Tuesday, May 16, 2017

WanCam wireless camera HW0036

I made a mistake in getting this camera.  Despite it having the features it advertised, this camera is missing an RJ45 jack.  For security reasons I never buy a camera without a wired connection.



This camera does work correctly, however they made a couple of annoying design decisions when making this model.  First, the http port by default is 81 rather than the standard 80.  Second they also deviated from the standard OnVif ports and choose to use 10080 for this service; and it is not configurable.

It does not support https, which I consider a negative, although not horrible as I rarely use the web interface once configured.

Fortunately you can change the http port, and you can change the default password.  The camera works very well with Milestone.  As long as you only want wireless then this is a good camera, however because of that reason I would never recommend, or purchase another one.

EDIT: Within a week of owning this camera it began to have issues turning on.  A few days later the problem was so bad the camera no longer functioned.  It is possible that I simply got a lemon, or this particular model has a bad design flaw.  I was able to get a partial refund, threw the camera away, and will never get another of this model.

Monday, May 15, 2017

KanKun Wireless Plug

I recently purchased  a wireless KanKun plug, specifically because I heard that it was running a version of OpenWRT and could easily be modified.

I found the primary directions here.

There were a couple of challenges.  The first was getting the plug on the wireless network.  The Chinese directions and app did not function at all, and I tried them multiple times.

The good news is that the plug successfully resets all failed attempts very well with its reset process.  Eventually I was successful following these steps:

- Use a laptop to connect to the wireless network the plug defaults to creating.
- Lookup the Plugs IP based on the DHCP address assigned to the laptop because it did not create the network that most examples were claiming it would.
- Use Putty to SSH into the plug with a username of 'root'.  My default password was p9z34c, however others have claimed it might be admin or 1234.
- Edit the following file with 'vi': /etc/config/wireless

config wifi-device 'radio0'
        option type 'mac80211'
        option channel '9'
        option hwmode '11ng'
        option path 'platform/ar933x_wmac'
        list ht_capab 'SHORT-GI-20'
        list ht_capab 'SHORT-GI-40'
        list ht_capab 'RX-STBC1'
        list ht_capab 'DSSS_CCK-40'
        option htmode 'HT20'
        option disabled '0'
        option country 'CN'

config wifi-iface
        option device 'radio0'
        option network 'wwan'
        option ssid 'MyWirelessSID'
        option encryption 'psk2'
        option mode 'sta'
        option key 'MyWirelessPassword'

I made sure the channel was set correctly since I run my wireless network on 9 rather than the standard 11.  I also struggled a bit with the encryption since I run WPA2 Personal; I finally got the very logical instructions to set encryption to 'psk2'.

- The second critical file to edit is: /etc/config/network

config interface 'loopback'
        option ifname 'lo'
        option proto 'static'
        option ipaddr '127.0.0.1'
        option netmask '255.0.0.0'

config globals 'globals'
        option ula_prefix 'fd59:45ed:8ead:0000:/48'

config interface 'lan'
        option ifname 'eth0'
        option force_link '1'
        option type 'bridge'
        option proto 'static'
        option ipaddr '192.168.145.253'
        option netmask '255.255.255.0'
        option ip6assign '60'

config interface 'wan'
        option proto 'dhcp'
        option ifname 'eth1'

config interface 'wwan'
        option proto 'static'
        option ipaddr '192.168.1.32'
        option gateway '192.168.1.1'
        option netmask '255.255.255.0'

I modified the MAC address in this file, adding the '0000', however leaving it empty would probably have been fine as well from what others have said; and considering it was working prior.  Adding the last 'config interface wwan' section is the most critical.  It is used by the wireless file for interface settings and specifies the static IP network necessary to communicate on this network.

- 'reboot' the plug
- With the plug now successfully connecting to my network I was able to return to my main computer for further configuration.
- My next step was to copy in a simple CGI script someone created to allow me to remotely control the plug.  I did have to modify the following script slightly because my RELAY_CTRL was different from the ones they were using.
- I had to create the folder /www/cgi-bin
- And create the following file: /www/cgi-bin/relay.cgi

#!/bin/sh
echo "Content-Type: text/plain"
echo "Cache-Control: no-cache, must-revalidate"
echo "Expires: Sat, 26 Jul 1997 05:00:00 GMT"
echo

RELAY_CTRL=/sys/class/leds/i-konke\:red\:relay/brightness

case "$QUERY_STRING" in
state) 
case "`cat $RELAY_CTRL`" in
0) echo "OFF"
;;
1) echo "ON"
;;
esac
;;
on) 
echo 1 > $RELAY_CTRL
echo OK
;;
off) 
echo 0 > $RELAY_CTRL
echo OK
;;
esac

- Unfortunately I discovered that the uhttpd service did not exist on my plug.  I had to turn to a very helpful Internet community who was able to give me the required files.  You can download them here.
- Inside the rar file you should see a kkplug folder with the most likely folder structure and the files that go in each folder.  Use WinSCP to copy the files to the plug.
- Run the following command
/etc/init.d/uhttpd enable
- This creates a sym link that causes the plug to execute the startup file on boot.
- 'reboot' again to test and verify that the service will start correctly.

