Cyber attacks on NZ small business

, posted: 10-Mar-2017 13:30

In August 2016, Symantec sampled 525 NZ business owners and operators about their perception of cyber security issues; all the businesses employed less than 20 people, and some of the discoveries show that we are woefully behind the eight ball.

Most companies are using some sort of Windows device, half of them using Windows 10 as their main operating system. Only 1 in 5 laptops and mobile devices don’t have some form of logon security, and just a quarter of staff have access to financial data outside their work computer.

The biggest threats – email/phishing scams (70%) and hacking attempts (47%). Interestingly, the threats where staff are consciously being devious are small – 2% internal threats, and a tiny 1% of employees posting stuff they shouldn’t on social media.

As Kiwis, we value our time – the biggest impact from cyber-attacks was down-time and inconvenience.

The two figures that scared me the most were that 70% don’t know if they have any sort of internet security running, and only 57% of businesses are doing automatic or daily backups. Crazy that 4% of responses are doing backups annually (seriously, why bother?) or none.

So how to mitigate the risks? Symantec have five tips:

Capture

More info here.

My thanks to Symantec and Mark Gorrie, the Director of the Norton Business Unit for Symantec, Pacific, for hosting me at lunch yesterday.



How one database query can fix HOP cards

, posted: 13-Oct-2016 11:33

From Stuff this morning:

Auckland train commuters were over-charged due to a fault with HOP card machines, but Auckland Transport says it won't issue refunds unless passengers complain.

Commuters at Takanini train station on Wednesday found both tag-on machines on the platform were out of order.

Everyone who caught a train during the outage was charged a penalty fee when they hopped off because they hadn't tagged on.

My mind really boggles with this.

Firstly, why are both tag-on machines down in one location?  They should be independent of each other (different network circuits, power feeds etc), so if one goes down, the other can still operate happily? Also, surely someone is notified when both go down, so a contingency plan can be put in place?

Secondly, why isn’t AT crediting penalties for passengers who didn’t do anything wrong?  The fact that you have to contact them to get a refund is pretty poor customer service. Not the best way to build any confidence in their systems.

I have no idea how their internal database is structured, but to help them out, something along this line should get them started:

SELECT * FROM RailTrip
WHERE TagOffLocation = ‘Newmarket’ AND TaggedOn = False
AND TaggedOffDate BETWEEN ‘2016-10-13 7:00:00’ AND ‘2016-10-13 9:00:00’

Grab all the rows from the above, loop through em and credit back anyone who is within that criteria.

You’re welcome AT.



Review: Navman MiVUE680

, posted: 14-Sep-2016 00:07

There’s a competition on Geekzone to win this review unit. Click here to enter.

Dashcams are not normally a product that I’d review, however when the opportunity came up to do some stunt driving, including a ridiculously tight parallel park, an attempt to jump the car over a ramp, then the actual jump (footage here from outside the car as another perspective), the inner boy-racer in me couldn’t resist.

I think dashcams are going to become more standard in cars as the technology matures.  If you’ve ever been involved in an accident, having the actual video footage to help with the police investigation and inevitable insurance claim is gold.  Witness evidence can be debated and argued with; you can’t really dispute the facts when you have the video.

The MiVUE680 is a small unit with a 2.7 inch screen on the back (not touch screen) and a wide angle lens capable of 2K full HD video (the MiVUE698 Dual Cam comes with a rear camera as well).  Anyone who’s had a Navman GPS unit will already be familiar with the suction cup mount; the stiff design makes for a secure mount, and not for regular removal of the unit.  It is small enough to mount up behind the rear view mirror, and is supplied with a very long cable for charging via the car’s 12V supply (aka cigarette lighter).  Recordings are saved to a microSD card (not supplied).

The most important thing is how do the recordings look?  Below are samples from both day and night driving in Auckland.

As you drive, the dashcam is constantly recording.  Each file lasts around 3 minutes and is 320MB – with the 8GB microSD card I was provided, that’s around an hour and 15 minutes worth of continuous recording time in total.

Event recording is triggered when there’s a sudden impact, or you’re driving at high speed, make an aggressive turn or something else that triggers the G sensor.  While the constant recording can be overwritten as you keep driving, the event recording is moved to it’s own separate folder on the SD card.  You can also trigger this manually by pushing a button on the side.

The dashcam has lots of other safety features other than video recording which include:

  • Warns you when you are near a fixed speed camera
  • Lane detection warnings
  • Reminders to turn your headlights on if you haven’t
  • Reminders to take regular breaks when driving for long periods of time
  • Warning if you get too close to the car ahead
  • Warning if the car in front of you has moved off and you are still stopped

It’s a great little unit which you could easily install then forget about it.  My two issues with it are minor: it should be touch screen, and I felt the buttons down the right hand side were too far away from the indications on the screen, making them hard to match up.

My thanks again to Navman for hosting me and providing a unit for review.



Review: Huawei P9

, posted: 10-Jun-2016 11:27

Another year, another nice Huawei phone. Am I becoming a Huawei fanboy? Seems so.

