Maybank2u Email Scam

Recently there has been an increase in online phishing activity, mainly targeting users of Maybank2u.com.my. Here’s one example and how to spot them in the future.

It started with me getting an email that appeared to be from maybank2u.com.my:

photo

Both emails above are scam emails. At first glance you won’t be able to tell if it’s legitimate. But as we continue along you’ll start to see red flags popping up.

Capture2

Opening up the email in gmail reveals more information from the sender. As scammers are highly unlikely to be able to compromise maybank2u’s email servers to send spam emails, they will usually use another email server but disguise the email to look like it came from Maybank2u. This is called email spoofing.

From the example above, we can see that the email originated from eigbox.net. Also, scammers are surprisingly not very good with writing proper scam emails. You can probably notice spelling and grammar errors in the scam email. This is a fairly consistent pattern and one can only wonder if they proof read their scam emails before sending them out.

Capture3

Google Chrome will give us a warning if we try and visit the email link.

Capture5

As you can see, the email link takes us to “impactosurf.com.br” instead of “www.maybank2u.com.my”. This should raise a very large red flag. NEVER EVER LOGIN TO YOUR MAYBANK ACCOUNT IF THE URL IS INCORRECT. If you follow this advice, you will NEVER be scammed.

Here we’ll just humour them to see what they’re up to. We first login with our username and password. Scammers will then take this information and login to your account from their computers.

Capture7

Next, they ask for more information. I believe this is to make you enter your password again so they can be sure that it is the correct password.

Capture8

This is the page where the action is. Remember they have already logged into your account using their computers. Now in order to perform a transaction, they will have to request for a TAC number. They will request on their side, and ask you to enter the TAC number that is sent to your mobile phone. Once they have your TAC number, they can then empty your account with a click of a button.

Capture9

After you’ve given them your TAC number, they give you a friendly reminder not to log in. This is to ensure that the TAC number will remain valid until they empty your account (the TAC expires with each log in or in 30 minutes, whichever comes first). This is basically saying “don’t disturb us while we steal your funds”.

As long as there are scammers around, there will be gullible Internet users. Follow the simple guidelines below and you will never be scammed:

  1. NEVER LOGIN FROM EMAIL LINKS.
  2. ALWAYS MANUALLY TYPE “www.maybank2u.com.my” INTO YOUR WEB BROWSER.
  3. ALWAYS CHECK YOUR URL. Ensure you are where you want to be by looking at the URL. Close your browser at the first sign of suspicion.
  4. ALWAYS BE CAUTIOUS. Here’s a trick. If you’re unsure, just use a fake login on a page to test it. If it allows you to “login” that means there is no authentication at all and you’re at a scam site. Remember, the scammers don’t have your details so they won’t know if you have entered a wrong password.

Stay safe on the web.

How to Install Win95 on an iPad

This tutorial will teach you how to install Windows 95 on your iPad. It runs on an emulated environment so performance is very bad. This is just a proof of concept, not a practical application.

IMG_0086 copy

Windows 95 booting up on the iPad.

Things you’ll need:

  1. Mobile Terminal. You can get this from Cydia (source: cydia.xsellize.com).
  2. bochs.deb file.

Installation Instructions:

  1. Transfer the bochs.deb file that you have downloaded to /tmp on your iPad. You can use WinSCP.
  2. Run Mobile Terminal on your iPad.
  3. Type “login” and login to “root” using password “alpine” (if you haven’t changed it).
  4. Type “dpkg -i /tmp/bochs.deb“. This will install bochs.
  5. Once installation is complete, type “killall SpringBoard” to restart springboard. Capitalization is important.
  6. You will see a new bochs icon on your iPad. Run it.

IMG_0092 copy

IMG_0093 copy

Bochs comes “pre-installed” with Win95 and Win3.11.

IMG_0090 copy

Everything works. You scroll around using the touch screen.

IMG_0088 copy

Resolution support is bad though.

IMG_0091 copy

Solitaire is not a game that you want to play on an iPad.

Although booting Windows 95 on an iPad is cool, it’s not very practical. The emulation is very slow and it takes almost 3 minutes to boot Windows 95. Performance in Windows is also sluggish. I would estimate that the emulator is capable of about 33Mhz of CPU speed because it feels slower than my very old computer (66Mhz DX2).

Here’s someone doing the installation and demoing it:

Cheap Analog Signal Acquisition for PCs

There are times when you’ll need to read analog signals and pass them to a computer to process or display. Analog signal acquisition cards are usually expensive and not suitable for hobbyist on a budget. So if you’re not running mission critical systems requiring ultra fast and accurate updates, here’s a very cheap and easy solution to getting your analog signals into your computer.

This idea came to me when I was looking for a USB interface card for my CarPC. Unfortunately for me I have a very old car that doesn’t support the current OBDII system so I have to hardwire everything to get their status. I needed the status of the fans, coolant temperature, compressor clutch, and a host of other parameters to feed my obsession for information that I don’t need and to distract me from the road ahead. While looking for a cheap and easy way to get all these information (PICs, etc.) I stumbled upon cheap China made USB controllers. And since USB is pretty much standard with every computer, I was sold.

