Thursday, November 26, 2020

VStarcam C90S surveillance camera won't connect to the WiFi

It is not mentioned anywhere but this particular model does not support the IEEE 802.11n protocol even with its firmware flashed to the latest version published by the manufacturer. You will need to force your router to 802.11g mode for it to be able to connect successfully and be accessible.

VStarcam C90S support link

Charge your motorized toothbrush with a wireless phone charger

In case you forgot to pack your motorized toothbrush charger, basically place your toothbrush, standing up, on a wireless phone charging pad or on your phone, if it supports reverse charging.

NOTE: after testing this I can confirm that the wireless charger does charge the toothbrush but ONLY A LITTLE BIT regardless of the time you let it charge. I suppose the there are significant differences in the specification of the wireless charging interfaces of the two. Charge is barely enough for a single short brushing session.

Tuesday, October 27, 2020

Getting the right International travel COVID-19 certificate in Greece

There is a large number of private laboratories/clinics in Greece that do COVID-19 diagnostic testing on short notice and can provide a certificate with your results in English.

Regardless of the which country you are heading to the most important thing to remember is that the type of COVID-19 diagnostic test required in all cases is the PCR (Polymerase Chain Reaction) type of test, also known as, molecular test, nucleic acid amplification test (NAAT), RT-PCR test, or LAMP test. To be on the safe side though, make sure the certificate you receive refers to it as "PCR" or "RT-PCR" which is the name everyone will recognise and accept as valid.

Then, depending on which country you heading to, things can become more demanding. For instance, the airline employee at check-in or the immigration officials at the port of entry may require that you produce documentation or online evidence that the laboratory you did the testing at is officially certified/recognised for this type of testing by the Greek government. Given that the Greek government's sites are usually in Greek and pretty terse in quantity and quality of easily accessible information this could prove hard to do. I did do some research and thankfully there is official info online, in English, that can be used for that purpose.

The official Greek certification body for laboratories (including medical) has a minimal English version of its site here:

The site is the typical buggy, incomplete, non user friendly Greek public sector mess. It may take some time but eventually you will hit this page here (screenshot below) which allows you to get a listing of all medical labs certified to ISO 15189 standard.

The results are not necessarily labs that do COVID-19 PCR diagnostic testing and they are a mix of public and private entities. Using this listing you can find those labs that are listed under ISO 15189 certification for "human samples", like the one below, and which, in their "Scope of Accreditation" document, linked into their "Accreditation Details" page, list COVID-19 PCR testing as well.

If you already know of a lab that does COVID-19 PCR testing and want to check if it is officially certified then you can use this search form here.

Finally, for those able to read Greek there is a precompiled list of certified COVID-19 PCR diagnostic testing labs here.

Wednesday, October 14, 2020

Samsung T7 Touch 1TB External SSD Drive security mode's security is questionable

 I just purchased a 1TB Samsung T7 Touch External SSD Drive. Main reasons were:

  1. Its hardware based AES-256 encryption capability.
  2. Its USB 3.2 connectivity and claimed max read/write throughput of about 1 GB/s
  3. Its looks
Regarding point 1, the Windows software version that comes with the drive and enables its security mode is buggy. It cannot self-update to the latest version, or tell you if there is one (although it supposedly supports self-update) and although it does work, the drive would freeze, and with it the whole explorer.exe process, after a few hours of continuous use, e.g. while copying over many gigabytes, or having Google Backup and Sync sync those many gigs to Google Drive.

Obviously, like this, the drive would be useless for power users while its coveted security mode is on. Thankfully, the latest software version, which you have to seek out, locate, download and install yourself, does fix the problem; once installed it downloads and installs the latest firmware to the drive which makes the drive work as expected, i.e. it is stable in long term use while security mode is on.

The implementation of its security mode, however, does leave a few serious doubts to those who are security conscious and technically akin to cybersecurity. When I  switched from security to non-security mode and after I disconnected and reconnected the drive I noticed that my files, previously copied over with security mode on, were still accessible as normal. So, how were they encrypted then? Security mode was off and I was never asked for a password when I reconnected the drive, so... This implies the following grim fact: The AES-256 symmetric encryption key is always the same, but probably unique per drive, and potentially known/recorded by Samsung. The are some subcases here - some grimmer than other:

