How to order Nexus 7 2nd Gen from Amazon US to Philippines

Share Button

Amazon: $269 for the 32GB version + $18.83 Sales Tax(New Jersey) = Php 12827

Johnny Air Cargo: Php 849.52

Total Cost: Php 13,677

nexus7fhd

Disclaimer: Alright, I just want to be clear here, I know this price is around Php 2000 cheaper than what most stores in PH sell the 32GB 2nd generation of Nexus 7. However, the shipping charge from JAC could change depending on how Amazon or the online shop where you purchased the tablet packed it.

And so early this month(August), I was looking for a way to source a Nexus 7 2nd generation as I needed it for a project. The tablet was released a few weeks earlier in the US and I am pretty sure the only way I can buy it is online. When I checked Amazon, the 32GB is on back order for 2 weeks, but based from previous experiences, I know that their shipping estimate is pretty conservative. And so I ordered the 32GB version and shipped it to JAC(NJ), and hopefully I’ll get it in more or less 3 weeks time.

4 days passed and I receive a shipping notification from Amazon that my ordered was shipped, and I thought I was right that they’ll be able to ship it earlier than expected.

Alright, then came the waiting game. Here’s the timeline on how much time it took from ordering to the time I received the tablet.

Aug 03 – Item ordered on Amazon(2-4 weeks shipping time)
Aug 07 – Amazon marked item: Shipped(2 day shipping)
Aug 09 – Fedex marked item: Delivered
Aug 12 – JAC marked item: Received
Aug 15 – In transit(probably on plane)
Aug 22 – JAC marked item: For Processing(Manila)
Aug 24 – AM: JAC sent me an SMS to pick it up
Aug 24 – PM: Picked up

Based on previous transit times using JAC, I normally get the item at the 8th working day starting the count from the day they receive the item. For this instance, it is 4 days delayed. The reason was there was a typhoon in Manila the week my item arrived. Customs was closed for approximately 2 days and so JAC told me that there are a lot of backlog inspections in Customs.

Now here’s the thing, this is the first time that I’ve received an item from Amazon that is not packed in a box. Amazon shipped my item on a pouch! I was really anxious to test the tablet as I don’t know how JAC handled the shipment and I’m afraid the bubble wrap inside the pouch offers very little protection to the tablet. When I opened the envelope, I examined the Nexus 7 box and luckily there are no bumps and the tablet was in pristine condition.

With a shipping weight of only 2lbs, I paid the minimum amount of Php 850, which is not bad. What confuses me is why JAC didn’t charge me an additional of $25 since it is a tablet. When I ordered a Kindle a while back, i paid close to Php 2000 I think. So I don’t know if they made a mistake or they removed this policy already.

The tablet was awesome! I liked it more than my iPad 4 because of its size and weight. I’ll make another post on my first day of using it(yes, I rooted the device on day one).  So stay tuned!

I am an early adopter, so I won’t mind spending a little bit more just to get a device earlier. I think PH will have a steady supply of this in the next few months. As of this date, the cheapest Nexus 7 2nd gen 32GB I know is around ~15K Php. If you decide to take my route and buy it from Amazon, here are some tips:

  1.  You can have free 2 day shipping in Amazon if you try Amazon Prime for 30 days.
  2. The same item can be sold by different sellers. I only buy if it is sold by Amazon, not other retailers. Make sure you check which seller you’re purchasing the item from. If it is not Amazon, make sure you check the feedback etc. Right now, its Out of Stock on Amazon, but as I’ve said it’s available from other sellers. Last week I saw that Amazon is shipping it 1-2months, now its Out of Stock. There’s too much demand for this tablet.
  3. I use JAC plus, not JAC Retail. I think these are 2 different sales group from within JAC. I don’t know, but I think JAC plus staff is much more efficient in terms of replying to questions via email. To send using JAC Plus, send your item to JETC/Your Name, JAC+, followed by the address. JAC has office in NJ and NY, I’m used to sending my items to NJ because they have no tax, but since mid this year they charge sales tax to Amazon already. It might be faster to ship out if its shipped to NY, but I can’t confirm it, maybe next time.
  4. Once Amazon/Fedex marked your item as delivered, wait for 1-2 days and send an email to JAC(find the email in their website). They’ll give you a tracking number and you can check it’s status at http://tracker.johnnyairplus.com.
  5. I was charged a little bit less because Amazon shipped the item in a pouch. You may have additional charge if it was packaged on a box(if it is a big box, sometimes this happen). But the tablet’s box is pretty compact, so if Amazon use the right box size, I think you will be charged the same. Also I was not charged of additional $25 for a tablet purchase.
  6. JAC sends SMS when the item is ready for pickup. The SMS will include the amount to pay. They do accept credit cards by the way. If you can’t pick the item personally, you can write an authorization letter for someone to pick it on your behalf.