First off, you will need an analog USB joystick. You can probably see where this is heading. The reason is because USB joysticks are so cheap that it makes sense to experiment with them. Besides analog inputs, you get discrete inputs too with these joysticks. You can grab some of these joysticks from the links below:

Note: I would recommend the gamepad type because there are 4 analog inputs as compared to only 3 for the joystick. Get the cheapest analog controller you can possibly find. Warranty is not an issue for obvious reasons.

DSC_0004 copy

This controller from a local computer store cost me RM23 ($8) only. It has about 20 discrete inputs (buttons) and 4 analog inputs and also a vibration unit inside.

First thing you’ll want to do when you get your controller is to plug it into the computer and check if it works. If not you still have the option to return it to get a replacement. Once you are satisfied with the condition of the controller, it’s time to have some fun. Take out your screwdriver set and tear it open.

DSC_0006 copy

Here you’re looking at the analog  joystick board (green). All the connections that you need can be tapped from here. If they are 4 axis of analog control, you will have 4 inputs from here.

DSC_0006

The  red squares show where the 4 potentiometers are. The red circle shows the input connections. The 5V and ground reference is there also.

DSC_0009 copy

Measuring the supply voltage to the potentiometers. As expected, it was 5v (USB powered)

So basically the controller works as follows:

schematic

Looking at the diagram on the left, with a supply of 5v and ground, the potentiometer divides this and gives an output that varies between 0-5v. So depending on where the potentiometer is positioned, the output voltage to the joystick’s controller input can be anywhere from 0v to 5v. The joystick controller then reads this voltage and gives a reading to the computer.

DSC_0015 copy

An externally connected potentiometer is used for testing. The purple wire supplies the 5v, blue wire supplies the ground and green wire is the input. A capacitor is connected between the input and ground because the readings were “jumpy”, probably due to external interference.

So if the potentiometer is turned all the way down, the input to the joystick controller will be 0v. The joystick will then send a “full left” (or “full right” depending on the design) to the computer. If we turn the potentiometer all the way up, the input to the joystick controller will be 5v. The joystick will then send an opposite signal to the computer, telling it that they joystick has now been moved all the way to the other direction.

If the potentiometer is turned somewhere in between, it might give a signal of 3v. The joystick controller will then interpret this and tell the computer where the joystick location is.

If you have managed to follow the explanation above, you’ll see why we can use this to measure analog voltages. We can theoretically apply a voltage to the analog input of the joystick controller and the joystick will send that signal to the computer. I say theoretically because that is not exactly the case in real life, as you will see below:

joystickform

This is the software that reads the joystick input. It’s written in C# and it can be downloaded from codeproject.com along with the source code. I’m not an expert in C# so please direct your C# questions to someone else. But a little reverse engineering and trial and error should help you modify the source sufficiently for your own use.

I disconnected the potentiometer and instead connected the input to 2 different batteries, one at a time:

liiontest

When I connected it to the Li-ion battery of 3.86v (measured with a voltmeter), it gave me a reading of 62154.

aatest

When I connected it to a AAA battery of 1.5v, I got 8191. If we assumed that 0v will show zero on the computer and 5v will show 65535 then the readings will not make sense. For example:

Input Voltage = (Axis Value / 65535) x 5v

In the case above, we got 8191 for the 1.5v battery. So if we substitute that into the formula above, we’ll get:

Input Voltage = (8191/65535) x 5v = 0.6249v (which is obviously not the voltage of the 1.5v battery)

So it seems that the joystick controller only reads a certain range of voltage, with dead zones at both the upper limit and lower limit. Hence, we need to calculate those values. We have 2 variables to figure out: the lower limit and the range. Upper limit is not required to get the correct voltage reading. We already have 2 samples to work with from above (the li-ion battery and 1.5v AAA battery). By using simple high school maths, we can then calculate for the 2 unknowns:

calculation

Note: the AAA battery was at 1.49v.

From here, we know that the lower limit is 1.1431v. So anything below this, the joystick reads as zero. Also, we now know that the joystick only reads a range of 2.8647v. That’s not a lot to play with. But it’s sufficient.

So now with the unknowns calculate, we can write our equation for this joystick:

Input Voltage = 1.1431 + (Axis Value / 65536) x 2.8647v

To test the equation, we use the example of the 1.5v battery again:

Input Voltage = 1.1431 + (8191 / 65535) x 2.8647v = 1.5011v

Now the value of 1.5011v looks more convincing.

DSC_0012 copy

From here, you can tap the other analog inputs. And using the values acquired from the equations, you can write your program to display the values in voltages instead of unintelligible numbers like 8191.

If you need to read more range or higher voltages, just use a voltage divider network.

