Rod's Tech

Atlantic Security Conference 2012

2012-01-31T01:26:00.000-05:00

I know, I've been awfully quiet the last few months. I said in a Youtube video I was going to post some security/hacking related videos and haven't really gotten around to it... but if you are in Atlantic Canada there is good news!

The Atlantic Security Conference is coming up in March and the line-up is getting better each day.

Better yet, here is a link to register at the discounted rate of $135 per person and it is valid until Feb. 5th. Please feel free to share this as you see fit.

Travis Barlow says you can share it, so give it to all of your geeky/security minded friends on the East coast, or even ones who are willing to go to the Maritimes this March.

Christmas is coming. You can get great gifts at Zazzle

2011-11-24T10:00:00.000-05:00

...And the best part is, if you can't find the T-Shirt, mousepad, iPad skin, etc. that you want you can even design your own!

What kinds of WiFi Networks Are People Using

2011-11-16T20:26:00.001-05:00

This video is the result of trying to answer my own curiosity about what kinds of WiFi networks are people actually using out there in the real world?

I decided that I wanted to know what other folks in my area were doing in the wireless space.

On the train ride home from this year's SecTor Security Conference this year I did a little survey.
This is actually the second time I've done this, the first was a year ago, on my way home from the November TASK meeting. but I never posted results of that.. I started to write a blog post but then scrapped it.
Anyway, I was curious...
...so I pulled out my netbook and fired up airodump-ng for a little war-driving (war-training?).

Please note, I did not attempt to connect to any of the networks I found. This was just a listening exercise to see who was out there. I chose the program airodump-ng specifically because I know it does not attempt to communicate with the Access Point, it just logs who was sending as it sees it. I also did not use it, like Google, to capture and record any transmitted payload data. I was not interested in who was connected, or what they were doing, just how the APs were configured.

When I got home I started compiling the data that I collected into a spreadsheet so that I could make some sense of it.

Note: this wireless survey only covered a small area, the stretch along the train tracks (and major highway) between downtown Toronto's Union Station, and the Whitby station to the east, about a 1 hour train ride.

ZoneAlarm Making Some Hefty Claims

2011-11-14T01:58:00.001-05:00

I updated ZoneAlarm on one of my PCs today, and was greeted by this screen making some of the grandest claims I've ever seen from a computer security product.

Claim #1 isn't so bad. "Your computer is protected against hackers" I should hope that the firewall provides some degree of protection. ...of course, just like a condom, the firewall doesn't provide 100% effectiveness in that protection, but it does provide protection.

The second and third claims with their absolute statements are misleading. "Your Web browsing is safe from phishing" and "Your identity and data are safe from theft and loss".

Let's be realistic folks. Nothing is going to make you absolutely safe from these things. No phishing filter, no matter how good it is is going to stop you from going to every phishing site ever conceived. Nothing can provide absolute protection from identity and/or data theft. No matter how many ways they try to protct you, somone will think of a different way to get the info from you.

Since ZA does not provide a backup solution, I can't see how it even attempts to protect you from data loss.
Likewise, CheckPoint (the makers of ZA) isn't in the counselling business, they can't do much about your loss of identity. If you don't know who you are anymore I doubt there is much they can do to help. :)

All that said, I still think ZA is one of the best software firewalls for Windows out there. It is light-years beyond the built-in "firewall"....and it's free!

New Kindles Announced Yesterday

2011-09-29T13:19:00.000-04:00

I like the keypad on the Kindles of the current generation, but the touch would be nice. No mention in this article of whether the Fire uses LCD or the new colour E-ink, but it turns out it is only an IPS LCD panel (IPS is good for LCD, and being a tablet rather than a colour e-book LCD makes sense, but I was hoping to see some colour e-ink this fall.

The good news for consumers is that they're all priced below $200, with the low end, smaller kindle at only $79 USD.

Sadly, no new DX model yet. I like the DX size for reading Adobe PDF formatted e-books (computer manuals, text books, gaming books). Maybe the next DX will be the colour e-ink model???

Here's a link to the CNET story:

Amazon unveils Kindle Touch and Kindle Fire tablet

A Win With SONY!!!

2011-08-11T19:06:00.003-04:00

They have finally corrected the Terms of service... just in time for my, and Anna's vacation together.
[See this older post for info:http://rodstech.blogspot.com/2011/04/why-i-wont-be-buying-videos-from-sony.html]

Thank you SONY.

New revised ToS that allows Canadians to watch their Sony store content:
http://www.qriocity.com/us/en/legal-snei-tosua-redlines.html

Microsoft Dropping Patch Support for Vista SP1

2011-07-19T10:37:00.000-04:00

If you still run Microsoft Vista (what are you crazy? update to Windows 7, it'll be like getting a new computer) and you haven't got SP2 (Service Pack # 2) installed yet, get on it.

MS is not going to offer any more patches to SP1.
If you don't have SP2 installed download it now. You can use automatic update, or you can download it from here and burn it to a CD if you have more than 1 computer that needs it:
http://technet.microsoft.com/en-us/windows/dd262148

Bad People Project Updated

2011-07-14T22:57:00.000-04:00

I got this e-mail from ISECOM today:

Subject: Kids Don't See Hackers as Bad People

Apparently not, there's not a single hacker in the bunch at 
http://www.badpeopleproject.org   ;)

Guess they're not scary enough.

We upgraded the Bad People research project and gallery and now need 
your submissions too.

Hand a child paper and pencil to draw you a picture of a bad person. 
Don't give hints, suggestions, or influence the child in any way. Ask 
the child to explain the picture to you. Scan/photograph that picture 
with explanation and e-mail it to the Bad People Project. We don't 
need names but we do need regional location, gender, and age. It's 
that easy!

All your submissions count and you ISECOM readers are from all around 
the world which makes it even better as a cultural study in security.

Thanks in advance for your participation and enjoy the new gallery.

Sincerely,
-pete.

If you have kids in the taget age group help them do this research, have your kids draw what they think a bad person looks like. There are some really reallly bad looking people in the gallery already. (knife and gun toting mummies, etc.) but it's not a contest to see who comes up with the worst bad-guy, they want to see all of the the variety of what kids think real-life bad-guys are like.

Advanced Evasion Techniques - Stonesoft and ICSA

2011-06-16T11:11:00.000-04:00

I attended SC Congress Canada 2011 on Tuesday and Wednesday this week, and perhaps the most interesting talk I attended was Stonesoft and ICSA's Advanced Evasion Techniques.

Stonesoft discovered that with certain evasion techniques (particularly when combined in particular combinations) they could sneak common exploits past many (including their own, at the time) IDS/IPS systems. They built a tool to repeat these tests on a variety of systems, and proved that with the right know how, and the right tool set (including a custom TCP/IP stack) attackers could sneak past our best defenses. Packet captures were sent to ICSA along with info so they could try to reproduce these results in their own labs. They did!

This is real and they foresee a not -too distant future where things like botnet kits will have this as a checkbox feature.

These evasion techniques are not attacks on their own, but rather a sneaky way to get whatever attack you want to use past the network monitoring and policing systems to the target host.
It's not about the bad-guy asking "How can I hack in?", but "How can I hack in without being seen?"

Check out the research paper, and packet captures if you are really techie, at http://www.antievasion.com/

The Truth About Credit Card Expiry

2011-06-06T09:20:00.001-04:00

I used to be dumb enough to give my credit card number to Sony PSN. (No more! From now on I will be using gift cards for online services like that)

I had a MasterCard registered with Sony. I bought some PSN credit in January.
My card changed in Feb. (same card number (PAN), new expiry and CVC numbers)
I had never given Sony my new expiry # so I thought I was OK despite the hacking. After all, when I got the new card the activation instructions said that once you activate the new card, the old one becomes useless and should be destroyed.

I logged into PSN on the weekend to double check what card they had and it was that card.
I started a transaction for $5 worth of credit to see if it would show me for sure the expiry date was the old one... I clicked next and got back a thank you. A minute later an e-mail receipt arrived showing I had just purchased $5 of wallet credit in PSN. WHAT!?!!?

