Andy

http://absoblogginlutely.pip.verisignlabs.com/

Work

Remotsy – voice control for the tv

By Andy on Thursday, November 10, 2016

No more remotes — Image thanks to redjar at flickr

I just signed up for my first Kickstarter project for the remotsy package. A device that integrates with smartthings and alexa to control your remotes by voice. No more moving the cat and dog to see if they are sitting on the remote or hunting for them if they are not underneath them – instead I can just say “Alexa – continue watching Gilmore Girls” and the bluray will turn on, along with the tv and the lights can dim. This will be useful to reduce the number of remotes for our home entertainment system(currently at 4 total).
Watching the demo videa was amusing as they demonstrated Alexa commands – naturally my Alexa heard the ad and chimed in and although it got the time right, everything else was a “Sorry I don’t understand”
At $57 including shipping for a beta and a retail device it’s also pretty reasonably priced. There are quite a few packages left at the moment, but the project has just been released so I expect it to sell out pretty quickly

Car Reviews

Review: TravelSafer digital pressure gauge

By Andy on Monday, November 7, 2016

Both Brandi and I have had alerts in our cars come up to say that our tire pressures need to be checked. Unfortunately neither of the cars actually tell you *which* tire has the problem so it requires checking all 4 tires (which probably should be done anyway). Naturally the stations never have working air or pressure gauges and as I have an air compressor at home – I need a quick way of checking the pressures. I think this is actually caused by the temperature dropping and getting cold overnight as it only seemed to happen on the couple of cold nights we have had recently.

I already have one of those stick gauges – you put it on the valve stem and it shoots out a piece of plastic with marks to tell you the pressure and each tire came up with the right pressure give or take one psi so I wasn’t sure which tire had the problem.

I was given the chance to review the TravelSafer digital pressure gauge and due to the above issues I jumped at the chance to get a second opinion on the tire pressures. 20161106_091352

The gauge arrived in see through plastic on a cardboard backing (left) and was very easy to open which is a plus – no need to go and get scissors to open this. It requires a 3v (supplied) lithium battery, so the device was ready to use straight away. It does look like the screws that hold this device together are really recessed, so switching out the battery may require some long jewelers screwdrivers in order to take the two halves apart. Hopefully the battery lasts a long time!

When I went to check the pressure on the car, I discovered a major shortcoming in that the device is pretty bulky and it was difficult to get the device on the valve without the hubcap getting in the way. The device is about 3cm wide so make sure you have plenty of room by the valve stem. You can see the difference in size with the image below – it was a bit too bulky (but not impossible) to fit on the stem with the hubcap on and nobody is going to remove the hubcap to check their tire pressure!

gaugecomparison-small The device however does seem to be accurate and was within 1 psi of my original manual device when I checked several tires so it’s reading is pretty consistent. The pressure is displayed for about 30 seconds so you get plenty of time to remove from the tire and then check the readings. The image below shows the reading of 25.5 on the device and about 26-26.5 on the manual device
20161106_091746

The device The light of this device helps to see where the valve stem is has a blue light that is always displayed whenever you take a reading. During the day you are not going to notice it. It is pretty handy to see at night when you are trying to check the pressure. The light is not strong enough to ruin your night vision or read the paper with, but is enough for you to be able to see where the dark valve stem is in the dark. The reading display is back lit to make the numbers more visible.

The device also shows you the pressure in psi, bar, kpa or kg/cm – the vast majority of you are going to use this on your car tires but the other pressure readings will be useful for air compressors too (I guess?). Switching between the scales is a simple push of the power button to cycle through the 4 stages.

This device works well if your hub caps allow plenty of access to your valve stems and it makes it a lot easier to read the pressure of your tires. The light also makes it easier to use at night, but it’s not bright enough to use as a flashlight to navigate around the car in the dark.

Note that I did receive this item with a promo code and this doesn’t affect my review of this product – it is a useful addition to the glovebox in the car, is easier to use than the manual device, but lacks some features that would make it the ideal tire pressure gauge for me. #TravelsaferDigitalTirePressureGauge

Security

Last.fm password breach – you’re doing it wrong.

