Switch to HTTPS

Switch to HTTPS: https://t7j7l.blogspot.com/

Monday, 31 August 2015

My LG G Watch W100


As many of you readers may have known, I owned a Pebble smartwatch for almost a year now. For those that need a reminder, here it is: http://t7j7l.blogspot.com/2015/02/my-pebble-smartwatch.html

Times have changed. Smart watches evolve. Therefore, I decided to give my early 2013 Pebble to my dad, and get myself a mid 2014 LG G Watch. Why not a more recent model? Well, there are barely any changes from last year, other than updated specs I believe. Plus, I got this watch from Craigslist for $80! Yep, another Craigslist deal...

Anyhow, while I will be describing the watch itself; my main focus is its software: the apps. Here I will be listing all of them, and give a brief description of my favourites. Starting in alphabetical order: 2048, Agenda, Alarm, Attopedia, Audio Recorder, Authenticator, Calculator, Camera, Compass, Find my phone, Fit, Google, Hangouts, Keep, Maps, Notification Toggles, Phone Finder, Play Music, Settings, Stopwatch, Timer, Together, Tool Box, Torch, Translate, Wear Battery Stats, WearFaces, Weather, WeChat, World clock.

Do note that many of them aren't in their full names (which I will give in my favourites descriptions), and instead are shortened versions for better viewing on the watch. With 4 GB of internal storage, I can own far more apps than the original Pebble's 8 (Pebble Time doesn't have that limit).

2048 - You guys should know this, except it's 4x4. My highest score is 1436, but the watch suspended before I could take a picture...
Attopedia - Wikipedia on your watch! Don't worry, it's magnified and cut into sections where only the main image and full scrollable text are shown.
Authenticator Plus - Although a paid app, this is the only Google Authenticator alternative with Android Wear support. Shows you the 2-factor authentication codes for you accounts.
Google Now - With voice commands, I can literally Google anything and it will show the results! Includes brief description as normal Google searches does, and opens links on your phone.
Hangouts - View your entire texting history and reply via voice! Although Google Now can also reply via voice commands, this conveniently stores the entire conversation on your watch.
Google Keep - View and add notes which syncs with your phone. Via voice commands of course.
Google Maps - Displays the GPS and map just like your phone! Updates a bit slower, and fades into black & white to save power, but has full navigation support!
Notification Toggles - Choose what to enable/disable on you phone; such as volume, WiFi, etc. With root and companion apps, you can even lock the phone or reboot it!
Wear Aware - Phone Finder - Although I already have "Find my phone", this will buzz me whenever the watch disconnects from the phone.
Google Translate - Speak and translate into pretty much any language that Google supports!
Wear Battery Stats - Monitor your phone's battery life, and notifies when below certain percentage.
WearFaces - Make your own Android Wear watchface. Mine was a custom selected image of course.

Whew that was a lot of writing, much like my Pebble article. And of course you can respond to any message, except you use your voice instead of canned messages. You swipe down to control notifications (silent or not), view the watch's battery, enable/disable cinema mode or brightness boost, and open settings. The settings are pretty much what you expect from a smartwatch, you can control its brightness, watch face, font size, shutdown/reboot/factory reset watch, and whatnot.

Swiping left gives you the app launcher where you can scroll all the apps you own. The last 3 ones you've used will show up on top. Swiping left again gives you contacts, which you can phone, text, or email. Of course it's pretty redundant with voice commands, but that's another option. And swiping left again will give you the Google Now voice control center, which is the same as saying "OK Google" when the watch is on. Swiping right is usually the back button and can exit apps, except some like 2048 which exits by holding a tap. Swiping up does nothing special other than scrolling.

While the LG G Watch definitely has a design and functionality advantage over the original Pebble, there are some disadvantages. The main 2 are battery life (lasts ~24 hours instead of ~4 days), and waterproofing ability (water resistant vs able to completely submerge underwater for 50 meters). And lastly I did not review the music control capabilities this time, because I moved all my music to my Lumia 520 (which I got for $20).

Wearable technology is not only next-gen, but you can own one right now!

*Oh yeah, when you reply to a message, there is a timer of 5 seconds that allows you to cancel it. And the WeChat app isn't working on the watch for some reason.

*Can't believe I forgot this, but watch notifications you haven't taken action on are stored as a banner at the bottom of the watchface. You swipe up to access them. Hangouts is more useful than I thought, you can view chat history with each contact and reply to them. And lastly, I got a better 2048 score, it seems the app remembers unless you manually closed or uninstalled it:

Thursday, 27 August 2015

Ninja time!


Just kidding, although I am wearing a Naruto headband... Otherwise I'm demoing some stances (I believe) and different bamboo/wooden swords in these pictures.

The first should be a fencing stance with some Chinese wooden sword (either decoration or Tai Chi). The second is the kendo stance with a shinai. The third is some anime stance used by cocky characters with a bokken (or bokuto). Excuse the closed eyelids, I was blinking quite a bit.

If you noticed the easter egg (hint I'm wearing 2 smartwatches!), I've also recently acquired an LG G Watch W100 for $80 on Craigslist. That I will be writing about later this week. Ciao.