How was Sony able to process a purchase without the new expiry?

I got on the phone with the credit card company and asked them. They told me that because the old card has not yet expired, even though the new one is activated, they still keep the old one active too, and that is why they ask you to cut up the card when you have activated the new one. (funny that's not how they explain the process in the letter that comes with the new card)

So I reported my card lost and had a new one with all new numbers issued.

808 #11 keychain "Spy camera"

2011-05-17T23:52:00.007-04:00

I have grown dissatisfied with the quality of the MD80 clone (D001) "spy" camera I've been using as a helmet cam.

So, I ordered an 808 #11 keychain "spy" camera from ebay.

This one was slightly more expensive. ($40 including shipping!) It provides 720P HD video with the time stamp that I like. (HINT: look in model rocket and RC hobby sites for a replacement firmware if you DON'T like the date stamp)

This one takes a slightly differently formatted file to set the time.
It didn't come with any instructions so I had to figure it out on my own. (with the help of google and some RC hobbyists who got them before me.)

Basically, you need a file called timeset.txt
It should be 1 line long and should look like this:

2011-05-17 23:38:51

You can edit the file yourself in your favorite text editor, or just use my scripts:

Linux: 808date.sh

#!/bin/sh
DATE=`date +%Y-%m-%d`
TIME=`date +%H:%M:%S`
echo "$DATE $TIME">timeset.txt
echo "808 #11 keychain camera date & time have been updated in the timeset.txt file."

Windows: 808date.cmd

echo off
set YEAR=%date:~6,4%
set MONTH=%date:~0,2%
set DAY=%date:~3,2%
echo %YEAR%-%MONTH%-%DAY% %TIME:~0,8%> timeset.txt
echo "808 #11 keychain camera date & time have been updated in the timeset.txt file."

Just copy these files into the root folder (not DCIM, just stick them next to DCIM)
double-click the one for your operating system
eject the drive once you see the timeset.txt file appear
unplug it
turn it on
make a video
plug your keychain back into the USB
check that the timeset.txt is gone and the video has the right date and time.

[UPDATE June 2, 2011]
You can see some sample videos here: http://www.youtube.com/user/RodMacPherson
Videos after #8 are done with this HD keychain. From #13 on though they will not have Date and Time. I got the camera just a little bit wet in the rain a little while ago, and the clock has been "overclocked" ever since, counting seconds almost as if they were milliseconds. A clock that is always wrong is worse than no clock at all so I flashed it with one of the clock-less firmwares from the RCgroups.

Why I Won't Be Buying Videos from SONY PSN Anymore

2011-04-20T19:48:00.004-04:00

[UPDATE, Aug 11, 2011: Sony finally corrected their ToS:http://www.qriocity.com/us/en/legal-snei-tosua-redlines.html Thanks SONY!]

Even though the new Terms of Service for Sony Network Entertainment America (SNEA), formerly a part of Sony Computer Entertainment America (SCEA), came out on April 1 I have confirmed that what sneaky back-handedness they wrote into it was not an April fools joke.

For those who own a PS3 (or other PSN/Qriocity capable video device) in Canada SONY apparently doesn't like you.

...or at least they don't care about your continued loyalty and continued business.

They have written the terms so that everyone who clicked the I Agree button to log into their PSN account has agreed that even if they are in Canada they will not watch the videos bought on the PSN Video store outside the United States. That means that if you are in Canada and purchased a video from SONY's PSN video store and you then watch it in Canada you are violating the Terms of Service and SONY is free to do whatever they want to your account.

I sought first a change to fix what looked like an embarrassing mistake on SONY's part, but then when that did not seem to be coming I asked for an official statement that what they said is what they meant.

This is the final e-mail I got back from them:

Hello Rod,

We do apologize for this inconvenience or confusion regarding this issue,

This is an official document listed below.

Please refer to the Terms of Use, section 8.

Terms of Use and User Agreement
Article Link: http://playstation.custhelp.com/app/answers/detail/a_id/1109

Regards,
Don K

For anyone interested, but not wanting to follow the link here is Section 8 of Terms of Service and User Agreement Version 9 (April 1, 2011)

I have highlighted in RED the part I'm talking about.

8. VIDEO CONTENT

You may use either your Qriocity account or PSN account to purchase video content. Subject to the terms of this Agreement and any additional terms and conditions for the particular item, SNEA licenses digitalized content, including television shows and movies ("Video Content") to you for your personal, private, non-commercial viewing in the United States only, using a limited number of activated PlayStation®3 computer entertainment systems, PSP® (PlayStation®Portable) systems, personal computers ("PSN Devices") and VOD Devices (collectively, "Authorized Devices") during the authorized viewing period ("Authorized Term"). Video Content may be made available to you as a rental for a limited duration ("Rental Content") or purchase ("Sold Content"). Use of Video Content is subject to certain digital rights management rules and terms and conditions of this Agreement. Except for rights explicitly granted to you, all rights in the Video Content are reserved by SNEA and its licensors.

Only one copy of Rental Content may be viewable on an Authorized Device and each copy will have a rental time period ("Rental Period") during which you can begin playback for that copy. The Rental Period for each copy of Rental Content will be displayed to you prior to finalizing your rental payment. Once you begin playback of your Rental Content copy, that copy is viewable for up to 24 hours. After such time, you will not be able to view the Rental Content. Rental Content may not be reproduced.

You may select the Authorized Device on which you want to view your Rental Content. If you have a Qriocity account, you may view your content from any one of your activated VOD Devices only. If you have a PSN account, you may view your Rental Content purchased on PSN or Qriocity from any one of your activated Authorized Devices, except that if the Rental Content is in high definition format, it may be viewed on one (1) activated PlayStation®3 computer entertainment system or one (1) VOD Device. Rental Content may not be transferred between a PSN Device and a VOD Device. Once playback has started on a VOD Device, you may not view that content using any other Authorized Device without a separate payment. If you start Rental Content playback on a PSN Device, the account that purchased the Rental Content may, during the Authorized Term, transfer that content to a limited number of activated PSN Devices, as described below.

Rental Content in standard definition format downloaded onto a PlayStation®3 computer entertainment system or a personal computer may be transferred to up to three (3) PSP® (PlayStation®Portable) systems. Rental Content in standard definition format for use with a PSP® (PlayStation®Portable) system may be transferred to up to one (1) PlayStation®3 computer entertainment system and two (2) personal computers.

You may view Sold Content for an unlimited number of times on an activated PSN Device only. The account that purchased the Sold Content may copy that content to a limited number of PSN Devices, as described below.

Sold Content in standard definition format downloaded onto a PlayStation®3 computer entertainment system or a personal computer may be copied for use on up to three (3) PSP® (PlayStation®Portable) systems. Sold Content in standard definition format for use with a PSP® (PlayStation®Portable) system may be copied for use on up to one (1) PlayStation®3 computer entertainment system and two (2) personal computers. Sold Content in high definition format may be viewed on only one (1) activated PlayStation®3 computer entertainment system.

You may have the option to purchase Video Content in high definition and standard definition format. You acknowledge that delivery of content is dependent on variables not under SNEA's control, including but not limited to, the speed and availability of your broadband or network connection. You may experience delays or technical difficulties caused by or related to such variables. If you have purchased Video Content and view it using a VOD Device, you may not be able to view your content in the format that you've purchased due to such variables. To the extent permitted by applicable law, you will not receive a refund or credit for any content that you are not able to view or have difficulty viewing due to such variables. We strongly encourage you to purchase content suitable for your viewing capabilities. You bear all responsibility for ensuring that you have the viewing capabilities to view content in the appropriate format or at all.

Proper activation of an Authorized Device by the account that purchased the Video Content is required for all downloads, transfers, copies and viewings. Purchase of Video Content is connected to the purchasing account. An account can activate no more than the maximum number of Authorized Devices, regardless of the number of copies of Video Content purchased. Video Content may not be transferred from one account to another. You may not exceed the total number of accounts on any Authorized Device. Please refer to http://playstation.com/ and http://qriocity.com/ for more information on the total number of permitted Sony Online Services accounts. SNEA reserves the right to limit the number of times an Authorized Device may be activated or deactivated.