- When the plug comes up you should be able to use a web browser and control the plug in this way.
http://192.168.1.32/cgi-bin/relay.cgi?on

Sunday, March 12, 2017

Knewmart Indoor IP Camera

I am always on the lookout for inexpensive yet quality cameras to integrate with my security system.  If you buy a camera today from almost any store it is nearly a given that it will come with an app that you can use to view the camera remotely.  But aside from a few small motion detection perks that is usually about the end of it.  Many cameras do not play well with other cameras, or make it easy and cheap to actually record like a real security system.

For this reason I have come up with the following rules when buying cameras:
1. It must support OnVif.  This is a standards protocol that guarantees the camera will at least try and play nice with most of the security systems out there.
2. It must support H.264 encoding.  This is a compression algorithm that significantly reduces the amount of storage required when recording for long periods.
3. It must have an Ethernet jack.  Many people like the idea of going wireless for convenience, but even wireless cameras need a power cord.  However, wireless has the major downside of being insecure.
  - Not only is it much easier to hack into a wireless feed.
  - But if you put the camera next to your microwave and turn it on you will realize it is a piece of cake to simply overwhelm the camera with radiation, disabling the feed.
  - Also a nice quality camera will be sending so much data over the wireless network it can overwhelm a normal wireless router, effectively rendering your wireless network useless.
  - And even if you decided to give it its own wireless network, you are still cluttering the radio waves which could end up causing various problems for you in the future.
4. It really should allow for a Static IP to be set, it is just easier to manage networks that way.
5. If it is an outdoor camera it must support POE.  Power Over Ethernet allows me to run just one low voltage cable to the camera.  Trying to mess with high voltage extension cords and a power cable just is not worth the trouble.

As a Note.  For outdoor cheap cameras I have had better luck with the few large LED configuration over the numerous small LEDs for night vision.  Cheaper cameras are not made with the same care, and you can end up with the small LEDs not being positioned correctly and washing out your image at night.

Camera technology is moving fast, but after testing quite a few brands I had settled on a really nice outdoor camera that met all my requirements and worked very well indoors also.  But then two new brands came on the scene, Wancam and Knewmart.

Today I am looking at the Knewmart (no model).



Positives
- It fits all my requirements for an indoor camera (eg, it supports OnVif and H.264 and allows for a static IP to be set, and has an Ethernet jack)
- It has wireless built in in case I do ever need it, and the ability to disable it for security if I don't use it.
- For those of us who do not like installing more apps on our phone it has a built in web server so I can configure it from my computer, which I love.  It is the first web interface I have seen on a less than $50 camera that actually works well.
- The web configuration interface is very simple and easy to use and really started me falling in love with this camera immediately.
- The camera ships with DHCP enabled by default, so it auto connects to your wired network when you plug it in.  This is a much better design in my opinion than cameras that try and stand up their own wireless network for configuration.
- It has a default username/password of admin/admin.  It does have a user and guest account, which is nice, but it has no way to disable them, so make sure you change all the passwords.
- For those who are paranoid about configuring their own cameras, it does come with a QR code to auto configure basic connectivity in their native app.
- It has the ability for dual streams at different quality levels, which was unexpected although it is probably becoming more standard in the industry.
- For those who do not run separate NVR software, it has the built in ability to trigger alarms during a time span you schedule and send you an email with a picture of what caused the alarm. However, I did not test this.
- It has little motors so you can pan and tilt it, which is new for the less expensive cameras, and I absolutely love it.  This Knewmart has the widest range of motion I have experienced yet, it Pan: 355°, Tilt: 90°
- It does work with the E-View7 app, which I liked because I already use that app for other cameras.  They also made a special P2PIPC app according to the directions that came with it.
- For those who are not quite ready to built an NVR system, but still want to record some video locally, it does come with a MicroSD card slot.  While this does seem to be a popular feature, it is a feature I have never personally found a good use for.
- It also comes with the ability to talk out of it and hear through it, another set of features I absolutely love in this camera.
- There is port labeled as a headphone jack, although I think the picture is misleading, I believe it is a Microphone jack in case you want better audio reception.  The OnVif api supports this conclusion by listing two microphones.
- I use Milestone's XProtect software, and after enabling OnVif it had no issue connecting to the camera on the first try. Microphone and pan/tilt work great.
- As far as cameras go, this thing actually looks very nice.  I question whether it is a bit too big and bulky for an indoor camera that you typically want to be unobtrusive; but the smooth fluids lines on it help make it a more attractive decoration.  Plus there is the argument that being bigger means better quality.
- It has the built-in ability to contact time.windows.com to set it's own time and handle daylight savings time; you just have to choose the right time zone.  This is a very handy feature that is often overlooked.
- It has the standard Flip and Mirror options for the picture, which are really nice when you want to mount the camera in an odd place, like the ceiling.
- I will give this company credit for effort in support also, this is a nice in-expensive camera, and they respond to support requests.  It may not be American level support, but they also do not leave you hanging which is really nice.
- It does have a reset button, I mention this obvious feature only because I have actually seen cameras without one.
- It seamlessly switches between wireless and wired without requiring a hard reboot.
- And finally it takes a unique approach to wall and ceiling mounting.  Most cameras like this have holes in their bottom you just slide over screws.  This camera ships with a pretty configurable mounting arm.  While I am not sure the aesthetics of it are great, it certainly does allow for extreme flexibility in how and where you mount the camera.

