Setting up a FreeBSD/OpenBSD dual-boot with full disk encryption

A bit over a month ago, I bought my first refurbished laptop. Previously I used a ThinkPad (owned by the company I work for) for on-call duty. It’s running a Linux distro which would not be my first choice at all, it has a small screen and – it’s not my property. I wanted my own laptop and since we’re allowed to use whatever distro we prefer, I thought that I’d be going with Arch.

(I you’re just interested in the commands to enter, have a look at the end of this post where I put a list of them.)

*BSD in production

On a second thought: Why not use *BSD? For me it would mean going to use a *BSD desktop “in production” after only running it privately. Thanks to the great BSDNow! show I feel confident enough now to give it a try. The company that I work for is running some FreeBSD servers, too, so it’s not something entirely strange and unknown. I went with asking if using BSD for on-call was ok. The answer was what I expected: If I thought that it would work ok I should well try it. The only requirement was that I’d encrypt the disk (the same rule would apply to Linux, too, of course).

Next question: Which BSD to use? Since I’m just getting into *BSD, I’m not really familiar with all of them now. Net and Dragonfly would certainly be interesting, but since I need that box for work that’s not an option. I need something that I know enough to be able to work with. Of course it would be best if I could learn something at the same time… So, what’s the best way to learn more? Probably tracking -CURRENT! But what if something breaks? I cannot afford that. And which BSD to use anyway? I work with some FreeBSD servers, so more in-depth FreeBSD knowledge would make sense. Then again I’ve really come to like Puffy and all he stands for…

That would be a hard decision! Finally I decided not to decide – and to just install both instead. This also has the advantage of having a second system if either CURRENT should ever break!

Hardware: HP EliteBook

I bought an HP EliteBook 8470p. Why didn’t I go with Lenovo even though those are known to work best with *BSD and I obviously need something that seriously works? Well, there’s one reason for me: With the ThinkPads keyboards just totally suck. I have no idea who came up with that sad story of “Hey, let’s just put the Fn key where Ctrl belongs and vice versa!”. No idea whatsoever. But I know for sure that it drives me insane. No fun at all when you’re working on-call at four AM, barely awake, and nothing happens when you have to CTRL-C something quickly. I could never get used to it ever!

So for that very reason it had to be some other hardware. I had this older HP laptop that a friend sold me for a few bucks a while ago. I can’t remember which model exactly and cannot look it up since I don’t have it anymore. (When my mother’s old computer died as I was over on a visit, my father thought about replacing it with a Windows box since that’s the only thing that he knows. To avoid that, I set up said old HP laptop that I had with me as a replacement and gave it to her. She’s been using it happily since.) That laptop had been a pleasant experience when I had OpenBSD on it and so I decided to give that EliteBook a try.

It works fairly well for most things. On FreeBSD there was the problem with the Intel video driver but since I’m running 11-CURRENT video is all working great even when I quit X11. WiFi is detected according to dmesg but for some reason no iwn0 shows up if I run ifconfig. I didn’t have time to look into that further, however. On OpenBSD backlight gets turned off if I quit X and thus the screen is a bit dark then. Since I usually quit X to shut down the computer afterwards, anyway, that’s only a minor issue. WiFi is correctly detected and I confirmed it to work. Suspend works when I close the laptop but when it wakes up the keyboard does not work anymore. These are the only issues that I ran into so far.

What is the exact use case?

FreeBSD can use ZFS while OpenBSD cannot. I’m not sure if FreeBSD’s and OpenBSD’s UFS/FFS filesystems are compatible (I think OpenBSD’s implementation misses quite some of the newer features). The encryption methods used by the systems however are definitely not compatible. So it doesn’t matter anyway in this case and I’m free to choose whichever filesystem I want.

Since I’ll be compiling FreeBSD-CURRENT now and then (and in general plan to do some stuff that likes much memory to be available), I decided to go with UFS. Yes, there are scenarios where ZFS is simply overkill! There’s only one drive in the laptop, it’s not extremely big and it won’t hold any important data. I have no need any particular ZFS feature on that system, so going with UFS should be fine. (That plus the fact that I’m still reading Lucas’ and Jude’s excellent book on ZFS and intend to play with that filesystem on another machine)

Prior to version 5.9 (released after I originally wrote this), OpenBSD only really supported the MBR partitioning scheme so going with that was an easy choice. I’ll stick to it for now because I need some time to play with it first. I’m going to do everything again in a VM so I can take screenshots for this article.

Installing FreeBSD

The installation begins just like an ordinary FreeBSD install: Boot up the installer media and make your way through the setup questions. When the installer asks about the partitioning however, we’re going to do that by hand.

Choosing to partition by hand

The pure bourne shell is not very comfortable for interactive use, so it generally makes sense to use a more advanced shell (like tcsh) for convenience features like auto-completion. Should you not know which drives your machine has, camcontrol can help you. If you want to start with a clean drive, you can zero out everything with dd (when I bought my laptop it had Windows 7 on it that I wanted to get rid of).

Zeroing out the disk

If you’re not familiar with what partitions and slices are, you may want to have a look at an older post where I wrote up a little excursion about that topic.

First an MBR is created and then two slices are added to it. The first one gets 100 gigabytes, the other the rest (which is also 100 GB in my case). Both slices are created aligned to 4k sector size of the hard drive. Then a BSD disklabel is added in the first slice. After that, boot0 (a simple boot manager) is written on the drive and the standard bootcode into the first slice. Finally the first slice is marked as active for booting.

Slicing the disk

Now three partitions are created inside the BSD label: One for boot (which will hold the kernel and cannot be encrypted), one for swap and one for the system (which will be encrypted). Glabel is used to give these partitions a more meaningful name than ada0s1a and the like. Since the system partition will be encrypted, it makes sense to write some garbage all across it so that it is impossible to see which part holds data and which does not. This takes quite a while and you could of course skip this. As long as your patience lives up to paranoia, that little bit of extra security is worth the wait!

