Tagsecurity

Cleverloop Security System

Update: Cleverloop have resolved problems I highlighted. They replied rapidly to the security issues and have closed the holes. I’m super impressed by their responsiveness.

Home security cameras come in three broad categories these days: cheap and cheerful Chinese IP cameras (often wireless); cloud-connected cameras like the Nest Cam (formerly DropCam); and full-on surveillance cameras tied to a DVR. All of these options come with some limitations:

  • The cheaper IP cameras usually have appalling web interfaces, and are often a security nightmare thanks to their default passwords and dynamic DNS settings.
  • Nest Cam is a bit easier to set up and has a much nicer interface, but comes with a fairly hefty monthly charge to unlock alerts and cloud storage.
  • “Proper” surveillance camera systems that tie multiple cameras with local storage are bloody expensive.

Cleverloop (launched as an Indiegogo campaign in 2014) tries to bridge across these three categories. Combining cheaper IP cameras with a smart hub to provide local monitoring, cloud storage, and alerting for a one-off price. How does it measure up? Continue reading

BlueWatchDog Review: Security for your bag

Surprisingly, there are limits to my geekosity: I simply cannot abide by holsters. You may believe there is little difference in the nerdiness of holsters versus a manbag, but me and my Crumpler 5 Million Dollar Home would beg to differ. My bag goes everywhere with me, faithfully carrying my camera, headphones, leatherman, and Moleskine.

Being an indentured servant to geek fashion comes at a cost. More than once I have felt the creeping dread brought about by the lack of reassuring weight on my shoulder. I stop and spin on the spot – often on a busy sidewalk – the camera spins with me, whirling faster and faster, creating a sense of disorientation. The music swells, and then stops, zooming in on my face. “Noooooooooo!” he screams, fist clenched.

Yes, I’ve left my bag behind before. So far, every time I’ve gone back to the spot and sheepishly found my bag under a chair. One day I might not be so lucky.

Bags of Security

Enter BlueWatchDog (imported locally by Mi5 Technologies), which is – perhaps ironically – neither blue, nor canine. It is however about the size of three credit cards stacked together. It has a button and some lights, and is designed to be paired to your phone and placed in your bag. If your phone and bag are separated by more than a few metres, the BlueWatchDog springs into action.

You’ll first get a warning on your phone, both vibrating and audible. If you fail to notice this, or you are unable to close the distance between phone and bag, the BlueWatchDog will emit a rather loud siren. It’s not quite ear-splitting, but it is surprisingly loud for the size of the device. Definitely louder than any cellphone ringtone I’ve ever heard. I can’t imagine ever losing my bag again with the BlueWatchDog in action.

It is not entirely without fault. The most glaring issue is software compatibility. The device relies on software installed on one’s phone. At the time of writing, there is no such software available for my iPhone, but I’m told this will be available very early in 2010.

Most other phones are supported via a mobile Java application, but you wouldn’t think so based on the SMS compatibility test. This ignorant automaton repeatedly told me that my wife’s Sony Ericsson c510 was incompatible. Being a belligerent geek, I forcibly downloaded the jar file from the manufacturer’s website and installed it on the phone. Once I’d performed the correct rituals, the application started and worked perfectly.

When running, the application provides the ability to both monitor and locate your bag. The “locate” option causes the BlueWatchDog’s alarm to sound briefly, allowing you to home in on its location. The “alert” function will optionally vibrate and bleep your phone to warn you that the bag is about to be out of range.

Verdict

An interesting product that is well executed from a hardware perspective, if slightly let down by installation and compatibility. If you’re a geek that lives in his bag, or perhaps a camera user with thousands of dollars of gear in a bag, then investing $129 in a BlueWatchDog might be worthwhile. I would however check compatibility by installing the application on your phone before purchasing.

You can buy a BlueWatchDog online from Mi5 Technologies.

SharePoint Content Deployment Architecture

Yes yes I know. SharePoint who the what now? Welcome, friend, to the delightful world of my day job.

The way I see it, I have two options:

  1. Start an entirely new blog for my work persona that I’d update twice a year.
  2. Post this stuff here occasionally and risk enlightening you, dear reader, to the wondrous whimsy of world wide web software development.

What’s that you say? I can barely hear myself over the squeals of delight regarding Option 2. Splendid!

For your reading pleasure, please find attached a treatise on the origins and options for content deployment under Microsoft SharePoint Server 2007, and why I think it’s not always a Good Thing(TM). I invite you to delve beyond the world of security theatre and zone separation shenanigans, and join me on a crusade toward a rational architecture.

Forsooth: WhitePaper – Security Implications Content Deployment for Web Content Management in SharePoint 2007.

Sky TV Website Security Update

Juha Saarinen has written an excellent article covering the security issues I had with Sky Television?s web help site.

[quote]

The help system used by the broadcaster lacks account authentication by password, allowing access from the internet simply by guessing the email address of a registered user.

[/quote]

Sky have ostensibly fixed the site by enabling the password option, but you?ll find you can still quite happily log in as me with no password. This will also be the case with everyone who has used the system to ask a question, unless they have purposely gone in and set a password since Sky enabled the option.

Additionally, Sky?s Fernando Battaglia informed me that they have fixed the issue with having no unsubscribe option on the Alert emails. If by ?fixed? he means that he stuck some lipstick on a legless pig, then he?s correct. They?ve added a link to the website where you can log in and unsubscribe. If, like me, you can?t log in due to a highly informative ?biz2010 error could not be found?, then you?re outta luck and will continue to be spammed.

There?s a very good reason that the New Zealand anti-spam law requires an unsubscribe facility using the same method as the original message. In this case I should be able to unsubscribe by simply replying to the alert email.

Poor effort Sky. Must try harder. 2/10. See me.

Don’t use WEP for Wireless Encryption

On the off chance you haven’t got the message yet and switched your WiFi connection to WPA:

[quote]

“…it is possible to recover a 104 bit WEP key with probability 50% using just 40,000 captured packets… for 85,000 data packets [the success probability is] about 95%… 40,000 packets can be captured in less than one minute under good condition. The actual computation takes about 3 seconds and 3 MB main memory on a Pentium-M 1.7 GHz…”

[/quote]

OK kids? WEP is bad.

[tags]security, wireless, slashdot, WEP[/tags]

© 2017 Ben

Theme by Anders NorénUp ↑