One Password to Rule Them All

Password security, while not the most glamorous topic in the world, is a massive issue for everybody. Companies with a distributed team sharing accounts (Twitter, Instagram, etc) face extra issues, some of which we’ve come up against here at Newspaper Club.

Our team is spread all over the world – London, Glasgow, Birmingham, Leipzig, and Boston – and until recently there’s always been a question over how best to centralise and share passwords for group accounts.

We recently did an audit (and produced a very pretty map) of all of our systems and services. This quickly established that we have lots of them – each requiring secure passwords, multiple accounts for different staff members, and the ability to be easily updated. Personally, I have more than 70 Newspaper Club logins and there’s no way to remember them all, let alone make sure they’re all secure.

So what do we do? The most sensible option: use a password manager.

The principle is pretty simple. Every account you use has login details stored in a heavily encrypted file (often called a Vault) which you unlock with a master password. Using a browser plugin, your details are entered automatically each time you log in to a different system. Amazing, right?

Even better, password managers automatically generate complex, secure passwords and store them in the Vault for the next time you need them. You can identify weak passwords from your dark past and easily replace them with new, shiny, secure ones. Still amazing, right?

There are many password manager options (LastPass, Keeper, Mitro, 1Password, etc) but at Newspaper Club we settled on 1Password. I’ve been using it for years and would argue it still has the strongest feature set for our purposes, plus it’s also friendly to use for non-technical users . It uses a a local file-based vault (meaning the encrypted file is stored on a device we own) rather than a cloud-based vault at the mercy of a big service outage or overnight bankruptcy.

With a password manager, your master password will become the most important password in your life and, if you use your password manager properly, it’s the only password you need ever remember. It needs to be secure and memorable.

password_strength

It may be surprising to learn that a password doesn’t need to be complex to be secure. The trick is to think of your password as a phrase rather than a word. To borrow an example from the always brilliant XKCD, the password ‘correcthorsebatterystaple’ (four random but common words) has 44 bits of entropy. The password ‘Tr0ub4dor&3′ looks better right? You’d expect it to be more difficult to guess? But that’s not the case –  from a computer’s perspective it’s actually far easier to guess, with only 22 bits of entropy.

Basically, you’re best off picking a phrase from a book, jumbling up the words, and using that as your One Password To Rule Them All. Change it regularly, check it’s strong, generate all your other passwords, and your local friendly CTO will be a happy man.

Posted by David | Comments (1)

Filed under: engineering, team, technology

We’re Hiring: Freelance Developer

We’re recruiting again! This time, for a freelance Ruby and Javascript Developer. You can work remotely or (if you prefer) be based out of our Birmingham or Glasgow offices. If you, or anyone you know, would fit the description below then we’d love to hear from you. If you’re feeling generous and are willing to spread the word on your social medias then that would be very helpful! On with the blurb…

Newspaper Club helps people make and print their own newspapers. Since 2010 we’ve printed over 7 million papers, built a tool for designing a paper in your browser, and launched a print-on-demand marketplace. We’re in the process of redeveloping several of our online systems and are looking for developers to join us.

This time around we’re looking for freelancers to join our existing technology department, specifically to work on our customer facing website. You’ll need to be comfortable writing solid, semantic, HTML, JS and CSS. Ideally you’ll be well versed in SASS and HAML (or ERB) and have a good understanding of Ruby on Rails.

You don’t need systems administration experience but being comfortable with Linux would be a big plus, as would using Git and GitHub to manage source code. Some familiarity with Configuration Management tools such as Chef or Ansible would help too.

As we’re a distributed team we use Slack, Basecamp, and Trello along with other tools, and clear communication skills are a must.

In return, we’ll offer a competitive daily rate, flexible hours, and a relaxed working environment. We believe in having fun, doing work we’re proud of, and going home on time.

If this sounds like you, we’d love to hear from you. Send an email to jobs@newspaperclub.com, describing why you’d be right for this role, with a link to your site, CV, portfolio, GitHub page, or similar.

Posted by David | Comments Off

Filed under: engineering, Hiring, team, technology

An introduction from David

The Engineering Department

Hello!