Creating and labeling BSD partitions

Next the system partition is initialized with GELI, one of FreeBSD’s two military grade encryption methods. I only use a passphrase to unlock but you can also use a key (or both) if you wish. After attaching the new GELI partition, a new GEOM provider, system.eli is available with the clear data for you (and your programs) to use.

Creating and attaching the GELI partition

Now it’s time to format the two data partitions (the swap partition does not need any formating). You could also use journaling UFS for the boot partition but it’s usually not necessary.

Creating filesystems

Copy over the boot directory and add two lines to loader.conf so that you’ll have the chance to unlock your GELI partition during system startup. What remains is writing a fstab. Notice that for some reason I’ve forgotten to put swap.eli in there on my screenshot (even though that’s what I have in my script). What this does is using a one-time key for your swap on each boot, thus making sure that any data that remains on the swap partition is useless once the system was powered down once. You do not have to initialize GELI for this. FreeBSD knows what to do when it sees swap.eli.

Mount the decrypted system partition on /mnt as that’s where the installer expects it. And don’t forget to create the clear directory as we demand that in fstab and the system would not boot up correctly if it was missing. Then exit the shell and continue with the installer.

Copying over /boot and writing loader.conf and fstab

Once the installation has finished, the installer will ask you if you wish to make any final modifications. Answer yes and it will drop you into a shell in a chroot of your new system. Delete /boot (that directory lives on the encrypted system partition and the bootloader could not find the kernel there anyway) and make it a symlink pointing to /clear/boot instead. This step is not actually required. But if you don’t do it, you won’t be able to update your system the normal way. If you want to only mount the real /boot by hand whenever you upgrade, that’s fine, too, of course.

Chosing to make final modifications

Exit the shell, reboot and remove the boot media. Then reboot. Your boot manager (boot0) will offer you two FreeBSD systems. Hit F1 to boot up FreeBSD. Don’t hit F2. There’s no system there, yet.

Installing OpenBSD

The OpenBSD installer is neither pretty nor does it offer any kind of menu system. However it is simple, effective and straight-forward. Choose to install OpenBSD, set your keymap, enter a hostname, configure the net and set a root password.

Hostname, network and password configuration

Choose to run an SSH server by default, whether to prepare the system for X11, if you want the display manager XDM to be started automatically. Create a user now or do so later. When asked for the timezone, give a ! instead to drop into a shell.

Going to a shell

If you don’t know your disks, look inside the dmesg for the name. Now use fdisk to change the type of the second partition from A5 (FreeBSD) to A6 (OpenBSD). Then use disklabel to create a swap partition and a main partition. Make absolutely sure that the later has the type RAID!

Partitioning for OpenBSD

Encrypt the new softraid with bioctl then exit the shell. Now enter the correct timezone and choose the newly created softraid for the installation! Dedicate the whole softraid disk to OpenBSD but edit the partitions to fit your need. You do not need a swap partition on the softraid because we created a separat one on the real disk, remember? For that reason, after OpenBSD formated the partitions you created, the installer will ask you if you want to add any other disks before you start the actual installation. You DO because there’s the swap area.

Preparing crypto softraid

Once the installer has finished, reboot the machine. Now the boot manager says “F1 – FreeBSD” and “F2 – BSD”. The second one is your OpenBSD. The manager knows only the partition type and has no clue which system is on there.

Plain text summary

Here’s what you could type in for the shell parts of both installers:

FreeBSD


In the partitioning shell:
tcsh
dd if=/dev/zero of=/dev/ada0 bs=1m
gpart create -s mbr ada0
gpart add -a 4k -t freebsd -s 98G ada0
gpart add -a 4k -t freebsd ada0
gpart create -s bsd ada0s1
gpart bootcode -b /boot/boot0 ada0
gpart bootcode -b /boot/boot ada0s1
gpart set -a active -i 1 ada0
gpart add -t freebsd-ufs -s 2G ada0s1
gpart add -t freebsd-swap -s 4G ada0s1
gpart add -t freebsd-ufs ada0s1
glabel label clear /dev/ada0s1a
glabel label swap /dev/ada0s1b
glabel label system /dev/ada0s1d
dd if=/dev/random of=/dev/label/system bs=1m
geli init -b -s 4096 -l 256 /dev/label/system
geli attach /dev/label/system
newfs /dev/label/clear
newfs -j /dev/label/system.eli
mount /dev/label/clear /media
cp -Rp /boot /media
echo 'vfs.root.mountfrom="ufs:/dev/label/system.eli"' >> /media/boot/loader.conf
echo 'geom_eli_load="YES"' >> /media/boot/loader.conf
echo '/dev/label/system.eli / ufs rw 1 1' >> /tmp/bsdinstall_etc/fstab
echo '/dev/label/swap.eli none swap sw 0 0' >> /tmp/bsdinstall_etc/fstab
echo '/dev/label/clear /clear ufs rw 1 1' >> /tmp/bsdinstall_etc/fstab
mount /dev/label/system.eli /mnt
mkdir /mnt/clear
exit
exit

In the "final modifications" chroot:

rm -r /boot
ln -s /clear/boot /mnt/boot

OpenBSD


i
de
puffy
em0
dhcp
none
done
password
no
yes
no
no
!
dmesg | grep [ws]d0
fdisk -e sd0
setpid 1
A6
quit
disklabel -E sd0
a b
ENTER
4G
swap
a a
ENTER
ENTER
RAID
w
q
bioctl -c C -l /dev/sd0a softraid0
exit
Europe/Berlin
sd1
whole
e
Your layout here
w
q
sd0
OpenBSD
w
q
done
http
none
openbsd.cs.fau.de
pub/OpenBSD/5.9/amd64
done
done

Top things that I missed in 2015

Another year of blogging comes to an end. It has been quite full of *BSD stuff so that I’d even say: Regarding this blog it has been a BSD year. This was not actually planned but isn’t a real surprise, either. I’ve not given up on Linux (which I use on a daily basis as my primary desktop OS) but it’s clear that I’m fascinated with the BSDs and will try to get into them further in 2016.

