Feed aggregator

Say goodbye to inconvenient fan pull chains! Use the Lutron CM-FQ1 Maestro Fan Canopy Module when you want to control more than one fan with a Lutron’s Maestro 300 Watt Dual Dimmer and Fan Speed Control Switch or 300 Watt Dual IR Dimmer and Fan Speed Control Switch. In multi-fan applications you will need to purchase one fan canopy module for each additional fan, up to four fans total. Do not use this application with exhaust fans.

For use with Lutron Maestro Fan Speed Control switches (models MA-LFQM-xx and MIR-LFQMT-xx)

Control multiple fans from one Lutron Maestro Fan Speed Control switch

Use up to three fan-mounted canopy modules for up to four fans total

Installs above the fan

1.0A maximum load per fan

Only one ceiling canopy module per fan

Power failure memory – remembers your settings even after a power interruption

Price: $33.85

Read more

I was only able to get a few interviews while I was in Vegas this year.  But one of my favorites was talking to Joe Grand, the creator of all five year’s worth of electronic Defcon badges.  This year’s badge was smaller than previous years but it had some unique and interesting capabilities and it was also the most artistic of them all.  Joe talks about the hardware that went into making the badge, some of the difficulties they encountered (and there are always difficulties) and plans for next year’s badge.  No, I didn’t get a scoop and can’t tell you what it will be, but if Joe Grand is involved, I’m willing to bet they’ll still be really cool.

BHDC 2010:  Joe Grand

The No More Geyser NMG-43 is a replacement riser pin for the NMG-49 system. Install the NMG-43 directly into the water supply line, with a retaining pin held in place by the sprinkler head. When the sprinkler head moves, the retaining pin moves out of the way, and the water pressure causes the ball to seat in the valve fitting – stopping the flow of water through the riser.

Replacement riser pin for the NMG-49

Prevents geysers if the sprinkler head breaks off

Fully adjustable and installs directly into your existing sprinkler system

Price: $3.22

Read more

The DripStop® Valve replaces old-fashioned rubber washers and stops faucet leaks forever! Guaranteed for life, the DripStop Valve uses your faucet’s own internal water pressure to gently create a watertight seal. That’s why it works so much better – and lasts so much longer – than an old-fashioned rubber washer.

The DripStop Valve can never be over-tightened and makes your faucet easy to turn on and off. DripStop is great for seniors, arthritis sufferers, and people with limited motion!

The DripStop Valve works in most major brands of compression faucets and will even work if your faucet’s seat is chipped or worn. No ordinary washer can do that!

The DSV-B DripStop Valve fits American Kitchen, American Standard, Arrowhead Brass, Barnes / Western, Central Brass, Eljer, Indiana Brass, Kohler, Phoenix, Price Pfister, Repcal, Royal Brass, Savoy, Sayco, Sterling, Streamway, & Union Brass faucets.

Permanently replaces rubber faucet washers

Guaranteed for life

Works in most major brands of compression faucets

Price: $3.31

Read more

The DripStop® Valve replaces old-fashioned rubber washers and stops faucet leaks forever! Guaranteed for life, the DripStop Valve uses your faucet’s own internal water pressure to gently create a watertight seal. That’s why it works so much better – and lasts so much longer – than an old-fashioned rubber washer.

The DripStop Valve can never be over-tightened and makes your faucet easy to turn on and off. DripStop is great for seniors, arthritis sufferers, and people with limited motion!

The DripStop Valve works in most major brands of compression faucets and will even work if your faucet’s seat is chipped or worn. No ordinary washer can do that!

The DSV-A DripStop Valve fits American Brass, American Standard, Eljer, Harcraft, Indiana Brass, Price Pfister, Savoy, Sterling, and Streamway faucets.