By Andy on Thursday, September 22, 2016

Last.FM logon page

I received an email from HaveIBeenPowned this morning – the incredibly useful service that lets you know if your username and password was released in a data breach. This time around it was last.fm – a streaming radio station that was pretty popular a long, long time ago. I went to log into the system and checked my gmail account for email from last.fm to see if I had my membership confirmation email – nothing. I had 1 email from last.fm back in 2008 when I had received a friend request (I am so popular!) – that was actually a spam request.

Obviously I had not used the service for a very, very long time. The data breach occurred in 2012, was known about in 2012 and yet they had done nothing about it then. They had also not done anything about it recently after the data breach was leaked as I had not received an email lfrom them etting me know my account had been breached.

To add insult to injury, the old password was still active and I was able to log in with it. I can understand a small pokey geocaching website not understanding security correctly and leaving passwords the same after a data breach with only a small notification on the website, but even they reacted after I sent them an email to say they need to do something better and at least inform their visitors and ideally change their password. Last.fm really have no excuse as they are big enough that they should know better and all of the accounts should have had their passwords changed once the breach was public or better yet, when they knew about the breach.

Instead, the list of usernames and passwords are still out there for people to search and log in with.

I guess the argument for not changing the account password is to let the subscriber log in with their original password that they know about. If the email address was now invalid and the password was changed by last.fm then the user would not be able to get into their account anymore….on the other hand if last.fm does not change the password, anyone could log into the account,reset the password, have access to all the data (including the persons email address) and the account holder would not be able to gain access. The hacker will not be able to change the email address though as they have put protection in place to prevent the email address being changed without a verification email link being clicked on so I guess that is something…..

This is also yet another reminder to use a password manager to “remember” all of your passwords for each site – don’t use the same one at each location. I highly recommend LastPass (unless you are a user with multiple accounts at Office365). At $12 a year for syncing between all of your devices it is well worth the cost and if you sign up with the link above we both get an extra month for free. I used to use the free KeePass software which is standalone and doesn’t hook into your browser like LastPass but it can also sync between devices (with a bit of finagling.

What do you think – should last.fm have changed users passwords when the data breach went public? Have you signed up for HaveIGotPowned? If not – what are you waiting for – it’s free and a great first response tool to keep your accounts more secure.

Security

Arj compression – anyone remember this?

By Andy on Monday, September 12, 2016

We had an interesting ticket come in today where an antispam system had let through a file compressed with the arj format. This immediately brought back memories of compressing files back at university – in the very early 90’s and a format that used to be very popular but nowadays most people, including the rest of our techs had never even heard of.
I am guessing the spammers were hoping that their recipients have winzip, winrar or 7zip installed so they will be able to open the infected file and that as the file format is so old, av scanners will not check them.

Anyone else out there remember Arj files and anyone (dare to admit that they) still use it?

Gadgets

KeySmart Extended version makes my keys a lot easier to handle.

By Andy on Wednesday, August 17, 2016

I received my new Key Smart extended quite a while back and forgot I hadn’t reviewed it online.

Here is the before mess of all my jumbled keys:-

Mess of Keys — A mess of keys, loyalty cards and stuff that filled my pockets.

and then my after neat and tidy stack of keys and loyalty cards.

I did remove about 3 loyalty cards and trimmed the rest of them so they fit nicely in the device and also removed a couple of keychains, but the end result is a lot tidier and much easier on my pocket. I also splurged and got the USB key fob (the larger silver device at the bottom right of the third picture so I always have some data storage handy. This new version of the keysmart seems to be sturdy with the expansion pins holding up well (too well – I had to use two pliers to pull two apart when I made it too big). At first I was concerned about how easy it would be to get the required key out, but they rotate very easily (possibly a little too easily) and as long as your keys have distinguishing features you can tell them apart easily. If they don’t – get some permanent markers or nail polish. I kept my work keys on one end at the top and my house keys on the other end at the top so they are the easiest to get to and I know where they are.