Despite being a busy year, there were quite a few things that I would have liked to do and blog about that never happened. I hope to be able to do some of these things next year.

Desktops, toolkits, live DVD

One of the most “successful” (in case of hits) article series was the desktop comparison that I did in 2012. Now in that field a lot has happened since then and I really wanted to do this again. Some desktops are no longer alive others have become available since then and it is a sure thing that the amount of memory needed has changed as well… 😉

Also I’ve never been able to finish the toolkit comparison which I stopped in the middle of writing about GTK-based applications. This has been started in 2013 so it would also be about time. However my focus has shifted away from the original intend of finding tools for a light-weight Linux desktop. I’ve become involved with the EDE project (“Equinox Desktop Environment”) that uses the FLTK toolkit and so people could argue that I’m not really unbiased anymore. Then again… I chose to become involved because that was the winner of my last test series – and chances are that the reasons for it are still valid.

And then there’s the “Desktop Demo DVD” subproject that never really took off. I had an Arch-based image with quite some desktops to choose from but there were a few problems: Trinity could not be installed alongside KDE, Unity for Arch was not exactly in good shape, etc. But the biggest issue was the fact that I did not have webspace available to store a big iso file.

My traffic statistics show that there has been a constant interest in the article about creating an Arch Linux live-CD. Unfortunately it is completely obsolete since the tool that creates it has changed substantially. I’d really like to write an updated version somewhen.

In fact I wanted to start over with the desktop tests this summer and had started with this. However Virtual Box hardware acceleration for graphics was broken on Arch, and since this is a real blocker I could not continue (has this been resolved since?).

OSes

I wrote an article about HURD in 2013, too, and wanted to re-visit a HURD-based system to see what happened in the mean time. ArchHURD has been in coma for quite some time. Just recently there was a vital sign however. I wish the new developer best luck and will surely do another blog post about it once there’s something usable to show off!

The experiments with Arch and an alternative libc (musl) were stopped due to a lack of time and could be taken further. This has been an interesting project that I’d like to continue some time in some form. I also had some reviews of interesting but lesser known Linux distros in mind. Not sure if I find time for that, though.

There has been a whole lot going about both FreeBSD and OpenBSD. Still I would have liked to do more in that field (exploring jails, ZFS, etc.). But that’s things I’ll do in 2016 for sure.

Hardware

I’ve played a bit with a Raspberry 2 and built a little router with it using a security orientated Linux distro. It was a fun project to do and maybe it is of any use to somebody.

One highlight that I’m looking forward to mess with is the RISC-V platform, a very promising effort to finally give us a CPU that is actually open hardware!

Other things

There are a few other things that I want to write about and hope to find time for soon. I messed with some version control tools a while back and this would make a nice series of articles, I think. Also I have something about devops in mind and want to do a brief comparison of some configuration management tools (Puppet, Chef, Salt Stack, Ansible – and perhaps some more). If there is interest in that I might pick it up and document some examples on FreeBSD or OpenBSD (there’s more than enough material for Linux around but *BSD is often a rather weak spot). We’ll see.

Well, and I still have one article about GPL vs. BSD license(s) in store that will surely happen next year. That and a few topics about programming that I’ve been thinking about writing for a while now.

So – goodbye 2015 and welcome 2016!

Happy new year everyone! As you can see, I have not run out of ideas. 🙂

TEK – The “Truly Ergonomic Keyboard”

This post is a review of the Truly Ergonomic Keyboard (or TEK for short). This keyboard is very different from any keyboard that I’ve head so far. And since it is not exactly cheap (about 190 EUR or 250 USD!) I thought that I’d write about it so people who think about buying it can read some facts first.

My last two posts were about closely related topics: 1) keyboards, ergonomics, touch-typing and common typist’s injuries and 2) alternative keyboard layouts. I’ve already made clear that I love my TEK there and in fact I’m so enthusiastic about it that I’m going to buy a second one for work as soon as I can afford it.

Truly Ergonomic Ltd.

With such a name the company won’t win a modesty award for sure! And the claim “A revolution in typing” is quite bold, too. But then again, there’s absolutely no need for being modest if you sell a product like that. IMHO this Canadian company could rightfully claim to have re-invented the keyboard or created a “keyboard 2.0” / “keyboard reloaded” or whatever you want to call it. There are just so many things about the TEK that I’m having a hard time to decide where to start.

The company’s website of course explains a lot of things about the keyboard. I will of course mention everything that I deem important. But I’ll try to focus on my personal user experience with the TEK.

The dust cover that comes with the keyboard – a simple but useful idea!

A radical new approach

The first thing that you notice when you look at it is that the TEK reorganized the key positioning quite strongly. The letter keys stay in the same place compared to the classic keyboard layout. The same is true for the numbers, the Fx keys and the cursor (or arrow) keys. Same with Shift, Esc and so on. But this is more or less it.

Leaving the letter keys in their common position is a good choice because the TEK asks enough of you when you have to re-learn a lot of positions for the other keys. Most importantly: Return, Backspace and Del move from right of the letter keys to in-between. They are placed right in the middle of the keyboard. This feels very odd at first because typically you’ve been familiar with a position to the right for many years. It takes a few hours to get somewhat used to it and, at least for me, it took more than a week to feel “natural”.