Permanently replaces rubber faucet washers

Guaranteed for life

Works in most major brands of compression faucets

Price: $3.31

Read more

There is no longer a need to leave entertainment cabinet doors open simply to use your IR remote control. The DLP/CRT Hidden Link IR Receiver Kit makes it possible to control up to four different audio and video components behind solid doors or walls using your existing IR remote. The included Hidden Link compact, black shelf-top IR receiver was designed to be the only visible piece of equipment and was designed to resist the interference from DLP and CRT TVs – so you can mount this receiver in any room with confidence. The included connecting block supplies power to the IR receiver using the included power supply. The connecting block receives IR signals coming from the IR receiver and distributes the IR signals out to your audio and video components using the included designer IR emitters. The use of this kit will leave you with the clean lines of your entertainment center without looking at unsightly stacks of equipment and cables. You can continue using your existing IR remote with the confidence it will communicate with your AV equipment behind doors and walls. Also available in black and white.

Use your IR remote on components behind closed doors or walls

IR Receiver resists Interference from DLP and CRT TVs

IR receiver has an attractive case for shelf-top locations

IR receiver talk-back LED confirms commands

IR receiver accepts IR commands from up to 80 feet away

Color-coded connectors for fast, easy installation

Price: $93.74

Read more

Pretty....

Back in May, I attended the EastWest Institute's First Worldwide Cybersecurity Summit in Dallas. I only had eight minutes to speak, and tried to turn the dialog to security, privacy, and the individual. EDITED TO ADD (9/1): Commentary....

Last year Rich Mogull and Jeremiah Grossman created a little know certification, the Certified Application Security Specialist or Certified ASS.  To those in the know, or with the intelligence of the average house pet, it should be immediately obvious that this was an April Fool’s joke.  Funny, and it’s been a continuing joke through out the community, but apparently someone took it seriously enough to actually include it in a job description recently on Craigslist.  And strangely enough, the link I had now leads to the scam page on Craigslist.  Luckily I had the foresight to grab a copy of the post before it disappeared.  What were these people thinking?  Don’t they know they’re supposed to save this sort of stuff for the beginning of April?  The full job description after the page break.
Tired of Coding? Become an Application Security Specialist! (san jose south)

We have an immediate opening for a junior application security specialist (ASS) to join our growing consulting company. This permanent, full-time position is a great opportunity for someone with strong web application development skills that would like to move into the interesting and fun field of application security. This is a highly technical hands-on role that will utilize your web application development skills but involves little coding.

We will provide the right candidate with on-the-job training. The goal will be to quickly teach you how to perform detailed web application security assessments (black-box) and penetration tests by pairing you up with seasoned consultants. We have plenty of interesting projects to work on, including a wide variety of web applications (financial, e-commerce, gaming, etc.) and web services. Longer-term, we will train you to perform security code reviews.

This is an opportunity for a team player who would like to move into a new and exciting field, is ready to get started quickly, and is eager to learn some new skills and have fun while doing so.

Tired of Coding? Become an Application Security Specialist! (san jose south)

We have an immediate opening for a junior application security specialist (ASS) to join our growing consulting company. This permanent, full-time position is a great opportunity for someone with strong web application development skills that would like to move into the interesting and fun field of application security. This is a highly technical hands-on role that will utilize your web application development skills but involves little coding.

We will provide the right candidate with on-the-job training. The goal will be to quickly teach you how to perform detailed web application security assessments (black-box) and penetration tests by pairing you up with seasoned consultants. We have plenty of interesting projects to work on, including a wide variety of web applications (financial, e-commerce, gaming, etc.) and web services. Longer-term, we will train you to perform security code reviews.

This is an opportunity for a team player who would like to move into a new and exciting field, is ready to get started quickly, and is eager to learn some new skills and have fun while doing so.

Primary Job Duties
• Conducting web application security assessments and penetration tests. These are very systematic assessments which are done using our proprietary methodology, which we will train you on. The assessments involve manual testing and analysis as well as the use of automated web application vulnerability scanning/testing tools.
• Performing source code reviews using automated tools such as Fortify or AppScan Source Edition (Ounce) and/or manual analysis.
• Writing a formal security assessment report for each application, using our company’s standard reporting format.
• Participating in conference calls with clients to review your assessment results and consult with the clients on remediation options.
• Retesting security vulnerabilities that have been fixed and republishing your report to indicate the results of your retesting.
• Participating in conference calls with potential clients to scope out newly requested security projects and estimate the amount of time required to complete the project.