  1. The AES-256 key is hardcoded and therefore potentially fairly easily accessible via hardware/physical attack by a person with some electronics expertise. This would mean that turning on the security mode and supplying a password merely saves your password in a non volatile register (maybe hashed or maybe even in plaintext, though the latter would be unthinkable for a company like Samsung - more to be expected by Chinese companies of the worse kind), the host software compares the password you supply, on each drive connection event, to the one in the register and then either allows files to be decoded by the hardcoded key and appear as available or not. Security-wise, this is a pretty bad predicament.
  2. The AES-256 key is recorded in a non-volatile register, initially in plaintext, but once security mode is turned on, it is encrypted, using an undocumented algorithm, with the user password as key or part of the key, and then re-recorded in the same non-volatile register in encrypted form. When security mode is turned off it is re-recorded in its plaintext form and I remember that the software does ask you for your password when you turn off security mode. This is better but does not change the sobering facts that:
    1. Samsung potentially knows and records the AES-256 key for each drive it puts out in the market.
    2. We do not know how good the key encryption algorithm and overall implementation of the encryption/decryption process is.
Considering the points above, using password only (instead of password & fingerprint) as a more secure option may not be worth not taking advantage of the convenience of the fingerprint unlock feature although if implementation of point 2.2 is good, living with the fact that Samsung may have to disclose your drive's key if you are involved in a major FBI international investigation is not as bad as knowing that some fingerprint sensor fidgeting may unlock your drive.

Regarding point 2, a host computer with a USB 3.0 bus will only give you half the maximum read/write speed of the drive (around 400/500 MB/s); to get close to the maximum speed of 1GB/s you would need a host computer with a USB 3.2 bus.

Regarding point 3, the drive's looks are obviously great.

Finally, here is a tip from Samsung itself on how to improve the drive's performance on Windows hosts.

Wednesday, July 22, 2020

Office Add-In Caching is Problematic

Caching for Javascript based web add-ins for Microsoft Office is super problematic. Hard to make it let go of certain files and use new versions of them. Microsoft gives some instructions on how to clear the add-in cache here but it still won't work sometimes.

Especially problematic files are "FunctionFile.html" and "FunctionFile.js" if the Visual Studio naming convention is to be followed (i.e. how Visual Studio names these files in an auto-generated web add-in project). These files are not downloaded in the task pane's browser instance and therefore caching of them does not follow the same rules; they are extremely sticky and development can get pretty frustrating.

Only way I have found to deal with the problem is rename them in a versioning way whenever I effect changes on the files and want to see the results immediately. Specifically, assuming that the "Home.html" and "FunctionFile.html" naming convention is being used:
  1. In the add-in manifest rename "FunctionFile.html" and "Home.html" to "FunctionFile2.html" and "Home2.html", increasing that version number every time you need to refresh the cache.
  2. In "FunctionFile2.html" rename all instances of "FunctionFile.js" to "FunctionFile2.js"
  3. In "Home2.html" rename all instances of "Home.js" to "Home2.js"
  4. Rebuild & republish the solution if you're using the VS based automated process, or upload the changed files to the add-in backend if you're doing it manually.
  5. Go and manually (e.g. over ssh/sftp or in file explorer if doing it locally) rename the .js files to their new versioned names.
  6. Sideload the published xml manifest of the add-in to your Office app and take pleasure in the fact that your changes finally reflect immediately.
Microsoft has produced irritatingly problematic technologies before but I'm having difficulty remembering something as persistently problematic and as irritating as this. They keep throwing their dirty laundry at the developer.

Thursday, June 18, 2020

How to recover your Amazon account

Case 1: You are being asked to enter an OTP sent to your phone, although you don't have two step/factor authentication/verification, and you have lost access to your phone number or can't receive messages or voice calls where you are, e.g. extraordinary authentication that may occur when you are travelling to other countries where your phone is not working.

Solution: Solution assumes you still have access to the email address associated with your Amazon account. Go here and enter your email address. It will ask you to enter an OTP code that will be sent to your email. Check your email, get the code and enter it; you will then be given the opportunity to change your password AND if needed also the phone number (e.g. new local SIM card or other phone number that does work) associated with your Amazon account.

Case 2: You can still log in to your account but your account has been locked because Amazon thinks you may not be the actual owner of the account.

Solution: Go here and follow the instructions.

Thursday, May 28, 2020

ExecuteFunction won't work with non-button controls in Office Web Add-in manifests

Although  explicitly stated in official Microsoft Office web add-in docs that a function in FunctionFile.js may be called by both a button and a menu item control, it turns out that, at least with the latest Chrome based version of the Edge web control implementing the task pane, only button controls are actually able to invoke functions using the ExecuteFunction add-in manifest clause.