Downloading or streaming is not permitted outside the Authorized Term. In addition, once Video Content has been downloaded or accessed, you will not be able to download it again without purchase of another copy.

Some content such as movie trailers may not be representative of the actual feature presentation. Digitalized versions of some content may not be identical with the original formatted content or previously released versions of the same titled content.

Video output in certain formats may require additional equipment, sold separately.

So there you have it Canadian PS3 users, SONY wants you to only watch your PSN video content in the USA, if you watch it at home you've violated the terms of your contract with SONY.

What were the e-mails leading upto all this you ask?

Here is the whole conversation. In typical e-mail style, it's best to start at the bottom and work your way up:

Subject
Dear Sony, I cannot agree to your April 1 terms of service. Sect. 8 Video Conten...

Discussion Thread
Response Via Email (Don K) 04/20/2011 08:40 AM
Hello Rod,

We do apologize for this inconvenience or confusion regarding this issue,

This is an official document listed below.

Please refer to the Terms of Use, section 8.

Terms of Use and User Agreement
Article Link: http://playstation.custhelp.com/app/answers/detail/a_id/1109

Regards,
Don K
Customer By Email (ROD MACPHERSON) 04/19/2011 04:58 PM
I think you misunderstood me.
I am not asking for a refund of wallet moneys or to cancel my account.

I just want one of two things. Either a correction in the Terms of
Service so that it makes sense, or clarification from SONY that you (as
a company) really meant what you said and that it is no longer legal to
watch movies and TV shows I purchased in Canada on a Canadian PSN
account outside the USA.

As it stands, your Terms of Service say that I cannot watch videos from
PSN outside the USA. That means that if I watch my videos I am in breach
of this contract. I am holding off on accepting until I get either a
statement that that is indeed SONY's intent, or a new Terms of Service
appears with the mistake corrected.

If you do intend to make it a breach of contract for me to watch videos
that is fine, I will simply continue to use the PSN's other services and
no longer buy videos. .... although, if that is true, it'd be nice of
you to refund me for the videos you are stealing back, but I am not
going to force the issue. I'll just continue to play my games and watch
videos on other services.

Please let me know which it is. I want an official statement that the
terms of service are correct as they stand, or some indication of what
SONY's plan is to fix the error.