Work Location
Our company is headquartered in San Jose, California. The majority of work will either be done from either our corporate office or will involve driving to client locations throughout the Bay Area. Some of the work will involve travel.

Technical Skills
• Several years of experience developing web applications, preferably hard-core financial, e-commerce, or business applications that face the Internet. (required)
• Knowledge of the HTTP protocol and how it works.
• Experience performing web application security testing and using vulnerability testing tools. (preferred, but we will train the right person)
• Experience with web application firewalls (preferred, but we will train the right candidate)
• Experience with network-level penetration testing (nice to have, but not necessary)

Soft Skills
• Solid written and verbal communication skills.
• Willingness to do hands-on, highly technical work.
• Strong customer focus. The goal should be to make customers happy enough that they ask for you to be sent back to do more work for them.
• Desire to learn new things and become a participant in the local information security community.
• Honesty and integrity.

Other Requirements
• Must undergo criminal background check and drug testing.
• Flexibility to work odd hours at times. For the most part this is a Monday-Friday 8:00 to 5:00 job, but sometimes customers require us to do certain work during weekends or off-hours.

Job Benefits
• Competitive salary including performance incentives
• Reasonable work hours compared with most information consulting firms. We expect employees to work hard and produce results, but we also understand that our employees have a life outside of work and are not a 60 hour per week body shop.
• Company sponsored medical and dental insurance
• Company sponsored training programs and career growth opportunities
• Company sponsored industry certifications necessary for your position (such as CISSP, CEH, etc.).
• You’ll be part of a closely-knit team of dedicated employees.
• Your choice of beer (at the end of the workday)

If you think you’re the right person for this challenging and fun career opportunity, please reply with your resume.

Last year Rich Mogull and Jeremiah Grossman created a little know certification, the Certified Application Security Specialist or Certified ASS.  To those in the know, or with the intelligence of the average house pet, it should be immediately obvious that this was an April Fool’s joke.  Funny, and it’s been a continuing joke through out the community, but apparently someone took it seriously enough to actually include it in a job description recently on Craigslist.  And strangely enough, the link I had now leads to the scam page on Craigslist.  Luckily I had the foresight to grab a copy of the post before it disappeared.  What were these people thinking?  Don’t they know they’re supposed to save this sort of stuff for the beginning of April?  The full job description after the page break.
Tired of Coding? Become an Application Security Specialist! (san jose south)

We have an immediate opening for a junior application security specialist (ASS) to join our growing consulting company. This permanent, full-time position is a great opportunity for someone with strong web application development skills that would like to move into the interesting and fun field of application security. This is a highly technical hands-on role that will utilize your web application development skills but involves little coding.

We will provide the right candidate with on-the-job training. The goal will be to quickly teach you how to perform detailed web application security assessments (black-box) and penetration tests by pairing you up with seasoned consultants. We have plenty of interesting projects to work on, including a wide variety of web applications (financial, e-commerce, gaming, etc.) and web services. Longer-term, we will train you to perform security code reviews.

This is an opportunity for a team player who would like to move into a new and exciting field, is ready to get started quickly, and is eager to learn some new skills and have fun while doing so.

Tired of Coding? Become an Application Security Specialist! (san jose south)

We have an immediate opening for a junior application security specialist (ASS) to join our growing consulting company. This permanent, full-time position is a great opportunity for someone with strong web application development skills that would like to move into the interesting and fun field of application security. This is a highly technical hands-on role that will utilize your web application development skills but involves little coding.

We will provide the right candidate with on-the-job training. The goal will be to quickly teach you how to perform detailed web application security assessments (black-box) and penetration tests by pairing you up with seasoned consultants. We have plenty of interesting projects to work on, including a wide variety of web applications (financial, e-commerce, gaming, etc.) and web services. Longer-term, we will train you to perform security code reviews.