 

Share Button

OSCP – Offensive Security Certified Practitioner. A lot of fun, a lot of learning, this is what a certification is all about!

Share Button

First, a little bit of history. I’ve entered the Security domain of Information Technology about 10 years ago, and back then IT certifications were so well sought, everyone thrived to add letters after their name in their business cards. Microsoft probably started it all, as they begun the era of OS certifications. Security certifications were not that common those days. Most of the certs came from firewall vendors like Checkpoint/Netscreen(now Juniper)/Cisco. I remember how some of my former team mates pride themselves for earning a new 4 letter suffix after their business cards. I pity them, they’re not even close to what I expect them to be.

Back then, Microsoft was the most taken certification. I guess mainly because, most of the companies utilize Windows in their back end and new IT managers have so much IT budget, they require all their staff to have it. They buy exam vouchers in bulk in discounted rates and push their staff to study. Everyone knows how braindumps help them pass. For those who does not know, dumps are exam notes, actually they are exam questions with answers. They came from people who took the exam and have photographic memory(sarcastic), they are able to write down their questions including the choices and answers! Now all you got to do is memorize the dumps and surely you’ll pass. Imagine, if this is how doctors get their title.

Fast forward 10 years, and I was looking for a worthy security training for myself. I’ve taken RHCE a few years back and it’s one of those certifications that I find special compared to the usual question/answer type of certification. Passing the actual hands on exam was really a very good experience, you’ll really feel that you’ve gained the title.

And so, I go scoured the web and found OSCP. To be honest, I’ve never heard of Offensive Security before, but as I searched and found feedback about the course and the founder(muts), I registered for the online course and little that I know that it’ll change the next 3 months of my life forever(gained me XP on sleep deprivation).

The course provides a training module composed of a PDF book and training videos that you can follow along. As a pentesting course, it provides a lot of practical examples and exercises for the student. It will give you the basics first and build upon that foundation to learn more complex methodologies. I would say not everyone will like this course, specially the ones that would like to be spoon fed(remember those braindumpers?). The course was designed for you to be frustrated and you as a student needs to learn how to be able to channel that into a positive attitude. Yes, “Try Harder” will be your motto. Once you get the point, you will learn one very important quality of a good pentester – to be persistent.

The course will give you access to a lab via a VPN connection. After you’ve finished the lecture(which probably will take 3-7 days, depending on your free time), you will access a very interesting company network(s). The lab access is what gives this course its value. The lab is comprised of several(I won’t tell how many) interconnected subnets of servers and workstations(around 50-60 I guess, I think I got 50+ of them). Your mission is to root or get admin access to all the machines you can find. The machines have varying degree of vulnerabilities in them, sometimes multiple and you have different ways to compromise them. There are several ways to expose the other networks as well.

You will document your pen testing effort and submit it at the end of the course. Report writing is not left out, as it is one of the most important task in pentesting.

There are really easy ones(Alice), which will be the first machines you’ll be able to compromise. And then there are the evil ones – gh0st, sufference, pain etc. These last few machines gave me a lot of sleepness nights and it specially gratifying the get a root shell after 24 hours of marathon hacking.

And then comes the exam. You will be given a day to compromise a small number of machines. You will be given points based on the complexity of the compromise. There are easy one, which are worth 10 points and difficult ones worth 25 points. You will have to pick which ones to root and you need 80 points to pass. I would say this is the most engaging assessment exam I’ve ever taken. And after I received the email that I passed, it brings a lot of pride and joy, like the time my daughter was born!