20160610_093300

The P9, the successor to last year’s P8 which I reviewed, is a gorgeous phone.  It’s a smidgen smaller (I had to look up the specs to just to confirm), and thankfully the power and volume buttons are still in the same place.  Gone is the separate memory card/second SIM slot; this is now integrated into one, and is now on the top left of the phone.

P8 on the left; P9 on the right.

20160610_093040

Headphone socket is now on the bottom (not a fan), taking over what was the second speaker grill.  As a user of the Nexus 6P, it’s nice to see this phone inherit the USB Type-C charging/data port and the fingerprint reader located centrally on the rear of the phone.  Once you get used to unlocking a phone with your fingerprint, everything else seems so antiquated.

A lot of the online reviews really don’t like the Emotion UI (EMUI) that Huawei ships with their phones, but I’ve always liked it.  It’s strict around allowing apps to run when the screen is off, and you can force close all apps with just a few taps.  Android is not known for amazing battery life, however with these features, you can extend your time online greatly.  You do need to allow a few apps, such as Google Maps, otherwise it resets everytime the screen switches off.

The phone is responsive and quick, and common complaints about the low res screen (when compared to the other similar phones, such as the Samsung S7) weren’t an issue for me.  I think it’s because I’m not after ultra high res on such a small screen (again, compared to my ginormous 6P).

CaptureThe biggest change in hardware is the camera, or cameras (which sit flush with the back of the phone). Huawei have partnered with Leica, and the phone features two 12 megapixel lenses.  The camera app also has a myriad of different camera settings, which are well above the skillset of this simple user.

For me, the best phones will take the best photos in low light, and man, does the P9 take some cracker low light photos:

2016-05-20-20.532016-05-20-20.542016-05-20-20.582016-05-20-21.17

The last photo, for me, shows how good the camera is.  On my street at home, at night, with no flash on. Very impressive.

Another great offering from Huawei, and a nice upgrade from last year’s model.



Poor man’s automation - WeMO + Limitless LEDs

, posted: 29-May-2016 16:30

Home automation using a common platform such as the Philip’s Hue bulbs or the Wemo switchable plugs and bulbs is reasonably straight forawrd.  I’ve got a mix of Limitless LED light bulbs and Wemo switches, which makes it more complicated, but can be achieved using some custom software.

My goal was simple.  My outdoor light, main hallway light and kitchen light are all Limitless bulbs.  The lights in my lounge and behind my main computer are on Wemo switches.  I wanted a solution whereas all these lights would switch on based on sunset, and then switch off again at a specific time.  The reason for the switch off, is if I’m away on holiday, the lights need to turn off on their own; if they are already off, the system would just exit.  Since it’s rare for me to be out really late, I picked 2am as the switch off time.

I like this solution because I’m often home after dark, plus if the wife and I are out at a function, we don’t have to fumble around in the dark looking for our house keys.  The added benefit is the security of it looking as though someone is home.

The solution I came up with was all reasonable straight forward, but did take a lot of trial and error.

Firstly, I needed a machine that was always on at my place.  My newly installed HTPC running Windows 10 would be the perfect candidate.  I could’ve easily achieved this with a low powered PC such as a Raspberry Pi, but I needed a programming language (.net) and platform I was already familiar with.

To ease deployment and maintenance, I opted for a console application.  If I was going after always on and super reliable, it would’ve been a Windows service.

The process works simply, as follows:

  1. At 4pm everyday, using Windows Scheduler, my console app boots up and queries the Sunrise-Sunset API.  This takes a lat/lng parameter, giving me the exact sunset time at my place.  There’s lots of extra info it provides (such as sunrise) but these aren’t required for my application.

    The reason I like this is it will automatically change the time in summer and winter, meaning no configuring at different times of the year.
  2. The console app sleeps until it’s time to run.  When it wakes up, it fires off a UDP packet which the light bridge is listening for to turn the lights on. For the Wemo switches, it connects to each one and fires a SOAP request to switch them on.
    1. I was using the library from Barnacules which uses UPNP to find the Wemo switches, but for some reason, it just doesn’t work on Windows 10.  Since I only have the two switches, I set them to reserved IPs in DHCP, so I always know where to send the on/off commands.
  3. Once the lights have been switched on, the console app goes to sleep until 2am, where it fires off commands to switch the lights and Wemos off.
  4. I log everything to a basic txt file for diagnostic reasons.  If I was being super diligent I’d store this to database.

Happy to share the source code with anyone who wants it, just fire me an email, nate at 3bit dot com.



nate's profile

 


I'm Nate Dunn, and I work for 3Bit, own Tuihana Cafe, and am a moderator here at Geekzone.

Use Autotask and Xero? Sync data between them with My Accounting Toolbox.

Use Xero and SagePay? Get your invoices paid faster using HostedPay.

 

Disclaimer
The views and opinions represented on this blog are personal and belong solely to the blogger and do not represent in anyway those of 3Bit Solutions Limited or any other company.


Latest posts

Cyber attacks on NZ small busi...
How one database query can fix...
Review: Navman MiVUE680...
Review: Huawei P9...
Poor man’s automation - ...
App Review: WorldRemit...
eWay response codes as a file...
International podcast conferen...
Is the Nexus 6P the perfect An...
Review: Huawei G8...