Unlike the folks whose “uses” page prompted me to write this, nobody ever asks me what tools I use, because I don’t have an active audience. I’m quite content with that; I maintain this place almost entirely for my own purposes and if you happen to get some benefit from reading it, that’s cool too.

Anyway, here’s what I have in my virtual workshop.

  2. Hardware
    1. Desktop
    2. Laptops
    3. Servers
    4. Phone
    5. Keyboard
  3. Software
    1. Operating Systems
    2. Desktop Environments
    3. Editors
      1. IDEs
      2. Fonts
    4. Programming Languages
    5. System Shells
    6. Data Synchronization


I’m putting this first because it is, in my opinion, critically important to the rest of the list.

I have previously used 1Password, but recently switched to Enpass. In my experience, these two managers are closely matched in features, though Enpass wins out in that it has a Linux desktop client and 1Password does not. Enpass furthermore has a Windows 10 Mobile app, so I can recommend it to my parents; I do not recall if 1Password does (I believe it does not).

Enpass is free for desktop apps, and $10 per user per mobile OS. If you own an iPhone, an Android, and/or a Windows Phone, you’ll pay per app. Otherwise, it is free for personal use. The price is only invoked when you try to store your 21st credential, so you can give it a trial spin to see if you like it without committment. I bought it immediately and regret nothing.

Enpass offers a number of features I find both compelling and, to be honest, mandatory in any modern password manager. I know this reads like I’m shilling for them and I swear I’m not; I’m just very enthusiastic about this.

  • Synchronization

    Enpass has native hooks with a variety of synchronization services. At the time of this writing, that list includes Dropbox, OneDrive, Google Drive, OwnCloud, and Box. If none of these strike your fancy, you can also instruct it to store its database in a specific location and manage it yourself (such as via SyncThing).

    The database file is always stored fully encrypted. When an Enpass client seeks to update it, it locks the file, decrypts it in local memory, updates, re-encrypts, and then clobbers the file on disk with the new version. Don’t cause a race, I guess.

  • Platform Support

    Essentially all of them. Windows, macOS, Linux, iOS, Android, Windows Mobile, Chromebook, and even BlackBerry. No BSD though, and as it’s closed source, you can’t port it yourself.

  • Environment Integration

    On desktop, Enpass offers browser integrations for Firefox, Chrome, Safari, and Opera. On mobile, it offers an Android custom keyboard that can fill fields for you. I have found using it in both environments to be a pleasant mix of convenience and security.

    I recently switched to an iPhone, and Enpass is less well-integrated (no keyboard or service to detect fields and give a notification to do so), but it does offer a home-screen widget that holds your favorites, and is readily usable. I intend to keep using it, but the experience on Android was definitely better. I think that’s more of a commentary on the phone vendor, though.

  • TOTP Support

    Time-based One Time Password algorithms are commonly used for Two Factor Authentication. If you so choose, you can use Enpass to store your TOTP seed and have it generate 2FA codes for you when unlocked. This is, however, moving your 2FA into the same database that stores your password, and thus both are compromised if your Enpass database is lost or breached. I am using it for my less-important services, but will likely continue to use Authy for more important 2FA accounts.

  • Password Generation

    You can specify length and mix (uppercase, digits, yes or no visually similar characters, non-alphanumeric symbols) anywhere in the app, including (of course) browser extensions or the app keyboard, and auto-fill and copy to a self-destructing clipboard. After generation and entry, Enpass will detect a new or updated identity and ask you if it should update its database accordingly.

  • Display of weak or duplicate passwords

    Identities with weak and/or duplicate passwords are displayed in their own categories so you can rapidly identify them and take action to change them. Enpass does not yet have Dashlane’s ability to change passwords en masse; you have to do so manually and individually. This is, regardless, good information to have

  • Importing from other managers

    I exported my 1Password database to its 1pif format, and Enpass ate that archive directly with only minor loss of information.

  • Display of aging passwords

    I have not yet experienced this, as Enpass believes all my passwords are a few days old (it did not collect their creation dates from the 1Password export). As my passwords age, it will display those identites in categories for various ages of password as an incentive to rotate regularly.

  • Fingerprint Unlock

    THIS IS A SECURITY REDUCTION. However, it is very convenient, and Enpass takes every step to limit the security reduction of biometric unlocks. If your phone changes the fingerprint set in any way, Enpass invalidates the stored master password and requires that you re-authenticate with it.

    But yes, you can use Touch ID to unlock your password vault. I recommend disabling this if you are in an environment where this may be unsafe, such as heavy police or other security personnel presence, or an untrustworthy home environment.

The only thing Enpass does not have that 1Password does, to my knowledge, is 1Password’s recent feature add of Travel Mode. If you inform 1Password that you are travelling, it will destroy local copies of select vaults and attempt to reacquire onec you turn travel mode off. This makes it so that, if you are compelled to open your password vault by, say, American TSA, your sensitive items will be completely absent and you can do so safely.

If this is something likely to affect you, disable Enpass synchronization on the affected devices and the local databases will be destroyed; reenable it later to reacquire. This is not selective and you will temporarily lose all data, not just the vaults you mark as sensitive as 1Password permits.


I have six computers at the moment in various roles. Don’t look at me like that.


My primary desktop is a PC I built myself.

Here are the parts for it:

  • CoolerMaster HAF XB EVO case (no I don’t know what those letters mean)
  • ASUS Z97-A motherboard
  • Intel Core i7 4790K CPU (not overclocked; I’m not a cool ricer)
  • 2x nVidia GeForce GTX960 GPUs (this was a mistake; identical cards means I can’t pass just one through to a VM. Also, VR support starts at the 970)
  • A ThermalTake liquid cooler whose specific SKU I can’t remember and probably doesn’t matter.
  • Two Seagate hybrid disks (4TB HDD/64GB SSD) and two Samsung 850 SSDs.