I’m David, the new man in charge of our small (but perfectly formed) Technology/Engineering Department at Newspaper Club. I took over as CTO when Tom departed to pastures new (pun absolutely intended) a few months ago and I figured it was about time I said hello. I definitely wasn’t gently prompted to write this by our resident social media expert Sarah… honestly…

We’re now in what could be called Phase 3 of the technical development of Newspaper Club. Tom led the development of some cool toys when we were a startup, those were built upon and developed over the last few years, and I’ve now got the exciting job of directing and developing the tech to support the rapidly growing business that Ben, Russell, and Tom started more than 5 years ago.

A bit about me: I’ve been coding since I was 7 (1989!) and have fond memories of STOS on my first computer, an Atari 520 STFM. It smelt funny, ran hot, but was totally bulletproof and never let me down. I had pre-internet days of dialing into local BBSs and many blazing rows over excessive phonebills with my (ultimately quite understanding) parents. I spent a lot of money buying dodgy pirated games from the Barras and I lived through what I guess most people would think of as the birth of the modern internet. I even spent some time writing for a silly money VC funded gaming company called Barrysworld.

While the internet was sorting itself out in the early 00’s — seriously, it was rubbish — I spent my time working as a live sound engineer in venues and festivals. For a couple of years I co-owned and operated an art, education and event space called Boxxed, a shell of a Victorian warehouse that we converted and is now, ironically enough, a hub for startups in Birmingham. While I was there I was introduced to the pure joy of Ruby on Rails (as well as the horror of JS) and decided it was about time I came back to coding. That was about four years ago and since then I’ve freelanced, co-run an agency, consulted, and have now settled in at Newspaper Club to build some cool tools.

I’ll be making regular posts here talking about our technology stack, our infrastructure, what projects we’re working on, and what makes us tick. We’re a small business and as such there’s very rarely a dull moment — my Trello board has a ‘high priority’ list that only ever seems to get longer, plus we’re pretty intensively working on two super-secret projects that we’ll announce properly in the not too distant future.

So that’s it for now. Next time we’ll talk tech. :-)

Cheers,

David

Posted by David | Comments Off

Filed under: Announcements, engineering, team, technology

Some Downtime

A quick announcement from the Engineering Department…

We’re going to be offline from 8am on Tuesday 20th January for up to two hours.

Tom, our co-founder and Head of Engineering, has been down the server mines prepping our systems for a big move over to AWS. He’s leaving us at the end of the month so this is going to be one of his last big technical outings at Newspaper Club. You can read a bit about the clever bits here.

By the time The Great Server Move of 2015 is complete we’ll be able to use words like ‘high availability,’ ‘failover,’ and ‘nuclear bomb proof’ and not just be saying it to sound impressive. Unless it all goes horribly wrong.

You can still contact us by email at support@newspapclub.com, plus feel free to harass Tom on Twitter while it’s going on, he likes a challenge.

Over and out.

UPDATE: All done! Normal (AWS based) service is resumed. Carry on.

Posted by David | Comments Off

Filed under: engineering

At work with Tom

Tom

Tom spoke with Magculture about Caravan Club bunting and our new print-on-demand Newsagent. It’s up on their blog now if you want to head over and have a read.

Posted by Sarah | Comments Off

Filed under: engineering, news, Newsagent

Newspaper Photo Filters

Before a recent trip to Berlin I wanted to experiment with printing a newspaper to use as photo filters.

all-pages

A single copy of a digital tabloid with a shape, pattern or colour on each page.

DSC_0008

DSC_0078

The pages then work as filters. To do this I expose each photo twice: the first exposure with my camera pointed at the thing I want to photograph and the second exposure pointing at the newspaper. This can be done with any SLR/DSLR or a smartphone (may require an app).

DSC_0041

DSC_0059

The newspaper is ideal for a portable set of filters– light, easy to fold into a pocket. Plus the texture of the newsprint adds to the charm of the overall effect.

DSC_0009

DSC_0018

It’s easier to shoot the subject first and the newspaper second. Anything white on the newspaper page will be obscured in the final image, with detail appearing in the dark areas.

DSC_0290

DSC_0043

I tried to remain experimental with these photos, not anticipating the effect the filter would have on the image and enjoying unexpected results.

DSC_0286

DSC_0117

As an experiment it worked well. On the next paper I’m going to keep the patterns to a minimum and use simpler shapes and colours.

