mauromorales/30ca5270e2010f15ea4a5a6a22b6c2eb

    Aesthetics

    Overall, I think the keyboard looks great. The black pitch of the aluminum mixed with the copper borders and the RGB LEDs on look fantastic! Even the bottom of the keyboard looks pretty nice. This is a product that you enjoy touching, I get a similar vibe when interacting with my MNT Reform 2 Laptop.

    There is just one mistake Epomaker made here. The knob border is platinized, which in my opinion doesn’t mix well with the copper. I’m also not a fan of the type used, for most letters it is ok, but 4$ reads more like 45. Words like PGDN give the impression that the painting went wrong, but it’s just the font type they chose for it. Not a dealbreaker, but hopefully Epomaker will move away from this font in the future, check the difference with the font used in the MNT Keyboard, which is such a delight to read.

    Size Comparison

    Specs

    Number of Keys82 keys + 1 knob
    Anti-GhostingNKRO
    Case MaterialAluminum
    ConnectivityBluetooth, 2.4GHz Wireless, Type-C Wired
    RGBSouth-facing RGB LEDs
    Hot-swappableYes
    Battery4000mAh
    KeycapOEM profile double-shot PBT keycaps
    Summary of specs, check the full specs here.

    Inside the box

    • Keyboard
    • Manual
    • Keycap/Switch Puller
    • 2.4G Dongle
    • Type-C Cable

    Pricing

    The Epomaker Tide75 has a $139.99 price tag, plus taxes. Since I didn’t pay for it, I asked ChatGPT to calculate it for me, and it thinks it would be an extra 26.65 EUR for taxes, making it a total of approximately 153 EUR.

    Deciding whether a piece of equipment is worth buying is for you to decide, but compared to these other devices, the price seems just about right to me:

    • Magic keyboard is 149 EUR. It comes with the T chip, but it doesn’t have the mechanical keyboard experience, replaceable switches, and neither the extensible configuration.
    • DasKeyboard Pro is 179 EUR. It is a mechanical keyboard including the Numpad, but lacks RGB, replaceable switches and it’s not configurable.
    • Vortex Core is 99 EUR. It comes with the RGBs, and it is configurable, but it’s only a 40% which might be challenging to adapt for many people.

    Conclusion

    Overall, I think this is a great product and anyone looking for a mechanical keyboard will not be disappointed. It happens to be that my daily driver, the Ergodox EZ just broke a few months back, and the Tide75 will take its place as my number 1.

    The issues I have with the keyboard are minor, but in my opinion, could take the Epomaker from a good choice, to a great one. Having an up-to-date manual, including extra blank keycaps for customization and most important, choosing a more readable font and matching the knob color with the rest of the keyboard.

    Thanks Epomaker for this remarkable gift, I hope that they feel proud to see their little boy is helping build an OS for Edge devices.

    The following links were given to me by Epomaker. I don’t make any commission on them. If you’d rather not use them, type Epomaker Tide75 in your preferred search engine, and you should find them, but you might get a different product than the one I reviewed here.

    Interested in grabbing yours? Check out the Epomaker Online Store, or the Epomaker Amazon Store.

  • A New Dawn for Secure Linux in Untrusted Environments

    Linux has become the default operating system for running web applications. However, like any system connected to the internet, it is exposed to remote attacks. While public cloud environments and private datacenters offer some security from physical tampering, edge computing presents unique challenges.

    For this article, an edge device refers to a headless computer system (without direct human interface) deployed in remote locations like coffee shops, gas stations, or warehouses.

    The Security Challenge at the Edge

    Contrary to popular belief, Linux systems lack certain critical security features found in Windows (Trusted Boot) and macOS (Startup Security). While Linux supports Secure Boot and full-disk encryption, these measures alone are insufficient for edge environments where devices are physically accessible to untrusted parties.

    The primary security goals for edge devices are:

    1. Preventing unauthorized access to data if the device is stolen.
    2. Ensuring the device does not boot if tampered with.

    Protecting Your Data with Encryption

    Encrypting the disk keeps your data safe when the device is powered off, addressing the first security goal. However, this protection is compromised if the device is tampered with, leading us to the second goal.