This is an opportunity for a team player who would like to move into a new and exciting field, is ready to get started quickly, and is eager to learn some new skills and have fun while doing so.

Primary Job Duties
• Conducting web application security assessments and penetration tests. These are very systematic assessments which are done using our proprietary methodology, which we will train you on. The assessments involve manual testing and analysis as well as the use of automated web application vulnerability scanning/testing tools.
• Performing source code reviews using automated tools such as Fortify or AppScan Source Edition (Ounce) and/or manual analysis.
• Writing a formal security assessment report for each application, using our company’s standard reporting format.
• Participating in conference calls with clients to review your assessment results and consult with the clients on remediation options.
• Retesting security vulnerabilities that have been fixed and republishing your report to indicate the results of your retesting.
• Participating in conference calls with potential clients to scope out newly requested security projects and estimate the amount of time required to complete the project.

Work Location
Our company is headquartered in San Jose, California. The majority of work will either be done from either our corporate office or will involve driving to client locations throughout the Bay Area. Some of the work will involve travel.

Technical Skills
• Several years of experience developing web applications, preferably hard-core financial, e-commerce, or business applications that face the Internet. (required)
• Knowledge of the HTTP protocol and how it works.
• Experience performing web application security testing and using vulnerability testing tools. (preferred, but we will train the right person)
• Experience with web application firewalls (preferred, but we will train the right candidate)
• Experience with network-level penetration testing (nice to have, but not necessary)

Soft Skills
• Solid written and verbal communication skills.
• Willingness to do hands-on, highly technical work.
• Strong customer focus. The goal should be to make customers happy enough that they ask for you to be sent back to do more work for them.
• Desire to learn new things and become a participant in the local information security community.
• Honesty and integrity.

Other Requirements
• Must undergo criminal background check and drug testing.
• Flexibility to work odd hours at times. For the most part this is a Monday-Friday 8:00 to 5:00 job, but sometimes customers require us to do certain work during weekends or off-hours.

Job Benefits
• Competitive salary including performance incentives
• Reasonable work hours compared with most information consulting firms. We expect employees to work hard and produce results, but we also understand that our employees have a life outside of work and are not a 60 hour per week body shop.
• Company sponsored medical and dental insurance
• Company sponsored training programs and career growth opportunities
• Company sponsored industry certifications necessary for your position (such as CISSP, CEH, etc.).
• You’ll be part of a closely-knit team of dedicated employees.
• Your choice of beer (at the end of the workday)

If you think you’re the right person for this challenging and fun career opportunity, please reply with your resume.

Full-body scanners in roving vans: American Science & Engineering, a company based in Billerica, Massachusetts, has sold U.S. and foreign government agencies more than 500 backscatter x-ray scanners mounted in vans that can be driven past neighboring vehicles to see their contents, Joe Reiss, a vice president of marketing at the company told me in an interview. This should be...

The AD HOC Electronics Wireless Handheld Remote Control Switch is a battery-free wireless remote that fits in the palm of your hand. Has two transmitters that send wireless signals to EnOcean relay receivers. When paired with an RF relay (non-dimming) receiver or a plug-in dimmer receiver, each sold separately, tt is the perfect solution for controlling lights and appliances form the comfort of your couch or bed. The remote can programmed to a receiver through a simple single-button configuration procedure. The remote is powered by EnOcean technology that converts the press of the switch into a small amount of electricity. This electricity is used to transmit a radio frequency (RF) wireless signal that communicates with the relay receiver. Add more relay receivers and control an unlimited numbers of lights with the press of a single button. With an RF wireless range of nearly 100 feet, AD HOC transmitters and receivers allows you to add lighting control from almost anywhere in you home.

Fast, simple installation. No wires. No batteries. No hassle.