Posted by Ralph | Comments Off

Filed under: case studies, engineering, Newspaper Stories

Long Good Read 004

Long Good Read 004

We popped into Guardian Coffee earlier to take a look at the Long Good Read issue 4, available today. It’s brilliant to see how far it’s come in just a few issues. (Find out more about the project.)

There’s a great selection of articles from all sections of the Guardian: from Doctor Who to Pussy Riot to Proteus.

This time round we’ve tried to explain what’s going on under the hood, with a natty centre spread designed by Ralph (at the top of this post).

Long Good Read 004

For each article we’ve unpacked the reasons for including it in the paper, showing how the algorithm (and sometimes the editor) makes its selection.

Long Good Read 004

Pick up your copy this week, for free, from #guardiancoffee in Shoreditch. We’d love to hear your thoughts.

Long Good Read 004

Posted by Tom | Comments (1)

Filed under: case studies, engineering, Newspaper Stories

New product pages!

productpages

We’re happy to announce that we launched some new product pages yesterday. We hope they’ll make it easier to figure out which type of paper will best suit your project, with a handy tool to calculate how much your newspaper run will cost and when it will be delivered. We’ve also added links to some brilliant examples of each size and style, to show off the many ways our customers have made the most of the formats. Let us know what you think!

Posted by Sarah | Comments Off

Filed under: Announcements, engineering, news

Project Looking Glass

Regular readers will know that Newspaper Club is split between two offices: London and Glasgow. Glasgow is now the HQ, where we do all the operations, logistics, customer service, and much more. And London is where we develop the products and services, writing code, drawing pictures, and so on.

We have a Campfire chat, which we natter in all day long, but for a while I’ve been trying to find other ways of joining the offices together that are less direct and a bit more, well, silly.

Our first go at this is the awfully titled ‘Project Looking Glass’. It’s a two way video screen that sits in the corner of each office, letting us wave at the other office, and them to wave back. It looks a bit like this:

Looking Glass #2

Looking Glass #3

It’s always on, it doesn’t need to dial up or sign in, and if the network drops, it should recover as soon as it can.

It’s built on a pair of Raspberry Pi’s, and you should be able to put one together yourself for under £150, if you can find a couple of spare monitors. I’ve written up much more about it, including how to make one, on my blog.

We’ve only had it running for a couple of days, so it’s a bit of an experiment for us. So far it seems quite fun, with some good drawings appearing on whiteboards. But that might fade, and it might end up being a bit weird, in which case we’ll turn it off and try something else.

But we also know that we’re going to have to get better at remote working, as we grow and as our business get more complicated. It feels like we can learn a lot from trying things like this out while we’re small enough, and those things will be useful as more people join us, in our offices and out.

We’ll keep you posted on how it’s working out for us, and if you end up making something similar for your offices, we’d love to hear how it’s going.

Morning Message from Glasgow

Posted by Tom | Comments Off

Filed under: engineering, running a business

ARTHR updates: No need to sign up, import pictures from Flickr and Instagram, and more!

ARTHR machine

The Engineering Dept have been hard at work on ARTHR (pictured above), and we’ve made a few improvements we’d like to tell you about.

First of all, you no longer need to make an account to get going with ARTHR. Just head over to the site, start making a newspaper, and when you’re ready, sign up and we’ll save your paper into your new account.

We encourage you to make an account as soon as possible after you’ve decided whether ARTHR is for you: not because we’re greedy for your details, but in case you move computers or change browser, and we can’t match you up with your newspaper any more – we don’t want you to lose your paper!

There’s also a lovely new homepage for ARTHR, so tell all your friends.

ARTHR Wizard Screenshot

But that’s not all! We’ve also:

  • Revamped the controls at the top of the screen, based on your feedback, making it clearer how to add and remove pages from your newspaper.
  • Added a feature to be able to add an image to your newspaper directly from a URL. You can even give us a Flickr or Instagram photo page and we’ll do the hard work to fetch the image out of it.
  • Made adding a new piece of content smarter, so it doesn’t overlap anything already on the page, picking the next suitable space in your newspaper.

And finally, a little reminder that the best paper in the Newsagent each month wins a £100 voucher. The Engineering Dept will even throw in a Twix if it’s made in ARTHR.

Posted by Tom | Comments Off

Filed under: engineering

Older Posts →