The symmetric design makes the TEK look very nice. But aesthetics is of course not the real reason for such a radical re-design. Just as you would have guessed, the real motivation is – ergonomics! The little finger (aka “pinkie”) for example is much weaker than your other fingers. But instead of putting less strain on it, the classical keyboard requires you to use this finger for the Return and Backspace keys which are frequently used during the work day. Re-positioning these two keys so you can use your strong fingers for them makes a lot of sense from this perspective.

The TEK follows a very different keyboard design!

The Ctrl keys – required for a lot of key combinations – take the place of Caps lock and Return on the classical layout. Caps lock is a key most people use very rarely – if ever. Wasting the space of a nice big key for such a useless one is a shame. This is something not only the developers of the TEK have realized. There are some new laptop keyboards which simply remove the Caps lock key completely. The TEK moves it to the position below the Fx keys instead to make room for the left Ctrl.

Moving the Pg up, Pg down, Home and End keys to the left as another cross like the cursor keys, proves to be an excellent idea. I used these keys less frequently before because they were not within direct reach from the home row. Actually I didn’t even pay attention to that and it only came to my attention after using them really often on the TEK (to e.g. go to the beginning or end of a line). Whenever I’m typing on an ordinary keyboard now, this feels lacking an important feature: Those four keys without having to move the right hand off the letter keys!

Another useful thing (even though I don’t really use it) is the placement of the Fn key right below the Fx keys. You surely know this key from many laptops which however place it in the lower left corner of the keyboard. And that means you’ll need both hands to really use it (or completely over-stretch your fingers which is a very bad idea on the long run!). The Fn key on the TEK is in a much more reasonable position.

There’s exactly one design decision that I disagree with: Making Tab a small key is not a very bright idea. And I’m pretty sure that more people will think the same in this regard. Tab – the key for auto completion on the terminal! – a small key… However this is not really a problem. Why? Just follow along and see.

Fully customizable layout

Annoyed by the Tab thing? Well, just re-map that key. No, no, you don’t have to go through the pain of configuring your xmodmap on Linux or figuring out how to do something like that in Windows if you use it (or are forced to do so). You also don’t have to re-configure your keyboard on every computer you might attach it to. Why? Because there’s the Custom Layout Designer where you can create your own layout with ease.

Once you are done, you can download that layout and then flash the TEK’s firmware – so your changes are made directly inside the keyboard and thus completely independent of the computers you might plug it into later!

This is an extremely lovely feature. Think about it: The possibilities to customize your TEK are almost limitless. For example I’ve mapped Ctrl back to the lower corners of the keyboard and put Caps lock on the former Ctrl keys (remember that I’m using the sophisticated Neo² layout which uses Caps lock to access other layers with different characters for the keys). I’ve also re-mapped Return to the left Space key because I feel that two of them are a waste of keys. And thus the former Return key, a nice big one in an excellent position, is free for mapping Tab on it!

The layout designer is not only extremely easy to use. It also makes sharing your layouts a simple thing, since a link (a pretty long one of course) is created for it. View the layout that I use right now here as an example, if you wish.

Back side of the TEK: You can see the DIP switches here

On the back of the keyboard there are some DIP switches. Click on the image for a bigger version to have a closer look. With these you can change between Windows/Linux and Mac mode, choose the base layout for some countries (or for Dvorak) and if firmware flashing is allowed. Mine is set to German (DE).

The fully programmable custom layout is the one of the killer features of the TEK for me. There are only two things that I can criticize: For one the layout designer does not produce images with the current version of the firmware (v3.40 instead of v4.0 which the keyboard came with). I don’t know when they’re going to update the layout designer. For me it is nothing urgent as everything that I need works very well with v3.40 as well.

The second point is the more important one for me: Currently there’s only a Windows program to flash the TEK’s firmware! Probably not a problem for a lot of people who have at least one Windows machine. I don’t. And since I didn’t trust Wine or wanted to flash from VirtualBox or something, I had to set up a Windows machine to flash my TEK. This made me do something I didn’t want to do again – ever. While having breakfast I installed Windows 2000 on an old laptop. Then the service packs, etc… Ok, I’ll skip over the details. The outcome was that I was able to flash the keyboard and I did so quite a few times until I was satisfied with the layout.

I really hope that Truly Ergonomic releases a flashing software for Linux somewhen. OS X is probably first but anyway even this would be a huge step ahead IMHO. While I don’t have a Mac and thus would not directly benefit from it, it would at least give you a choice – and make a Linux version much more likely. 😉

More characteristics

Another pretty obvious fact is the very small size of the TEK. Truly Ergonomic Inc. advertise this as a huge benefit because the mouse can be closer to the keyboard – effectively reducing the way your hand travels whenever you switch between keyboard and mouse. I admit that I disregarded this point before I had the keyboard: There might be a theoretical benefit but it ought to be so little that you don’t ever notice it! Now I have the TEK and my mouse is much closer to the keyboard. Guess what: it feels good! I’m still using a Natural Ergonomic 4000 by Microsoft at work. And there really is a difference when it comes to a keyboard to mouse switch. It’s perfectly noticeable! So this is not just marketing after all.

The box which the TEK ships in

Less obvious is another strong point of the TEK: It uses mechanical key switches. In case you have no idea what this means I encourage you to do a bit of reading. For short: Most standard keyboards use a “rubber dome” technique to trigger a keypress. This is cheap to produce and is of rather low quality compared to other types of keyboards. Mechanical keyboards use a separate and independent mechanical switch for every single key and the key triggers at the moment you press it about half the way down. There’s actually no reason to press it all the way down. And thanks to the switches the keys are what is called “tactile”. It’s hard to describe the real difference while typing. Try it out for yourself if you’ve got the chance. I’ve come to like the mechanical switches of the TEK and many other people love the switches of e.g. Das Keyboard, a popular mechanical keyboard that uses them as well.

Another detail is that the keys of the TEK do not follow the standard key arrangement of placing them vertically staggered but in a straight line horizontally. In fact it follows the opposite approach – and this is a great idea! You won’t believe how much of a difference it makes if you didn’t feel it yourself. Our fingers do not all have the same length. The key arrangement of the TEK honors exactly this fact.