Negatives
- The directions that came with the camera are very basic and intended for a user who only cares about getting the camera running.  If you want to do anything advanced with it you will probably need to use the web interface on your computer and do a little techie research if you do not already understand some of the terminology.
- It does have a small glitch/feature where you have to manually unplug it after making some change to the OnVif settings to actually make OnVif work, it comes enabled by default it just does not work by default.  I have experienced this with the wancam as well.
- I was disappointed that the speaker does not work over OnVif with my XProtect NVR system, but I expected that from other similar cameras I have had.  Hopefully some day they add that feature.
- It does not support POE.  But for an indoor camera that is not a deal breaker for me.
- Like other cameras of this type, when you first turn it on it tests its range of motion, likely to configure the limits in the software.  It has always concerned me that the camera trying to go past its limit during these tests will eventually burn out the motor, but so far that has not happened.
- It does not support Https, however for those who are that paranoid about security (like me) they are probably running their cameras on a closed internal secure network anyway, so it would not be much of an issue.
- If you tilt the camera too far down then its night vision LEDs reflect on itself causing the image to blur white.
- The default IRCut value seems to be too low, in low light the camera starts flickering the IR on and off.  You can either fiddle with the settings, or just switch it to manual mode.
- It is not very easy to unplug a network cable once plugged into it, especially with bigger fingers.
- When used via OnVif with the XProtect software, there is an error in the OnVif protocol when used over wireless that causes a lag in the image frames triggering XProtect to constantly report it as disconnected.  Oddly enough, you can get around this error by plugging it into a network cable, waiting for the transition, then unplugging the network cable.  It will then work correctly for awhile.

All in all, this is a great camera that can support a range of users from those starting out, to those who are quite a ways along in building a system.  If it were not for the larger size (roughly double it's WanCam counterpart) it would become my go-to indoor camera for home systems.  However, it beats out other inexpensive cameras in so many areas that it is still going to be at the top of my list for consideration when I recommend cameras to people

Tuesday, November 22, 2016

NetTiers Ambiguous match found

I recently ran into a bug that took me longer than it should have to figure out.

I was migrating an old code base to CodeSmith's NetTiers and started getting the error "Ambiguous match found".  Results from the Internet all pointed the finger at Microsoft's .net, albeit earlier versions than version 4.5 that I was using.

While I did become convinced that it was a Microsoft issue relating to two object attributes with the same name just different letter casing, that did not solve my issue for me because my code was all being auto generated by NetTiers.  NetTiers was using reflection to get some attribute values, so I figured one of my table or column names was conflicting with some internal variable that NetTiers was using.

The solution turned out to be rather simple.  I ran the code in debug mode, triggered the crash, and started inspecting the variables in play.  Particularly the one NetTiers was trying to find using reflection.  It turned out that NetTiers was looking for an attribute named "Item", which corresponded to a table column of the same name, and was blowing up in the attempt.  I renamed that column in my database, regenerated the code, and the problem was solved.

Wednesday, October 19, 2016

Downloading Ancestry.com Media

Ancestry.com has never created a good system to back up the data that is on their site. The only option people have is to download the GEDCOM file, which is often a mere fraction of the data they have invested in the site.

For years now my family has been investing time in building a well documented family tree on ancestry.com, and I have made sure to frequently backup the GEDCOM file so we didn't lose the data.  With thousands of media files on the site I have become increasingly concerned about the loss of a major portion of our research if I was unable to download them.

To combat this problem I finally wrote a small Chrome extension that allows you to screen scrape your media files in an automated fashion.  It is not perfect, but considering it is the only way to get your data, it is nice to have.

