TM UniFi Downtime: Exercise Your Rights

If you are a UniFi subscriber, and live in the Puchong (plus Damansara reported by achmatibrahim via Twitter) area you might have already been aware of the downtime since yesterday afternoon (8 December 2010). At the moment I am writing this post, it has been more than 12 hours. TM is not actively informing users about this downtime and all we get is this from their Twitter account:

tmcorp-unify-down

I have just called the UniFi Center a few minutes ago and the guy who picked up the call was a sales guy. He tried to contact the technical department but he failed. At least that’s what he said. So he promised to call back with a ticket number. I think he will not call me until the whole thing is over. I will just lodge a report with MCMC.

At first, he told me that TM is aware of the downtime and it’s because of server upgrade. That’s a lame and insulting excuse. There is no announcement on the UniFi website.

Please people, if you are one of the affected subscriber please do your part by calling 1 300 88 1222 and insist on a ticket number for the downtime.

Even if it’s one day, for VIP5 package subscriber that’s already RM149/30 = RM4.97 and if every single person as mentioned in the tweet above makes a claim for rebate, that’s already costing TM the amount of RM9,940 in rebates. Don’t take it from TM that “it’s OK to be down if so many people are affected”. We pay for this service.

Don’t ask for a rebate when calling the UniFi Center but ask for a formal report to be done. With the ticket number, go to MCMC website and lodge a formal report. The direct link to the Aduan is here.

We need to send a message to TM that downtime will cost them money. Otherwise it’ll be as usual for every single service we have in Malaysia where we just sit and wait for the service to get back.

We need to make them go out of their beds and work on fixing the issue. I am serious about this. You can do your part.

Yes, I am getting old and like to rationalize instead of rant.

skmm-unifi-report

DiGi iPhone Page Has Wrong Modification Date via HTTP

iPhone 4 has just been launched in Malaysia, and I have also been closely following the progress.

Looking at SoyaCincau’s comparison between Maxis and DiGi, I was attempting to load DiGi’s page again. I have done this before.

Instead of talking about iPhone 4 itself, I am going to see why the page is showing me 3GS instead. Yes, I am a nerdy SysAdmin and it’s hard to change.

The page is here http://www.digi.com.my/iphone/getone_want_iphone_payment.html

Here’s the page in my browser:

digi-iphone-http

I was about to blame it on Maxis Broadband’s transparent proxy when I saw that it was a MISS from Squid. And then I saw the modification date is way in the past (highlighted above).

This is not something serious, but just in case you get the old page, clear your browser’s cache and you should be able to see the new page. Or, access it via HTTPS:

digi-iphone-https

Notice the last modified date makes much more sense now.

The technical explanation to this is because your browser sees that the page has not been modified and decided to show you the cache. It’s as simple as that. This may happen because of misconfiguration or something like that but as I said, this is not something serious.

I just hope those who has been seeing 3GS list can now see the updated 4 list.

Have I decided which provider I am going to choose? Well that’s a secret for now…

Google Instant, Anyone?

I saw quite a significant number of tweets mentioning Google Instant, and decided to check it out. Some people might already be aware of it or heard of it before but I am outdated, that I am willing to admit.

First, I went to the Official Google Blog where I saw Search: now faster than the speed of type.

Next, I tried it myself on Google homepage. It’s really impressive.

google-instant

However, if you use a flaky connection like my Maxis Broadband you might see this:

google-instant-off

It says “Google Instant is off due to connection speed. Press Enter to search”. It’ll behave like normal search.

Which also means that it can be turned off.

The prediction feature is quite nicely programmed too. Notice that its suggestions included the word “mac” because I am on a Mac. Not surprising since this is easily detected by the browser’s user agent string.

I bet the prediction considers many other factors too, including Geo-location.

I find it interesting that I can see this now, since in its tweet Google mentioned that “Google Instant is rolling out to people w/ Instant-capable browsers in France, Germany, Italy, Russia, Spain, U.K. & U.S.