Sunday, 23 August 2015

Linux security time!

Blazej X - FreeImages

Linux security, is it just obscurity or not? Well, yes and no. Of course security by obscurity is a factor to the lack of malware on Linux, but that is not all. For one thing, Linux is open-source. That means there are a lot of people looking over the code to patch any holes. Heck you can do that yourself and compile a hardened distro with only the features you want.

Another big factor is that most software comes from trusted repositories managed and digitally signed by distro authors and their communities. That means it's so much harder getting infected by downloading something from some random site (which should be scanned/uploaded to VirusTotal beforehand). It's pretty much all provided in the software center.

So how do we make it even more secure? Well, I'll list the following methods:
- Grsecurity/SELinux/AppArmor: That is how you harden applications and the kernel. Think EMET, Malwarebytes' Anti-Exploit, or HitmanPro.Alert for Linux.
- FireJail/Docker: Isolates applications from the system via virtualization and access policies. Think Sandboxie for Linux.
- custom firewall rules: Same as making Windows Firewall whitelist every inbound/outbound connection, except without possible backdoors.
- OSSEC: Real-time monitoring of the integrity/logs/policies of your OS. Sort of like Comodo Defense+ or another HIPS for Linux.
- Possible detection tool or AV like RKHunter or Comodo: Not necessary, but could be a failsafe.
- uBlock Origin, WOT, and other browser extensions: Blocks those malicious ads, javascript, websites, and whatnot. Which is how you usually get infected.
- DNS, HOSTS, and other system config: Mostly like the above, except you can do more than just blacklist/whitelist domains or IP addresses. Usually for privacy.

Feel free to add onto the list or provide feedback. An (hopefully) active Wilders Security thread about this subject: http://www.wilderssecurity.com/threads/the-hardened-linux-thread.379114/ 

Saturday, 22 August 2015

Dealing with Skype Scammers


Well they're here again... Scammers impersonating as females to entice you to give up personal details to either a shady website, or directly through Skype. Rule of thumb, always ask for proof like video messaging (which is hard to fake once you get a real conversation going) and whatnot.

I actually just asked for pics, and no shady websites, but that's just me having fun. Since they can actually read that I stated no shady website, they gave me an imgur link. That alone will fool far too many people, but I just search the image with Google and voila! There is the real owner of that pic.

Interesting enough, this scammer was a smarter one who asked for personal details from me beforehand. But I wouldn't give in, and requested to answers from "her" since "she" requested this "hookup". That is how they finally gave the imgur link, which lead to the obvious closing of the case.

I should've made a screencast of this on my phone, but didn't thought about it until later and actually removed the whole conversation. Luckily, somehow the whole thing was stored on Outlook.com, which is what you see from the screenshots above.

Of course I reported the scammer, and you should too! Not that you need to bother with all these steps and could just decline shady looking names in friend requests...

Tuesday, 18 August 2015

8K video?!


Wow, so much for 4K... Anyhow, getting the source video so I can test it natively was more challenging than I thought. Basically, I couldn't download directly from Google servers or copy a playable file from the cache, so a 3rd party video grabber was needed. I won't go into the details due to possible copyright problems, but I finally managed to get it!

There will be 3 media players tested: VLC, Windows Media Player, and Leawo Blu-ray Player. All will be default settings. The first 2 I couldn't use my dedicated NVIDIA GPU for some reason (probably deliberate software limitation, cause I remember being able to select discrete graphics before in the control panel). Therefore, I will use Leawo to see how well that plays, although it doesn't seem optimized for it according to settings (no PureVideo or CUDA option). I tried NVIDIA 3D Vision Video Player, but it has lame codecs issues, so nevermind.

Playing the 8K video on Chrome itself was actually a pretty laggy. Running it with the NVIDIA high-performance GPU setting wasn't any better, in fact it crashed on fullscreen... Anyhow, onto the testing!

VLC: Choppy. A bit pixelated due to that. Failed.
WMP: Can't even display video. Failed.
Leawo: Even more laggy and pixelated than VLC. Dedicated GPU didn't change anything.

The results are bizarre, because on another video (4K this time), VLC was equally laggy, but the other 2 played it fine (except discrete Leawo)! The files appear very similar according to MediaInfo, other than resolution and bitrate, so I'm not sure why the discrepancy. Also, running with dedicated graphics shouldn't be recommended outside of optimized games and such.

So basically speaking, my laptop is not ready for 8K. What about yours? Leave a comment below.

Monday, 17 August 2015

No more bad Apple

Apple Inc.

iDevices are now gone and will not be written about anymore. May have exceptions like where comparison from memory is necessary, but I will avoid writing about Apple whenever possible.

Why? I could go on about their proprietary nature, the buggy world of iTunes, and totally not worth it price, but basically I am sick of wasting my time with Apple products. I refuse to shackle myself to one ecosystem, or to the necessity of iTunes to do anything from proper system maintenance and syncing of multimedia.

One cannot even share data between apps outside of DCIM photos/videos, but that's getting into too much details. All I can say is: iTunes is a security risk / bloatware at best, and an absolute nightmare of bugs at worst. No more bad Apple for me from now on.

