Asurion PhoneClaim.com Enables Fraud With Public Customer Information

So this morning I get a voicemail transcription from Asurion:

“This is Adam calling from on process technology on behalf of the hearing this message is for the owner of the wireless number ###-###-#### in regards to claim number ######### we’re calling in reference to the replacement equipment that was delivered to you on June 22, 2017 a Schurian still shows that there is nonworking the Quitman that needs to be returned I would like to remind you that all nonworking replacement equipment needs to be returned in the postage prepaid padded envelope that was provided immediately to avoid being charged and return fee of $300 for the cost of the replacement equipment please feel free to call us if you have any questions at 1-800-762-0276 and when calling please reference your wireless number ###-###-#### …”

Only problem is that I never submitted a claim, my smartphone has been working great.

So I head over to https://www.asurion.com > File or Track a Claim > Mobile Phone > [Carrier] > Ok, take me there! > Continue Claim > Continue > Continue (with Mobile Number and Claim ID from transcription) > Track shipment of device we sent you > Continue, which then gives:

“Our records indicate your wireless equipment will be delivered to you on 06/23/2017. Your tracking number is xxxxxxxxxxxx. You may track your shipment by clicking on the tracking number.”

So I click the tracking number, and, much to my surprise, Asurion has shipped a new phone to another address outside the state, to a state to which I’ve never lived or worked, or had on file with the carrier. So much for validating whether or not the claim was even remotely related to the address on file.

So I do some Googling and find that I’m not alone, in fact the only real “deterrent in the claim system is that you need to sign an affidavit and provide a photo ID” (http://bit.ly/2tUoEqe), nevermind whether the photo id provided is even valid or not 😞

Another customer finds that the “only information that is verified is the name, billing address and phone number” (). So I guess if enough phone number combinations for a given carrier with publicly available information on Google and numerous other sources, obtaining a bunch of free phones could probably be had pretty easily, possibly making affected customers liable for all fees involved when the original equipment is never returned 😞

High Level Itinerary: Ape Cave Geologic Site, Lava Tube (Beaverton, OR -> Cougar, WA)

Day Trip

10 AM – ~12 PM Beaverton ➡ Ape Cave, Cougar, WA (Google Maps 1h 45m, http://bit.ly/2qVz5f1)

Allow two hours for stopping in Cougar, WA for anyone that might be hungry.

2 PM – 3 PM: Hike the lower cave (~1 hour)
3 PM – 6 PM: Hike the upper ape cave (~3 hours for the inexperienced)
6 PM – ~8 PM Ape Cave, Cougar, WA ➡ Beaverton

Yelp lists a single restaurant available in Cougar, WA (http://bit.ly/2qVlEvO), The Cougar Bar & Grill, which is only ~16 minutes from the Ape Caves (http://bit.ly/2qVEQJJ). Yelp does list several other restaurants around Cougar, WA, but not directly within.

Fees

“During the summer, a Northwest Forest Parking Pass is required – $5/day” (http://bit.ly/2qUZfyK)

Supplies

[x] Bottled Water
[x] Head Lamps
[x] Hoodies
[x] Extra Flash Lights (there is a good chance of losing hand held flash lights, see below)

Ape Cave Hiker USFS Regulations (http://bit.ly/2qV5QZP)

* No food, beverages, alcohol or littering.
* No smoking, No flares, fireworks, firearms or any kind of open flame
* No rock collecting or damaging cave features ($200 fine).
* No pets!
* Do not touch the walls

* Cave “slime” lives on the cave walls and is an important food source for cave life.

