April 4th, 2012 — OS X, Uncategorized
After my last blog post on Fetch & Sublime, I thought let’s give another nice hint on how to get the most out of Sublime Text 2.
Sometimes you work on Windows, sometimes on Mac or Linux or just on another computer but you still want to use the settings, themes and set of plugins everywhere. One of the easiest ways to do this is to use your DropBox account.
DropBox is basically just a regular folder on you computer that syncs to the cloud. The first 2 GB are free so if you use it to store documents you’re fine with the 2 GB. You can however buy more space if required. By inviting friends you can increase your Dropbox size (friend invite link). Trust me it’s worth it, once you have Dropbox you wonder how you could live without it all these years.
The nice thing about Dropbox is it has versioning build right in, so even if you accidentally delete a file you can get it back. Not only that you can set up shared folders to share documents between 2 or more people and even public folders to share with any internet user.
Ok but let’s go back to Sublime Text 2.
One thing you could do is store your projects on your DropBox account that way all your projects are synced across all your devices. But you could also store your settings, themes and plugins on DropBox.
How does it work?
On OS X
- First close Sublime Text 2
- In your Dropbox folder (usually it’s at “
~/Dropbox/"), add a folder called “Sublime Text 2"
- Go to your Sublime Text 2 settings (this is usually at “
~/Library/Application\ Support/Sublime\ Text\ 2/")
- Copy the following 3 folders into “
~/Dropbox/Sublime\ Text\ 2/ "
"Installed Packages""Packages""Pristine Packages"
- Rename the 3 original folders in “
~/Library/Application\ Support/Sublime\ Text\ 2/" or delete them.
- Next go back to Terminal
- From the command line type “
cd ~/Library/Application\ Support/Sublime\ Text\ 2/"
"ln -s ~/Dropbox/Sublime\ Text\ 2/Installed\ Packages ./Installed\ Packages""ln -s ~/Dropbox/Sublime\ Text\ 2/Packages ./Packages""ln -s ~/Dropbox/Sublime\ Text\ 2/Pristine\ Packages ./Pristine\ Packages"
Start Sublime Text 2 and you’ll be linked to Dropbox.
On your other devices do
"mv ~/Library/Application\ Support/Sublime\ Text\ 2/Packages/User /tmp""ln -s ~/Dropbox/User ~/Library/Application\ Support/Sublime\ Text\ 2/Packages/User"
On Windows
you can probably figure out the first part but for the symlinks you can use the syntax below:
mklink /D "Installed Packages" "C:\path\to\Dropbox\appdata\sublime\Installed Packages" mklink /D "Packages" "C:\path\to\Dropbox\apps\sublime\Packages" mklink /D "Pristine Packages" "C:\path\to\Dropbox\apps\sublime\Pristine Packages"
On Linux
I presume the Linux setup is similar to the Mac setup but if your using Linux you probably know your way around the command line enough to figure out how to do this once you get the idea.
March 30th, 2012 — Coldfusion, Wheels
Sublime Text 2 is an awesome editor with support for Coldfusion.
I recently came across a nice plugin from Nettuts called Fetch. 
This package enables you to download the latest version of zipfiles or files that you need for any kind of webdevelopment straight from your editor.
You could use it to get the latest version of JQuery, Mootools, Modernizr, Twitter Bootstrap and of course also CFWheels.
It’s like telling your dog get me the latest version of Coldfusion on Wheels and install it to a folder.
While you can manually download Nettuts+ Fetch from GitHub, the easiest way to set it up is through Package Control. Once you’ve installed Package Control, press ctrl+shift+p (Windows, Linux) or cmd+shift+p (OS X), and type “Package Install” Next, search for “Nettuts+ Fetch,” press enter, and you’re done.
press ctrl+shift+p (Windows, Linux) or cmd+shift+p (OS X) and type Fetch. Click to open Fetch: Manage remote files
In here add “CFWheels”: “http://cfwheels.org/download/latest-version”, to the packages.
Your Done.
Now make a new folder open it up in Sublime Text 2 and press ctrl+shift+p (Windows, Linux) or cmd+shift+p (OS X) and type Fetch. Click to open Fetch > Package file > CFWheels. Voila the latest version of Wheels is downloaded and extracted in your folder.
October 5th, 2011 — Uncategorized
After quite a bit of time I re-wrote a large part of the code that hooks Railo, Resin and Coldfusion on Wheels together in a fully self-contained application for OS X that doesn’t require complex installation.
Basically it’s drag and drop the app to the Applications folder that sets up a basic development server on OS X for Coldfusion on Wheels. However you could also run PHP or JSP on it but it’s mainly focused on Coldfusion on Wheels a framework for Coldfusion inspired by Rails that’s attracting more and more users.
