Month: December 2017

There are a lot of choices for security cameras these days, and for the home or small business owner the choices can be overwhelming.

I have installed and used systems ranging from the costco/best buy/amazon security appliance with wired (and sometimes wireless cameras) to systems with a standards-based security DVR (I usually get a refurbished business-class desktop running Windows 10 Pro to install security DVR software onto, adding extra disks for the video storage) and open standards-based wireless and wired IP security cameras.  There are a wide range of cameras available from different manufacturers to meet different requirements.    Prices for cameras can range from $30 for a pan-tilt-zoom capable 1MP indoor camera to  $460 for a high-end pole-mounted PTZ camera with a 30x power zoom.  The nice thing about open systems is being able to fit the hardware to your needs and not being locked into a single vendor for parts or service.   The open system may take a little more effort to set up than puling out an appliance and plugging it in – but the end result is a much nicer system that is easier to use with much higher quality web, android and iOS apps.

Of the appliance-based security DVRs – the ones from Revo, Lorex and Q-See are the safest choices.  None of them are going to be as good as an open ONVIF/Milestone Xprotect system, but there are a lot of lesser systems than those three that are real garbage.  I won’t name names here – but some of the systems from Costco that aren’t the 3 brands listed above are real stinkers.  Access is only from android and iOS apps, no web access at all, for example.  The other systems listed above do have web access, but some are limited to only working with Internet Explorer.  The web access from Milestone Xprotect Essential is HTML5-based and works in multiple browsers on multiple platforms.  The situations where I would use an appliance over a Milestone system is if all the cameras can be easily wired to the appliance – like to cover a specific room or area rather than a whole house or trying to cover indoors and outdoors with the same system.

If you are considering a security system – find an installer you can trust that can recommend the best solution for your situation.  Work with them to come up with a reasonable plan, and you will end up with an easy to use functional security cameras across your property.

The laptops we purchased to be dedicated Bitcoin wallets are HP. HP is in the news for having shipped computers with keyloggers pre-installed. It turns out that the microphone tray applet for the sound card drivers shipped with these computers happened to be logging every single keystroke to a unencrypted unprotected file. It turns out that this is only the case with the windows drivers and software. If windows is removed and is completely replaced by x a boon to, as is in our case, this vulnerability simply does not exist.

The reason we replaced windows for exhibition to is that 100% of the software is open source and the source code is visible and available for inspection. That also applies to the sound card, WiFi, keyboard, and all other drivers and software on the system. Given this latest incident from HP and Microsoft, I’m not sure how I could ever trust a Windows system ever again for critical Computing tasks. It frightens me to no end that critical medical devices and Fire Control Systems on US Naval warships both run Windows.

We went to go Implement our new cable modem, router, access points, security DVR and WiFi IP security cameras yesterday, and things went pretty smoothly. At the end of the day we had the security DVR setup, the cameras recording, and the cable modem from Comcast replaced with our own purchased equipment.

The basic sequence of events went like this:

First, we called our internet provider. In our case that was Comcast. We told them we wanted to stop using their least cable modem and want to use our own. They asked for the model number and MAC address of our new equipment, which is located on a barcode on the bottom of the modem. I find it helpful to take a picture with my camera so I can zoom in on it too clearly see the numbers to give them to the Comcast representative.

After Comcast gave us to go ahead we remove the old equipment and plugged in our new cable modem and connected it to a laptop with an Ethernet interface. After confirming we were able to get an IP address from Comcast and get online, we went ahead and configured our new router and then plugged are new security DVR into the private side, setup the WiFi controller and adopted the access points, configured the WiFi on our new security cameras to join the new network, and then added the cameras to the security DVR. Tomorrow I will be returning to permanently Mount the cameras in their final location and deal with tomorrow I will be returning to permanently Mount the cameras in there final location and deal with routing and mounting the cables.

Well, we took a a pair cheap cloudbooks from Target and repurposed them as Linux-based hardware bitcoin wallets with a complete open-source (and thus, more trusted) software stack.  No black boxes here.

Now we need to add wallets for other coins like Ethereum, ZCash, Dash, Ripple and others.  These systems come with 32GB of flash storage, we’ll see if we need to add more storage via the SD card slot or not.  If we do, that volume will need to be encrypted either with LVM or by making it the home folder and enabling home folder encryption.  We’ll burn that bridge when we come to it.

For now, we want to be able to run Coinomi, an open-source android wallet.  How do we run Android?  With . VirtualBox.

Our first in-depth tutorial – coming shortly – will detail how to install VirtualBox, Android and Coinomi, in that order.

Stay Tuned!

Problem: Need offline/cold storage for our coins

Solution: AMD-based HP CloudBook laptop at Target for $180

Why AMD? Many Intel CPUs have vPro techology baked in – which has a nasty security hole allowing remote IP KVM to be enabled, allowing for keystroke logging that is simply unacceptable on our wallet machine.

They come with Windows 10 Home preinstalled, which we go ahead and log into and download the following things:

Opera Browser: http://opera.com

Install the opera browser, go into settings and turn on VPN in the Privacy and Security section

Xubuntu ISO image:
http://torrent.ubuntu.com/xubuntu/releases/xenial/release/desktop/xubuntu-16.04.3-desktop-amd64.iso.torrent

Rufus USB image writer: https://rufus.akeo.ie

Run rufus after downloading, select the Xubuntu ISO image you downloaded before rufus and write it to a 4GB-32GB USB stick (preferably a USB 3.0 one)

Reboot and keep tapping Esc to go into the BIOS

Find the boot order, move USB devices above the built-in SSD in the boot order and reboot.

Install Xubuntu, enabling disk and LVM encryption when you get to that point in the install. Pick a password you will not forget.

Once Xubuntu is installed and you are logged in, connect to the internet, open a terminal and do the following to bring the system up to date:

sudo apt-get update
sudo apt-get upgrade -y
reboot
sudo apt-get autoremove

Go through the power settings and enable suspend on lid close and shutdown on reaching critical battery levels.

Firefox is installed already, use it to download and install Opera. I have had better luck downloading the file and installing it in the terminal rather than using the GUI software manager. The command to install manually is:

sudo dpkg -i <packagename>.deb

You will find it in your /home/<username>/Downloads folder

And that’s how we turned a $180 cloudbook into a whole-disk-encrypted hardware eCoin wallet.

Start installing your favorite wallets. Our next post will cover installing and configuring Electrum.