Images

d4810fb6-313a-45b9-bf25-575f5955114a

96f89320-7edb-44ea-bdd5-50c8df9354fb

6b1a16db-0188-4aae-b7d8-47e97e2ac240

9d8a22e2-4b1f-4556-b1ad-e96fbfc3f17d

c9fbacd2-f3ab-4c57-8887-c1befd1c73ae

be7cb760-73b0-49cd-9f7b-5ddfbe748ce5

Overview

“An unlit, “wild” collection of natural lava tubes, 2.5 miles long (the longest in the U.S.), explored by lantern or flashlight by hardy, flexible adventurers.” (RoadsideAmerica, http://bit.ly/2qVrywW)

Lower Cave (Easy, 1 Hour)

“The lower Ape Cave is approximately is .75 miles long and can be hiked down and back in an hour” (MountStHelens Information Resource Center, http://bit.ly/2qVkYXb)

Upper Cave (Adventurous, 2.5 Hours)

“The upper Ape Cave is 1½-mile long and takes about 2½ hours to complete, returning on a surface trail. This section is more adventurous as cavers must climb over approximately 27 boulder piles and scale an 8-foot high lava fall.” (MountStHelens Information Resource Center, http://bit.ly/2qV5QZP)

“It’s very dark and cold – you will need light! Also bring a sweatshirt and good sturdy shoes; you will get hot on your way through so you can always just tie your sweatshirt around your waist. There are two ways to venture — one is harder than the other but both are great. Remember to always watch your step and rest when needed. Once you get to the end, you climb up a ladder into the beautiful forest. You will have a decent hike back.” (RoadsideAmerica, http://bit.ly/2qVrywW)
“This is actually part of Mt. St. Helens National Park. You can rent big gas lanterns for the easy path, or flashlights for the hard path. The easy route is paved; The hard path feels like you’re climbing into the Gates of Hell. It’s about a mile of underground travel, clambering over boulders and up sheer rock walls. No path is marked and you’re never really sure if you’re going the right way or if you’re just going to disappear forever in the bowels of a dormant volcano. They recommend that you take two or three flashlights if you take the hard route, and when I dropped one of mine off a ten-foot rock ledge, I was glad I listened.
Some parts are like climbing over an avalanche, others are smooth and wide-open as a highway tunnel. Sometimes the lava hardened while flowing and is permanently in liquid ripples. I felt like I was in the giant ant tunnels in the movie “THEM!” Everything is damp and eerily silent.” (RoadsideAmerica, http://bit.ly/2qVrywW)

“The Apes that give their name to the two lava tubes found outside of Mt St Helens were not primates at all, they were the members of a 1950s outdoor club who explored the massive tubes. They called themselves the Mount St. Helens Apes, and the lava tubes became known as their caves. The tubes are long tunnels in the thick lava beds; they run roughly parallel to the surface of the land. The lower tube is the easier one of the two to hike because of its relatively flat, gentle slope. The upper tube is larger and much rockier and is hiked by the more adventurous of cavers due to the approximately 27 boulder piles and an 8-foot high lava fall that can be scaled in this section. It is not possible to hike the caves entire length because of the small space that separates the two sections. Even in the summer, the tubes were a constant, cool 42 degrees, so if planning a trip to hike the caves, remember to pack a jacket and a good flashlight or lantern. There are many places in the cave that never see the sunlight.” (http://bit.ly/2qVoDnG)

References

MountStHelens.com Information Resource Center

http://www.mountsthelens.com/ape-caves.html

Google

https://www.google.com/search?site=&tbm=isch&source=hp&biw=1431&bih=799&q=ape+cave+lava+tubes&oq=ape+cave+lava+tubes&gs_l=img.3..0l2.1009.22841.0.23079.28.26.2.0.0.0.577.1701.17j5-1.18.0….0…1.1.64.img..8.19.1649.0..35i39k1j0i24k1.MobCqGqcV-A

RoadsideAmerica

http://www.roadsideamerica.com/tip/1396

Mac OS Import Keystore for Target Endpoint Under Test

So I like the following in obtaining browser client certs so that my test clients (i.e. io.restassured) can trust them:

openssl s_client -connect www.website.com:443 -showcerts

Then I can import the server cert for my integration tests into a new keystore:

cd ~
/Library/Java/JavaVirtualMachines/jdk1.7.0_80.jdk/Contents/Home/bin/keytool -import -trustcacerts -keystore cacerts -noprompt -file ~/browser_cert.cer

and then have my tests use the specific keystore (~/cacerts) during testing:

System.setProperty("javax.net.ssl.trustStore", "/Users/bfish3/cacerts");

Or, in Bash:

echo "Q" | openssl s_client -connect www.website.com:443 -showcerts 2>/dev/null | grep "BEGIN CERTIFICATE" -A 30 > import.cer
keytool -import -trustcacerts -keystore imported_cer.jks -noprompt -file import.cer -storepass changeit

WordPress Plugins Behaving Badly, And What To Do To Fix It!