As a developer you basically want to churn out code NOT spend time configuring servers especially if your new to a language or framework. So basically Cows is for those who want to test Coldfusion on Wheels without wanting to litter their OS with files or configuring web servers or downloading 1/2 a GB of software.
More and more people switch to Mac and Adobe Coldfusion Server has traditionally been a Windows oriented platform but it doesn’t have to be and you shouldn’t miss out on it just because you own a Mac.
The linux version hasn’t been updated yet as I don’t use it as much but if there is interest in the linux version I will update it.
Once installed COWS doesn’t really need any updating unless you want to update Resin as you can update Railo directly from within it’s admin interface with one single click of a button.
So if you want to try out the new version just try it out and let me know how it works for you.
Check it out at: http://stofke72.github.com/Cows
September 22nd, 2011 — OS X, Uncategorized
You probably have seen these buttons before as there are a few around to launch a terminal from the current directory
It’s easy to make your own Finder Application Launcher buttons. I started by adapting the one for launching TextMate. There is an excellent post from Henrik Nyh on the subject. You only need to adapt the script by replacing the word TextMate for let’s say Sublime2, TextWrangler or Espresso whichever editor you like best.
You can also change the image to your taste by following another explanation from the same guy. The best way is indeed to replace the icns file inside each script bundle with one of your own. The easiest way to do that I found is to open the icns icon with a Icon Composer ( an icon editor that is part of the Apple Developer Tools) or as alternative Hobiconer . Just open it, drop another PNG on it and save.
I have made a few png files:
And Pixelmator/Photoshop template to make others.
April 26th, 2011 — Google, Google chrome's web store, Uncategorized
All it takes to publish a web app on Google chrome’s web store is a link to a site or some basic html and javascript and a few dollars.
Trademark infringement in the web store and extensions gallery at the Google chrome web store is abundant and Google only removes it when the trademark owner asks to remove it. The user is not always aware that what he or she installs is not from the company it appears to be.
Let’s do a hypothecial phishing attack. I set up a new gmail account with fake data. Of course I do this from a hacked or public pc. I use a stolen credit card number or a prepaid credit card to pay for the developers fee to keep my real identity hidden. Next I use a web-hosting company somewhere abroad in some shady remote place to register a website or use a dynamic ip redirection service to direct to a hacked pc serving as web-server. You get the picture.
Now I just need a html script with a simple window.location javascript or some ajax and package it as a webapp.
That’s how easy it is to create a webapp: http://code.google.com/chrome/apps/docs/developers_guide.html
Now let’s steal an icon of let’s say LogMeIn and publish this app on the Google chrome’s web store. Now it looks like I have created a legitimate LogmeIn app. Let’s name it LogmeIn or a variation on the name. At this point we don’t care about trademarks and Google doesn’t mind either unless LogmeIn complains. So we are pretty safe here.
Unlike at Mozilla where an extension is put on hold until verified at the Google chrome webstore there is no control whatsoever at publishing time. You can publish about anything as long as nobody files a complaint it will go unnoticed.
Because it’s a webapp no URL is shown in the address bar so the user has no way of knowing that my app is not affiliated with LogmeIn, he truly believes he is using a legitimate LogmeIn app, it has the logmeIn name and logo so why would he think otherwise.
I register a domain with a logmeIn subdomain to make it a bit more genuine. I use a javascript or ajax script to redirect to my site which directly redirects to the real LogmeIn site or I direct it directly to LogmeIn. No problem there. The user ends up on on LogmeIn’s site and has a nice button to the logmeIn’s site, he is a happy camper. I leave this a few days like this to build my userbase.
After a while I redirect to my phishing page by changing my redirect or by updating my app to my phising page that is similar in style as the LogmeIn site. Now I record all passwords in my own database and login with those on the real LogMeIn site. Suddenly I have access to other peoples computers.
Same thing is possible with banking sites, shopping sites you name it. It doesn’t even take a lot of programming skills to do. It’s just a disaster waiting to happen. Google seems to be really relaxed and allows apps that infringe on trademarks and apps that do not even abide by their own policies.
Another popular app is the Dropbox app which is a link through to Dropbox, this is in violation of their own spam policy as you have to be the owner of the site you link through. But one of the Dropbox apps has about 47000+ users so it generates a lot of traffic to the web store and as such I presume Google doesn’t care about enforcing it’s own policies in this case, what applies to one developer doesn’t necessarily apply to another, it seems it is on a as Google sees fit base.
Now Image this developer having bad intentions ( I don’t think he does but just imagine ) and he sets up a phishing page… Boom access to 47000 accounts. And by the time Google & DropBox are informed a lot of damage can be done.
As I said Google seems to not remove apps that generate lots of traffic and allows them to violate about any rule in their policies. They also do not check every published app. I believe this attitude will sooner or later cause some serious damage when someone starts using the Google chrome’s web store for phishing attacks. Google could face some serious lawsuits coming their way unless they enforce their own policies and do some basic security checks