Remaining things

The TEK is advertised to be compatible with Windows, OS X and Linux. I’ve also used it together with FreeBSD and OpenBSD – just like you’d expect everything is fine of course.

Before purchasing this gem I read quite some reviews of course. There were complains from people who had problems with the so-called “ghosting” and such or needed to “type in” their keyboard before everything worked right. I never had such problems. My TEK worked from the moment on that I first connected it to my PC. But then again this was most likely an issue with the old 207 and 209 models and seems to be solved with the 229 that I own.

The only real problem that I noticed was that the embedded Num Pad (which can be switched on and off) behaves strangely and is not of much use. Since I don’t really depend on it, I simply don’t use it. However for some people this may be a total no-go. This is probably fixed by the firmware v4.0, but I didn’t try it out.

It’s much more of a shame that the TEK is only offered with an US layout. Again this is not much of a problem for me. But my wife is not happy with this at all. And as you can all imagine, this is NOT good (and does certainly not help to convince her that I need to spend so much money again to buy a second one!). Would be great if you could choose between some common keyboard layouts. I’d even be willing to spend some more money for a German one!

Back side of the box which shows some features of the TEK

Also many people wrote that the support of Truly Ergonomic Inc. is lousy and it takes extremely long to get an answer at all. I cannot say anything about this since I never had to contact them. (I’m thinking about writing to them about the Num Pad issue – if I do, I’ll update this article with the answer.)

Another thing is the detachable palm rest. I like it the way it is and never attempted to take it off. But I think for some people it may be nice to have an even smaller keyboard.

Depending on what you prefer, there are different models of the TEK. One model with wide Alt keys (model 227) which Emacs users will love and one with two normal-sized keys instead of one wide Alt (model 229). And then there’s an “MX brown”-compatible (soft tactile) and an “MX blue”-compatible (clicky tactile) version of either model. I’ve got 229 brown and that’s loud enough for me (at least until I finally learn not to push the keys down to the bottom!).

Conclusion

The TEK is not a keyboard for everyone. It is too expensive for many people and too different from the style everybody is used to. But for people who type a lot, who are willing to invest a bit of time to re-learn things and who take advantage of its special features (like the customizable layout), it is pretty close to the ultimate solution. It is well-thought-out in just about any area. A plastic dust cover for example is such a simple yet very effective thing!

The flaws that the TEK has are very few and mostly nothing too problematic. A choice between the US layout and some others printed on the keys would be my biggest wish, closely followed by a flashing software for Linux. However I guess that an updated layout designer to feature firmware version v4.0 is more likely – and of course I’d appreciate that as well.

Perhaps some of these wishes might come true if the TEK reached a much wider audience. Maybe even the price could be reduced then so that again more people could afford it. Ergonomics is an important topic when it comes to progress in the IT field. The TEK is not the only keyboard which tries to implement ergonomic considerations. But it is a very good one.

If you consider doing something about Ergonomics, to get a new keyboard and try out an alternative layout like Neo², Colemak or Dvorak, I suggest learning the alternative layout first. Trying to get used to a new layout while trying to adopt to a new keyboard will almost certainly fail. And learning a new layout is by far the bigger task – so it makes perfect sense to learn it on the keyboard that you are used to and make the switch afterwards.

Keyboards, layouts and ergonomics (pt. 2)

This is the second part of my article about ergonomic keyboards and keyboard layouts. In the first part I wrote about different characteristics of keyboards, touch-typing, typical injuries of people typing frequently and my first experience with an ergonomic keyboard: A curved keyboard from Microsoft.

Better ergonomics

Probably too late (I already suffered from pain in my hands) I decided to get one of Microsoft’s “Natural Ergonomic 4000” keyboards. It’s quite a bit more expensive than the average keyboard but I hoped that it was worth the money.

The initial impression was at least ambiguous – or probably even negative. I could see the idea behind the ergonomic design and wanted to believe that its wavy style was superior to the simpler curved one. But the whole thing is a true beast of a keyboard! It’s very big. No, actually it is huge – and not only in length but also in height. The later is a problem if you (like me) have a sliding board under your desk where you put the keyboard. Chances are that it won’t fit there. And then, for a personal view, it is really ugly.

Microsoft’s Natural Ergonomic 4000 Keyboard (german layout) – This was my prefered model until now

It wasn’t easy to develop a friendly attitude towards that thing. The first day I used it, I had to switch to my old keyboard again to enter my boot passphrase. I’m the kind of guy who cannot remember his passwords but knows pretty well which keys he presses. And so it was nearly impossible for me to enter a long password at first because the keyboard felt very different from anything I had ever typed on before.

Another thing is the split design; I used to type the ‘b’ key with my right hand for example. This was no longer feasible with the new keyboard thanks to the gab. This was a major nuisance until I realized that it was not the keyboard getting in my way but in fact a bad habit of mine. From this perspective the new keyboard even helped me to get rid of that bad habit and I’m quite happy with that fact now. As I was getting used to it this became less and less of a problem (the same is true for the passwords). It took me about two weeks to adopt the new style enough to type without pressing the wrong key too often. After a bit more than a month things started to feel alright again. My typing speed however was reduced for many months and I felt that I never actually reached my best times again. But the reason for that was not the keyboard. It was myself choosing to learn a new layout.

National keyboard layouts

While the US keyboard layout can be found around the world when it comes to servers, it simply does not qualify for most languages. This is perfectly clear for the Russian Cyrillic alphabet, the Greek one or the Asian languages. But also most European languages which use the Latin alphabet as well, have additional characters which English does not have. This is why there are so many national keyboard layouts.