So the next time you see it, don’t be surprised!

… and tell me how you like it!

Does Berjaya HVN Really Have Rights Reproducing Thomas & Friends?

My son’s current favorite series are Special Agent OSO and the Mickey Mouse Clubhouse. He sometimes still watches Thomas & Friends. He can recognize Thomas in Toys ‘R’ Us even from the entrance a hundred meters away.

I’ve been looking high and low for high quality, and updated DVDs for him to watch in the car. Yes, it’s how we keep him relaxed inside the car instead of running around dangerously in a moving vehicle.

A few months ago, I bought original DVDs with KPDN & HEP sticker on it. They are made by Berjaya HVN. I was, however very disappointed with the quality. The DVDs contained antique videos.

Take Thomas, for example the videos are from before the intro was changed:

Disappointed, I tried downloading the videos from the Internet but I ended up being warned for downloading copyrighted materials.

For those who are observant, you will see that in the earlier seasons of Thomas & Friends the characters are non-moving dolls (only their eyes move). In newer pictures, the characters are free moving characters. An obvious observation is the kid waving to Thomas on the bridge, with a bicycle next to him.

Very Old:

thomas-kid-bridge-older

Old: (more rounded edges)

thomas-kid-bridge-old

New: (the kid waves, and notice the quality of props)

thomas-kid-bridge-new

For those who are not familiar with Thomas, here’s a newer intro but not the latest (notice the kid on the bridge still doesn’t wave – it’s from Season 8 while current season is 13):

Here is a DVD I bought a few weeks ago, look at the year printed on the sleeve.

thomas-2010

Looking at this you probably think the DVD contains the latest series! But no it doesn’t.

thomas-2010-video

Now, HiT Entertainment’s website contains no email so I have to blog about it and hope someone will be able to discover this post.

With the bad quality of DVDs I am seriously wondering whether Berjaya HVN is really licensed to reproduce the DVDs. They are DVDs, but the quality is VCD quality.

thomas-2010-65years

I am disappointed. And you blame me for downloading pirated videos?

I know that I can tell whether the DVD contains the latest series but right now it’s impossible to bring along the complete printout of the list of production every time I go out. Maybe when I get an iPhone, but that’s a whole different story not for today.

And this problem is not only for Thomas & Friends. It’s the same for Mickey Mouse Clubhouse and Tigger & Pooh. So I haven’t been able to find any Special Agent OSO DVD locally. All of them are by Berjaya HVN – not only their own opening montage looks bad, the whole disc contains blurred videos and some even with embedded subtitles.

Or is it just because Malaysia is just behind in a few years? I find this unacceptable in the information age.

I probably should mention that the videos and images above are all copyright of Gullane (Thomas) Limited.

Maxis Transparent Proxy is Causing Problems to Developers

I had to transfer 2 WordPress blogs to another hosting provider last night, as the free one is going to expire today. It should be as easy as:

  1. Transfer the files
  2. Transfer the database
  3. Change DNS servers in registry to the new DNS servers
  4. Configure the new hosting location

In a few hours after the DNS propagation is finished I should be able to point to the new site. If not, I should be able to use the host file /etc/hosts to point to the new server and make sure it works well.

I’ve had the trouble with Maxis transparent proxy before when it was blurting out random errors to random sites.

Today, even when OpenDNS is already updated with the new IP (DNS propagation has finished), the transparent proxy is still outdated and points to the old server.

maxis-transparent-proxy-troubling-developers

I am sure if I call Maxis or even use its MaxisListens Twitter account, they will not even understand the concept of DNS.

The thing with transparent proxy is, as long as it’s HTTP traffic it will be going through it (not HTTPS), and it does not matter if I use a host file.

Oh well. I guess I can’t test this quickly right now except by using an anonymous proxy or connecting to an external VPN. Who appreciates time these days?

BTW, making modifications in domainregistry.my was very fun and it took me more than 30 minutes to modify one domain.