So I recently migrated one of my friends’ websites off of DigitalOcean onto Amazon’s ElasticBeanstalk, mainly because I was tired of maintaining aging, and unstable, MySQL instances over 2 years old that I was kicking over every day with a cron job (yes, cron, it was that bad, hah!).

Migrating over to a t2.nano configuration went great, and, with EFS and RDS counting towards my overhead costs for all the nano sites I run on aws, this friend’s site brought the hosting bill down to under $5/mo (http://bit.ly/2cvx7qf), soweeet!!!

But wait, what the #!!@#? This is the only site that takes forever to load over the last half a dozen I’ve migrated up to ElasticBeanstalk? What’s up with that?

So I decide to investigate with P3, the Plugin Performance Profiler (https://wordpress.org/plugins/p3-profiler/) and found this:

p3-initial-scan-oh

 

So, like described in the below video, I kept on going back and forth, deactivating and re-activating various plugins, until I found the two offenders:

  1. Captcha by BestWebSoft (added over 1 second to every page view)
  2. Optin Forms (added over 0.5 seconds to every page view)

Good News

smithers-good-news

So, what was the result after all of this?

good-scan

 

Deactivate and Re-Activate Log

Here is the process I went through to come to the above conclusion:

 

WP Super Cache — diff = worse
WP Smush — diff = worse
Google Analytics Dashboard for WP — diff = just as bad

multi-diff:
WordPress Related Posts
UpdraftPlus – Backup/Restore
Search Meter
PopupAlly
Jetpack by WordPress.com

= now only approaches 4 second plugin time instead of 5 seconds

 

multi-diff 2:
Akismet
Anti-spam
Captcha by BestWebSoft
Contact Form 7
Disable Comments
Disqus Comment System

= Got everything under 0.5 seconds plugin time, on average, with slightly over 1.5 at tail

 

multi-diff 3:
Facebook Members
MailPoet Newsletters
Newsletter
Optin Forms

= Almost all under 0.25 seconds! Something in this group needs to go (only 43 queries per visit)!

 

RE-ACTIVATION TESTS

Re-activate:
WP Super Cache
WP Smush
Google Analytics Dashboard for WP

= no change, these plugins don’t negatively impact site performance, cool (slightly over 0.25 seconds plugin time with 60 MySQL Queries per visit)!

Re-activate:
WordPress Related Posts
UpdraftPlus – Backup/Restore
Search Meter
PopupAlly
Jetpack by WordPress.com: Need to re-sign in (may have skewed this P3 scan results slightly by not being signed in during scan)

= imperceptible change, they are good to go, leave activated!

Re-activate Akismet = imperceptible, keep it activated!
Re-activate Anti-spam = imperceptible, keep it activated!
Re-activate Captcha by BestWebSoft = OFFENSIVE! ADDED OVER 1 SECONDS TO PLUGIN TIME! AAAAAAHHHHHH!!!!!

As lemongrab would say:

lemongrab-unacceptable

 

Sorry Captcha by BestWebSoft, you have to stay de-activated, for the sake of performance emoji-laugh

 

Re-activate Contact Form 7 = imperceptible, keep it!
Re-activate Disable Comments = imperceptible, keep it!
Re-activate Disqus Comment System = imperceptible, keep it!

Re-activate Optin Forms = hmmm, clearly increased Plugin time increased up to 0.5!

lemongrab-unacceptable2

 

Sorry, but this should stay de-activated due to poor performance emoji-sad

Re-activate MailPoet Newsletters = imperceptible, keep it!
Re-activate Newsletter = imperceptible, keep it!
Re-activate Facebook Members = imperceptible, keep it!