On 04/19/2011 11:29 AM, PlayStation Consumer Services wrote:
>
>
> * Subject*
> Dear Sony, I cannot agree to your April 1 terms of service. Sect. 8
> Video Conten...
>
> * Discussion Thread*
> * Response Via Email (Don K)* 04/19/2011 08:29 AM
> Hello Rod,
>
> We do apologize for this inconvenience.
>
> Thank you for contacting us regarding your decision to decline our Terms
> of Service and User Agreement. If you are serious about not
> being in agreement with the Terms of Use, then in order to close your
> PlayStation®Network account and return the funds in the wallet
> associated with your account, we will need the following information:
>
> PSN Sign-In ID (email address used to create your PSN account)
> PSN Online ID
> First Name
> Last Name
> Complete Mailing Address (where you would like to receive your refund)
>
> You may reply to this email directly if you're already using your PSN
> Sign-In ID email address to read this email. Otherwise, if you have a
> different email address associated with your PSN Sign-In ID, you MUST
> use your PSN ID email address to send us the above information. You can
> send your email to:
>
> TOS_PSN@playstation.sony.com TOS_PSN@playstation.sony.com>
>
> The refund is only for the remaining funds in your PSN wallet. We will
> not refund any money for content that has already been purchased. Once
> the refund request has been processed, your PSN account will be
> terminated. You will lose access to any content that has been purchased
> with this PSN account, as well as any trophies awarded to the account.
> You will also not be able to use this email address to create a new PSN
> account. The termination of your account is final and cannot be reversed.
>
> If you wish to terminate more than one account, you must follow this
> process for each account (we will need to receive an email directly from
> each email address used to create the separate PSN accounts to validate
> that you are the owner of the email accounts).
>
> We value your input and appreciate you bringing this to our attention.
> Please rest assured that we will convey your feedback to Sony Computer
> Entertainment America, LLC's ("SCEA") appropriate management.
>
> Regards,
> Don K
> * Customer By Email (ROD MACPHERSON)* 04/18/2011 05:43 PM
> Nothing against you guys personally, but as I am sure that you are not
> able to contractually bind SONY in any way, I cannot accept you saying
> "I am pretty sure you found an error...." and "Please keep using your
> account" as if it is a contract that supersedes the April 1 2011 Terms
> of Service/User Agreement.
>
> It has been 10 days since my initial contact with your department and I
> still have not received a satisfactory resolution to my concern.
> I will not click Accept, binding me to that agreement until it changes
> to resolve this or until I have in hand a contract from SONY legal dept
> that supersedes the April 1 Terms of Service.
>
> I am sure that this Terms of Service document was reviewed by at least a
> dozen people at SONY and it is an absolute embarrassment that it made it
> to being presented to your customers in it's current form.
>
> Please forward this to the Legal Department, I eagerly await their response.
>
> Sincerely,
> Rod MacPherson.
>
>
> On 12/04/2011 6:45 PM, PlayStation Consumer Services wrote:
>>
>>
>> * Subject*
>> Dear Sony, I cannot agree to your April 1 terms of service. Sect. 8
>> Video Conten...
>>
>> * Discussion Thread*
>> * Response Via Email (James G)* 04/12/2011 03:45 PM
>> Hello Rod,
>>
>> I am pretty sure you found an error in the wording. I will report this
>> and say thank you.
>>
>> Once this is updated you can probably rest easy and not worry about
>> this since it was likely in error.
>>
>> Please keep using your account, as it would seem that is really your
>> intent.
>>
>> Regards,
>> James G
>>
>> Are you a member of the PlayStation®Network yet? Play games online,
>> chat with friends, access exclusive titles, downloadable games, PS
>> one®Classics, free demos, movies, TV shows and more! Highly connected
>> and endlessly entertaining.
>> Welcome to the PlayStation®Network. Join now
>>
> !
>>
>>
>> * Customer By Email (ROD MACPHERSON)* 04/12/2011 03:14 PM
>> Can I have an update on this?
>> surely I'm not the only one who refused to agree to these terms based on
>> the limitation of only being allowed to view purchased content in a
>> country I don't live in.
>>
>> An update would be appreciated.
>> I'm a loyal Sony customer, having bought 3 PS2s, a PSP and 2 PS3's over
>> the years, but I cannot agree to terms that disallow me from watching
>> content I've purchased. ...even if I'll technically be able to I won't
>> agree to the contract the way it is.
>>
>>
>> On 04/09/2011 05:43 PM, PlayStation Consumer Services wrote:
>> >
>> >
>> > * Subject*
>> > Dear Sony, I cannot agree to your April 1 terms of service. Sect. 8
>> > Video Conten...
>> >
>> > * Discussion Thread*
>> > * Response Via Email (Richard K.)* 04/09/2011 02:43 PM
>> > Hello Rod,
>> >
>> > I understand the concern caused by the mention of content purchased from
>> > the PlayStation®Store's Video Download Service only being viewable in
>> > the United States. I am glad to say the PlayStation Store's Video
>> > Download Service is still available in both Canada and the United
>> > States. I am having the appropriate department within Sony Computer
>> > Entertainment America (SCEA) look into the mentioned clause so that it
>> > can be checked for inaccuracies. I appreciate you bringing this to our
>> > attention. Please let me know if you have any other questions or
>> > concerns in the future.
>> >
>> >
>> > Regards,
>> > Richard K.
>> > * Auto-Response* 04/08/2011 07:10 PM
>> > *** PLEASE DO NOT REPLY TO THIS MESSAGE. THIS IS A SYSTEM-GENERATED AUTO
>> > RESPONSE. ***
>> >
>> > Thank you for contacting Sony Computer Entertainment America, LLC
>> (SCEA).
>> >
>> > You have received this auto-acknowledgement to confirm that we received
>> > your message. We will respond to your message within 24 - 48 hours. For
>> > immediate online support, please visit our PlayStation Knowledge Center
>> > at http://us.playstation.com/support 24 hours a day.
>> >
>> > Thank you for your patience.
>> >
>> > SCEA Consumer Services
>> > * Customer By Web Form (ROD MACPHERSON)* 04/08/2011 07:10 PM
>> > Dear Sony,
>> > I cannot agree to your April 1 terms of service. Sect. 8 Video Content
>> > says "...viewing in the United States only" I'm in Canada.
>> > I am not going to drive my Playstation3 4 hours to the nearest border
>> > crossing just to watch a video I PURCHASED from you. Update the
>> > agreement please.
>> >
>> >
>> >
>>
>>
>> --
>>
>> Rod MacPherson
>> rod@macphersonclan.com rod@macphersonclan.com>
> rod@macphersonclan.com rod@macphersonclan.com>>
>> * Response Via Email (Richard K.)* 04/09/2011 02:43 PM
>> Hello Rod,
>>
>> I understand the concern caused by the mention of content purchased
>> from the PlayStation®Store's Video Download Service only being
>> viewable in the United States. I am glad to say the PlayStation
>> Store's Video Download Service is still available in both Canada and
>> the United States. I am having the appropriate department within Sony
>> Computer Entertainment America (SCEA) look into the mentioned clause
>> so that it can be checked for inaccuracies. I appreciate you bringing
>> this to our attention. Please let me know if you have any other
>> questions or concerns in the future.
>>
>>
>> Regards,
>> Richard K.
>> * Auto-Response* 04/08/2011 07:10 PM
>> *** PLEASE DO NOT REPLY TO THIS MESSAGE. THIS IS A SYSTEM-GENERATED
>> AUTO RESPONSE. ***
>>
>> Thank you for contacting Sony Computer Entertainment America, LLC (SCEA).
>>
>> You have received this auto-acknowledgement to confirm that we
>> received your message. We will respond to your message within 24 - 48
>> hours. For immediate online support, please visit our PlayStation
>> Knowledge Center at http://us.playstation.com/support 24 hours a day.
>>
>> Thank you for your patience.
>>
>> SCEA Consumer Services
>> * Customer By Web Form (ROD MACPHERSON)* 04/08/2011 07:10 PM
>> Dear Sony,
>> I cannot agree to your April 1 terms of service. Sect. 8 Video Content
>> says "...viewing in the United States only" I'm in Canada.
>> I am not going to drive my Playstation3 4 hours to the nearest border
>> crossing just to watch a video I PURCHASED from you. Update the
>> agreement please.
>>
>>
>>
>
>
> --
> Rod MacPherson
> rod@macphersonclan.com rod@macphersonclan.com>
> * Response Via Email (James G)* 04/12/2011 03:45 PM
> Hello Rod,
>
> I am pretty sure you found an error in the wording. I will report this
> and say thank you.
>
> Once this is updated you can probably rest easy and not worry about this
> since it was likely in error.
>
> Please keep using your account, as it would seem that is really your intent.
>
> Regards,
> James G
>
> Are you a member of the PlayStation®Network yet? Play games online,
> chat with friends, access exclusive titles, downloadable games, PS
> one®Classics, free demos, movies, TV shows and more! Highly connected
> and endlessly entertaining.
> Welcome to the PlayStation®Network. Join now
> !
>
> * Customer By Email (ROD MACPHERSON)* 04/12/2011 03:14 PM
> Can I have an update on this?
> surely I'm not the only one who refused to agree to these terms based on
> the limitation of only being allowed to view purchased content in a
> country I don't live in.
>
> An update would be appreciated.
> I'm a loyal Sony customer, having bought 3 PS2s, a PSP and 2 PS3's over
> the years, but I cannot agree to terms that disallow me from watching
> content I've purchased. ...even if I'll technically be able to I won't
> agree to the contract the way it is.
>
>
> On 04/09/2011 05:43 PM, PlayStation Consumer Services wrote:
>>
>>
>> * Subject*
>> Dear Sony, I cannot agree to your April 1 terms of service. Sect. 8
>> Video Conten...
>>
>> * Discussion Thread*
>> * Response Via Email (Richard K.)* 04/09/2011 02:43 PM
>> Hello Rod,
>>
>> I understand the concern caused by the mention of content purchased from
>> the PlayStation®Store's Video Download Service only being viewable in
>> the United States. I am glad to say the PlayStation Store's Video
>> Download Service is still available in both Canada and the United
>> States. I am having the appropriate department within Sony Computer
>> Entertainment America (SCEA) look into the mentioned clause so that it
>> can be checked for inaccuracies. I appreciate you bringing this to our
>> attention. Please let me know if you have any other questions or
>> concerns in the future.
>>
>>
>> Regards,
>> Richard K.
>> * Auto-Response* 04/08/2011 07:10 PM
>> *** PLEASE DO NOT REPLY TO THIS MESSAGE. THIS IS A SYSTEM-GENERATED AUTO
>> RESPONSE. ***
>>
>> Thank you for contacting Sony Computer Entertainment America, LLC (SCEA).
>>
>> You have received this auto-acknowledgement to confirm that we received
>> your message. We will respond to your message within 24 - 48 hours. For
>> immediate online support, please visit our PlayStation Knowledge Center
>> at http://us.playstation.com/support 24 hours a day.
>>
>> Thank you for your patience.
>>
>> SCEA Consumer Services
>> * Customer By Web Form (ROD MACPHERSON)* 04/08/2011 07:10 PM
>> Dear Sony,
>> I cannot agree to your April 1 terms of service. Sect. 8 Video Content
>> says "...viewing in the United States only" I'm in Canada.
>> I am not going to drive my Playstation3 4 hours to the nearest border
>> crossing just to watch a video I PURCHASED from you. Update the
>> agreement please.
>>
>>
>>
>
>
> --
>
> Rod MacPherson
> rod@macphersonclan.com rod@macphersonclan.com>
> * Response Via Email (Richard K.)* 04/09/2011 02:43 PM
> Hello Rod,
>
> I understand the concern caused by the mention of content purchased from
> the PlayStation®Store's Video Download Service only being viewable in
> the United States. I am glad to say the PlayStation Store's Video
> Download Service is still available in both Canada and the United
> States. I am having the appropriate department within Sony Computer
> Entertainment America (SCEA) look into the mentioned clause so that it
> can be checked for inaccuracies. I appreciate you bringing this to our
> attention. Please let me know if you have any other questions or
> concerns in the future.
>
>
> Regards,
> Richard K.
> * Auto-Response* 04/08/2011 07:10 PM
> *** PLEASE DO NOT REPLY TO THIS MESSAGE. THIS IS A SYSTEM-GENERATED AUTO
> RESPONSE. ***
>
> Thank you for contacting Sony Computer Entertainment America, LLC (SCEA).
>
> You have received this auto-acknowledgement to confirm that we received
> your message. We will respond to your message within 24 - 48 hours. For
> immediate online support, please visit our PlayStation Knowledge Center
> at http://us.playstation.com/support 24 hours a day.
>
> Thank you for your patience.
>
> SCEA Consumer Services
> * Customer By Web Form (ROD MACPHERSON)* 04/08/2011 07:10 PM
> Dear Sony,
> I cannot agree to your April 1 terms of service. Sect. 8 Video Content
> says "...viewing in the United States only" I'm in Canada.
> I am not going to drive my Playstation3 4 hours to the nearest border
> crossing just to watch a video I PURCHASED from you. Update the
> agreement please.
>
>
>

--

Rod MacPherson
rod@macphersonclan.com
Response Via Email (Don K) 04/19/2011 08:29 AM
Hello Rod,

We do apologize for this inconvenience.