All told, I think this ran me roughly $2,000. It’s three years old and I’m hoping to stretch it to at least five or six, unless some extremely cool hardware comes out and I can’t restrain myself.


I use a MacBook Pro (2014) as my primary laptop. I don’t much care for macOS, but it’s nice having a UNIX-y OS and I just haven’t bothered to install a Linux distro on it yet.

I also have a Surface Pro 3, which I used extensively in college for notes and less often now that my Office subscription has expired and I don’t really have as strong a use case for it.

The third laptop is an Alienware M14x from 2011 that was my primary machine for a long time, and is now a dev machine on which I test out new things. It’s run Arch, FreeBSD, Qubes, and currently CentOS.


I have a Mac Mini and an old (2012) homebrew PC acting as servers. The Mac Mini lives with me in Utah; the old PC is with my parents in Michigan and is currently dead. I also rent a DigitalOcean droplet because my apartment isn’t in a great situation vis-a-vis uptime. Thanks, Comcast BlueRim.


I currently use an iPhone X. I had previously used a Moto Z, until I bought the external battery mod and something went wrong in the phone itsely (I think) that cause its battery sensor firmware to panic and believe that the phone was utterly without power, and shut down until plugged into the wall.

The problem escalated to the point that even when both batteries were full, taking the phone outside in autumnal weather caused the phone to abort. This is, obviously, unacceptable.

Naturally, shortly after I bought the iPhone, Apple released iOS 11.1.2, with this patch note:

– Fixes an issue where the iPhone X screen becomes temporarily unresponsive to touch after a rapid temperature drop

As northern Utah is the farthest south I have ever lived, I am particularly annoyed by failures of technology to handle the environment in which it will see use. In ordinary autumn/winter weather, I will encounter drops of -40℉ (building at 70℉, air at freezing) and the most I’ve encountered in real life has been a -100℉ (from 70℉ to -30℉). Isn’t it important that phones work in these environments?

Anyway. I haven’t used the phone enough to leave further comment.


I have two WASD keyboards in the Dvorak layout that I greatly enjoy. My favorite part of them is that the Dvorak scheme is controlled by a switch on the back that remaps the scan codes of each key, so that it can be plugged into a computer expecting the QWERTY US keymap without any change to software.


Operating Systems

I run Arch Linux on my desktop and servers. I’ve been using it for the last few years and while it was extremely rocky at first, now that I’ve figured out what I’m doing it’s been very solid and a joy to use.

I have not yet changed my MacBook to use anything other than macOS, so, I use that as well, though without nearly the fluency that I do Arch.

I haven’t used Windows personally in about two or three years, though I use it at work. It’s still a good OS; I just personally prefer Arch+KDE at the moment.

Desktop Environments

KDE’s Plasma 5. I know, I know; the only way I could get more generic and boring is if I used GNOME. It works tremendously and I don’t use Vim either; I’ve resigned myself to not being “cool”. Plus, KDE Connect pairing with my phone is very convenient.


Primarily Visual Studio Code. I know how to type in, save, AND exit Vim, so I’ve got that going for me. I mostly use GNU Nano as my notepad when I can’t leave the terminal environment, though.


I do half of my Rust work in IntelliJ IDEA. It is truly remarkable. It helps that I have a .edu email address for the forseeable future.


I was introduced to the Iosevka font, and use it for all the monospaced text on this site, as well as in my editors. The specific variant I use (with numbers collapsed using sh syntax) is:

sans term ss03 cv{01,{0,1}{3,7},19,2{1,3,4},3{0,1,4,7,8},4{0,2,4,6}}

The term variant makes the box-drawing characters I use for text diagrams render properly. I replace term with type for text I know will not contain these characters, in scenarios where I want fancier features such as ligatures.

Programming Languages

  1. Rust is my personal language of choice. I’m slowly expanding the scope of where I use it, including working on rebuilding this website to be driven by it.

  2. Ruby

    I use Ruby at work for driving the ground side of one of our missions, and to power this website (currently).

  3. Elixir, in which I’m practicing for future web work.

  4. C, split evenly between GCC and Clang compilers.

    I specialize in low-level systems languages, and Rust has not yet displaced this.

  5. Sass is still my absolute favorite CSS super-language. I use it for all my CSS projects, and cannot yet imagine going back.

  6. TypeScript

    I don’t really have a firm reason I picked TypeScript as my JavaScript super-language, but I really enjoy working in it.

System Shells

Zsh. I strongly prefer it to Bash, though I am not well versed enough in terminal lore to clearly state why. I am looking forward to some new shells under development to experiment with, though as yet they don’t seem completely ready for full time use.

I also use PowerShell at work, and a bit at home. I am incredibly impressed with its piping object model and scripting language, but it’s not something I yet see myself using personally.

Data Synchronization

I use SyncThing for decentralized data sync; all my machines shunt my Projects and Pictures folders, among others, this way. These folders are massive and thus cannot use sync services that include cloud storage as a target. SyncThing is a distributed network that operates by having your machines introduce themselves to each other. You can then select which folders are synchronized between which machines – this can also be used to maintain disparate sync networks, whereby each machine has a different set of folders shared with different networks. For a short time, that was how I deployed this website and shared project code with a team of mine.

I also use Dropbox, OneDrive, and Google Drive as means of backing up and/or sharing items with specific groups of people or ecosystems. These are fairly mainstream and banal, so I won’t go into more detail.