The default German layout (from Wikipedia)

However the additional characters come at a price: Some other characters are moved and may even require a combination of keys. The German keyboard is a fine example of a very bad keyboard layout today. It features the umlauts (Ä,Ö,Ü) and other characters, but some special characters are not very convenient to reach. In the days of typewriters it may have been ok because you would not need characters like the backslash, curly braces and so on. These examples are located in hard to reach places with AltGr+Plus sign, AltGr+7 and AltGr+0. The problem is that you need them a lot on the computer. Just think how often you need the curly braces if you’re a programmer… You see the trouble.

A lot of programmers in Germany actually just use the US keymap for work. I can work with US pretty well, too, but this is not the ultimate solution. Fortunately there are the so-called alternative layouts.

Optimized keyboard layouts

In the English world Dvorak is the best known one. It has the same characters as the default US keyboard but another layout. A lot of people claim that they can type faster with this layout. The idea here is that the letters which are most often used in English are placed on the home row (this is the “start position” where touch-typists have their fingers when they start typing). This sounds like a good idea but critics claim that there’s barely an improvement in speed it at all. I’ve never used Dvorak so I cannot say much about it.

The Colemak layout (from Wikipedia)

There’s also a less well-known alternative for the English keyboard that is a more modern variant: The Colemak layout. If you are mostly typing English text you may really want to try it out. It’s meant as an even bigger improvement over Dvorak – and it adds a lot of characters from other European languages! Whether you need a Spanish Ñ, Scandinavic Å or Turkish Ç – no problem. While I’ve never used it myself I must say that it sounds pretty good.

And then there’s the most advanced layout that I know of: NEO². It’s a modern re-organisation of the German keyboard that considers letter frequency of both German and English. It uses several dead keys (keys which do not produce a character themselves but modify the next key pressed adding an accent or something to a letter) and has six (!) layers. Thanks to that it can create special characters like the whole Greek alphabet (in lower and upper case) and dozens of special symbols. Thanks to that unique flexibility you can use it for pretty much any language which uses Latin letters!

The 1st layer of the NEO² layout (from Wikipedia)

The letters are the following: Every normal key press is layer 1. Shift+key press is for layer 2. Caps lock+key produces a layer 3 symbol. And so on. Isn’t it great to finally have a good use for that nice big key below tab? Another cool thing is that this layout is already shipping with X11. So in the Unix world it is always just one “setxkbmap de neo -option” away!

Re-learning to type

I admit that I knew about alternative layouts for years but I never cared to take a look. When I finally did, I decided to give NEO² a try. It was self-evident that it would not be easy to fight two decades of QWERTZ writing. And yes, I was in for a fair share of pain. I had to learn a new keyboard completely from scratch. Damn, where was that letter again? I decided to practice a few minutes every day and after some time I found the right letters after thinking a few seconds. My WPM (words per minute) literally dropped to < 10!

As a (previously) fast typist this was a very distressing experience and I can see why quite some people quit instead of really finishing the migration. It takes a lot of resolve and endurance. But hey, there's no free lunch! I decided to stick with it and kept getting better and better. One day I found that I could reach 20 WPM again, then 30. You can imagine my relief when I hit 50 again. Now I could type fluently type texts with NEO².

After taking a one more week to learn the most important special characters and feeling bold one day I decided to switch my layout at work. The password problem was back again and for some weeks I switched layouts back and forth when I had to enter passwords. But it was only a matter of time until this was no longer necessary.

I've been writing NEO² for quite a while now and I'm still failing to hit 70 WPM on random text. Since I quit practicing after reaching 50 this is pretty much ok, I think. Was it worth the trouble to switch over to a new layout? You bet it was! Learning NEO² was one of the best decisions I've made in the computer field next to abandoning the Windows platform. I can only recommend it to everybody who is interested in this kind of thing. Invest some time – it really pays off.

What’s next?

The next post will finally feature my review of the TEK (Truly Ergonomic Keyboard).

Keyboards, layouts and ergonomics (pt. 1)

This post is about keyboards, keyboard layouts and… ergonomics. No surprise here if you’ve read the title! But how come that I write about such a topic? Well, I’ve invested some of the money I got from my family for Christmas and bought a new keyboard. I was a bit skeptical at first because I’d really regret having spent my money on it if it wasn’t really good (as it hasn’t exactly been a cheap one). However just days later I begun asking myself how I could have ever typed with something else. And after a few more days all that I do regret is the fact that I’ve typed for way more than 20 years on more or less conventional keyboards!

Yes, I’ve been going on a lot of people’s nerves praising my new gem. So I figured that I might as well complete the circle and publish my pean here on the blog, too! (Ok, the more serious reason is that I’m suffering from severe pain in my hands like many people who type a lot and that I’d like to talk about today’s possibilities to avoid this.)

This first part deals with a few general things about keyboards and the problems that typists often have. The second part will be about optimizing your typing with alternate layouts and the actual review of my new keyboard.

Edit (03/01/2015): I’ve finally managed to add the pictures that I wanted to have in the article right from the beginning…

Any keyboard does the job, right?

If all you want is to play computer games or enter your password when you log in – probably yes. Even though it’s funny that there are “gaming keyboards” which can also be rather costly. But that’s a very different case and story.

For simple things every keyboard suffices. I own an old laptop that I still use sometimes just for the very reason that I can. Its keyboard misses some keys which makes it not all too pleasant to type on. But still it’s possible. Honestly: I have no clue how many keyboards I’ve had over the years that had some keys no longer working or no longer work properly. May it be due to Cola making some keys stick together or a worn off space bar which would only trigger if you pressed it with a considerable amount of force.

Microsoft’s Comfort Curve Keyboard 2000 (german layout) – the first ergonomic keyboard I had was such a model

I used to retire those keyboards from daily use (simply because they were annoying to work with) but usually kept them somewhere – just in case. You never know if you’d ever need them again, do you? Eventually I got rid of them. But in fact I actually did have a use for them a few times now and then!

