Warning, this post reeks of fanboyism!

I’ve been interested in bitcoin for the last few years, following the development, buying a bit here and there and spending some where I could. A couple of weeks ago I decided to spend a little to buy myself a Trezor.


What’s a Trezor now?

The Trezor was the first true hardware wallet that was safe, open source and easy to use.

A hardware wallet, you say?

Well, a bitcoin wallet is a piece of software that keeps track of all your private keys and their associated addresses as well as lets you spend the bitcoins you have. A hardware wallet contains this same functionality in a small, dedicated computer.

The hardware wallet keeps track of your addresses, and generates private keys (and addresses) for you without being connected to the internet, and thereby without the possibility of being infected with malware or key loggers. This means your private keys, and thus your funds, are kept safe from hackers. Thus, you can use your Trezor safely even on an infected or untrusted PC.

Using it

The Trezor is extremely easy to use. After connecting it, you simply navigate to mytrezor.com and follow the instructions on the screen. Write down the 24 seed words (with a PEN and on a piece of PAPER!) and store them in a safe place. The seed is your backup and can be used to restore your wallet on a different Trezor device or using another wallet that supports it (like Electrum). So even if you lose your Trezor or it breaks for some reason, your funds are still safe. It works like a charm with the Mycelium wallet on Android, and the device connects to your phone through a USB OTG cable, which is also available for purchase with the device.

I’ve been playing around with my Trezor for a few days and I can see quite a lot of potential in the device. Apart from storing bitcoin private keys (or other cryptocoins like Litecoin), the device also supports SSH login without the risk of you exposing your private SSH key to an insecure environment. In addition a few sites now support “Sign in with TREZOR” functionality, completely eliminating the need for user names and passwords. The device simply exposes a public key to the site and allows you to log in by signing a login request message with the corresponding private key, stored inside the Trezor. Brilliant!

All in all this might sound like a bit of a fanboy post but it’s not that often I buy a device that lives up to my expectations and more. I can’t wait to see what else the guys at SatoshiLabs will put into the firmware. How about U2F support, Yubikey emulation or GnuPG support? I’d love to carry my GnuPG private keys around in a secure manner without the hassle of storing them on an airgapped machine like I do now.

Anyway, if you’re interested in getting a Trezor of your own, just click on the banner to throw a referral at me Smile


So I’m working on setting up a small presentation for work and really like the simplicity of reveal.js. I’ve toyed around with some of the node-js plugins before and really like the “Server side speaker notes” plugin, which lets me view my speaker notes on a different device than the one running the presentation. I’ve used my Surface 2 for this purpose before with great success.

Anyway, for this presentation I decided it would be fun to host it on the web so I could just give people the URL later on, instead of distributing the slides via PDF or PowerPoint or the like.

So, why not host the presentation in an Azure Website?



First of all I clone the reveal.js repo from Github.


Then, to be able to run the speaker notes server extension on Azure, I need to modify it slightly. So, in the plugin\notes-server directory, open index.js in your favourite editor.
Around line 13 you should find the server port definition (set to 1947). Change this to process.env.PORT:


That’s all you need to change in this file. Remember to commit your changes to the local git repo.


There’s one more change you need to make, and that is to enable the speaker notes extension in your presentation. Follow the short guide here for instructions. It’s basically a question of adding two lines inside the dependencies section at the bottom of the presentation html page.

Now, to run on Azure you need to tell IIS to run the iisnode extension for your site. To do this, drop a web.config file in the root of the site, with the following settings:

			<!-- indicates that the app.js file is a node.js application to be handled by the iisnode module -->
			<add name="iisnode" path="plugin/notes-server/index.js" verb="*" modules="iisnode"/>
				<!-- Don't interfere with requests for logs -->
				<rule name="LogFile" patternSyntax="ECMAScript" stopProcessing="true">
					<match url="^[a-zA-Z0-9_\-]+\.js\.logs\/\d+\.txt$"/>
				<!-- Don't interfere with requests for node-inspector debugging -->
				<rule name="NodeInspector" patternSyntax="ECMAScript" stopProcessing="true">
					<match url="server.js\/debug[\/]?"/>
				<!-- First we consider whether the incoming URL matches a physical file in the /public folder -->
				<rule name="StaticContent">
					<action type="Rewrite" url="public{REQUEST_URI}"/>
				<!-- All other URLs are mapped to the Node.js application entry point -->
				<rule name="DynamicContent">
						<add input="{REQUEST_FILENAME}" matchType="IsFile" negate="True"/>
					<action type="Rewrite" url="plugin/notes-server/index.js"/>
		<compilation debug="true"/>