Sunday, 16 August 2015

Re-install of iTunes triggered something dangerous...

On a peaceful night where iTunes couldn't detect my sister's iPod... I decided to reinstall the whole damn thing yet again. Problem is, Windows 10 immediately shuts down after booting when I restart following a routine repair install or complete uninstall of iTunes.

How do I know that? Well, I just so happen to have a system image handy, and every time I mess with iTunes after restoring it, Windows will not boot. After Googling this issue, I've come across this topic from a less fortunate fellow: http://www.tomshardware.com/answers/id-2107522/windows-boot.html
Turns out my sfc /scannow from the recovery media also says the same nonsense about a system repair pending!

I cannot access the good ole F8 menu thanks to Microsoft who believes we need to be spoon fed, so here is the fix for that: http://winaero.com/blog/how-to-restore-the-last-known-good-configuration-feature-in-windows-8-1/
Other threads of interest would be:
https://social.technet.microsoft.com/Forums/windows/en-US/884d38e1-c87c-4549-9d06-7bb0fb929303/force-sfc-to-run-in-windows-7
http://answers.microsoft.com/en-us/windows/forum/all/problem-running-sfc-scannow-error-there-is-a/365bd7f5-5558-e011-8dfc-68b599b31bf5

So what did I do? Basically, I started getting the entire F8 menu back ASAP. On reboot after doing that, I noticed Windows is getting updates! That might actually be the root cause, other than all the iTunes cleaning I did with CCleaner winapp2.ini... Nope, still shuts down.

Now onto the actual troubleshooting: safe mode works but "sfc /scannow" fails to correct the problem. Neither did restoring last known good configuration... Advanced options startup repair said it couldn't fix the problem, but it somehow did anyways (like in my previous experiences).

After re-installing iTunes at last, the problem reappeared on reboot... At least this time restoring last known good configuration worked. Unfortunately the problem reappears again on reboot after I open iTunes to set it up. Yet another "sfc /scannow" in safe mode was futile.

Therefore I decided to go to advanced startup again, but this time to enter this into the command prompt:
dism.exe /image:G:\ /cleanup-image /revertpendingactions (G drive since I have so many attached)

It finally worked! No problems on restart. Now I can finally get back to syncing some music... That's why Android is so much better, I don't even need a cable (see AirDroid) to add music to the system that will be recognized by all apps. *This article was typed on my Chromebook during the entire ordeal.

*iTunes was having trouble detecting the iPad, so on repair install the same damn thing happened. This time after dism.exe, I've run the following command in hopes of fixing this once and for all!:
sfc /scannow /offbootdir=H:\ /offwindir=G:\windows

*Update 2: Nope, iTunes is officially messed up on this Windows 10 PC. I dread the next time I will need to reinstall it for whatever reason.

*Final update: While the boot issues appear to have gone, Apple Mobile Device USB Driver refuses to install no matter what I try. Only manual install of the drivers (Update Driver Software) showed any sign of why it's failing: "One of the installers for this device cannot perform the installation at this time".
That's it, screw iTunes altogether, even CopyTrans Drivers Installer won't work. Instead of bothering with a 3rd party music app that syncs via WiFi, or firing up my old iMac; I may just give up on Apple altogether and sell these iDevices I rarely use.

Monday, 10 August 2015

Free Windows Desktop Software Security List - Part 2


  Almost forgot about my trip to Microsoft Store as a Windows Insider. OP will also be updated with white version of t-shirt and bag once I find them.

Some of you may have noticed that this was my very first big technical project I took on years ago. And that I have already featured it on my blog. Well, it's gone through another big update after months of inactivity from myself and the other authors...

This time I've decided to personally help save it from disappearing into irrelevancy by updating it with everything I've found and learned so far. Please feel free to comment on the changes, especially to the "My Choices" section.

Saturday, 1 August 2015

Just a reminder and an example of true technical discussions

*Pics to come after t-shirts are washed (yes I wore one on that day and martial arts yesterday)*

A few of you may ave noticed either on the bottom left of my blog or on Facebook that I posted a new Bambuser live video. That is regarding my trip to the Microsoft Store at Metrotown in Burnaby, BC, Canada. I had too much anticipation built up and waited for over an hour for the store to open!

In the end, I managed to snag the last free Windows Insider t-shirt (white one), got 20% off on a WD My Passport Ultra (~$90 after tax), and another t-shirt (this time a black Windows 10 one). Overall, it didn't meet my expectations, but was a good experience anyhow.

And remember when I said Wilders Security Forum is where true technical experts reside (outside of major league hackers)? Well here is an example of that:
http://www.wilderssecurity.com/threads/chrome-sandboxed.377440/

I don't expect you to understand everything, but you should at least know who I am in that discussion LOL. If I may cherry pick my best post, this is probably it:
http://www.wilderssecurity.com/threads/chrome-sandboxed.377440/page-15#post-2511965

The thread is a long one with basically 2 sides. One is for sandboxing Chrome with SBIE. The other is against adding another sandbox on top of Chrome's. My cherry picked post should list all the reasons for the first side, although I'm more of the second side. Read the whole thing if you dare.