SMTP Smart Host Setup for Postfix in Snow Leopard

snow-leopard

PHP does not have any SMTP authentication mechanism in its configuration, and most developer opt for PEAR packages to perform email sending via custom ports and SMTP authentication.

I am one of those who will avoid using external packages as much as possible unless really necessary, and of course because I wanted a quick solution to my problem (or an excuse to be lazy).

By default, PHP sets SMTP as localhost and port 25. Under normal circumstances, this should be no issue as the built in Postfix will just connect to the destination server and delivers the mail. However, if your ISP blocks outgoing packets to port 25, the mail will go nowhere.

1. Enabling Postfix on Snow Leopard

Postfix is not enabled by default. You may choose to run it by default on system startup.

$ sudo vi /System/Library/LaunchDaemons/org.postfix.master.plist

Add before the closing </dict> tag:

  <key>RunAtLoad</key>
  <true />
  <key>KeepAlive</key>
  <true />

Start Postfix:

sudo launchctl
launchd% start org.postfix.master

You can test by using telnet on port 25 if you speak SMTP protocol.

2. Configuring Postfix to use a Smart Host

A smart host is also called a relay. This means that you need an SMTP account somewhere in the Internet to send the mail for you. With spam problems, open relays are identified in databases and are blocked by destination servers, so this means that legitimate mail servers requires authentication.

I used my Yahoo! SMTP account to help me send my test emails. Yahoo! allows for PLAIN authentication. The not so good thing about this method is that your password is transmitted plain text.

GMail is more secure and requires TLS authentication and this requires postfix to have SSL support but since I need this quick I have no time to research and find out whether it is. (Excuses, excuses).

i. Create a storage file for the password, for example /etc/postfix/relay_passwd

plus.smtp.mail.yahoo.com USERNAME:PASSWORD

ii. Secure the config file

$ sudo chmod 600 /etc/postfix/relay_passwd

iii. Create the hash database for postfix

$ sudo postmap /etc/postfix/relay_passwd

iv. Configure /etc/postfix/main.cf:

relayhost = [plus.smtp.mail.yahoo.com]:587 
smtp_sasl_auth_enable = yes  
smtp_sasl_password_maps = hash:/etc/postfix/relay_passwd  
smtp_sasl_security_options =

v. Restart Postfix

sudo launchctl
launchd% stop org.postfix.master
launchd% start org.postfix.master

You should be all set. Test sending an email from PHP.

BTW, if you’re wondering, if you are a Yahoo! Mail web user, chances are that you don’t have SMTP access. However, I have heard that some countries still do have free SMTP access for now.

Connecting to Exchange using Entourage via Outlook Web Access

I wanted to be able to use my personal laptop to check my work email, so that I don’t have to carry around the 3kg DELL beast all the time. Sure, I can use the Blackberry but typing long emails on it can prove painful especially with fat fingers.

I have VPN access, but Cisco (official) VPN client keeps on and on causing my Snow Leopard to crash (kernel panic). The built in VPN client used to work until some security changes were made to the VPN concentrators.

Googling around I found a helpful hint, to set up my Entourage to connect to my work email via the Internet (not having to connect via VPN).

entourage-exchange

All of the fields are self explanatory, but one field was the problem: “Exchange Server”.

If your organization has a “OWA” or Outlook Web Access, you can try entering <servername>/exchange/<your_full_email> into the field and see whether it works. For example if your OWA is owa.romantika.com and your full email is [email protected] you would use:

owa.romantika.com/exchange/[email protected]

One thing I have not figured out yet, is whether or not my organization has public facing LDAP server (for address lookups). Since this is not a standard configuration, the server names are unpublished anywhere. But since it’s available I guess it’s not against the rule.

Hope this helps. I can now check my emails from my Entourage, but that’s it. No VPN access.

BTW I think you can use the same technique with an installation of Microsoft Outlook too!