The extension downloads the files in mass and dumps them all into your default downloads folder.  So, you should clear all files out of your default downloads folder before using this extension so you know that all downloaded files belong to Ancestry.

After installing this extension, you need to:
- log into your ancestry.com account
- open up your tree
- open up the Media page, which is one of the items on the menu inside the tree
- click on either the Photos or Stories tab, currently the All, Audio, and Video tabs are not supported
- OPTIONAL: click on the page you want to resume downloading at.  This is useful if you need to stop downloading for a period of time, say if you only want to run the downloads during the night.  You will likely end up with a few duplicate files if you attempt this.
- click on the Extension icon in your Chrome browser upper right corner, and click the Download Media button

If the downloads are occurring too quickly and swamping your computer then let me know.  I am planning on allowing the download speed to be adjusted in the future.  Currently a file is downloaded every 2 seconds, which works well for me, but for people who upload lots of large files it will not work as well for.

NOTE: There is a small chance that using this is against Ancestry's terms of use.  Their terms of use forbid scraping tools, however the language seems directed at automated scripts that run in the background.  This tool is simply a browsing aid performing clicks for you, but your browser is still open and doing all the browsing and preventing you from doing other browsing simultaneously.

Wednesday, July 20, 2016

LastPass Password Manager

Most people I have met know that long complex passwords are a good idea.  But very few people know of a good way to keep track of all their passwords.  I personally have well over 200 accounts that I need to track passwords for.  Many people, myself included, get stuck in the habit of picking out a handful of passwords and using them for everything.

Over the years I have tried a few password managers including KeyPass and PassPack.  They all had nice features, but they all ended up being such a pain that I was never able to use them to create truly random unique passwords for every account I have.  KeyPass did not sync across computers, PassPack had a very limited free version, and the issues go on.

Then I discovered LastPass.  It took me a month of usage to fully start trusting it, but slowly I have started using more and more features of it.  The best part is the amount of features they offer for free.  And their first paid level ( that many people will want ) is only $12/yr at the moment.  So price for features was exactly what I was looking for.

LastPass syncs across all my computers, or phones for free (paid version can do both at the same time).  It auto fills my website passwords with a Chrome plugin.  It has been gamified to show me my overall security score and compare it to the score of other users.  It supports lots of dual factor authentication options.  It allows me to re-prompt for my password and do other security enhancements on a per password basis.  It even has built in form fills, both generic and tailored to sites that require more than just a username and password to login.  And critically, it allows me to backup all the data in my account.

Having an easy backup system is critical for me, because no matter how good software is, and how much they claim they are not going anywhere, anything can happen.  Their website could crash, they could go out of business, my encrypted data could get corrupted, I could forget my master password, etc.  So I use the backup feature frequently to export a plain text copy of all my data including passwords, I then encrypt the file and store it.  So if anything every happens, or a better software comes along, I can easily recover using my backup file.

In addition to a good backup system, I also wanted to be sure they could not be hacked.  Unfortunately they have been hacked at least twice.  However, the articles and responses to these hacks were so good that it made me feel even more secure using the software; no critical data was lost, users could easily remove the danger by changing the one piece of lost data, and that lost data was encrypted so heavily that it was unlikely anyone would figure it out anyway.  I did use their advanced settings to increase my security above the default level though.

A few things I did to make my account more secure:
- Make sure all my client browser plugins log me off after a reasonable period of inactivity
- Go into my vaults advanced settings:
- - increase the client-side rounds to something greater than 50k. Due to LastPass's speed warnings I did this in increments testing the speed both on my phone and computer.  I also backed up my data first in case the re-encryption corrupted everything.
- - restricted logins to just my country
- - added dual factor authentication
- - reduced my website logoff settings down to a day

Thursday, May 5, 2016

Studying for Microsoft 70-463 ( Implementing a Data Warehouse with Microsoft SQL Server 2012 )

For those of you out there who wish to get your MCSA SQL Server 2012, this is my path of choice, I hope it helps some of you out:


  1. Take the free Jump Start course from MVA
  2. Practice and brush up on features using the Microsoft Virtual Lab for Exploring MDS and DQS, about half way down the page.
  3. Pull together 60 practice questions. which you can take as well.
  4. Pull together 60 more practice questions.
  5. Pull together 60 more practice questions.
  6. Pull together a few more practice questions.
  7. Found someone else's 86 practice questions.
  8. Buy the MeasureUp practice exam and hammer it to death.
  9. Go take the test.

Microsoft even offers their own practice test for this exam if you wish to purchase it.  The real exam may or may not include any of the questions compiled in any set of practice questions.

That said, practice tests are only a means of validating a persons knowledge.  The MVA class and Virtual Lab are where the actual learning should take place.