I know a couple of local folks who also took the course but were not able to pass the exam. I wouldn’t be surprised as I know it is difficult. You need to take a lot of practice and be able to solve the difficult machines in the lab. Believe me, once you learned them you’ll never regret the time and effort you took to root them.

Here are my tips to the folks who are looking into taking OSCP:

  1. Time is of the essence here. The more you get engaged in the labs, the better. So I recommend taking the course/exam during the time of the year when work is not that busy(December perhaps?). Invest x amount of hours each day.
  2. Do not run exploits you don’t understand. Most of the exploits in the internet are in source code format. You never want to ran an exploit that wipes your partition table don’t you? If you are using BackTrack in VM, make scheduled snapshots.
  3. Be organized. Document all your findings as you will need it to write the report later. Make a database of passwords and hashes you’ll find along the way and use them to guess passwords on some hosts. Believe me some of the hosts are accessible only from information from other machines you’ve compromised.
  4. Before the exam, make sure you get plenty of sleep, as you won’t be able to sleep that much during the exam. But I do encourage to take naps to replenish and freshen up your brain. If you are not making any progress for the past 2 hours or so, take a rest and return. Sometimes the solution appears in your dreams. ^.^
  5. Offsec has an IRC channel where you can talk to other students and let go of the steam once in a while. It’s a cool place with cool and not so cool people. Make friends and block out the rotten ones. I assure you, you’ll different types of people in the chat.

Overall, I think this is one of the best pentesting certs out there. The course is well thought, the lab is well designed and you’ll definite miss the guys(Mike, Alice, Bob, Pain, Tricia, Sufference etc, etc). I am taking OSCE by end of year and will update you with the experience as I go and venture to the unknown.

 

 

Share Button

How to use Netflix in the Philippines – VPN service or DNS redirection? Know how to pick which service works best.

Share Button

Since PLDT just upgraded my bandwidth, I thought it’ll be fairly decent now to stream movies and TV shows using the upgraded connection. I’m now getting 10Mbps max on my Plan 3000 subscription and streaming HD content works fine on 5Mbps the last time I tried, although occasionally the stream reverts to SD content. I thought the extra 5Mbps of traffic would probably sustain the HD content longer.

Netflix/Hulu are US only services. However, there is a way to access it outside the US. There are several ways to do this, but I’ll only discuss what tricks I’ve tried.

First, by using a VPN service(I tried HideMyAss VPN). A VPN service creates a tunnel between your home connection and a VPN endpoint. The tunnel is created by using a VPN client software, where you configure with the VPN endpoint’s IP address and some authentication parameters. The VPN service provider has a list of servers located in different countries around the world. You pick which country to connect to and all your traffic will be redirected to that server as if coming from that country and not in PH. Location aware application like Netflix will then work, since the IP address from your request will now be coming from the VPN endpoint(which has a US based IP address)

Advantages of VPN:

  • If you want to surf anonymously, VPN will hide your IP address from the website you are trying to access.
  • Some websites restricts access to a specific region/country. If the VPN service has a VPN endpoint in that country, you can use VPN to access that website.
  • Connection between your PC and the VPN endpoint is encrypted.

Disadvantages of VPN:

  • Performance. Although VPN service offers different ways to connect(PPTP, L2TP or OpenVPN), I generally find it slow.  
  • If you want all your home network under VPN, router config is a bit tricky. You need to have a supported router(dd-wrt, openwrt). If you want tunnel for a specific machine, then VPN clients for different OS is available.
  • Once you establish the tunnel, all your Internet based traffic will be rerouted to the VPN endpoint. This is a pretty useful feature of VPN, because this allows it to connect networks together(imagine head office and remote office VPN), however for this application(using Netflix in PH), it would not make sense to route all traffic.

Second way to use Netflix in PH is by using DNS redirection(I tried unblock-us). Instead of using your ISP’s DNS server, you point your PC/router to the service’ DNS servers. Now the trick is, your request to Netflix will not be routed to Netflix directly, because they will redirect it to their server, which will then forward it to Netflix. Since they’re in the US, Netflix will work.

