Saturday, 27 March 2021

How to Flash Tasmota onto a Arlec Grid Connect Smart Plug-In Socket PC190HA from Bunnings

 

About

The Arlec PC190HA is a cost effective smart socket that is Tasmota compatible. The socket uses the TYWE2S module based upon the ESP8266.

This socket can be purchased from Bunnings individually for $17.50 or in a 4 pack for $60.

Downside of this unit, is Arlec have introduced Tri-Groove Security screws, which is rather uncommon and does make opening this unit a little more difficult, but not impossible. More about this later.


Tri-Groove Security Screw


Replacing the firmware

Arlec like many other manufactures have updated the Tuya firmware. Frustratingly this means the OTA update method via Tuya-Convert is not longer an option. Efforts are still ongoing to fix this, but there is no ETA.

The alternative is to flash via serial using a USB to TTL Serial Converter and Tasmotizer (Windows).



HW-417 USB to TTL Serial Converter

Opening the PC190HA

To get access the TYWES2 requires opening the socket. At this point I remind readers;

WARNING - DISCLAIMER
Proceed at your own risk. This information is provided as a guide and you take full responsibility for any harm or damage that may result. Opening any mains powered device should only be done by a professional. I accept no responsibility for any malfunctioning devices as a result for this tutorial. This process will void warranty of the device. Proceed at your own risk.

With that out of the way opening the PC190HA will require a Tri-Groove screwdriver or similar.

Make your own Tri-groove screwdriver

As I couldn't find a local supplier, I opted to fashion my own from a spare Allen key (~4mm or 1/8") and a common triangular file.

Process isn't as difficult and even a rough tool will be sufficient to remove the screws. Below was my first attempt and was successful in removing the screws. 



To fashion the Tri-Groove tool, place the allen key into a vice and simply file a V from the middle of every second flat side. Position the file at a ~45 degree angle.

With any luck the tool will be sufficient to remove the screws. The top case is secured by three lugs which can be overcome by hand.



Flashing

The PC190HA uses the common TYWE2S module and is relatively easy to get access to the serial port pads. The rear cover will need to be removed to expose the IO0 pad on the TYWE2S. Remove the single Philips screw in the centre of the PCB.


Solder on jumper wires.





To successfully flash the TYWE2S the USB TTL converter needs to be connected supplying 3.3v. Also  IO0 needs to be pulled to ground, at initial power on only.

Make sure your USB TTL converter is set to supply 3.3v, not 5v.


The approach I used was to split off an additional ground wire and hold it on the IO0 pad, while connecting the USB TTL converter.

Open Tasmotizer, Select the USB port.


Select Release and optionally backup original firmware.
Note: you can preload the WiFi and other configuration detail if you so choose.

Click Tasmotize!



If flashing was successful, unsolder the jumper wires and reassemble. I opted to keep the Tri-Groove screws, but you can replace with similar Philips head screws if needed.

Setup

By Default Tasmota will present as an AP. My preferred option is to a phone to connect and configure the WiFi. Once it is connected to your WiFi use Fing (Android app) to locate the device IP and connect to the web interface at http://192.168.4.1

Arlec PC190HA Tasmota configuration

Refer to the Tasmota Devices database at https://templates.blakadder.com/arlec_PC190HA.html

Template: {"NAME":"Arlec-PC190HA","GPIO":[0,0,0,0,320,0,0,0,224,576,32,0,0,0],"FLAG":0,"BASE":18}




Sunday, 14 July 2019

Google Vault: Are shared files discoverable?




Google Vault: Are off domain shared files discoverable in Vault?


Recently a question about Google Vault was put to me in the G Suite product forums where I contribute under Google's Product Experts Program.


We are setting up Google Vault for our organization. Using me as an example, say my wife, who not a part of our organization but who has a personal Google account, shares a Google Doc for a household grocery list with me at my work address. Are you saying that that document would be then searchable by Vault administrators, since it was shared to my work account? [link]

Normally Google's Help Center is the place to go for most answers, but I was unable to find an article that covers this specific question. This article goes close but does specifically talk about the drive content owned by an off domain user.

So how does Vault handle this?

Testing

Test #1: Discover shared Drive content by off domain owner.


  1. Login as a consumer gmail account.
  2. Create a Google Doc
  3. Share it directly with a G Suite user in a domain with Vault enabled.
  4. Login as G Suite user and confirm I can view the shared file.
  5. Login in as an Admin to Vault and search for the Google Doc.

Test #1 Result: Files shared by off domain user (owned) are discoverable in Vault.

Test #2: Discover unshared content by off domain owner.


  1. Login as a consumer gmail account.
  2. unshare the above Google Doc
  3. Login as G Suite user and confirm I cannot view the shared file.
  4. Login in as an Admin to Vault and search for the Google Doc.

