Tuesday, August 9, 2016
You've heard all about the data retention in broad terms, but what exactly does it mean? And why could it be bad? After all the data is "anonymized" such that personally identifiable data is removed before being shared, right? Their original non-anonymized versions are encrypted and safe in the hands of ABS administration, so there's nothing to worry about.
Well, it's not that simple.
Lets talk about anonymization vs aggregation, how de-anonymization works, and why the "statistical linkage key" is appallingly flawed.
Wednesday, April 8, 2015
I've just made a submission to the Australian Communications and Media Authority regarding the 48 hour data usage reporting delay that mobile service wholesalers like Optus impose on their wholesale customers. This can lead to incredibly huge bills with no warning and no way to prevent the bill as part of the service.
The TCP ACMA bill shock provisions that came out of the RTC enquiry were supposed to prevent this, but left a huge loophole by permitting "up to" 48 hours delay in usage alerts and reporting. Optus, at least, appears to treat this as "at least 48 hours", failing to report usage until the 48 hour time. It was a limit, not a target, Optus.
The spend management alerts were supposed to be implemented by small providers by September 2014, but they have the same 48 hour exception:
- Suppliers to send notification alerts of data, voice calls and SMS usage within included value plans no later than 48 hours after the customer has reached data usage and expenditure thresholds of 50, 85 and 100 per cent.
- Suppliers to include additional notification information about charges applying to included value plans when the customer has exceeded 100 per cent of data or expenditure usage
Industry players are seem to be using this to bypass the intent of the code, which was to provide "access to timely, accurate and comprehensible information about their service".
Thursday, July 24, 2014
Tuesday, July 22, 2014
If so, look for an overridden newInstance method. It's probably being used instead of the constructor annotation.
Monday, March 31, 2014
Even though WifiBaby don't usually sell outside the USA and Canada they made a special effort to send me a PayPal invoice and they even pointed me at the discount code on their Facebook page (or rather, applied it, then told me they'd done so!). Huge props for this, I've never had better sales service.
Overall, the product its self is quite impressive, with a few disappointments that detract from what is overall a very good product.
It turns out to be closely related to the Y-Cam Cube, specifically a YCW003 VGA Y-Cam Cube. Y-Cam tell me it's not quite the same (different casing, somewhat different specs), and alas isn't firmware-compatible.
It works! This much neglected feature is becoming rare in IT products, and should be savoured when found.
It's well presented, well built, and comes with a really solid mounting bracket. The power brick seems to be good quality, too, and supports 110-240V (though of course it has USA prongs).
Supports WPA2. None of that dodgy OFDM we-claim-it's-secure-but-you-can't-verify-it business of the proprietary camera vendors. (OTOH, see "HTTPs" below, it's not all roses).
The device comes preconfigured for DHCP with a sensible hostname (wifibaby) that makes it easily discovered on most routers, and it can be configured entirely via a web browser. A flash applet on the browser can be used to stream video, with the caveat noted below.
Image quality is excellent, with a high res image in both colour & active infrared. You can choose from several levels of streaming quality for different bandwidth levels. Active infrared quality is excellent, with pretty impressive range without too much foreground over-exposure. I cannot stress how amazing the infrared camera is enough.
Plenty of control over things like whether it uses infrared or not, whether or not it uses the IR cut filter, whether it publishes its address over dynamic DNS, etc.
Once connected to the network, setup is quick and easy with the browser based wizard.
Built-in support for dynamic DNS providers for those who don't have one already, and it even comes preconfigured.
Phone support for those who need it.
Wired Ethernet port. Very handy for maximum quality if you have the house wired anyway.
Multi-user viewing support - works extremely well.
Remote access from off-site (but see caveat below re HTTPs, password security).
No security screws, clips, etc. So if (OK, let's face it, when) I take it apart to get at its guts, it should be easy.
Neither here nor there
Initial setup to get it on the wifi is OK, but a bit dated. It doesn't support WPS (Wifi Protected Setup) for automatic setup, it expects you to plug it in over wired Ethernet and run a desktop application to discover the device. The quickstart guide is good, though, so inexperienced users should be OK. You don't have to use the app, either, you can just find the address it got over DHCP and visit that with a web browser. (Update: it looks like the current Y-Cam firmware supports WPS, but maybe WifiBaby haven't updated to it yet, despite WPS being added in August 2013 in firmware 5.46).
The web UI is crude but functional. Not much attention has gone into usability, but it's simple enough that that's OK.
Some apps support remote control of the infrared feature, etc. Awesome, except you have to buy 3rd party apps to do it, the browser based Flash app doesn't do it.
Ordering from outside the USA is a little bit of a pain and a bit pricey because of shipping, but on the other hand, they did it when they'd normally not ship at all. Try that with Amazon! (Update: Actually, you can).