    Protecting Your Device from Tampering

    Understanding the Linux boot process is crucial for securing a device against tampering. Upon powering on, a modern computer runs the UEFI firmware, which hands control to a bootloader. The bootloader initiates the operating system, which then decrypts your data and starts your application.

    Secure Boot helps secure the initial stage by only allowing execution of digitally signed bootloaders. However, the problem lies in the next stage: most Linux distributions’ bootloaders do not verify the signatures of the Kernel or Initrd, nor do they measure the integrity of these components. This oversight allows potential tampering to go unnoticed.

    Measuring for Integrity

    Measuring involves calculating a hash for artifacts like the Linux Kernel. Any change in these artifacts alters the hash. Utilizing Trusted Platform Module (TPM) chips, we can establish a validation system that only proceeds with booting if the measurements match the expected values.

    Unified System Image (USI)

    One effective solution is creating a Unified System Image (USI). This combines the Kernel, cmdline parameters, and Initrd into a single, immutable image. By measuring this single image, we ensure the integrity of the entire system. There’s no need to encrypt this image since it contains no sensitive data, which resides in the encrypted area. The system configuration and valuable data remain secure, and the image is mounted read-only to prevent changes.

    For more detailed information on this process, refer to the UAPI Group’s page and Lennart Poettering’s article, “Brave New Trusted Boot World.”

    Kairos: Simplifying Trusted Boot

    Implementing a USI with Trusted Boot can be complex. Kairos aims to simplify this process. Visit our Trusted Boot Installation instructions to try it out, or delve into the Trusted Boot Architecture documentation for a deeper understanding of how Kairos enhances security in untrusted environments.

    , , , , , , , ,

  • KubeCon Europe 2024

    I recently attended my first KubeCon and wrote a recap on Spectro Cloud’s blog: KubeCon Paris: edge, AI and la vie en cloud native.

    At KubeCon, I had the chance to be a panelist talking about special-purpose operating systems and wrote some notes on Kairos’ blog: SPOS Panel at KubeCon Paris 2024.

  • Special Purpose Operating Systems: The Next Step in OS Evolution or One-Trick Ponies?

    , ,

  • Rethinking some common deployment strategies

  • My Plans for FOSDEM 2024

    Kairos

    Just like in 2023, one of my proposed talks got accepted. However, I will not be delivering it. Instead, my colleague Dimitris Karakasilis will be doing it because he has more experience on the topic. I will still be there taking pictures and giving away some Kairos swag, in case you want yours 😉

    Also prepare for our first in-person Kairos meeting. If you’re using Kairos, please join us, we would be thrilled to know some of our community members. You don’t have to be using Kairos to be welcome, this is also a good time to talk Kairos in general. We will share about the details of the meeting on our Slack, Matrix and Mastodon accounts, where you can also reach us at any moment.

    We also applied for a panel about Special Purpose Operating Systems, together with Flatcar, Bottlerocket and Unikraft. Unfortunately we haven’t heard a reply yet. So stay in tune for this one, we will also announce on one of our channels.

    On Saturday morning we want to go for a run, so if you’re looking for a running group, please reach out. And at night we will also probably join a party or hang out in one of the great cafés in Brussels. So you have many chances to join us to talk Kairos, running, or whatever.

    MNT Reform

    I’m a big fan of my MNT Reform open-hardware laptop. I’ll bring it so you can play with it if you’re interested. And hopefully, I’ll get to meet with other MNT Reformers. You can reach out via my personal Mastodon.

    Talks I plan to attend

    There’s never enough time to attend all the talks I’d like to during FOSDEM. These are the ones that caught my attention without too much overlapping.

  • Reading Binary Files

    Some files in a computer system are written for humans and contain text.

    % file /etc/hosts
/etc/hosts: ASCII text

    But many other files are made for the computer to execute, and it isn’t possible to read them using a tool like cat.

