Monday, October 26, 2015

Haze in Malaysia!!!!

Haze in Malaysia is getting from bad to worst...Thanks to indonesia.!!!
A lot of ignorant people still go out exercise without knowing the impact.!!!

I also see a lot of people wearing normal mask!! That wont help!!! You need to wear N95 mask because normal mask cant filter the fine particles in the air that could cause you cancer!!!!

So go and get a proper N95 mask as shown below!! Be safe, stay healthy!!

FiiO x5 Second Edition

General Specifications:

Model/Number - X5 (X5 2nd gen)
Headphone Port - Standard 3.5mm Headphone Port
Color - Titanium
Drive Ability - 16~150 Ω
Dimensions - 109 mm× 63.5 mm× 15.3 mm
Volume Control - 120 steps digital potentiometer
Weight - 165 g
Equalizer - 10-band equalizer (±6dB)
Display Screen - 2.4", 262,144 color HD IPS screen with 400x360 pixels
Line Out - Standard 3.5mm Port (Shared line out / S/PDIF coaxial out)
Digital Out (Coaxial) - Standard 3.5mm Port (Shared line out / S/PDIF coaxial out)
Balance - 10 dB
USB DAC - Supporting up to 24bit / 192kHz and DSD (driver installation required)
Gain - 3.6dB(Gain=L) // 9.1dB(Gain=H

Partial Performance Parameters for Line Output

THD+N - <0.001% (1 kHz)
SNR - ≥114 dB (A-weight)
Frequency Response - 20 Hz~20 kHz
Dynamic Range - >110 dB
Crosstalk - >115 dB (10 KΩ/1 kHz)
Line Output Level - 1.53 Vrms (10 KΩ/1 kHz)

Partial Performance Parameters for Headphone Output:

Output Power 1 - >245 mW(32Ω//THD+N<1%)
Output Power 2 - >436 mW(16Ω/THD+N<1%)
Output Power 3 - >27 mW(300Ω/THD+N<1%)
Output Impedance - <0.2 Ω(32Ω)
Crosstalk - >75 dB (1 kHz)
THD+N - <0.001% (1 kHz)
Frequency Response - 20 Hz~20 kHz
MAX Output Voltage - >8.2 Vp-p
SNR - ≥117 dB (A-weighted)
MAX Output Current - >250 mA(For reference)

Power and Battery:

Power - DC5V 2A recommended
Battery Capacity - 3300 mAh
Charge Display - Red light indicates , green light turns on after fully charged
Battery Life - >10 h (32Ω; normal volume with display off )
Battery Display - Yes (Accurate battery % readings))
Charging Time - <4h (DC5V 2A)

Audio Formats Supported:

DSD: DSD64, DSD128 (.iso&.dsf & .dff);
APE(Fast): 192 kHz/24 bit;
APE(Normal): 96 kHz/24 bit;
APE (High): 96 kHz/24 bit;
AIFF: 192 kHz/24 bit;
FLAC: 192 kHz/24 bit;
WAV: 192 kHz/64 bit;
WMA Lossless: 96 kHz/24 bit;
Apple Lossless: 192 kHz/24 bit;
Lossy compression: MP2、MP3、AAC、ALAC、WMA、OGG...

New features compared to the first generation X5:

1. All-new exterior design, improved build, with metal finish changed from powdered to brushed;
2. More compact and lightweight; smaller black borders around LCD;
3. All-new independent amplification stage with analogue volume control, increasing audio resolution;
4. All new digital audio architecture, utilizing dual crystal oscillators dedicated to multiples of 44.1 and 48kHz respectively (including 176.4kHz=4x44.1, 192kHz=4x48 and DSD64 and DSD128 (multiples of 44.1), handling all major sample rates without resampling artifacts and minimal jitter;
5. Supporting hardware DSD decoding;
6. Supporting CTIA-standard in-line earphone remotes (e.g. Apple, Samsung compatible earphones)
7. Breakthrough power architecture design that utilizes different system voltages for low and high gain, allowing maximum flexibility between long endurance and high driving power in the same unit.
8. All-new power management feature: auto standby mode allows player to remain in standby for weeks, ready to continue playing instantly.
9. Coulomb meter for precise battery level readouts.

Friday, June 19, 2015

What is DLP and how do you bypass it!

Data Leak Prevention or Data Loss Prevention depending on how you want to call it is nothing but a way to prevent confidential data from leaking outside your network.

In regardless of which vendor or product it works by monitoring data in motion, at rest and in used.