Thank you for contacting us regarding your decision to decline our Terms of Service and User Agreement. If you are serious about not
being in agreement with the Terms of Use, then in order to close your PlayStation®Network account and return the funds in the wallet associated with your account, we will need the following information:

PSN Sign-In ID (email address used to create your PSN account)
PSN Online ID
First Name
Last Name
Complete Mailing Address (where you would like to receive your refund)

You may reply to this email directly if you're already using your PSN Sign-In ID email address to read this email. Otherwise, if you have a different email address associated with your PSN Sign-In ID, you MUST use your PSN ID email address to send us the above information. You can send your email to:

TOS_PSN@playstation.sony.com

The refund is only for the remaining funds in your PSN wallet. We will not refund any money for content that has already been purchased. Once the refund request has been processed, your PSN account will be terminated. You will lose access to any content that has been purchased with this PSN account, as well as any trophies awarded to the account. You will also not be able to use this email address to create a new PSN account. The termination of your account is final and cannot be reversed.

If you wish to terminate more than one account, you must follow this process for each account (we will need to receive an email directly from each email address used to create the separate PSN accounts to validate that you are the owner of the email accounts).

We value your input and appreciate you bringing this to our attention. Please rest assured that we will convey your feedback to Sony Computer Entertainment America, LLC's ("SCEA") appropriate management.

Regards,
Don K
Customer By Email (ROD MACPHERSON) 04/18/2011 05:43 PM
Nothing against you guys personally, but as I am sure that you are not
able to contractually bind SONY in any way, I cannot accept you saying
"I am pretty sure you found an error...." and "Please keep using your
account" as if it is a contract that supersedes the April 1 2011 Terms
of Service/User Agreement.

It has been 10 days since my initial contact with your department and I
still have not received a satisfactory resolution to my concern.
I will not click Accept, binding me to that agreement until it changes
to resolve this or until I have in hand a contract from SONY legal dept
that supersedes the April 1 Terms of Service.

I am sure that this Terms of Service document was reviewed by at least a
dozen people at SONY and it is an absolute embarrassment that it made it
to being presented to your customers in it's current form.

Please forward this to the Legal Department, I eagerly await their response.

Sincerely,
Rod MacPherson.

On 12/04/2011 6:45 PM, PlayStation Consumer Services wrote:
>
>
> * Subject*
> Dear Sony, I cannot agree to your April 1 terms of service. Sect. 8
> Video Conten...
>
> * Discussion Thread*
> * Response Via Email (James G)* 04/12/2011 03:45 PM
> Hello Rod,
>
> I am pretty sure you found an error in the wording. I will report this
> and say thank you.
>
> Once this is updated you can probably rest easy and not worry about
> this since it was likely in error.
>
> Please keep using your account, as it would seem that is really your
> intent.
>
> Regards,
> James G
>
> Are you a member of the PlayStation®Network yet? Play games online,
> chat with friends, access exclusive titles, downloadable games, PS
> one®Classics, free demos, movies, TV shows and more! Highly connected
> and endlessly entertaining.
> Welcome to the PlayStation®Network. Join now
> !
>
>
> * Customer By Email (ROD MACPHERSON)* 04/12/2011 03:14 PM
> Can I have an update on this?
> surely I'm not the only one who refused to agree to these terms based on
> the limitation of only being allowed to view purchased content in a
> country I don't live in.
>
> An update would be appreciated.
> I'm a loyal Sony customer, having bought 3 PS2s, a PSP and 2 PS3's over
> the years, but I cannot agree to terms that disallow me from watching
> content I've purchased. ...even if I'll technically be able to I won't
> agree to the contract the way it is.
>
>
> On 04/09/2011 05:43 PM, PlayStation Consumer Services wrote:
> >
> >
> > * Subject*
> > Dear Sony, I cannot agree to your April 1 terms of service. Sect. 8
> > Video Conten...
> >
> > * Discussion Thread*
> > * Response Via Email (Richard K.)* 04/09/2011 02:43 PM
> > Hello Rod,
> >
> > I understand the concern caused by the mention of content purchased from
> > the PlayStation®Store's Video Download Service only being viewable in
> > the United States. I am glad to say the PlayStation Store's Video
> > Download Service is still available in both Canada and the United
> > States. I am having the appropriate department within Sony Computer
> > Entertainment America (SCEA) look into the mentioned clause so that it
> > can be checked for inaccuracies. I appreciate you bringing this to our
> > attention. Please let me know if you have any other questions or
> > concerns in the future.
> >
> >
> > Regards,
> > Richard K.
> > * Auto-Response* 04/08/2011 07:10 PM
> > *** PLEASE DO NOT REPLY TO THIS MESSAGE. THIS IS A SYSTEM-GENERATED AUTO
> > RESPONSE. ***
> >
> > Thank you for contacting Sony Computer Entertainment America, LLC
> (SCEA).
> >
> > You have received this auto-acknowledgement to confirm that we received
> > your message. We will respond to your message within 24 - 48 hours. For
> > immediate online support, please visit our PlayStation Knowledge Center
> > at http://us.playstation.com/support 24 hours a day.
> >
> > Thank you for your patience.
> >
> > SCEA Consumer Services
> > * Customer By Web Form (ROD MACPHERSON)* 04/08/2011 07:10 PM
> > Dear Sony,
> > I cannot agree to your April 1 terms of service. Sect. 8 Video Content
> > says "...viewing in the United States only" I'm in Canada.
> > I am not going to drive my Playstation3 4 hours to the nearest border
> > crossing just to watch a video I PURCHASED from you. Update the
> > agreement please.
> >
> >
> >
>
>
> --
>
> Rod MacPherson
> rod@macphersonclan.com rod@macphersonclan.com>
> * Response Via Email (Richard K.)* 04/09/2011 02:43 PM
> Hello Rod,
>
> I understand the concern caused by the mention of content purchased
> from the PlayStation®Store's Video Download Service only being
> viewable in the United States. I am glad to say the PlayStation
> Store's Video Download Service is still available in both Canada and
> the United States. I am having the appropriate department within Sony
> Computer Entertainment America (SCEA) look into the mentioned clause
> so that it can be checked for inaccuracies. I appreciate you bringing
> this to our attention. Please let me know if you have any other
> questions or concerns in the future.
>
>
> Regards,
> Richard K.
> * Auto-Response* 04/08/2011 07:10 PM
> *** PLEASE DO NOT REPLY TO THIS MESSAGE. THIS IS A SYSTEM-GENERATED
> AUTO RESPONSE. ***
>
> Thank you for contacting Sony Computer Entertainment America, LLC (SCEA).
>
> You have received this auto-acknowledgement to confirm that we
> received your message. We will respond to your message within 24 - 48
> hours. For immediate online support, please visit our PlayStation
> Knowledge Center at http://us.playstation.com/support 24 hours a day.
>
> Thank you for your patience.
>
> SCEA Consumer Services
> * Customer By Web Form (ROD MACPHERSON)* 04/08/2011 07:10 PM
> Dear Sony,
> I cannot agree to your April 1 terms of service. Sect. 8 Video Content
> says "...viewing in the United States only" I'm in Canada.
> I am not going to drive my Playstation3 4 hours to the nearest border
> crossing just to watch a video I PURCHASED from you. Update the
> agreement please.
>
>
>

--
Rod MacPherson
rod@macphersonclan.com
Response Via Email (James G) 04/12/2011 03:45 PM
Hello Rod,

I am pretty sure you found an error in the wording. I will report this and say thank you.

Once this is updated you can probably rest easy and not worry about this since it was likely in error.

Please keep using your account, as it would seem that is really your intent.

Regards,
James G

Are you a member of the PlayStation®Network yet? Play games online, chat with friends, access exclusive titles, downloadable games, PS one®Classics, free demos, movies, TV shows and more! Highly connected and endlessly entertaining.
Welcome to the PlayStation®Network. Join now!
Customer By Email (ROD MACPHERSON) 04/12/2011 03:14 PM
Can I have an update on this?
surely I'm not the only one who refused to agree to these terms based on
the limitation of only being allowed to view purchased content in a
country I don't live in.

An update would be appreciated.
I'm a loyal Sony customer, having bought 3 PS2s, a PSP and 2 PS3's over
the years, but I cannot agree to terms that disallow me from watching
content I've purchased. ...even if I'll technically be able to I won't
agree to the contract the way it is.