Advantages of DNS redirection:

  • Performance. You can utilize your entire download throughput for the streaming experience.
  • Easy to setup. You can even configure your router so that all device under your home network will have the service. Although I won’t recommend this.

Disadvantages of DNS redirection:

  • Security. Although some of them says they will not log/filter your traffic, who knows? Traffic is unencrypted. So I don’t recommend utilizing this on all your machines – only use this on your media center PC.
  • If your router changes its WAN IP address(fairly common on DHCP connections on DSL), you need to reestablish the connection using a browser.

So, this summarize the services I’ve tried to make Netflix work in Manila. On the next post, I’ll document my experience on using it on an Apple TV. Stay tuned!

Share Button

PLDT myDSL Speed Upgrade: Plan 3000 from 5Mbps to 10Mbps

Share Button

Last week, I wrote a post about my DSL connection increase from 5Mbps to 6Mbps. As I scour the Internet looking for clues, I found that some Plan 3000 users are getting 10Mbps. At first I didn’t care; there’s no official announcement from PLDT and I thought they’re just doing some capacity tests and are opening up the pipe from some users.

Then last week, PLDT sent and email blast that gave some clues:

pldt2

And so I thought, I need to find out how why I’m only getting 6Mbps when it should be 8Mbps.

This morning, I woke up early and troubleshoot:

  1. I usually use my laptop so my connection to my router is via wireless. I tried to connect using a cable. Speed = 6Mbps Max
  2. I bypassed my router and connect the cable directly to my DSL modem. Speed = 6Mbps Max
  3. I bypassed the DSL filter and connected the modem directly to the line. I thought the filter is actually conditioning the signal, but the phone connected to it might also be producing interference. Speed = 6Mbps Max
  4. And so, the issue is something between the line inside my house and PLDT. But there’s still something I can check. The 2 wired cable from the outside the house is connected to a small plastic enclosure. This enclosure/adaptor allows you to connect the phone cable that goes to your modem. I opened it up and noticed rust building up on the contacts.
  5. After cleaning up the contacts and rewiring – Speed = 9.6Mbps Max. 

All the while, my PLDT speed profile is correct and I have the potential to get the max throughput. It’s a Layer 1 issue(Physical) that I overlooked. I think I can still get my speed up to 10Mbps. I need to replace the rusty adaptor with a new one as well as the wires.

Here’s the proof. 🙂

pldt3

Here is my PLDT Modem Speed Profile:

As you can see my modem reports 12Mbps/1Mbps maximum throughput. My speedtest maxes at 9.6Mbps/0.8Mbps which is exactly 80% of the maximum.

modem

 

Share Button

Updated! PLDT MyDSL Speed Increase for 2013? Confirmed, see post below

Share Button

Update: Here’s how you can check for your Internet speed.

A couple of days back, my PLDT DSL modem suddenly won’t get the DSL light steady, which simply means that my connection is down.  I called 171 and got a support ticket for the issue.

The next day, I checked the DSL modem light back up and sure enough, the connection is back.  I thought it was probably a maintenance thing in my area. Just like any geek would do after a restored Internet connection, I immediately did a speed test and lo and behold, my download speed was up from 5Mbps to around 6Mbps.  Upload speed was from 0.7Mbps to 0.9Mbps!

My neighbor had her 1.5Mbps increased to 2.5Mbps as well!

Anyone experiencing this sudden speed bump? I heard that PLDT will be having a 60 day speed boost for new subscribers, but i’m not a new sub. I just hope this is a permanent speed upgrade.

I’m at Plan 3000, but i’m getting 6Mbps, far from 10Mbps speed boost advertised below. So you can make your own conclusion, but I guess I just have to enjoy the speed boost as long it last! 🙂

pldt

Updated: July 7, 2013

2 days ago, I got an email from PLDT(see new speed plans below) which confirms the speed upgrade. I should be getting 8Mbps now but it seems im capped to 6Mbps at the moment. I won’t call them yet and wait a few weeks until its formally announced.