    % cat /bin/ls | head
����@�
      ��Z������

    This is because they are binary files

    % file /bin/ls
/bin/ls: Mach-O universal binary with 2 architectures: [x86_64:Mach-O 64-bit executable x86_64] [arm64e:Mach-O 64-bit executable arm64e]
/bin/ls (for architecture x86_64):    Mach-O 64-bit executable x86_64
/bin/ls (for architecture arm64e):    Mach-O 64-bit executable arm64e

    However, it is possible to read them using a tool like hexdump

    hexdump -C /bin/ls | head
00000000  ca fe ba be 00 00 00 02  01 00 00 07 00 00 00 03  |................|
00000010  00 00 40 00 00 01 1c c0  00 00 00 0e 01 00 00 0c  |..@.............|
00000020  80 00 00 02 00 01 80 00  00 01 5a f0 00 00 00 0e  |..........Z.....|
00000030  00 00 00 00 00 00 00 00  00 00 00 00 00 00 00 00  |................|

    The left letter of each pair is the high 4 bits and the second letter the lower 4 bits. Not all bytes represent a visible character, so I’m going to take 40, which represents the @ symbol. When split, the hexadecimal 4 can be represented as 0100 in binary and 0 as 0000. Merged back together forms the binary number 01000000, or 64 in decimal. We can validate this on an ASCII table like the one below.

    DECHEXBINASCII Symbol
    633F00111111?
    644001000000@
    654101000001A
    Table source: https://www.ascii-code.com/
    stateDiagram-v2
    40 --> 4
    40 --> 0
    4 --> 0100
    0 --> 0000
    0100 --> 01000000
    0000 --> 01000000
    01000000 --> 64
    64

    Hexdumpje

    To understand better how this works, I wrote a basic version of hexdump. The source code can be found on https://github.com/mauromorales/hexdumpje

    , ,

  • Hacktoberfest 2023 in Brussels

  • Meet Kairos, the linux meta distribution for edge

    , , , , , , , , , , ,

  • My Personal Experience Using AI

    There’s been a gigantic buzz around AI for a while now. Unless you’re living under a rock, it’s hard not to get hit by this topic. So, a month or two back, I decided to finally give it an honest shot and see if AI can bring any benefits to my work or personal life.

    Disclaimer: No AI assistant was used to write this blog post.

    Some colleagues have been using GitHub’s Copilot since the beta release and swear by it, and other colleagues say that OpenAI’s ChatGPT has become part of their daily flow, so I decided to try both.

    GitHub’s Copilot for code generation

    Context for AI is crucial, this is because AI models are trained based on datasets. The quantity and quality of such data, plus the given training algorithms, will result in the quality of the model, and different models will be better at different tasks. GitHub’s Copilot is designed to generate code, and it was trained with code they host on GitHub.

    At the time of testing Copilot, my main project is Kairos, an OS (and more) for Edge Kubernetes. Kairos specific software is written in Go, but like any other Linux distribution it’s full of configuration files, scripts and build tooling. Some of them are Dockerfiles to build images, configuration files for different utilities (e.g., GRUB), an Earthfile for building everything together, tons of YAML files and different shell scripts to do stuff here and there.

    I use IntelliJ’s Goland IDE, where you can effortlessly install and configure the Copilot plugin. However, the quality of the suggestions was terrible. Usually, there were no suggestions at all. It’s been only a couple of times when I was impressed with the generated code, but for my particular use case, I wouldn’t consider it worth the 10USD/month or 100USD/year price tag.

    To be honest, I was very disappointed. The experience is not at all what I was told, but there are many variables that could be causing this gap. For once, those who recommended it, all use VSCode as their main editor, and since it’s the editor GitHub uses in their workspaces it wouldn’t be a surprise that it is much better supported. Second, the type of project and combination of languages is different, but I would expect Go to be quite well-supported. I also don’t really know how well has been Copilot trained to make recommendations on how to configure GRUB, for example.

    But don’t let my words steer you away from trying it. See for yourself how well it works with your stack and setup, and then decide if the subscription is worth it for you. As for me, I will give it a shot using VSCode and if I don’t see a major improvement, then I will cancel.

    ChatGPT as a review partner

    I’m well aware that ChatGPT can be used for code generation, but I decided to only use it for other work related tasks. Like, for example, asking it to help me understand code, help me debug issues, or help me with technical writing.

    Case 1: Explaining code

    Digging through some code, I came across the following. Most of it was clear to me but, I didn’t understand the need for doing the last line.