On 04/09/2011 05:43 PM, PlayStation Consumer Services wrote:
>
>
> * Subject*
> Dear Sony, I cannot agree to your April 1 terms of service. Sect. 8
> Video Conten...
>
> * Discussion Thread*
> * Response Via Email (Richard K.)* 04/09/2011 02:43 PM
> Hello Rod,
>
> I understand the concern caused by the mention of content purchased from
> the PlayStation®Store's Video Download Service only being viewable in
> the United States. I am glad to say the PlayStation Store's Video
> Download Service is still available in both Canada and the United
> States. I am having the appropriate department within Sony Computer
> Entertainment America (SCEA) look into the mentioned clause so that it
> can be checked for inaccuracies. I appreciate you bringing this to our
> attention. Please let me know if you have any other questions or
> concerns in the future.
>
>
> Regards,
> Richard K.
> * Auto-Response* 04/08/2011 07:10 PM
> *** PLEASE DO NOT REPLY TO THIS MESSAGE. THIS IS A SYSTEM-GENERATED AUTO
> RESPONSE. ***
>
> Thank you for contacting Sony Computer Entertainment America, LLC (SCEA).
>
> You have received this auto-acknowledgement to confirm that we received
> your message. We will respond to your message within 24 - 48 hours. For
> immediate online support, please visit our PlayStation Knowledge Center
> at http://us.playstation.com/support 24 hours a day.
>
> Thank you for your patience.
>
> SCEA Consumer Services
> * Customer By Web Form (ROD MACPHERSON)* 04/08/2011 07:10 PM
> Dear Sony,
> I cannot agree to your April 1 terms of service. Sect. 8 Video Content
> says "...viewing in the United States only" I'm in Canada.
> I am not going to drive my Playstation3 4 hours to the nearest border
> crossing just to watch a video I PURCHASED from you. Update the
> agreement please.
>
>
>

--

Rod MacPherson
rod@macphersonclan.com
Response Via Email (Richard K.) 04/09/2011 02:43 PM
Hello Rod,

I understand the concern caused by the mention of content purchased from the PlayStation®Store's Video Download Service only being viewable in the United States. I am glad to say the PlayStation Store's Video Download Service is still available in both Canada and the United States. I am having the appropriate department within Sony Computer Entertainment America (SCEA) look into the mentioned clause so that it can be checked for inaccuracies. I appreciate you bringing this to our attention. Please let me know if you have any other questions or concerns in the future.

Regards,
Richard K.
Auto-Response 04/08/2011 07:10 PM
*** PLEASE DO NOT REPLY TO THIS MESSAGE. THIS IS A SYSTEM-GENERATED AUTO RESPONSE. ***

Thank you for contacting Sony Computer Entertainment America, LLC (SCEA).

You have received this auto-acknowledgement to confirm that we received your message. We will respond to your message within 24 - 48 hours. For immediate online support, please visit our PlayStation Knowledge Center at http://us.playstation.com/support 24 hours a day.

Thank you for your patience.

SCEA Consumer Services
Customer By Web Form (ROD MACPHERSON) 04/08/2011 07:10 PM
Dear Sony,
I cannot agree to your April 1 terms of service. Sect. 8 Video Content says "...viewing in the United States only" I'm in Canada.
I am not going to drive my Playstation3 4 hours to the nearest border crossing just to watch a video I PURCHASED from you. Update the agreement please.

[---001:021920:26014---]

Epsilon: Be wary of Phishing attempts coming from legitimate looking e-mails

2011-04-18T10:37:00.005-04:00

We all subscribe to e-mail newsletters in some form or another.
We all get those deal of the day e-mails telling us the latest deals at our favourite retailers or Air Miles updates with links back to the Air Miles site and vacation deals.

We all need to be a lot more careful.

Last month Epsilon, a marketing firm that deals with many of the retailers we all know and trust was hacked.
At first it was downplayed as not important because the hackers only got names and e-mail addresses. No credit card data was ever stored by Epsilon on the systems that were breached, and in fact they would not have that info in most cases because they are just the guys who send out those e-mail newsletters on behalf of retailers and banks.

Not long after, people started to realize the implications of this breach, but the problem is, even the tech press never really got the point across very well, and it was usually ignored by readers because the news sites only ever listed a handful of companies that were affected.

Most people reading about the breach are probably thinking, "I don't deal with those companies, I'm ok" looking at the short list of 3-4 examples in most news stories about it, or "so they got my e-mail address who cares, I get spam all the time".

The issue is they got e-mail addresses, and names linked to retailers and banks that you DO deal with and that you are already used to getting e-mails from. ...e-mails that already link to a 3rd party, that takes stats then forwards you to the retailer's website. So you are used to seeing links in these e-mails pointing to somewhere other than the official website, but eventually taking you there.

This is prime data for a wide spread, and likely to be highly successful, Phishing expedition.

They send you an e-mail that looks like every Sears ad you've gotten on a monthly basis for years, it has a great bargain on BBQs... You think "It's spring, I should probably check out this deal on BBQs" and you click it. It takes you to what looks like a Sears website (and yes they can be VERY convincing) but it is not. It is a fake Sears website that they set up just for the purpose of collecting more info about these people that they already know are Sears customers... Maybe you will attempt to order that BBQ and they will get your credit card, and you won't know it till it is way too late.

The other scam that they are running is a fake Epsilon breach news update site (copied from the actual press release site) that offers up a downloadable tool that they tell you to run to see if the hackers have your e-mail address... That tool is a Trojan!

So do they have your e-mail address? Probably. Do you get regular e-mails from any of these companies?

1-800-FLOWERS
AbeBooks
Abercrombie & Fitch (WFNNB)
AIR MILES Reward Program (Canada)
Ameriprise
Ann Taylor (WFNNB)
AshleyStewart (WFNNB)
Avenue (WFNNB)
Barclays Bank of Delaware
Beachbody
Bealls (WFNNB)
bebe
Best Buy
Best Buy Canada Reward Zone
Benefit Cosmetics (see below)
BJ’s Visa (Barclays Bank of Delaware)
Brookstone
Capital One
Catherine’s (WFNNB)
Chadwick’s (WFNNB)
Charter Communications
Chase
Citigroup
City Market
College Board
Crate & Barrel (WFNNB)
Crucial
David’s Bridal
Dell Australia
Dillons
Disney Destinations (The Walt Disney Travel Company)
Domestications (WFNNB)
Dressbarn (WFNNB)
Eddie Bauer Friends
Eileen Fisher (doesn’t name Epsilon but same template letter)
Ethan Allen
Eurosport Soccer (Soccer.com)
Express card (WFNNB)
ExxonMobil Card (Citi)
Fashion Bug (WFNNB)
FINA (WFNNB)
Food 4 Less
Fred Meyer
Fry’s
Gander Mountain (WFNNB)
Giant Eagle Fuelperks! (WFNNB)
GlaxoSmithKline Consumer Healthcare (GSK)
Goody’s (WFNNB)
Hilton Honors
Home Depot Card (Citi)
Home Shopping Network (HSN)
J Crew (WFNNB)
J.Jill
Jay C
Jessica London (WFNNB)
JPMorgan Chase
Justice (WFNNB)
KingSize Direct (WFNNB)
King Soopers
Kroger
Lacoste
Lane Bryant (WFNNB)
L.L. Bean Visa (Barclay’s)
M & T Bank
Marriott Rewards (FAQ on site)
Marks & Spencer
Maurice’s (WFNNB)
McKinsey Quarterly
MoneyGram
MyPoints Reward Visa
New York & Company
NTB Card (Citi)
One Stop Plus (WFNNB)
PacSun (Pacific Sunwear) (WFNNB)
Palais Royal (WFNNB)
Peebles (WFNNB)
Polo Ralph Lauren
PotteryBarn/PotteryBarnKids (WFNNB)
Quality Food Centers (QFC)
QualityHealth
RadioShack (WFNNB)
Ralphs
Red Roof Inn
Reeds Jewelers (WFNNB)
Ritz-Carlton (FAQ)
Robert Half International
Scottrade
Sears (Citi)
Shell (Citi)
Smile Generation Financial
Smith’s Food & Drug Centers (Smith’s Brands)
Sportsman’s Guide (WFNNB)
Stage (WFNNB)
Stonebridge Life Insurance
Target
Tastefully Simple
TD Ameritrade
The Limited (WFNNB)
The Place (Citi)
TIAA-CREF
TiVo
Trek (WFNNB)
United Retail Group (WFNNB)
US Bank
Value City Furniture (WFNNB)
Verizon
Victoria’s Secret (WFNNB)
Viking River Cruises
Walgreens
Woman Within (WFNNB)
World Financial Network National Bank

For more info:

http://www.databreaches.net/?p=17374

http://www.net-security.org/malware_news.php?id=1696&utm_source=Help+Net+Security+Daily+News&utm_campaign=6de5c5076e-RSS-hns&utm_medium=email

Take Back The Light

2011-04-08T09:23:00.000-04:00

I know that the programme has been running for a year now, but I still get people asking me what to do with the used Compact Flourescent (CFL) light bulbs AKA twisty bulbs when they die.