The price. The base Y-Cam hardware (if I'm right about that) runs a newer firmware that doesn't seem to lack any functionality present in the WifiBaby and adds some more; it also costs 3/4 as much. Of course, you're not getting personal USA based tech support for that, nor the great sales service WifiBaby provide. Pick your priorities I guess.
Not so great
The camera doesn't seem to support HTTPs. Not impressive for a device that supports UPnP to open up a hole in your firewall for remote access - you have to send the credentials in clear text. They should fix this, especially since it defaults to being Internet accessible with a non-randomly-generated password.
The microphone is fairly poor, and it lacks a socket for an external microphone. That's a serious omission.
The infrared cut filter makes a less than quiet "click" noise as it switches in or out. It's not super loud, but it's sharp, sudden, and plenty loud enough to be disturbing. Not good in a baby product. The device does allow you to turn the use of the filter off, though.
There's over two seconds of time lag on the Flash based mobile viewer. This lag doesn't occur to anywhere near the same extent when using mobile devices that stream video from the device.
It doesn't make you generate a new password or enter a new one when you set it up. That'd be OK ... if it didn't also default to opening a hole in the firewall for streaming video. I can understand this one from an ease of support point of view, but think it'd be a lot better to offer a password reset that only worked on the local WLAN or via a wired connection and then encourage the user to generate or enter a better password/phrase.
It doesn't seem to enter much of a low-power mode, producing a fair amount of heat when not actively streaming. I hope it copes OK with the Western Australian summer.
In my opinion the vendor doesn't do a very good job of making it clear that the advertised mobile device support requires extra-cost third-party apps. The prices are shown in the apps section of the site, but there's no reference to them being extra cost where the mobile features are listed on the camera product page its self, though the page strongly highlights the features that are only available via those mobile apps. Mobile device logos are prominent, but lack telltale asterisks. It'd be nice to see this made more prominent - or alternately, for the vendor to license these apps and bundle rebrands of them with preconfigured detection of the wifibaby, which would make setup nice and smooth too.
There's no GPL compliance notice in the box, on the camera web page, or in the CD, but it appears to run Linux 2.6.x. I will be taking this up with the vendor. I could be wrong, so don't get too excited, especially as the distributor probably doesn't know anything much about the firmware produced by the manufacturer. (Confirmed by email discussion - I've sent them some information and guides, and will wait to see if anything happens.)
I've sent WifiBaby, and the hardware vendor Y-Cam, links to:
- the SoftwareFreedom.org compliance guide
- Linux kernel GPLv2 HOWTO
- Software Freedom Conservacy compliance guide
- SFConservacy enforcement information
... so we'll see if anything happens there.
Talk-back / two-way audio. In a high end baby monitor. I'd really prefer to have this, and many IP cams support it, so it should not be overly hard (as anyone who's never done something always says, right?). They don't claim it supports two-way anywhere, so I didn't expect to have this feature, but it's something I'd like to see appear in a future version.
External microphone port, or a decent quality mike.
Quieter IR cut filter switch over.
I've since found a similar looking device, which looks like another OEM rebrand of the same IP camera, sold as BabyPing. It's from the same manufacturer according to WifiBaby (update: That's Y-Cam), but unlike the WifiBaby it's a cloud-based device. So, y'know, security/privacy issues there.
The HomeMonitor is also a Y-Cam rebrand. It seems to be another version with a custom firmware reliant on a cloud service.
The Y-Cam cube its self, mentioned above, may be a good option to consider.
Jaycar sells what looks like a previous revision of the same sort of camera for less than a third of the price and has two way audio. Of course, it's probably rather primitive in image quality in comparison, too, and won't come with the same goodies.
Monday, July 15, 2013
It's come too late for me, as I'm no longer working with Java EE or JPA and am feeling badly burned by my experience with the platform after adopting EE 6. Hopefully this'll help others who're struggling with JPA performance issues.
Thursday, December 6, 2012
You can open in in the wonderful dependency walker tool (kind of like
Alternately, Visual Studio (or the Windows SDK, either will do) include a
dumpbinprogram that performs much the same job as
objdump. You can use this tool to determine the architecture a DLL was built for.
Start a Windows SDK Command Prompt or Visual Studio command prompt (or run setenv / vcvars) then:
dumpbin /HEADERS thefile.dll | findstr 14C
D:\WinDev>dumpbin /HEADERS zlib1.dll|findstr 14C 14C machine (x86)
Finally, install GNU File from GnuWin32, then:
D:\WinDev>"%PROGRAMFILES%\GnuWin32\bin\file.exe" zlib1.dll zlib1.dll; PE32 executable for MS Windows (DLL) (GUI) Intel 80386 32-bit