Self-powered wireless remote provides its own power using a built-in microgenerator

Remote can control an unlimited number of relay or dimming receivers

Wireless transmission range up to 98 feet

Wirelessly communicates with other devices via EnOcean radio frequency (RF) protocol

Price: $74.43

Read more

The BL-6133-WH Wireless Add-On Switch gives you to ability to add an extra switch to any wired light or outlet, without adding new wiring. Connect the receiving unit to the light or outlet’s existing wiring. Then, mount the transmitter in the desired location.

The transmitter sends commands through radio frequency (RF), so you won’t have to worry about unsightly and complicated wiring. A great addition to any room with multiple entrances, the Wireless Add On Switch prevents you from needing to walk across the room to the wired switch.

Controls On and Off of lights

Up to 100 ft transmission range

Controls 500 W incandescent lighting only

Wireless wall switch is battery operated

Wired switch fits standard wiring boxes

Price: $20.49

Read more

The Woods 2001 Outdoor Photoelectric 24-Hour Mechanical Timer turns on your yard lights or outdoor holiday decorations on a set schedule every day. The photoelectric eye senses the absence of daylight and automatically turns on your lights – and then off a set amount of hours later or at dawn according to the schedule you set. This is a simple way to save some money on energy costs since your yard will only be lit up when it is dark. The timer has a rugged, weatherproof housing and a 6″ 18 gauge cord.

Outdoor Photoelectric 24-Hour Mechanical Timer

Option to turn lights on a set schedule every day

Option to automatically turns lights on at dusk and off at dawn

Use on yard lights or outdoor holiday decorations

Saves money on energy costs

Price: $13.98

Read more

Home Control Assistant (HCA) is a Windows based home automation program that works with a variety of automation interfaces to control lights, appliances, irrigation, HVAC and more. With HCA’s Scheduling and Green Mode features you can easily save money, reduce electrical usage, conserve water and improve safety by automating your home.

The Home Control Assistant runs on any computer that uses the Windows XP, Vista or Win7 operating system. It works with automation interfaces to control lights and appliances in your home using X10, INSTEON, UPB, Wireless and Global Cache IR technology.

HCA can be installed in a home with existing automation hardware. HCA can “spider” through all your installed INSTEON network and find all the devices and add them to your home design file. If you are using UPB, HCA can import the network from the UPB setup program. A new automation solution is easy to create using the built-in Wizards for creating a new file, adding devices, creating new schedules, and new programs. Once you have defined all the hardware, adding schedules and programs is simple using the Visual Tools provided.

Integrates INSTEON and X10 power line technologies

Supports IP addressed IR interfaces from GlobalCache and BitWise

Supports whole-house wireless

Multiple Schedules created by a visual scheduling tool

Unlimited number of programs to respond to events. Constructed in a graphical manner from over 60 different actions

Integrate into the HCA user Interface views of other applications: security, power management, and cameras using HTML views

Send email and SMS messages as part of a program action

Create and view INSTEON scenes in a graphical manner and remotely program those scenes into INSTEON devices

Bridge power line technologies by using multiple power line interfaces simultaneously. Create bridge maps to automatically translate between different technology commands

Powerful “whole house modes” for quick power saving programming

Background design checker quickly locate design problems

Configurable Alert Mechanism for handling exceptional conditions

Many tools for creating, viewing, modifying, and documenting the design

Configurable logging to keep track of sends, receives, schedules, and program actions

HCA is well documented in an over 600 page User Guide

Price: $80.00

Read more

Research paper: Detecting Deceptive Discussions in Conference Calls, by David F. Larcker and Anastasia A. Zakolyukina. Abstract: We estimate classification models of deceptive discussions during quarterly earnings conference calls. Using data on subsequent financial restatements (and a set of criteria to identify especially serious accounting problems), we label the Question and Answer section of each call as "truthful" or "deceptive"....