Mainly they ask because with very few exceptions (a few vanity bulbs in the bathroom) all of my lights have been converted to CFL or halogen. (Halogen because low wattage halogen was available before high power dimmable LED) While CFL bulbs are available cheap in quantity these days, people are still reluctant because they don't know what to do with them when they die. It says right on the package that you shouldn't put them in the garbage because they contain mercury which could poison the water supply.

Anywhere in Ontario you can return ANY flourescent light tube, CFL or long tube style, to ANY Canadian Tire store.You just take it to the customer service area, and they have a bin specifically for CFL recycling. If you can't fit the bulb into the bin (because it's a long blub, or because the bin is full) just hand it over the desk to the clerk. Done.

They have them picked up and taken to a recycling facility in Ayr, Ontario, where they are safely recycled.

For more info read http://www.takebackthelight.ca/retail_take_back

MD80 "spy camera"

2011-04-07T15:58:00.002-04:00

I recently bought a very cheap little "spy" camera on ebay. (a little over $8 including shipping)

I wanted a helmet cam for my e-bike vlog on Youtube.

This cheap little camera fits right inside my motorcycle helmet. (it is tiny, so it doesn't get in the way at all) and records standard definition video to a microSD card. It runs off a built in rechargeable battery and charges via USB.

The video has a time stamp in the lower right corner, which is good for if there is an accident and I want to hand over the video to my lawyer or the police. The problem is that the date and time needs to be reset every time
you connect to the computer
the battery runs out. That doesn't sound bad except that it is not an automatic process, you need to manually edit a file called TAG.txt on the SD card and reboot the camera. (switch it off and on again)

I wrote a little BASH script (I use Linux as my primary Operating System) to handle that for me, so all I have to do is double click the MD80date.sh file and it generates the TAG.txt file for me.

MD80date.sh:

#!/bin/sh
DATE=`date +%Y/%m/%d`
TIME=`date +%H:%M:%S`
echo "[date] ">TAG.txt
echo $DATE" ">>TAG.txt
echo $TIME>> TAG.txt
echo "MD80 date & time have been updated in the TAG.txt file."

Here is a similar version for Windows

MD80date.cmd:

echo off
set YEAR=%date:~6,4%
set MONTH=%date:~0,2%
set DAY=%date:~3,2%
echo [date] >TAG.txt
echo %YEAR%/%MONTH%/%DAY% >>TAG.txt
echo %TIME:~0,8%>> TAG.txt
echo "MD80 date & time have been updated in the TAG.txt file."

So, if you pick up one of these dirt cheap cameras and need an easy way to set that timestamp, just copy these files into the SD card (in the root folder, or main folder, right next to the DCIM folder) then you just click on the one that corresponds to the OS you are using (Windows or Linux) before you eject and reboot the camera.

[NOTE: I've since upgraded to an 808 #11 keychain 720P HD camera]

Using Ninja to Monitor And Kill Rogue Privilege Escalation

2011-02-22T11:07:00.002-05:00

In the world of hacking, getting in is just the start. Once a hacker (if they have malicious intent we'll call them crackers) has found a way onto a system s/he then usually needs to jump to the Administrator or system or root account to be most effective.

Ninja is a program for Linux (and presumably most Unix like OSes) that monitors for such privilege escalation. Privilege escalations might not be crackers though. The common administration programs like passwd, sudo, etc. also set UID to root, so Ninja has white-listing for who is allowed to run what processes as root.

The white-list function of ninja makes it useful for enforcing policy. You can have a group of users who are allowed to run file editors as root to make changes to system configs and another group who are allowed to restart services, thus providing separation of duties.

When you first install Ninja, it is set to logging only. This allows you to run it in log mode for a while until you are sure your white-list covers all of the normal use cases for your system before you put it into the proactive process killing modes.

There are 2 modes for process killing, one that kills the process running as root, and one that also kills the process that spawned it.

When first installed (on a debian based system like Ubuntu) it will tell you where it's configs and logs are:

Setting up ninja (0.1.3-2) ...
log: reading configuration file: /etc/ninja/ninja.conf
log: ninja version 0.1.3 initializing
log: magic group: gid=0 (root)
log: logfile: /var/log/ninja.log
log: whitelist mapped in memory at 0x7f851ba0b000
log: entering daemon mode

After install If I run a program in sudo, it will be logged as below:

rod@rod-ubuntu:~$ sudo nano /etc/ninja/ninja.conf

rod@rod-ubuntu:~$ more /var/log/ninja.log
[Tue Feb 22 06:12:23 2011] ninja version 0.1.3 initializing
[Tue Feb 22 06:12:23 2011] magic group: gid=0 (root)
[Tue Feb 22 06:12:23 2011] logfile: /var/log/ninja.log
[Tue Feb 22 06:12:23 2011] whitelist mapped in memory at 0x7f851ba0b000
[Tue Feb 22 06:12:23 2011] entering daemon mode
[Tue Feb 22 06:12:23 2011] entering main loop
[Tue Feb 22 06:12:23 2011] generating initial pid array..
[Tue Feb 22 06:12:23 2011] now monitoring process activity
[Tue Feb 22 06:25:55 2011] NEW ROOT PROCESS: nano[3686] ppid=2740 uid=0 gid=0
[Tue Feb 22 06:25:55 2011]   - ppid uid=1000(rod) gid=1000 ppid=2722
[Tue Feb 22 06:25:55 2011]   + UNAUTHORIZED PROCESS DETECTED: nano[3686] (parent
: bash[2740])
[Tue Feb 22 06:25:55 2011]   - nokill option set, no signals sent
rod@rod-ubuntu:~$

This logging alone, makes ninja worth the install because it gives you a way to track who did what as root no matter how they got to be root. (sudo, SUID, or a privilege escalation hack) Turn on the defensive modes and your system learns a little bit of self defense.

Now if only I could find a version of this for Windows machines. Anyone know of something similar (free or for a fee) for Windows?

Illegal Content On The Internet?

2011-01-13T16:34:00.003-05:00

What do you do when you find illegal content on the internet?

We all have heard the jokes that the main content of the internet is pornography.
So, what if you happen to be looking at some Adult content on the internet and you stray a little off the beaten track and find yourself in questionable territory, and maybe you find your way to something that looks suspiciously like images of children...

Maybe you are researching Nazis for history class and you come across some hate literature...

There are online hot-lines to report this, and if you don't know who to report it to, there is an association of these hot-lines, called INHOPE, to help you find the right one.

https://www.inhope.org/en/makereport.html

Another Reason To Be Careful Where You Download From

2010-09-22T11:37:00.001-04:00

HelpNet Security News has an article today on a new trojan that sort of holds your computer ransom.

This software is distributed as installers for popular software like Divx or uTorrent, and distributed through sites with domain names that look official to those not already familiar with what the real site's name ought to be.

Once you've downloaded and installed it, the program asks you to "unlock" it by sending an SMS text message from your cell phone to what is essentially a 1-900 type service. You send a text message, they send you the "unlock" code, and your cell phone gets billed for the "service".