    Prompt

    Can you explain the following Go code?

    type ImageExtractor interface {
	ExtractImage(imageRef, destination, platformRef string, local bool) error
}

type OCIImageExtractor struct{}

var _ ImageExtractor = OCIImageExtractor{}

    Response

    This Go code defines an interface called ImageExtractor, which has one method called ExtractImage. The method takes four arguments: imageRef (a string representing the reference to an image), destination (a string representing the destination path for the extracted image), platformRef (a string representing the reference to the platform the image is built for), and local (a boolean indicating whether the image should be extracted from a local or remote source). The method returns an error if any error occurs during the extraction process.

    The code also defines a struct called OCIImageExtractor. This struct does not have any fields or methods of its own.

    Finally, the code creates a variable of type ImageExtractor that is initialized with an instance of the OCIImageExtractor struct. This line of code uses the blank identifier (_) to indicate that we don’t actually need to reference this variable, we just want to ensure that OCIImageExtractor implements the ImageExtractor interface. This is a way of enforcing that any other implementation of ImageExtractor will also have a ExtractImage method with the same signature.

    I find this super useful. It feels like reaching to the dev at the desk next to me and asking them: “hey do you know what does this line here does?”. You cannot do this with search engines and have much success.

    Case 2: Explaining other technical topics

    Now it’s time to reach to the other side of my desk to that fantastic sysadmin.

    Prompt

    Why do I have some files called dm-0, dm-1, dm-2 under the /dev directory?

    Response

    The files you are referring to, dm-0, dm-1, dm-2, are device mapper (DM) devices. Device mapper is a Linux kernel framework that provides a generic way to create virtual block devices by mapping physical block devices onto them. It is commonly used to create logical volumes for managing storage in Linux.

    When you create a logical volume using LVM (Logical Volume Manager), the LVM creates a device mapper device file that represents the logical volume. The dm-X device files are the device mapper devices that represent the logical volumes.

    For example, if you create a logical volume named “my_lv” using LVM, a device mapper device file named “/dev/dm-0” will be created, which represents the “my_lv” logical volume. If you create another logical volume named “your_lv”, a device mapper device file named “/dev/dm-1” will be created to represent the “your_lv” logical volume, and so on.

    You can use these device mapper devices just like any other block devices, such as hard disk partitions or USB drives, to store and retrieve data. However, it’s important to note that the underlying physical devices that the logical volumes are mapped onto may change, so it’s important to use the logical volume names (e.g. “my_lv” or “your_lv”) rather than the device mapper device names (e.g. “/dev/dm-0” or “/dev/dm-1”) when referencing the logical volumes in commands or scripts.

    Thanks to this, I was able to sort out a problem I was having building some Kairos images and all I had was a hunch that it was related to those files.

    Case 3: Writing a call for paper for a conference

    During a pairing session with a colleague, we decided to use ChatGPT to help us write a call for paper for a conference. I will not post the prompt or result here, but it suffices to say that we were able to use about 50% of the generated text. While 50% might not be such a great result for a 3-5 paragraph text, it made the task less exhausting. Specially as a non-native English speaker, I find it useful to have some sample text and base my work from that.

    All in all, I would highly recommend that you start integrating ChatGPT in your daily use, specially if you are not working in a team that values pair programming. It has saved me a lot of time and mental effort. The answers are not always correct, but they constantly point me in the right direction. I’m currently not paying for the subscription, but it’s on my to-do list, so I can report later on if it’s worth it.

    Final Thoughts

    Just like with the introduction of search engines, I think we are at a similar inflection point. I’m not going to try to guess what AI will look like in the future, but from where I stand, I’m pretty sure AI will be a part of our everyday. For this reason, I think we really need to pay attention to it as individuals but also as a society. We must learn how to use it so that it can make our lives easier, that’s the whole point about technology, but we must understand that AI assistant are not encyclopedias, each tool has its purpose, advantages, and disadvantages. Talking about disadvantages, I don’t think we need to be afraid of it becoming conscious. But I do feel afraid of companies or governments abusing it, so we need to build these services with privacy for the individual and transparency. One of those solutions is the open-source project LocalAI, which I will share about in a next post.

    , ,