Test #2 Result: Files unshared by off domain user (owned) are no longer discoverable in Vault.

Test #3: Discover publicly shared Drive content by off domain owner.

  1. Login as a consumer gmail account.
  2. Create a Google Doc
  3. Share it publicly (link).
  4. Login as G Suite user and use the link to confirm I can view the shared file.
  5. Login in as an Admin to Vault and search for the Google Doc.

Test #3 Result: Files shared publicly (by link) by an off domain user (owned) are not discoverable in Vault.

Test #4: Discover publicly shared Drive content by off domain owner and "Add to My Drive..."


  1. Login as a consumer gmail account.
  2. Create a Google Doc
  3. Share it publicly (link).
  4. Login as G Suite user and use the link to confirm I can view the shared file.
  5. Add the Doc to "My Drive" via the "Add to My Drive..." Option
  6. Login in as an Admin to Vault and search for the Google Doc.

Test #4 Result: Files shared publicly (by link) by an off domain user (owned) are discoverable in Vault, if the G Suite user adds the file to their Drive .

Test #5: Discover publicly unshared content by off domain owner after it's removed from My Drive.

  1. Login as G Suite user, select the Doc and "Remove from my Drive".
  2. Login in as an Admin to Vault and search for the Google Doc.

Test #5 Result: Files are not discoverable in Vault.



Summary

Key findings:

  • Files owned by users outside the domain and shared directly with G Suite users are discoverable.
  • Discovery is only possible while sharing remains enabled.
  • If the owner revokes the sharing, discovery is no longer possible.
  • Files publicly shared, must be added via "Add to My Drive" for discovery to work.
  • Removing the file from "My Drive", will stop discovery.

Considerations:

  1. Vault will not provide visibility to data leakage via files owned by off domain users.

    Potentially a malicious actor could establish a Google consumer account, create and share a file with an G Suite user. Then dump data into that file and unshare, without Vault showing a record of that.
  2.  External parties sharing Drive files or Google Docs with G Suite users must be aware G Suite admins can access via Vault. 

Wednesday, 5 July 2017

Office 365 Exchange online Outbound email blocked by Spamhaus (CBL)

Seems MS can't give a straight answer, but users on some trials are reporting difficulties with sending email (internal and external) due to transport restrictions enforced by MS.

MS uses the Spamhaus CBL to match IP in the header of the sending device. X-Originating-IP

Generally block lists are used for abusive SMTP/email servers, but MS are using it against Exchange clients (Outlook / Active Sync and OWA). Presumably to kerb spammers abusing the trial.

Error

Resulting in a NDR

Remote Server returned '550 5.7.501 Service unavailable, Client host blocked using Spamhaus. To request removal from this list see http://www.spamhaus.org/lookup.lasso (AS16042849)'

The NDR will contain the IP of the actual device where the message was generated, not the Exchnage server IP, as it the case with some other platforms.

X-Originating-IP: [1.125.48.104]



The Fix:

Modify the default connection filter to allow these IP's

  • Use the EAC to edit the default connection filter policy - detailed here
  • Use powershell to add multiple (max 1273) subnets (max subnet size /24)
PS> $UserCredential = Get-Credential

PS> $Session = New-PSSession -ConfigurationName Microsoft.Exchange -ConnectionUri https://outlook.office365.com/powershell-liveid/ -Credential $UserCredential -Authentication Basic -AllowRedirection


PS> $sn=@{Add="1.124.0.0/24",
"1.124.1.0/24",
"1.124.2.0/24",
...<snip>...
"1.127.255.0/24"}

PS> Set-HostedConnectionFilterPolicy “Default” –IPAllowList $null
PS> Set-HostedConnectionFilterPolicy “Default” –IPAllowList $sn

Links

Telstra Mobile IP's - http://wq.apnic.net/apnic-bin/whois....AINTERNET49-AU
Powershell command ref above - https://technet.microsoft.com/en-us/...xchg.160).aspx
EAC - IPAllowList Limits - https://technet.microsoft.com/en-us/...or=-2147217396

Monday, 24 April 2017

Goodbye Map Maker Hello Local Guides

Map maker maybe gone...

but here is Google Maps - Local Guides


Anyone can be a Local Guide. Bring friends when you enjoy a meal, go on a hike or explore your neighbourhood. Don't forget to take pictures and review exciting new finds.

Spread the love, get some back

As a Local Guide, you’ll help others explore the world and get great benefits in return. It’s a win-win. Every place you improve on Google Maps earns you points toward unlocking something new.

Get started Now






Monday, 12 December 2016

Logitech Formula Force Drivers for Windows 10 64 Bit (x64)



Almost 20 years on, the Logitech Wingman Formula Force still works in windows. Released around the time USB was just arriving on the market, these robust wheels date from back in 1998.