Fortunately, this version isn't a drastic as some other ransom-ware that actually prevents you from using the computer until you get the unlock code.

http://www.net-security.org/secworld.php?id=9892

*nix System Hardening - Step 1

2010-08-25T10:20:00.000-04:00

If you run a Linux, FreeBSD, or MacOS system with ANY server services open to the world (Apache, SSH, FTP, etc.) take a look at fail2ban.

http://www.fail2ban.org

The idea of this little program is that it watches your log files for failed attempts to log in and bans the IP that repeatedly fails to log in (usually that means they are password guessing, and not a legitimate user)

DenyHosts does something similar for just SSH, but if you have other services open fail2ban is better.

Small Businesses Hammered By Cybercrime

2010-08-16T11:34:00.001-04:00

There is a good article over on Infosec Island by Ashesh Mamidi contributed by fellow blogger Theresa Peyton:

https://www.infosecisland.com/blogview/6481-Small-Businesses-Hammered-By-Cybercrime.html

The jist of it, as I've been trying to tell people: Viruses and Malware are NOT just an annoyance anymore. They are a real threat to your financial well being.

Everyone should be running at least a good firewall and an antivirus program. Better yet, I'd recommend trying a software whitelisting program like Faronics Anti-Executable ... if it's not on the approved list it doesn't get run.

How To Still Get Auto-updates In XP SP2

2010-08-13T09:34:00.001-04:00

As you might already know, Windows XP SP2 has been retired, and cannot download automatic updates anymore (except to update to SP3).

If for some strange reason you cannot upgrade to SP3 (some incompatibility with a business critical app that is no longer supported by it's vendor) there is a way to fool SP2 into thinking it is SP3 and therefore allowing automatic updates to still occur. This is foolish if there is not a VERY good reason to avoid SP3, but here it is:

Go into the registry and edit this key: 'HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Windows,' edit the DWORD value 'CSDVersion' from 200 to 300, then reboot.

I strongly recommend just updating to SP3, or better yet, buy Windows 7. ...but, if you have to stay on SP2, now you can, and not miss out on all of the patches.

There is no guarantee that this will not eventually run into a patch that will just break something, as Microsoft does not test the patches for SP2 compatibility any more, so if your computer tells the update server it's SP3 it will send you patches meant for SP3. Likely those patches will work, but there is some risk that they will not beacause they expect certain components that were updated in SP3 to be there.

Kill-a-Watt

2010-08-06T19:29:00.005-04:00

This only really relates to people living in Oshawa, Ontario...but, Oshawa PUC is lending out Watt meters through the Oshawa Public Library.
You can borrow one of these meters:

http://www.opuc.on.ca/Conservation/Programs/WattReader.aspx

...by just presenting your Oshawa Library card and asking for one at the front counter of the library. You get it for 1 month, no fee.

I decided that even though I've done a lot (changed all my light bulbs, started using more efficient appliances, etc. over the years, there's more i could be doing. I borrowed one of these to see what I could identify as an energy hog and reduce my energy consumption even further.

I was pleasantly surprised that my laptop charger, which always has a glowing LED on it only seems to consume any appreciable power when the laptop is plugged in. I always unplug it anyway, but I was happy to see that when it is not charging the laptop it uses less than 1 watt. (the minimum that can be measured on this device). The same goes for the PSP charger and cell phone chargers. :)

I was very unhappy to see that my Playstation 3 (the old 60GB FAT version) uses a whole 25W when it is OFF!

I turned it on for a minute and it quickly went up to 180W. I imagine when I watch a movie or play a game for a while it will consume even more as the fans start to kick in.

It should be interesting to see what readings I get from some of the other electronic gadgets in the house

[Update Aug 8, 2010:
It turns out that the PS3 uses about 175W on average when it is on, regardless of how long it runs or what I do with it.

I tested my VCR/DVD recorder. It eats about 3-5W when turned off and 29W when playing a DVD. I guess I should use that to watch movies instead of the PS3. ]

[Update Aug 30, 2010:
My new favorite is our Daenyx DVD player. Not just cheap to buy, cheap to run.
It uses no power when turned off (you have to get up and push the on/off button, it's a real switch) and, surprisingly, it only consumes 5W when playing ! That's as much as the DVD/VCR combo unit (that we've now gotten rid of} used just waiting for an on signal from the remote.

The Dlink DIR-615 home wireless router (which I also like because I've installed DD-WRT on it) uses just 3-4W.]

Firefox 4.0 Beta Download Scam

2010-08-06T09:50:00.005-04:00

People will fall for anything. There is a scam going around twitter and other social networking sites telling users that if they follow a certain shortened URL (see here for more on the dangers of shrotened URLS), they can then download a cracked version of Firefox 4.0 or a key generator for Mozilla Firefox 4.0.

This of course only leads you to a place to download all kinds of malware onto your computer.

This is ridiculous, as Mozilla Firefox is Open Source (as in free, always!)
You can download the REAL Firefox 4.0 beta from the Firefox site FREE! Keep in mind it IS a beta, there WILL be bugs.

Microsoft Security Advisory 2286198

2010-07-30T14:33:00.006-04:00

Microsoft Security Advisory (2286198) is about to get a patch!
It's about time. We've all (at least those of us who pay attention to these things) been waiting for 2 weeks for this very important fix. MS says they will have it ready to roll on Monday.

For those not watching MS's every move, this bug allows a malicious user to create a special .lnk file (shortcut) on a USB drive, or hard drive, or shared drive on a network... etc. and when you just browse to the folder containing it, it exectues! No double-click, you just have to look at the folder it's in. Thanks to the folks at MS who fixed it so quickly. This was a scary bug.

Note, if you don't want to wait till Monday, you can fix it now. Just disable the "WebClient" service under Control Panel>Administrative Tools>Services
If you don't know what WebDAV is, you don't need that service running.

Oh, and one more thing:

Recognize and avoid fraudulent e-mail to Microsoft customers:
=============================================================
If you receive an e-mail message that claims to be distributing
a Microsoft security update, it is a hoax that may contain
malware or pointers to malicious Web sites. Microsoft does
not distribute security updates via e-mail.

The Microsoft Security Response Center (MSRC) uses PGP to digitally
sign all security notifications. However, PGP is not required for
reading security notifications, reading security bulletins, or
installing security updates. You can obtain the MSRC public PGP key
at
https://www.microsoft.com/technet/security/bulletin/pgp.mspx.

To receive automatic notifications whenever
Microsoft Security Bulletins are issued, subscribe to Microsoft
Technical Security Notifications on
http://www.microsoft.com/technet/security/bulletin/notify.mspx.

(quoted directly from a Microsoft Security Bulletin)

What To Do With Old Hard Disks?

2010-07-26T09:59:00.008-04:00

In the past, I have mentioned in just about every forum where the issue has come up, that the most important thing to do when disposing of an old computer is to keep the hard drive.

Sure, if you are trying to sell the old PC it will sell better with the hard disk, but in that case you should first wipe the data off it with a secure wipe program (like DBAN) not just format it.

Back to my suggestion that you keep it.... If you keep your old hard disk you will always have access to it as a point in time backup of what your old system had installed and what files you had at the time of your upgrade. This is handy if you forgot to copy something over to the new system, or you lose a file. Just stick that disk in your handy fire safe (you have one for valuable paper documents right?)

What do you do with it when you want to copy something from it? Get one of these handy dandy USB 2.0 to IDE/SATA adapters. (this link is just an example, search your favorite tech site or computer store and I'm sure you will find one similar to this). You plug one end into the hard disk and plug the included power supply into the hard disk (it should be pretty evident how that works, the connectors only fit one way.) and then plug the USB end of the cable into a USB port on your new PC. It will appear, after a moment, as a new removable drive. ...just like a USB memory stick.

You then can copy and paste files from it, or to it, and use it as your backup hard drive. Maybe make a folder called "OLD PC" and drag and drop all of the current contents into it, then create a folder with today's date "Backup-ddmmmyyyy" and copy your new files that you want backed up from your new computer's C: drive there.