Posts by Blacklight

Le sigh...

"Let's all think of the clever, and not think of the function...."

Yes, it might put up a bit of cost, but how hard is it to also incorporate a remote sounder, like most wireless doorbells? Or even some local (encrypted) storage, so it can take/store pics of people who did come to the door?

If your internet backhaul is down, isn't the result going to be the same? At least Hue & Lightwave etc continue working with whatever settings they have been given, if the cloud goes down. My home automation system uses a cloud UI to configure, but once it's got it's config. it doesn't need the internet.

Failover modes people, failover modes....

Erm....

I may be wrong (probably am!) but is the other issue resolved?

i.e the one whereby when the router powers up, for 7 seconds or so, there is no encryption set on the WiFi? o_O

Thus, if you are quick enough, you can get onto the WLAN - and then (again, if quick enough) - either use the default web admin password to find a WLAN password (even if it's been changed), so you can then reconnect shortly after, or do a quick network probe? Granted that's a tight window of opportunity, but still!

[EDIT] Ah yes - a powershell to reboot a SuperHub - if you know the password. Assume it's default, and a bit of cross site jiggery-pokery with a form post/social engineering - and away you go, router reboots, WLAN available briefly...[/EDIT]

Personally, opt for "SACM" (standalone cable modem) mode and use my own WiFi. I'd still be using 802.1x EAP too if the firmware I use was updated to not break RADIUS :( (choice of stick with RADIUS but keep other vulns active, or upgrade and lose RADIUS)

If you don't have your own router, change the WiFi AND admin passwords - which should be standard OpSec anyway. It wouldn't be that hard for device manufacturers to trap all web traffic when the thing is in "default" mode and force passwords to change, before letting it go fully operational....

Lenny

I've just installed Lenny onto our PABX as a handy extension. Now I'll probably get no calls...

I also love that other default message (with the correct English pack) that says "All members of the household are currently assisting other telemarkers. Your call will be answered in the order it was received"...(and then dumps them on permanent hold music)

You clearly missed the "experiments"

A while back, if you paused on VM TiVo, an ad popped up on the pause bar (for Tetley, IIRC) - so you may have something foisted on the screen even if you ignore it. It got slammed and went away (for a bit).

Also - do you not find it very suspicious that 99% of the channels on VM TiVo (other than terrestrial) seem to have magically sync'd their advert breaks? Get bored and channel hop? More ads...

WTF?

I saw all of my G devices logout, and this was timed when one of my 5X handsets had died, and I was in the process of recovering data and then RMA'ing it.

Mostly this was an inconvenience, and did initially raise an alarm as I was the account section checking if I'd gained another login elsewhere (I'd hope not, I use 2FA).

What worries me more is the OnHub resets! I don't have one, and personally this just adds to why I won't get one. "Key" infrastructure devices, ala routers should not be subject to the whim of an external 3rd party at all, error or otherwise. At worst I'd expect them to sever connections with the Cloud and request you log back in again, but NOT reset and take all the config with it....

Sendo X did e-mail, and let you lug around your own music (on a card, or via USB no less!). We were even looking at cloud services. The X2 even had a nice VR game, but never got off the blocks, as Sendo went "phoom", cue Moto entering stage left. Moto had already tried to lure fanbois with the (ahem) MotoRokr back in 2005 - but that wasn't a smart phone. But who cared? Fun glowy LEDs! But then, out of Brum, came the (ring ring ring ring ring ring ring) Banaphone Z8.

The Z8 did do some very nice things, was nicely specced, had that fun form factor (although WTF marketing managed to do with that "horse" advert I have no idea) - although it was a potentially risk dalliance with UIQ over S60.

But then "Oh hai, iPhone" with it's large screen" and "touchscreen" and "bai bai" everything....but seriously, ignore the fact it happened to have "Apple" on it, the larger touch enabled screens are pretty much what won it...

They have their places...

We've got a PTZ ethernet (or optionally, WiFi) camera with microphone (but no speakers), which we have dual purposed - in the night as a baby monitor (using a now aging Nexus 7 as the monitor) and in the daytime, it can be used to keep an eye on outdoors (via a window).

It's "LAN only", doesn't connect to t'internet - or allow connections from t'internet - if we're "off LAN" we access it via a VPN - but we're probably not the target market Samsung are addressing here...

Meh.

I decided I'd never have a Smart TV, until the only way I could get a larger panel with 3D support was a Smart TV.

So I had a play, and while the interface isn't super whizzy, it works - although the unit has the most stupid design flaw - I can turn if OFF via Ethernet, once it's OFF, it doesn't respond to WoL, so you have to resort to a pinky interface, or good old IR. Well done there, that manufacturer.

But still, as it the box supports YouTube, Google Play Movies, Talk Talk TV/BlinkBox & NowTV. If any of those fail, those apps all support Chromecast, and I've got one of those too. £25 isn't a lot to shell out. Or, as mentioned, I could resurrect the Pi2 I have lying around...

It landed on my PC.

"Restart to install updates" - except it shutdown and powered off. Nice.