Zach Lanier brought up HacKid (pronounced ‘hacked’ I’m told) on the podcast last night and I just realized I haven’t even written a single post on the subject.  My friend Chris Hoff, aka @beaker, is one of the key organizers and Zach is on the committee as well, and this looks like it’s going to be the start of something that’s every bet as fresh and original as BSides, except this time it will be kids who are learning, rather than a bunch of angsty security professionals who felt they weren’t being properly represented at Black Hat (I’m teasing, if that isn’t immediately obvious)

My kids are little geeks, similar to many of your kids in all likelihood.  They wake up in the morning and hop online or start playing on the DSi, or just pick up a book and read.  Their favorite magazines are Make and Science Illustrated.  And some fool introduced them to Japanese (is there any other type?) anime a couple of years ago.  So a convention aimed at teaching them how the Internet works, how to stay safe online and building robots really appeals to them.  Add to it that the convention is happening at the Microsoft NERD center and MIT is just down the street and you’ve got something that budding geeks will find unresistable.

If you’re on the East Coast anywhere near Boston, have kids between the ages of 5 and 17, think about taking them to HacKid in October.  Do keep in mind that every young person must be accompanied by an old person (read: adult guardian), but that each of the classes will likely have almost as much to teach the adult as they do the kids.  Everything is being done on a volunteer basis and the event is organized as a non-profit, so the money is all going to a good cause.  But hurry if you’re going to sign up, the cost goes up from $50 each to $75 next week. 

The Heath/Zenith WC-6017-WH Wireless RF Wall Switch Receiver allows you to add control to wired lighting fixtures. All you have to do is simply replace your existing switch with the wireless switch receiver. The wall switch fits standard wiring boxes and uses your existing wiring. Choose any Heath/Zenith wireless transmitter to operate the receptacle such as a remote control (Wireless Lighting Remote Control or Wireless Master Remote Control) or a motion sensor within 100 feet, each sold separately. The switch controls up to 300 watts incandescent lighting and can turn lights on, off and dim 5 different light levels.

RF wall switch receiver

Controls up to 300 W of incandescent lighting

Switch turns ON, OFF or DIMS up to 5 light levels

Selectable coding allows the use of multiple units in the same location

Price: $23.08

Read more

The interference from a TV can wreak havoc with your IR control system. Xantech designed this Universal Hidden Link IR Receiver to resist the interference from plasma, LCD and LED TVs, as well as fluorescent and compact fluorescent lighting (CFL), and sunlight – so you can mount this receiver in any room with confidence. The Hidden Link IR Receiver is a small shelf-top infrared repeater assembly. The package includes an IR receiver, connecting block. power supply and four emitters. The Hidden Link IR Receiver is equipped with a 7-foot cable and a 3.5mm stereo mini plug, which is plugged directly into the “IR RCVR” jack on the connecting block. The included connecting block supplies power to the IR receiver using the included power supply. The connecting block receives IR signals coming from the IR receiver and distributes the IR signals out to your audio and video components using the included designer IR emitters. The use of this kit will leave you with the clean lines of your entertainment center without looking at unsightly stacks of equipment and cables. You can continue using your existing IR remote with the confidence it will communicate with your AV equipment behind doors and walls.

Use your IR remote on components behind closed doors or walls

IR receiver specifically designed to resist interference from Plasma, LCD and LED TVs, CFL lighting and sunlight

IR receiver has an attractive case for shelf-top locations

IR receiver talk-back LED confirms commands

IR receiver accepts IR commands from up to 80 feet away

Color-coded connectors for fast, easy installation

Price: $223.18

Read more

The Carson Optical SG-14 SureGrip™ is a 2x power handheld magnifier with an ergonomically designed soft-grip handle for the ultimate in comfort. Its crystal-clear acrylic lens gives you a sharp distortion-free view, and a 10x high-power spot lens allows you to see even the finest details with ease. This Magnifier is a great low vision aid and assists in reading small print. The SureGrip Magnifier comes with a soft-padded zipper pouch to protect both lenses.

2x Power Handheld Magnifier

Crystal-Clear Acrylic Lens

10x High-Power Spot Lens

Sharp Distortion-Free View

Soft-Grip Handle for the Ultimate Comfort

Price: $10.61

Read more