Starting at $21 for the extended version I have here you can also get 15% off at getKeysmart.com (affiliate link). Note that I did buy my own KeySmart and also purchased one for Brandi too.

I used to use Keyring on the android for all my loyalty cards but had issues with the lasers being unable to scan the cards on the phone. Nowadays most places also just ask you for your phone number or alternate id, so it is rare that I even use a loyalty card – I think the last time was at the Gas station to get my 3c off at Shell as like most gas stations, it does not have NFC for card payment and no barcode scanner (although the shell one doesn’t even have a barcode anyway.

Wordpress Work

WordPress 4.6 is out now.

By Andy on Tuesday, August 16, 2016

I’ve spent most of the day fighting a WordPress install at work as it has been slow and sending various out of memory issues on a 16GB of memory VPS – so should really have enough memory to run a WordPress site. Therefore it was quite a surprise to see that 4.6 was released today for me to spend yet more time in WordPress today.

However, on this personal site, the upgrade went through smoothly with no issues (as far as I know).

AntiVirus Work

A laymans guide to malicious files and why you shouldn’t always trust the software.

By Andy on Sunday, July 31, 2016

It was an interesting week at work with several malware infections making it through the various av protections that we have in place which proves that end user education should be your primary line of defense in the fight against virus’. It is amazing how often people will click on random emails that have been sent to them with random filenames just because the email arrived in their inbox (or in another mailbox that they happen to have access to), even if it was not addressed to them.

I was lucky enough to get one of these emails through to my corporate mailbox on Tuesday this week, evading detection by McAfee email protection and Forefront on the desktop. (Using another av solution would not have prevented this as you will see later)

Fake looking email — Would you trust this email?

This was obviously some scam with the description of the user not even matching the email address of the user. Being curious, I naturally saved the file to my hard drive and then uploaded it to virustotal. On Tuesday, only 1 of 58 av engines recognised this as a virus – kudos goes to Quihoo-360 for being the sole detector. I must admit that I’ve never even heard of this software and I was very surprised to see that only 1 av vendor recognised the file.

I submitted the file to McAfee for scanning by zipping the file up with 7-zip and password protecting it with the phrase infected and sending it to their response team at [email protected]. Incidentally, McAfee’s instructions for doing this are very outdated as Windows10 no longer has the option to password protect a zip file. McAfee immediately came back saying that their analysis was inconclusive and the file had been submitted for further research. This was an improvement on the previous sample I had submitted on Friday for a cryptolocker variant that came back as no virus found!

Wednesday morning I uploaded the file to virustotal again to see what the state of detection was.

This time the detection rate was slightly better – 9 products including Sophos that I use at home, but neither of the products in use at the office.

Thursday morning, two days after receiving the virus I received a response back from McAfee that confirmed the file was malicious. They included an extra.dat that would detect the file.

By this time, virustotal was showing 25 out of 53 products detecting the virus so it is getting better. Microsoft’s product was listed as detecting the file, yet Forefront was still passing it through as clean. Although virustotal has the definition date of 7/28, my computer was showing “defs of 7/26, update on 7/27”. Not sure why there is this discrepancy of the definition dates.

Yesterday, my laptop at home still had old definitions as it was not connected to the corporate lan and was still showing the file as clean which is pretty scary.

This morning I downloaded the file to my personal laptop, saving the file with a .txt extension so I would not accidentally open it – something that is easier to do on a touch screen tablet. Interestingly Sophos did not detect anything wrong with the file. Launching the file in notepad, it starts with the letters PK which implies the file is actually a zip file and there are several strings referring to HP printers and Adobe Photoshop.

At this point I’m not going to risk my machine further by opening it with 7zip to see what happens.

However when I copied the file to .zip or to .rtf Sophos did spring into action and quarantine the file. This is really handy as it protects the file from being saved to the machine in an executable form, but also allows you to save the file to the hard drive for further analysis in your debugger of choice. Other applications will quarantine the file no matter what the extension is, making it harder to retrieve. On the other hand, you now have an infected file on the machine that av is not discovering.