Error Compiling djbdns and daemontools

While attempting to compile djbdns 1.05 and daemontools 0.76 on a CentOS 5.5 I received the error:

/usr/bin/ld: errno: TLS definition in /lib/libc.so.6 section .tbss mismatches non-TLS reference in envdir.o

The problem can be eliminated by adding:

-include /usr/include/errno.h

In conf-cc files for each tarball. Don’t forget to install gcc first, if you have a basic installation.

By the way, please remember to follow the installation instruction for daemontools exactly as described or you’ll end up with the software somewhere undesirable. Well, you can change /package to be elsewhere. I stupidly did it on /root as a test so the svcscanboot process was unable to execute programs in the /root directory. They run as unprivileged users.

Although these software felt like really old-school to me, they have very small memory footprint and runs very fast. If you’re also looking into DNS, consider PowerDNS too, as it has very good statistical capabilities.

PHP Debugging on PDT using Xdebug, with PHP packaged in XAMPP

It has been a while since I posted something technical so here goes. This article is meant for someone who has done PHP development before, and already has a web server and a working PHP installation.

Traditionally in the old days these are the things that I do to debug my PHP code:

  • Put in extra echo statements that print variable values. It’s easy to miss them when actually deploying the code to production
  • Use “here I am” echo statements to identify positions in the script. These are also easy to miss
  • Modify php.ini to verbosely display every error or warning messages. While this is not a concern on development boxes, it might be a problem on production servers
  • Using custom self-made loggers or something from PEAR or PHPClasses to have a log file written for debugging purpose. This method takes a toll on the time required to actually go through the log which might contain lots and lots of information

A commercial alternative to Xdebug is Zend Studio Web Debugger. Zend’s solution is quite a bit on the pricy side but it’s also supported out of the box by PDT.

Prerequisites

  1. PHP installation. I use XAMPP since it’s clean and it’s quick to set up. If you like to live on the bleeding edge with all the latest updates you can install PHP properly in your system either by using the installer or the zip package
  2. Eclipse installation. I use Aptana Studio
  3. Web server application such as Apache or IIS. I use Apache.
  4. PDT (PHP Development Tools) as a plugin for Eclipse/Aptana.

The debugger

The procedure to configure the debugger is not that different between Zend Studio Web Debugger or Xdebug. I am going to make an example of using Xdebug here.

While Windows users are able to download Xdebug binary and use it immediately, *NIX users have to compile it. Luckily I found that ASPN provides binaries to use with their Komodo IDE (yes, I am lazy to setup binutils and compilers). The zip file contains extension for PHP 4.4-5.3 (at the moment this article was written).

  1. Download Xdebug binary from the ASPN site mentioned above. Extract it to a temporary folder and choose the version corresponding to your PHP version. (Hint: to find your PHP version you can create a PHP file containing < ?php phpinfo(); ?> and view it through your web server)
  2. Copy xdebug.so to the extensions folder. You can also find out where is your extension folder by looking at the phpinfo output, under header “Core” and Directive “extension_dir”.
  3. Edit php.ini (or create an .ini file in php.d depending on your configuration) to include the following:
    [xdebug]
    zend_extension="/full/path/to/your/extension/dir/as/shown/in/phpinfo/xdebug.so"
  4. Restart your web server and you should be able to see xdebug listed in the phpinfo output

*Note: As you might have realized by now, phpinfo(); can be your best friend. It can also be your worst enemy if you put it in a production server, with a super simple name like phpinfo.php as it contains a lot of sensitive information about the server.

Configuring PDT

There are 3 main settings to focus on, to enable debugging in PDT.

1. PHP Executables

pdt-php-executables

As I mentioned earlier, I am using XAMPP. As long you point this to the working PHP installation corresponding to where you install Xdebug, you’ll be fine.

2. PHP Server & Path Mapping

pdt-php-server

This is where you specify your web server.

pdt-php-server-mapping

Mapping is used to tell the debugger the path of the files accessible via the web server and the corresponding path in your workspace.