So I can say that I’ve had quite a few keyboards in my life and that probably anyone does the job – depending on what that job is!

A matter of taste

There are a lot of different keyboards out there and in many aspects it really is a matter of taste. Some people like black keyboards while others want a white one. There are people who think it’s cool if the keys have background light. Some prefer the flat keys which you often find on laptops these days – others hate them. While many people like keys which do not need much force to be pressed, there are also those that prefer the opposite. Often I hear that somebody would never again purchase a wired keyboard but I know at least as many people who don’t like wireless ones.

It’s not hard to see that there just cannot be one single “perfect” keyboard for everybody. People have different needs and this alone defeats the idea of one universal best keyboard. And as long as you don’t type a lot it probably remains just a matter of taste. However if you type on a daily base this may no longer be the case. Right: No matter how much you type, the color remains pretty irrelevant. But other characteristics are worth a closer look at.

Microsoft’s Natural Multimedia Keyboard (german layout) – an older model with a PS/2 connector that I bought second-hand

But when are you “typing a lot”? If you can only type less than 30 WPM (words per minute) even if your life depends on it, you probably don’t qualify. Which of course doesn’t mean that you could not benefit from thinking about your keyboard again (everybody should try to get the right tool after all, right?). If you type faster than 40 words, you’ve clearly typed enough in your life to make it worthwhile thinking about how you type. Especially if you write “Eagle Finger” (“hunt and peck”) or use “your own system” as a whole lot of people do.

Typing – or typing properly

It’s perfectly sensible if people who barely type at all don’t bother to learn to touch-type. Unfortunately a surprisingly high amount of people who type regularly think the same. Why on earth to invest some time and effort that pays off hundredfold and thousandfold? Yeah, why? Just wait a minute – thousandfold? That’s a lot. And yes, I do mean it.

I had the luck to learn to touch-type properly when I was still at school. The hours that I needed for training were relatively few. After I knew where all the keys were (without looking), I just typed and typed and kept improving my skills while I was primarily doing other things. Even in a very pessimistic calculation the time that I saved thanks to proper typing by the end of the year was way more than the time I had “lost” by type training in the first place. Then it started to pay off and really saved me time for other things. And best of all: It still does and will continue to do so for all of my work life and probably beyond that.

Well, I’m the “typealot” kind of guy; I’ve been typing whole books into my pc at younger years because I can read texts written in Gothic type style (aka. black letter) pretty well – and being interested in history, I thought that preserving old writings which are no longer copyrighted was cool. So learning touch-typing has paid off more than thousandfold for me. Might be a bit less for the casual typist, but I cannot recommend learning to touch-type often enough. If you’re using a computer regularly (and chances are, since you are reading a blog like this!), invest that time. Unless you are an old guy who is already counting the days left to retirement pension, you will benefit from learning it.

Ergonomics in keyboards

When I talk to young people about Repetitive Strain Injury (RSI), Tenosynovitis or Carpal Tunnel Syndrome (CTS), they tend to dismiss it: “Ah, why should I of all people get this?”. I can fully understand that. Why? ’cause I’ve been young myself and used to think right the same then.

The rigid splint I’m wearing against the pain

As I grew older I begun taking these possibilities more serious – at least a bit. I had heard about those “ergonomic keyboards” that Microsoft was selling. More out of curiosity than of anything else I bought one of those “curved” things. Thinking of the conventional keyboard as the “normal” form, I found it strange at first. But I could type on it pretty well and it felt alright. It took me less than three days to adapt to the new keyboard and it was not too different from the conventional ones so that I had no problem typing on those, too.

I got more of these and used such keyboards for years. Not because the ergonomic design promised to protect my hands, but because I liked how it felt to type on it. Then I begun to suffer from Tenosynovitis. At first I just thought that I had a temporary problem with my right hand and that it would go away soon. It went away, yes. But it has been coming back again and again. Then I got it in the other hand as well. In the end there were only “better days” and worse ones. In the meantime I have a rigid splint that helps a bit but is also not very comfortable to wear the whole work day so I use it only on the bad days.

The rigid splint’s top side

So are those ergonomic keyboards a fraud? Mine didn’t save me from getting an injury after all! Well, I’m not really sure about the curved keyboard that I had in this regard. It might simply have happened even earlier on a conventional keyboard. But then there are even people who say that those keyboards are not any better than the ordinary ones. I wouldn’t go as far as that but they are probably far less effective than those marketing guys want you to believe. Still this would be the kind of keyboard that I’ll give to my children when they begin to type. Why? Because I think that it’s slightly better than the conventional form but still close enough to it so you can switch between them without much trouble (and let’s face it: There are simply far more ordinary keyboards out there!).

What’s next?

I switched to another ergonomic keyboard quite a while ago and learned an alternative layout. And finally I got what I consider a really great keyboard. That’s what I’ll blog about in the next post.

RISC-V – Open Hardware coming to us?

There is no question: Open Source Software is a success. In the beginning of computing it went without saying that software was distributed along with the source code for it. This was before commercialism came up with the idea to close the source and hide it away. But even though there still are many companies who make millions of Dollars with their closed software solutions, OSS has a strong stand.

There are various operating systems which are developed with an open source model and there are open source applications for just about every use you could imagine. Today it’s not hard at all to run your computer with just OSS for all of your daily tasks (unless you have very special needs). I do – and I am more happy with it then I was at home in the over-colored world of put-me-under-tutelage operating systems and the software typically running on them.

Open Source Hardware?

While – like I just said – OSS has largely succeeded, Open Source Hardware is really just in its very early stages. But what is OSH after all? Unlike software it does not have any “source code” in the common meaning of the word. And for sure hardware can’t simply be copied and thus easily duplicated!