This Sunday morning, I uploaded the file to virustotal again. This time we’re slightly better at 29/54 detections. However, Comodo, Malwarebytes, Panda, SuperAntiSpyware,Symantec, TrendMicro and Vipre (among others) do not detect the file as malicious.

Malware bytes is an interesting discovery as it’s not usually regarded as an av product as it typically protects you from software being installed into suspicious locations such as autorun, startup, browser toolbars etc as opposed to traditional av that scans every file being written or read to the hard drive. However in this case and my recent cryptolocker, MalwareBytes failed to find anything malicious although HitManPro did find the Cryptolocker exe file on the machine (but MalwareBytes and McAfee did not).

The best av is the human kind that recognises a file is suspicious or unexpected and does not open it – although even this kind of av can fail (and some are more prone than others!)

Incidentally, one of my favourite solutions for the Cryptolocker variant, in theory at least, is pretty drastic and requires the permissions of file shares to be changed so that files can be created but they can’t be edited. Users (and software) would be able to write new files to the file share, but any edits to the file would not be allowed unless the changes are written to a new file. This forces users to do Save-As all the time, may break Office documents that insist on modifying the original file, but would stop Cryptolocker from overwriting files on the drive. Obviously this takes up a lot more disk space and would not be suitable for shares holding Autocad documents.

*Please note that this post is not meant to denigrate any one particular av product in particular as I understand that definitions take time to produce but av software that does not detect infections 5 days later should probably be evaluated to see if it is safe for continued use. I do reserve the right to moderate comments on this post if they are not helpful and just say “Product XYZ is useless”

Phone

Fixed: Android Device Manager does not ring your phone on a Samsung S6

By Andy on Saturday, January 9, 2016

Since I have had my S6 I have not been able to get the Android Device Manager to ring my phone. It locates it accurately on the map and will lock the screen ok, but it just wouldn’t ring. Not much use when you know the phone is *somewhere* in the house.
Today I did a bit of experimentation and discovered that my notifications was set to silent, changed this to a value in the middle by pressing the up volume key, selecting the settings gear and then changing notifications and now the phone rings even if the phone is set to silent.

Hope this helps someone else as it does seem to be a common issue with not many useful solutions.
Also, to turn on the android device manager capabilities on the phone, go to apps, settings, lock screen and security, other security settings, Device administrators, and ensure Android Device Manager is enabled (simple huh?)

Search Engines Security

Bing and Google links to report malicious/fake content in Search engines.

By Andy on Tuesday, December 22, 2015

You can report url’s to Bing via http://help.bing.microsoft.com/#apex/18/en-US/10011/0 – It took a while to track that link down – hopefully they won’t change it again unlike the rest of the links I found.

Google’s report site is https://www.google.com/webmasters/tools/spamreportform?hl=en which is a much better url and one that doesn’t look like it will change much.

Firefox

Tabs for Chrome

By Andy on Thursday, November 5, 2015

I recently switched to using Chrome for my primary browser of choice as Firefox was getting too unweidly, would stop responding if the page contained flash, would lose my settings and was just too much of a pain to use. I tried restarting from a fresh profile but it didn’t make much difference.
Initially I was hesitant to switch to Chrome as my Firefox install had a lot of customizations and addons but most of the addons were only nice-to-haves as opposed to essential.
The big drawback to me was the lack of tab management in Chrome. It was a lot harder to see the list of tabs I currently had open and I have a lot! Each new search engine result will result in a new tab as I click a bunch of possible answers throughout the day. At least Firefox had the built in tab dropdown list on the right hand side. Chrome – not so much, but I was able to use the Tabman Tabs Manager and that brought back this feature with a nifty start typing to search the list of tabs.
Today I ran across OneTab that shrinks all your tabs down to one tab that lists all the tabs that were open which has the best advantage in that you now only have one copy of chrome running and don’t have all of the memory associated with those pages. It runs exceedingly fast and has extra features to allow you to lock tab groups (so you can have your gmail, facebook and news site all come up together all the time for example).
Note that the only thing it is not going to do is save your state on the individual pages so take care if you were doing a ton of shopping!