3. PHP Debug

pdt-php-debug

The options are self-explanatory. You’ll have to select the Server and Executable that you have configured. The default port for Xdebug is 9000 so if you decide to change your Xdebug port remember to change it here too.

Conclusion

Debugging using an IDE is a great way to save time, and to step into your application. If you have done everything correctly, you may use Eclipse/Aptana to debug your PHP files now (Menu > Run > Debug > Run as…) and you’ll get prompted to switch to the PHP Debug Perspective.

Good luck!

Some Tips For Fresh Grads

I had to go through quite a significant number of resumes the other day, and here are some tips for fresh graduates out there.

  1. Try to make your resume short. 2-3 pages is just nice, 4 is too many. Skip that section listing your primary school results and hobbies. What good does it make if your hobby is “playing video games”? Unless of course, you’re applying for a Game Developer position.
  2. Employers take an average of 30 seconds to scan through your resume, make sure yours stands out. Put in more bulleted sections and use bold words wisely.
  3. Use professional looking email addresses. Consider something using your own name. Something like [email protected] is nice. Also, it’s understandable that popular names are hard to get so you can try putting numbers in the end. It can be your birth year, current year, or just some random number you like for example [email protected]
    Avoid these examples:

    • [email protected]: too long and hard to read
    • [email protected]: employers are still unsure you can do a good job even if you’re cool. Unless of course you’re applying for a showbiz position
    • mohd.ali@sexmagnet.com: an actual domain offered by a popular mail forwarding service. A big no-no. You get the idea.
    • [email protected]: is a freakishly long email address, even if it’s your full name
  4. The BEST thing to do is create an email address specific for job hunting. Emails are searchable, and employers might find some activity they don’t like from forums or other public sites
  5. Protect your Facebook page and any other social tools you own. Employers do scour these you know. If you’re sure you have not done anything naughty, it’s fine.
  6. In your cover letter, do not demand for an answer. Instead of “I hope to be called for an interview as soon as possible” try “I hope to be called for an interview to explain my credentials further
  7. When someone has already emailed you to ask for your complete resume, do not use “TO WHOM IT MAY CONCERN” in your reply email. It’s rude. Use the person’s name be it an HR person or a Technical Manager. Also, do not send an email with empty body and only attach a resume in it.
  8. Be firm with your answers. Do not use “maybe”, “I think so”, “Errr…”, or “Can you call back later? I am busy with something”. However if you’re driving you should tell the person calling you and ask for a callback. You are no use to any employer if you’re dead.
  9. If you have bad hand writing just like mine, try your best to write each letter at a time. It’s super easy to confuse an “i” with an “l” or and “l” with a “1” or an “S” with a “5”. When emails get bounced, do you think the employer will try again? Maybe yes, maybe not. Why take chances?
  10. Talk clearly. Even if you were sleeping, once you realize that you are receiving a call from an employer you should wake up and clear your throat. If you’re in somewhere noisy, consider getting away from the noise source if possible.
  11. If you really have to include a salary expectation (not recommended for fresh grads), do not put in a range. Put a maximum expectation and discuss with the employer once a real offer is on the table. 2500-5000 does not make any sense as the range is too wide.
  12. Last but not least, research the company and the position you’re applying for. Get as much information as humanly possible. If you ask “What position am I applying for?” it shows that you’re desperate for a job and are not applying based on your interest in the position. It is okay however, to ask more information about the company.

In summary, when contacted take it as a big opportunity even if you are not a fresh graduate. These days one job opening may have hundreds of applicants, so a simple mistake that annoys employer can mean that your resume and cover letter end up in the shredder. It’s that easy to be disqualified, really.

Always remember that the employer representative communicating with you is a human. That’s the most important thing of all.

Good luck. I hope this helps.

Facebook Glitches

Facebook is an application, so it’s normal that it has glitches and problems.

The first one I saw last week while writing a like button plugin is the incorrect number of likes a like button displays:

facebook-like-bug

It’s obvious there were 4 likes for the post but it randomly displays 2 of my friends. When not logged on, it simply says “2 people like this”.