Logitech discontinued driver development in 2006, however Saitek did release a 64bit driver based on the Immersion SDK. A primitive Force feedback design by today's standards, but it still works with most modern games.

This driver was adapted by Sly_North from the below Saitek source. 

To breath a new bit of life into the Logitech Wingman Formula Force, here is a Windows 10 Driver (signed) that will permit installation into Win10 x64 bit without the need to disable driver signing.


UPDATE [Jan 2020] - This driver no longer installs on fresh Windows 10 OS. This is due to MS changing signing requirements under fresh installs in Windows 10. The below driver is signed with SHA-1, which is no longer trusted, thus not supported in newer releases of Windows 10. I'm looking for a volunteer to re-sign these driver with SHA256 as per Practical Windows Code and Driver Signing

Enjoy!

SHA256 C132B429B25D1AC0186C65A699FE6AC3131827E3E13297E8F507325B2B31B047

Saitek Source (updated 9/5/19)
SHA256 ECC4B98757FFBF53501A7D239CE3FA3B4D05B9543F091CA156D9EDE1ED44DB6F

Last version of Logitech Gaming Software (LGS) to support the wheel (Windows XP 32bit)
lgs460enu.exe

Credits: Leshcat of leshcatlabs.net for signing the drivers to make this happen and to Sly_North for the original Saitek driver mod. (http://web.archive.org/web/20160102083612/http://forums.logitech.com/t5/Logitech-G-Controllers/Wingman-Formula-Force-and-Windows-7-x64/td-p/428223?nobounce)





Saturday, 1 October 2016

Automatically purge email from Gmail.

Here's a quick script I've knocked up that will purge/permanently email on a schedule that have a particular label and are in the trash/bin.

Make a copy of the script. Edit the parameters as required.

/*
  ****************************************************************************
  Name:PurgeGmail
  Version 1.01
  Date: 30/9/16
  Description: Script that will run automatically and permanently mail message
               based on a label + Bin 
  Author: Rob Ardill - G Guite Top Contributor
  Credits: Based on script http://www.labnol.org/internet/gmail-auto-purge/27605/
  Requires: Advanced Google Services + Gmail API enabled
  
  **************************** !!! IMPORTANT !!! ******************************
  
                     THIS SCRIPT WILL PERMANENTLY DELETE EMAIL.
                     NO WARRANTY PROVIDED OR LIABILITY ACCEPTED
                     INCORRECT USE OF THIS SCRIPT CAN LEAD TO LOSS
                     OF EMAIL!
  
  ****************************************************************************

INSTRUCTIONS
  
  1. Update the values of the field GMAIL_LABEL.
  2. Go to Resource -> Advanced Google Services and enable Gmail API.
  3. Go to Run -> Initialize and authorize the script.
  4. Go to Run -> Install to install the script.
  
  Follwign step 4, the script will now be active and will run every day at 1am permanently removing any email that is in the trasb/bin and with the GMAIL_LABEL.
  If there are more than 100 items to remove it will do so in batches of 100 every 2 minutes.
  
  * If you want the script to run more frequently, you can adjust the trigger in the Function Install()
  
MANUAL USE
  
  To manually run the script follow the above steps 1 to 3, then Go to Run -> purgeGmail
  
UNINSTALL

  To unistall the script go to Run -> Uninstall to stop the purging script anytime.

*/

https://script.google.com/d/1cyYaIvxV038OB4QRYU0gisLhJVADQi4EHE2QaGYnBdI1ImD0YmKnc16G/edit?usp=sharing



Saturday, 11 June 2016

PrimalForms CE - Community Edition (Free)

Sapien make some great tools and this is no exception. PrimalForms Community Edition is a Free version that has limited functionality.

I've used this for several OSS projects and it covers the essentials. The link on Sapien sites no longer works so below is a alternative link I've found. This version is 1.0.9.0 but an version 1.0.10 was released also according to the blog. Only obvious change is it adds a start page.


Update: Unfortunately Sapien or one of their representatives has mistakenly slapped DMCA on this link for the free edition and I've removed it, rather than fight it.  You can certainly find it via Google or ask the right person ;-)

Details
Version 1.0.9.0 
Filename: PrimalFormsCE.exe
Signed By: Sapien Technologies, Inc.
File size: 4,689,920 bytes
MD5:A4C4AF9A49423133AA8AB4A7C5745C10
SHA1: B6DD673290F4DED363BD3A6B5787A5332BCC79A6
SHA256:F4BB718BAC1C1E309F92EF465702E933179D195217C3CE51B99E4936AEA1F8A7

Version 1.0.1.0 was released, but I'm yet to find a copy of it.