Notice that the iisnode handler gets configured to point to the notes-server plugin and that all dynamic URLs are also mapped there. This ensures that the main entry point to our application is through that handler.

Save the file as web.config and add & commit it to the git repo.


Now we’re basically ready to push our presentation to Azure. After running the cmdlet Add-AzureAccount, you’re ready to create an Azure Website:

New-AzureWebsite testpresentation -Git

After a few seconds, Azure will have set up your website for you as well as add a remote to your local git repo, named “azure” (That’s what the –Git part does).

You also want to enable websockets on your new website. Run the following command:

Set-AzureWebSite -WebSocketsEnabled 1

All that’s left to do now is to push your presentation up to your newly created website:

git push azure master

The deployment will now run and set up your site for you in Azure, including installing all the required node.js modules. 10-15 seconds later, you should see a "Deployment Successful" message.

If you go to the URL you created above, in this case http://testpresentation.azurewebsites.net*, your presentation should appear, including a popup with your speaker notes. The URL in the popup window can be opened on any other device to give you speaker notes "disconnected" from your main presentation. This is extremely handy when presenting in a place where you don't necessarily have a dual-monitor setup. Instead, you can simply view your notes on your phone or tablet.

Awesome, right?

* Disclaimer: I won’t promise to keep this site online forever


I just created a PGP/GPG key signing policy.

After holding a small but fun Key Signing Party in Copenhagen yesterday, I decided that it would probably be a good idea to document my own policy when it comes to when and how I will sign other people’s keys.

My main motivations for doing this are that I want to expand the web of trust and I want to spread the use of GPG among my friends, relatives and social media contacts.

My requirements for signing your key aren’t that strict. Basically if I know you well, I will sign your key. If I don’t know you that well, you can send me color scan of your Danish passport or driver’s license and I’ll sign your key after verifying the information.


I recently discovered that my old GPG key had expired (truthfully I hardly ever used it). And of course I had forgotten to  generate a revocation certificate back then. So I generated a new key. This blog post is mainly just to verify that the key I published below does, in fact, belong to me.

If you want to add me to your “web of trust” by signing the key for me, I would be really happy. Let me know if you do!

Here’s the entire key, which has fingerprint 78189E24005B09330CF62536416C5A0DD9FA2EE5.You might want to check the MIT Key Server for a version with more trust signatures :)

Version: GnuPG v2.0.22 (MingW32)


Edit: I just managed to revoke my old cert, so the one above is now the only one active for my email address.


I enabled BitLocker™ encryption on one of my drives today and couldn’t seem to find a way of checking the status of the process. It turned out to be relatively easy.

Start a PowerShell command window as Administrator and enter the following command:

manage-bde -status L:

This will output a small hunk of information about the encryption status of the drive you selected.

C:\Windows\system32> manage-bde -status l:
BitLocker Drive Encryption: Configuration Tool version 6.3.9600
Copyright (C) 2013 Microsoft Corporation. All rights reserved.

Volume L: [iSCSI]
[Data Volume]

    Size:                 926,87 GB
    BitLocker Version:    2.0
    Conversion Status:    Encryption in Progress
    Percentage Encrypted: 12,7%
    Encryption Method:    AES 128
    Protection Status:    Protection Off
    Lock Status:          Unlocked
    Identification Field: Unknown
    Automatic Unlock:     Disabled
    Key Protectors:
        Numerical Password


Just thought I'd put this here for my own future reference.

Update: *dough* I should have just checked my System Tray for this little fellow:


Clicking it gave me this neat little window:


Oh well. It’s always fun playing around with PowerShell I guess.