Next, when creating events the date and time for the events are wrongly displayed on the wall but are correct in the left column box and in the event itself:

facebook-event-date-glitch

Last but not least, there seems to be a privacy glitch. When seeing a friend being tagged in a photo I am able to open the photo but given this error:

facebook-fail-privacy

Now I am more skeptical of uploading photos that I don’t really want to share with everyone.

I don’t have much time to get into the developers forum, but I can’t seem to find an email address or a function to report such problems to FB.

Do you know how?

WordPress Plugin: Basic Facebook Social Plugins

Today, I saw that Facebook introduced some new features, and one intriguing feature is called “Facebook Social Plugin“. It would be very interesting to have blog posts to be simply “liked”, and having information displayed about activities and recommendations related to your website.

So I decided to take 30 minutes of my break time and write this simple plugin. Since I don’t have much time I decided not to explore XFBML and the SDK as yet. That is why it’s called BASIC. With XFBML, shorter codes can be used, and deeper integration between Facebook and your website can be achieved. I am intrigued, really but I must be realistic.

This plugin is a very simple plugin to embed :

  1. “like” button at the end of your articles/blog posts
  2. activity feed as a widget
  3. recommendations as a widget
  4. Like box as a widget

You can add these cool features with minimal effort.

Most configuration parameters are self-explanatory, but Domain Override simply means you want to display information about another domain instead of where the widgets are hosted. By the way, the widget settings are combined in the Settings > Basic Facebook Social Plugins page.

At this moment this plugin is still waiting to be hosted at the official WordPress Plugin Directory so it can only be downloaded here.

  • Basic Facebook Social Plugins Version 1.0
  • Basic Facebook Social Plugins Version 1.1 * This version will wipe out previous widget settings as it introduces multiple instances of widgets.
  • Basic Facebook Social Plugins Version 1.2

Once available there, a link will be provided. When it’s there, It’s now in the official plugin directory (basic-facebook-social-plugins) so you should be able to install it using the automated, built-in plugin installer too.

You can see the sample for the like button at the end of this post, and the widgets live on this site.

The widgets does not conform to your theme (does not inherit your theme css) but simply bare boxes with Facebook feel. Take note that styling inside the boxes (and texts) are provided by facebook.

Those of you who are concerned about privacy, you’ll be glad to know that your name and profile picture will not just be displayed to anyone:

25153_430469086728_20531316728_5233502_2779746_n

(This also applies to recommendation and activity box. Only friends will be able to see that you like something.) Facebook has thought of everything.

Try it out and let me know how it works for you.

Shots from Facebook:

25153_430468906728_20531316728_5233495_6137188_n

25153_430468866728_20531316728_5233494_4789969_n

Facebook has also written a nice post about social plugins in their blog: Answers to Your Questions on Personalized Web Tools.

Note:

  1. This WordPress plugin is written entirely by me, and is provided as-is with no guarantee. It is neither approved nor endorsed by Facebook.
  2. Yes, it is breakable by Facebook if they decide to change the iframe URL.

Forex Trading In Malaysia

It was an interesting morning today, when a friend told me that his brother received a job offer in a Forex trading company in Shah Alam. It was great news that he was able to get something after searching for opportunities for quite a while. However since my niece experienced this more than once, I am skeptical about such companies in Malaysia.

I asked him to check with the Securities Commission and whether or not the company presented an offer letter to his brother.

At first I thought that Forex is administered by the Securities Commission (SC) but I was wrong. When called, SC said that Forex is administered by Bank Negara Malaysia (BNM).

BNM Foreign Exchange Administration said:

In Malaysia no company or individuals are given license to do forex trading except for registered merchant banks

Which corresponds to this List of Authorised Dealers of Foreign Currency. One thing that disappoints me the most is that BNM did not ask the company name, showing that they have no immediate interest in closing such fraudulent businesses.