The later is completely true of course. And it’s also the reason that makes open hardware a thing very different from free software. While anybody can learn to code, write a program and give it away for free without having any expenses, this is simply not possible with hardware. You cannot do something once and are done with it (except for maintaining or perhaps improving). Every single piece of hardware takes time to assemble. You cannot create hardware ex nihilo (“from nothing”) – you need material and machinery for it.

So while we often come across the term Free and Open Source Software, there can’t be Free Hardware (unless it’s donated – which still means that there’s only a limited amount available). So we are left with the next best thing: Open Source. In case of hardware this means that the blueprints for the hardware are available. But what is the benefit of this?

Research, Innovation, Progress

Of course OSH doesn’t enable you to have a look at the source, change it and recompile. But while modifying it is a lot more complicated than that, it is at least possible at all! Interested in how some piece of hardware works? If it is some conventional hardware – tough luck (unless you’re working as a specialist in analysing hardware from your competitors). If it’s OSH however, just get the circuit diagram and the other papers and given that your knowledge in Electronics suffice, you won’t have too many problems.

Usually hardware vendors try to keep their products as untransparent as possible. The idea is to keep the gap between company A and the competitors as large as possible by making it hard for those to make use of any results from the research of company A. From a purely commercial point of view this is the most natural thing to do. From a technical one however, it is not good practice at all. Any new vendor is doomed to repeat much of the research that was already conducted by others.

With OSH, not only the results of the research (the hardware pieces) are made available, but the complete documentation is also published. This means that others can have a look at how that hardware is being built. They can copy the design and concentrate on improving it instead of having to do fundamental research beforehand, maybe only to find a solution to essential problems that have been solved several hundred times before… This means that while individual companies profit a lot from closed sources, this practice is a major waste of resources and time. Just imagine how much better hardware we might already have today if all these wasted resources had been put to good use!

Trust and Security

Another important issue is security. We know that e.g. just about all routers available contain backdoors intended mostly for intelligence services. But even if you don’t care about this: Keep in mind that if there are holes in your hardware, ordinary criminals could exploit them as well. Do you want this? Is it a pleasant thought that your hardware which you bought for a lot of money, keeps spying on you? Think about it for a moment. The bitter conclusion will be that there is not much you can do.

Some people recommend not to buy electronics from the US anymore. A good idea at first glance. Still let’s be realistic: The USA might have the biggest spying apparatus of the world and thanks to Mr. Snowden we are alarmed about it. But that doesn’t mean other nations don’t do the same. This is rather unlikely if you ask me. And in the end, currently it’s the choice whether your hardware tells everything about you to the Americans or to the Chinese…

This is a very dissatisfactory situation. Open Source Hardware could help here a lot: If you’re really a serious target of intelligence, you probably even deserve it. In this case they have the means to intercept your hardware and – make subtle changes you probably won’t ever notice. But it could make todays mass-surveillance much harder or even impossible. Got your new piece of OSH? Thanks to the detailed specifications you could even substitute its firmware with a custom one thwarting the purpose of the one that was installed by whoever person or group.

Open Source CPUs

One of the most important pieces of OSH would surely be a computer’s CPU. What matters most in this regard is – next to the actual design – the instruction set. It is this instruction set which determines a processor’s capabilities. Each family of CPUs (i.e. those which have the same or a compatible instruction set) is its own platform. Programs have to be compiled to run on it and won’t run on another (unless emulated).

There have been various attempts to create OSH CPUs or at least come somewhere close to it. Since the beginning of the 1990’s, the MIPS CPU’s design are licensable. While this does not mean the diagrams are available to the public, it is at least possible to acquire them if you are willing to pay for it. If you are, you can produce your own CPUs based on their design. SUN attempted to go the same way with its SPARC architecture but was less successful.

In the recent years the ARM platform has gained a lot of attention – thanks to basically following the same strategy and licensing their CPU designs to their customers. This development is a good step in the right direction and certainly commendable: One company specializes in conducting research and designing CPUs and others license and build theirs based on them.

But then there are projects which really qualify as OSH. Yes, they are underdogs compared to the other hardware which is no wonder because they of course lack the financial means which back the others. But we are getting there. Slowly but steadily.

RISC-V

This month the Berkley university released what was originally started just for learning purposes but grew into a very promising project: The RISC-V. RISC stands for “Reduced instruction set computing” which basically means the decision to build a CPU that uses a simpler instruction set to reach high performance.

While there’s also another OSH project known as OpenRISC, it never gained enough traction. They managed to design a 32-bit CPU and the architecture has been implemented in emulators such as Qemu and can run Linux. A 64-bit variant has been in development for quite some time and while the project collected money via donations for years it has been unsuccessful to actually produce their hardware. So OpenRISC exists merely as a soft-CPU and using FPGAs (Field programmable gate array). OpenRISC is licensed under the (L)GPL.

RISC-V is made available under the proven BSD license. In contrast to the GPL it is a permissive license. While I was keeping my fingers crossed for OpenRISC for years, now I am really excited at this news! Especially with such a reputable entity as Berkley behind the project – and the fact that things look like they are really moving forward this time!!

One of the most promising efforts is lowRISC: This British endeavor is actually a non-for-profit organisation claiming to work together closely with the university of Cambridge and some people of Raspberry PI fame. A dream come true! The idea is to implement a 64-bit RISC processor via FPGA during the next months and have a test chip ready by the end of 2015. They estimate that about a year later, in the end of 2016, the first chips could be produced. Sounds like a plan, doesn’t it?

I will definitely keep an eye on this. And even if the release must be postponed, it will surely be worth the wait. Open Source Hardware is coming to us. It will most likely be “expensive” (since it can only be produced in much lower numbers than conventional hardware for the mass market) and quite a bit “weaker” in terms of performance. Nevertheless it will be trailblazing the future for OSH and thus drawbacks like these are very much acceptable.

No RISC no fun!