Using BeagleBone Black as Salt-Master to Provision VMs

Instructions Apply To

Beagle Bone Black, Rev C

/etc/dogtag: BeagleBoard.org BeagleBone Debian Image 2014-04-23

 

1. Boot up BeagleBone black and SSH over USB.

2. Fix /etc/init.d/led_aging.sh to contain the following so that apt-get installs work.

#!/bin/sh -e
### BEGIN INIT INFO
# Provides:          led_aging.sh
# Required-Start:    $local_fs
# Required-Stop:     $local_fs
# Default-Start:     2 3 4 5
# Default-Stop:      0 1 6
# Short-Description: Start LED aging
# Description:       Starts LED aging (whatever that is)
### END INIT INFO

x=$(/bin/ps -ef | /bin/grep “[l]ed_acc”)
if [ ! -n “$x” -a -x /usr/bin/led_acc ]; then
/usr/bin/led_acc &
fi

3. Follow saltstack installation for Debian.

http://docs.saltstack.com/en/latest/topics/installation/debian.html

Why I Got An AlienBees B800

MeetUp Session: Setting up a home based studio + understanding studio lighting (Mentor Session)

http://www.meetup.com/Northern-Nevada-Photographers/events/209589632/

AlienBees B800

This last Saturday I went deep with Michael regarding lighting and talked about the merits of speedlights vs. studio strobes. I fully appreciate that speedlights can be used to create great lighting and, with the right setup, can mimic the lighting I can get out of a studio strobe; that is, if I am very particular about the tight lighting setup around my model, and I put in extra effort with faster lenses, such as the thrifty fifty. With that having been said, and after having done a 2 bulb continuous lighting setup with a single speedlight during a portrait shoot, decided to go for the AlienBees B800 for $280 because:
1. The AlienBees B1600 is surprisingly lightweight, the B800 is even lighter!

2. The B800 can go from 10-320 Ws, while my Canon 430 EX II is unlikely to put out any more than 60 Ws; this necessitates moving the speedlight within a couple, or maybe 3 feet from the subject, indoors, at ISO 100, f/3.5, 50 mm w/ x1.6 crop factor giving 80 mm.

3. I can port around an AlienBees in my bike panniers with a Vagabond mini in the future with two strobes for <$300.

4. I can use the cheap silver umbrellas I already have as part of my <$60 continuous lighting 3 stand kit, so this acts as an addon for now.

5. I can start with optical slave and sync both the 430 EX II and strobe at no additional short-term cost, no need for PocketWizards.

6. The B800 is well over 5 times more powerful than my 430 EX II. It is at least 4 times more powerful than Canon’s top of the line 600 EX-RT that might, might, put out 75 Ws, and that is being generous. This doesn’t even consider the $500 price tag for a single speedlight, I can nearly get two B800s for the same price, and not worry about heat or continuous shooting at all!

7. I can now feel free to spread out the two front light stands in front of my subject using the 2 reflective umbrellas, no need to move light stands within a few feet anymore with the B800 and a speedlight at +0 power, utilizing it conservatively.

8. No more fiddling with f/3.5 or lower in attempting to use 2 continuous lights mixed with a single speedlight.

9. No more missed shots due to f/2.8, or even f/3.5 shallow depth of field. Even f/3.5 is sometimes a challenge for the sharpness I am after.

10. Less fiddling with the light stands and camera, more time is spent interacting with the model for the limited time I have for the shoot.

11. My PocketWizard Plus III’s sync cable connects to the sync port on the AlienBees for future wireless upgrades. This will really be handy out in full sunlight or challenging indoor shoots where multiple flashes are already present, making my optical slaves problematic at best.

12. I want to pop off as many shots as I want, both in-studio, and out, without worrying about heat or tube life — I could care less, I want great shots! Being able to replace the flash tube puts my mind at ease and encourages me to pound it more often, each and every week. This also serves to motivate me to shoot more often and create more great images.