Signs that a company might be working on something fraudulent:

  • They don’t really have a proper business sign at their office
  • They ask candidates to go to training first, before they provide an offer letter
  • They have options whether the employee would like to be paid based on commission or on a fixed rate

It is a great thing that my friend’s brother told him about it. My unfortunate niece did not share the news with me so she ended up wasting weeks without getting paid. And imagine if the office is raided by the authorities. I wouldn’t want to be a part of that, would you?

So the lesson to learn here is that you should always tell someone about your opportunities, and never immediately trust just any company no matter how desperate you are for a job.

And of course, always get an offer letter first before you start working. This is the most important thing of all, when getting a new job.

DD-WRT as Wireless Client

There is something very wrong with the wireless module on the DELL Precision M4300 I am currently using – after a while files begin to get corrupted and Windows will fail to write the event log. I have just had the motherboard changed by DELL last Monday. In the office I did not have any problem for the whole week since I was using a wired connection. At home, I mainly use wireless because my access point is in the family hall.

Bummer! I can’t be wired at home, it’s simply not practical and I have no suitable surface to work on near the access point. It’s a Huawei E960, property of Maxis. It’s a HSDPA modem so where I place it is very important.

I have an antique Linksys WRT54G v2.2 with DD-WRT v24 on it so I decided to convert it to a wireless client. It acts as a wireless client to the main wireless router, and provides LAN connection via the wired ports. Perfect for a busted wireless module.

Steps on the WRT54G:

  1. Do a hard reset
  2. Connect to the router via wired port
  3. Open the Wireless » Basic Settings tab
    • Wireless Mode: Client Bridge
    • Wireless Network Mode: Match Primary Router
    • Wireless Network Name(SSID): Match Primary Router
    • Wireless Channel: Match Primary Router
    • Wireless SSID Broadcast: Enable
    • Network Configuration: Bridged
    • Save Settings
  4. Open the Wireless » Wireless Security tab
    • Set Encryption to match the primary router. I use WPA2 with TKIP+AES and it works fine.
    • Enter encryption key to match the Primary router
    • Save Settings
  5. Open the Setup » Basic Setup tab
    • Connection Type will show: Disabled
    • Set STP to Disabled
    • IP Address: 192.168.1.2 (Primary Router IP is 192.168.1.1)
    • Mask: Match Primary Router (mine is 255.255.255.248)
    • Gateway: 192.168.1.1 (Primary Router IP is 192.168.1.1)
    • DHCP Server: Disable
    • Save Settings
  6. Open the Setup » Advanced Routing tab
    • Change Type to: Router
    • Save Settings
  7. Open the Security » Firewall tab
    • Uncheck all boxes except “Filter Multicast” in “Block WAN Requests”
    • Disable SPI firewall
    • Save Settings
  8. Open the Administration tab
    • APPLY Settings
    • Click “Reboot” button

On the primary router I only had to add the MAC Address of the WRT54G to it so that it allows connection (I have MAC filtering enabled). To look for the MAC address I simply use the Administration » Commands tab to run ifconfig (or of course via SSH). I am not sure on how other hardware would work but I use my eth1 address.

This is good enough for now, although I am hoping that the notebook gets fixed. I am not going to pack the WRT54G along to Starbucks or any cafe just to get wireless connection.

Funny Phishing Attempt

I received an email with no text but contained just an image as attachment, and the whole image is a hyperlink to a phishing site:

[singlepic id=26 w=600]

Notice the casual language and a spelling mistake (find out where!), plus the Copyright year is 2009. The email was sent to someone without the Internet banking facility, and a dormant CIMB account.

But thankfully it has been reported and updated in Mozilla Phishing and Malware Protection.

cimbclicks-phishing

I am intrigued to know whether these phishers are using any targeting mechanism to send these emails because they seems to be sent to the correct people. For example this email is sent to a Malaysian living in Malaysia. Can anyone tell me whether you are not in Malaysia and/or not even Malaysian and receive this email?

I used to receive the Bank of America spam a lot but not anymore. Maybe they now have a geographical database of emails. Interesting.