Of course, if you require better resolution, you can always go for the commercial devices, like the one shown below:

That’s about all that you need to know on how to make a cheap and easy analog signal acquisition device for a computer. If you have questions, comments or suggestions feel free to leave them in the comments section below or send me an email.

What happens when you have too much budget for a movie?

Following the success of The Fast and the Furious and 2Fast 2Furious, 3Fast 3Furious, or more widely known as “Tokyo Drift” has probably been given millions in budget to make the film. After overpaying those actors and story writers who couldn’t come up with a better storyline, and burning hundreds of sets of perfectly good tyres, the producers and director had to come up with a way to spend the rest of the budget. Burning it wasn’t an option because it will lead to global warming, and giving it away to poor people would be a waste of money. So what do they do with it? Words can’t describe, but pictures can =)


“Do you know what DK stands for?”

“Drift King?”

“Nah, Donkey Kong.”

I mean seriously, can this get any lamer?


First off, the got a new Viper and they crashed it with an old car which probably belonged to that actor before he got this overpaid job. No, they didn’t think twice before doing that.


The old car can go to hell. The Viper was split into half before this scene.


And of course, a car’s not trashed if it’s not upsidedown.


Next, the guy goes to Tokyo, and guess what he sees? A Nissan 350z drifting up a car park ramp. By the way, a 350z costs RM500,000 here. I guess over there it’s just like any other Proton car ;) But still, doing such a dangerous stunt requires plenty of money. Imagine the number of 350z scratched and damaged in the making of this scene alone!


And then he is given the ultimate (or “Mona Lisa”) of all drift cars. The car has been tuned to perfection, everything from suspension to engine, from wheels to brakes. And guess what he does? The picture above is not really clear, but he just crashed into a row of car. Nope, he didn’t just crash into a row of ordinary cars.


Here’s the “Mona Lisa”, all bent and broken. And if it wasn’t enough, he kept driving it against the wall to make the bent fender come off.


Tada! Gone in 60 seconds! =)


Next, the guy is given an EVO. So what’s the first thing you do once you get a 2 liter turbocharged 4WD monster that’s probably giving out 300hp at the wheels (I assumed it’s tuned)? You slam the rear into a pile of wood! Of course! Elementary, my dear Watson!


And to show that you couldn’t care less, you dent the side by crashing sideways into some stack of tyres. Makes it look like you really push the limits of the car eh?


Hmm… that (the above picture’s caption) seems like a logical explanation. But how do you explain THIS!?? (insert evil laughter here). We’ll just drop a roller shutter on a 350z (half a million ringgit car) =)


And that EVO hasn’t got enough dents. Let’s just crash this 350z (again, half a million car) into the rear. Ahh… great dent.


Now let’s make full use of that 350z. Ahh… nice crash!


Alright, the 350z are getting boring. Let’s mash up the RX7! Great timing =)


Last, but not least, we haf the final downhill challenge. The director couldn’t let the cars get out alive, so he crashes the newly repaired 350z into the other just restored muscle car with a RB26DET. Sparks added for more thrill.


While we are at it, let’s run the 350z off the side of the road to totally screw up the undercarriage and suspension and tyres and rims.


Alright, I’m really sick of the 350z now, let’s just dump it, literally.

If you haven’t notice, this movie is about destroying expensive Japanese sports cars. The director wants to send a powerful message to everyone: only he can do it, you can’t. And there’s absolutely nothing you can do about it (line borrowed from the matrix). We’ll see ;)

So yea, great drifting. Continue reading

Peltier cooler

About a week ago, I have never heard of such a thing called a peltier cooler. When my housemate bought a CPU cooler that cools using electricity from lowyat, I was very surprised and amazed. I kept thinking to myself on the way back home how such a thing can work. I’ve heard of using compressors and feron gases to produce subzero temperatures. But using electricity alone? You can imagine my curiousity.


Subzero 4G for rm50 at lowyat.

The main component of this cooler is the peltier plate. It’s a plate that, when voltage is applied, creates a a temperature difference between its top and bottom plate. In short, when electricity is applied, the top plate becomes hot and the bottom plate becomes cold.


The peltier plate.

The peltier plate does this by transferring heat energy. And the interesting thing is that if you reverse the polarity, the hot and cold sides will switch. The more interesting thing is that if you apply more voltage, it gets colder.


Stuff that came in the package. Heatsink with peltier plate, casing fan, microcontroller to control the temperature.


The peltier cooler.

This thing is very cold when running. It’s not like normal cool, but it’s cold. It’s like touching ice. If you can’t take my word for it, look at the picture below.


You can see drops of water forming on the plate due to condensation!

This peltier technology has been around for a long time. It’s just that it’s not too pratical for some applications because it’s not very efficient. Anyways, some links for further reading:

Peltier coolers

The heatsink guide – Peltier cooler information

Peltier beer cooler

A really cool piece of gadget. Pun intended.

UPDATE: How to make ice using your peltier cooler.


Put something hot on it and ice will form. Continue reading