13. The modeling light is really nice to get some idea of what the flash will do to my shots, whereas continuous lighting and speedlight always kept me guessing.

14. Keep my 430 EX II at +0 power, reserving +2 and +3 for the shots that require the utmost of portability and spontaneity where extreme power or reach is occasionally necessary, rather than being pushed weekly. I don’t want to abuse the 430 EX II at plus powers constantly, wearing it’s tube out faster than necessary, or generating unnecessary heat during summers, or even having to think about it for that matter (this has been offputting). The 430 EX II manual specifically states that no more than 20 continuous shots may be done without first having had a 10 minute rest period of no shots, to avoid overheating of the flash head or degrading of it’s performance.

15. No matter how much I play with the f/3.5 lighting setup, I can always pinpoint the side of the face lit by the continuous lighting, despite the reflective umbrella! Having two strobes in front of the subject will be awesome!

All in all I am very satisfied with my thrifty fifty, f/2.8 70-200 Sigma lens, and my continuous lighting kit with interchangeable flash and bulb heads. This gear, along with the AlienBees, will enable just about any kind of possible shoot I can come up with, at a minimum, while still enabling a future upgrade path and portability in all of my gear. Since I love to shoot low light, am doing street photography, the gear I have thus far will get plenty of use, which is my main concern, I don’t  like purchasing limited use gear.

Dell Laser Printer c1765nfw is a Waste of Money and Time

Disposable printer, only good for maybe 12-24 months of service, as indicated by the warranty. Only guaranteed for 12 months, after this the printer is out of warranty, and, according to Dell customer service, not worth repairing. You must print thousands of pages within the first year to make the per page cost even close to worth it. For us, each page cost well over $1-$2 each! I can order online for 50 cents a page, with higher quality, full photo prints, this is a terrible deal! Even with the few hundred pages of black and white printed text was $1-$2 each, considering our printer was bricked in less than 24 months, with $240 worth of new toner cartridges now wasted!

The wifi on ours went out at month 18, very subtly. Large print jobs would hang the front panel, the dots would stop moving across the panel screen and Windows 8.1 would report lost connectivity to the printer. The only solution was to restart the printer, and print from USB. Only then could full page images or flyers with design elements on the edges be printed. Over faulty wifi we could only print a quarter of the page worth of images before locking up the front panel, necessitating a restart of the printer. Before month 18, printing full page photos at 8.5×11 were brilliant, fast, and easy, all using the same computers, router, and networking setup, all over wifi. All that changed was that large print jobs over wifi started failing 90% of the time at month 18, from 3 different computers.

Each official Dell toner cartridge is about $60. We had $240 worth of new toner in the printer before the failed wifi made it a nightmare to use, with 90% of all print jobs making the printer unresponsive until the next restart. With how few months service you’ll get, this printer is extremely expensive, considering the cost per print, don’t be fooled by it’s cheap price. We spent about $600 since 2013 to print out, maybe, 1,000 pages for it’s total life, and that’s a real stretch. The toner is amazing compared to inkjet cartridges as it is guaranteed to work without use for up to three years, this was the main reason we switched to laser, for extended time between prints!

I am giving this printer 2 stars due to how highly unreliable not only the wifi adapter is, but how irreversible firmware update failures are on this model printer. Unless your printer has features going out on it like ours did, diminishing it’s value, I would never consider updating the firmware, ever, do not attempt to fix what is not broken. The only fix for a failed attempt is a motherboard replacement, which cost more than the printer retails for, according to Dell customer service. On an HP LaserJet, all you need to do is move a jumper on the board inside the printer to recover the factory provided firmware! Lexmark has USB recovery mode for their firmware failures. With Dell, no recovery is possible, only an expensive motherboard replacement. Due to these flaws, only 2 stars, it just isn’t useful for long enough to justify it’s high toner and per page printing costs, waste of money. Go get an HP LaserJet, parts are abundant, HP has the most units sold, so repair is an option after 24 months of service, and many computer shops and techs can service them.

Our c1765nfw died with error code 024-360, aka, new motherboard required.