Data in motion = data that is being transmitted via secure or insecure channel.
Data at rest = data that resides in your machine or NAS
Data in used = data that is currently being process or in used.
Most of the time DLP comprise of 2 engine. The monitoring engine and the prevention engine.

Monitoring engine actually monitor the usage of the data in your machine or network. It monitors and send those information to the centralize server. All these events are known as DLP incident and ussually you would need a DLP administrator to monitor and evaluate whether a data breach has occur or not.

Depending on the policy you can set whether to trigger an alert on the desktop if a policy has been violated or just remain passive. Most of the organization would set the monitoring mode in passive mode to avoid alerting the crook /bad guy within their organization.

Another engine which is the Prevention engine is the actual engine which block or prevent the data from going out. It can block you from burning the data to USB, CD, DVD, ftp, cloud storage, print screen and etc..again it is set in policy. Some of the organization will set the prevention engine on the desktop level and some on the gateway level depending on the business case.

Detection can be done using regular expression, keywords, and even fingerprinting a documents. (I would not go into the details here..)

Now !! Here come the interesting part! How do you bypass DLP!!!!

1. Encryption!!!!!
A lot of IT administrator or DLP wannabe expert claim that you should encrypt the email or data on your desktop before sending it outside from the organization. The ironic thing is there is no DLP solution in the market right now which can automatically decrypt and encrypted file, inspect it with DLP engine before sending it out! So by allowing your staff to encrypt the file with password using their own encryption solution such as Truecrypt will render DLP solution useless!!!!

The right way is encryption on the gateway level! Lets look at the scenario below:-

User A send file to User B outside the organization.
User A send file >> file is intercepted by DLP solution in gateway >> analyze if it is a confidential data or not >> if yes encrypt before sending out and if not just send out

This is the right way to do it...

2. USB USB but what about SD card slot??
Most of the administrator set DLP policy on USB drive. To prevent users from copying file to USB. But wait ...what about SD CARD slot?? I am sure a lot of laptop has it. So try using your SD card slot and you will be surprised that the policy is not yet set to prevent data out using SD card slot.

3.Own FTP or HTTP server.
There is a lot of web based file server solution on Iphone and Android. You can just download the apps activate the web storage from your iphone and android and access those URL from your DLP enable laptop or desktop. Chances are you can copy those data out to the iphone or android. Reasons are DLP solution is all about rules. If the administrator set a strict rules that prevent all https and ftp then it is a problem cause it will create lots of false positive. So if you send data to the phone ftp or http storage, chances are it will still work depending on the policy set. However please take note that even you can copy the data out it does not mean it is not logged!! Yes remember i mention DLP has 2 part? Monitor engine and Prevention engine.

4. Fuck Windows ..Use Linux!
Ok DLP is a program. A program that hook to the OS kernel to prevent data loss. But what if you boot from a boot disk and run linux? Yes DLP will be ueseless!!! You can copy anything and DLP monitor and prevention engine will not be there to stop you. The mitigation control is to disable booting from USB or CD on your machine and set a BIOS password to it. I am sure 90% of the organization would not do this cause the so call DLP consultant or security consultant are mostly Windows user who has not actually try to hack anything in their life before!!!

There are more ways to bypass the DLP solution that is in the market now but i am sure the steps i mention above is more than enough to cause a data breach!

Note: The information share above is not meant to encourage malicious activity but to educate the public about their false sense of security when they claimed they are protected from data loss cause they just bought a fancy DLP solution from a vendor.

Feel free to contact me if you wanna know more about DLP :)

Blogging is Dead!..

I just realized that my blog is abandon for quite sometime. Partly because it is much more easier to write anything or update anything from facebook rather than using the blogger interface. Another reason is i hardly use a computer anymore. Mobile access is the new trend and i am no different. Try updating your blogspot from an Iphone vs Facebook and you will know what i mean.

Maybe blogspot should evolve...or maybe not..

Sunday, December 28, 2014

Overprice Iphone screen protector in GM Klang Wholesale City

My recent visit to GM Klang Wholesale City is a nightmare. What turn out to be a joyous occasion turns out sour when my a salesman (Thomas Chen) or perhaps the owner of Zentech Cash and Carry located at lot 134-3rd floor sells an Iphone 6 + Glass-M screen protector at RM135.

Yes i know it is my bad for not doing research before buying the screen protector but i thought isn;t a wholesale center suppose to sell thing cheaper and not 100% more expensive??

GLASS-M case at USD20 Free shipping!! Even Glass-M site itself is selling at just USD20 free shipping.

So my advise is stay away from this conman and con shop to avoid being con by evil seller.