It also disabled incoming ICMP (which I'd explicitly turned ON before). Nice. That upset my elementary monitoring.

It turned off my Jumbo Frame support, which upset my file transfer speeds, and me.

I'm also using a local account, but it said it required access to my MS account "for something". It then showed up under Account again (since removed and logged out and it's not come back. Yet).

It enabled Windows Ink without asking. It got turned off.

Cortana is absent, as I'm using a local account. Good.

IANAL, but doesn't that constitute Misuse of Computers somewhere along the line?

Or do the terms of Win7 (et al) basically state you absolve your self of any/all choice? Or (worse) that the wording regarding "updates" is that they are offered without warranty, and WinX gets labeled as an "update" to get them around it?

Disclaimer : I have WinX (Home & Pro) on two machines, and don't hate it. Only gripe is the "Oh hai, buy Office 365 plz" self installing appvertisement...

Elementary...

Well, combine it with ANPR/speed camera and facial recognition...

"You have....FIVE...points remaining on your licence...."

Replace one with another...

It may well stop nagging you, but I've just fired up my W10 box, to have a notification that my version of Office (2007, paid for, working nicely still) is not the latest one, and would I like to upgrade? (50% off! Buy now! Every year!)

Erm, no thanks!

Well...

"George found it. George was curious.

Now George is an Unemployed Silly Bugger.

Don't be like George - hand it in, don't plug it in".

:(

"The Google Store Promotional Codes Terms apply. Offer (one redemption per person) only available in the United States while supplies last."

Well sheeeeeet.

Whut?

"I'm sorry Dave, you want to add encryption to a self encrypting drive? I'm afraid we (and various agencies of choice) can't decrypt that (so we don't like it)".

Well, probably.

I was mortified to see the default is to save BitLocker keys "into the (MS) cloud" for you(r safety). Unless you have Win 10 Pro, in which case you are allegedly deemed capable of not losing your keys.

So....

Does BitLocker assist here?

Assuming you've turned on the PCRs which check the BIOS and/or option ROMs haven't changed checksum, and you've got boot protection enabled (i.e. key/passphrase required) then the O/S should have a hissy fit on boot up, which should ring alarm bells?

Quaid.....

"Start the reactor...."

It's fun....

I saw SIP in use originally in a commercial arena, and wanted to play - so setup Asterisk, with an SPA3102 linked to my DECT handsets. VoIP + PSTN failback, all worked nicely - until you realise the some PSTN carriers don't play nicely (Virgin + Clear on Disconnect? Not without lots of emails).

I've used 'free' systems like Voxalot, and commercials (like SipGate, VoIP.co.uk etc) and never had bad quality on any. The hardest bit is generally sorting out why Asterisk will play nicely with Trunk Provider 1, and not Trunk Provider 2....typically down to some esoteric setting.

But it's nice wangling cheaper/lower cost calls. If Google Voice hurried up and came to the UK properly I'd be plugging that in too....

Aaaaargh!

To be fair, I hadn't seen any juddery images, although I do have a nice TV which does iron out a lot of crap (24Hz compatible TV, AMP and BD player have removed any jerky BD videos for example).

However, since Android Lollipop landed, my previously working (on 4.4.4) "Cast Screen" functionality has gone walkies. YouTube and other apps work, but I (and others, judging by the forums) can't cast screen anymore...

Way to go backwards!

I demand....

Tom Selleck and a police unit in the style of "Runaway" immediately!

Well....

Given the current tactic seems be "Block the IP resulting from a DNS query", I can see them shortly resort to "just redirect the whole damn domain", followed by "just block access to DNS".

Because they are that stupid.

Incidentally, the court order to block a site (ala BitTorrent) - doesn't that just apply "to the ISP", rather than it's customers? As (IANAL) customers are not subject to the order - although they are impacted by the ISPs compliance with it, gaining access via other methods (another DNS/IP, or VPN) is not the fault of the ISP, or a breach of an order against it's customers, because one doesn't exist.....?

Or....roll your own :)

Albeit only on/off control - but better than nothing :)

LightWaveRF controller, £60 (ish)

LightWaveRF relay (which can operate in volt free switching mode), £30.

Time taken to wire relay to my boilers volt free thermostat switch, about 5 mins. Time taken to mount relay in a box on the wall and spur power to it, about 10 mins.

LightWaveRF's app works remotely, so you can turn it on/off remotely, or set timers etc - or (as I also have) control it via other systems, in my case OpenRemote.

My boiler has usefully currently got a fault (suspect air pressure switch) and is 14 years old - so if I do upgrade the boiler, I may well go down the thermostat route however!

Hang on a minute....

So, I'm in the UK and I place a call (on a landline) to someone in the US (or anywhere outside the UK and it's associated territories).

That call is routed over UK based equipment. Intercepting it (and "interception" is the word used in the article" requires a warrant. Why is the same not true of anything in transit to an internet site?

Granted once it's arrived at said destination, if said destination is outside the UK, and/or set to be public, then fine, look at it all you want....but snarfing it "in flight" still counts as interception within the UK.....doesn't it?