Way to go PLDT! Continue to innovate and bring the power of Internet to the masses. 🙂

pldt2

Updated: September 3, 2013

I’m now getting 9.1 to 9.9Mbps from Speedtest.net. After a few quirks from the old modem i’ve been using for ages, they replaced it with a new one and I have stable connections that would hold for several weeks. If you have disconnection issues and have the old Zyxel modem, ask the technician for a modem replacement.

Modem profile:

speedprofile

 

 

 

Speed tests:

3037915292

 

 

 

 

downloadmanger centos

Share Button

Windows vNext – Not really Windows Blue, nor Windows 9, but Windows 8.1

Share Button

A leaked version of the next version of Windows came out and according to rumors, it will just be an upgrade to Windows 8. Windows 8.1 was said to be offered for free.

Scheduled to be released this year(probably Q3, 2013), it seems to be merely a service/feature pack for Windows 8.

So I guess my question is, will this be just an update on Windows Update? Unlike Apple, Windows often break applications when a major SP/version is installed. I agree that Windows 8 is the fastest client Windows ever, but stability is an equally important thing.

I just want my an option to bring back my old Start Menu. If MS gives that feature on 8.1, then i’m a happy camper.

Share Button

Pobox vs Forex vs MyShoppingBox vs Johnny Air Cargo – A Review Series (Part 2)

Share Button

Gone are the days when you only rely on your US relatives trip back home to PH to bring you your designer clothes, newest shoes, electronics and other items. Here’s a review of delivery companies offering forwarding services from the US to the Philippines.

This is the second part of my review of shipping companies that offers delivery services for items purchased from US online merchants to the Philippines.

Company: Johnny Air Cargo(JAC)
Website: http://www.johnnyair.com
Shipping Type: Air
Transit Time: 5-7 working days
Cost: $6.5/lb. minimum of 2 lbs for electronics items + $5(handling fee) + $25(for tablets/phones), $50(laptops). Total of which is imposed 12% VAT.

Pros:

  • Since your package travels via air, it’s fast.
  • Warehouse in east/west coast. Ship your items to New Jersey to save on sales tax from Amazon(Up to July 2013 only)
  • You get email response from them usually in 24 hours. PH staff is quite friendly(I only called them once and I was satisfied).
  • They send SMS notification when your item is ready for pickup.
  • Convenient pickup location, at last for me(Megamall).
  • Safe. I’ve used them probably 20x already.

Cons:

  • @&#^$( Expensive.
  • Computes cost via volume weight. If your item is packaged in a big box, it’ll cost more.
  • No consolidation. Those who order from Amazon should have experienced having their items shipped on multiple packages. If that’s the case you have to pay for each of the box!  Sometimes though, if your boxes are small, they let it pass.
  • You won’t know how much you’ll pay until the item arrives in PH.
  • No item tracking

I won’t reuse JAC if they’re not efficient. I think the fastest I got an item is 5 days. I must be lucky that day and my package arrived at the right time. But on the average, I receive SMS notification on the 8th day since they receive the package. Not bad.

My only gripe is the cost, specially if the online merchant used a big box to package the item.

My Personal Verdict: Use JAC if you can’t wait and need your package the soonest possible time. Also, to have peace of mind on valuable items – I would choose JAC as well.

Tip:  Now that Amazon charges tax to shipment to New Jersey, there’s no advantage on shipping to this JAC branch. I recommend shipping directly to New York as it will take an additional 3-4 days for them to forward parcels from NJ to NY.

Share Button

Pobox vs Forex vs MyShoppingBox vs Johnny Air Cargo – A Review Series (Part 1)

Share Button

Gone are the days when you only rely on your US relatives trip back home to PH to bring you your designer clothes, newest shoes, electronics and other items. Here’s a review of delivery companies offering forwarding services from the US to the Philippines.

This is the first part of my review of shipping companies that offers delivery services for items purchased from US online merchants to the Philippines.

Company: Pobox
Website: http://pobox.ph
Shipping Type: Sea
Transit Time: 4-6 weeks
Cost: $30-$75 + 5% service charge

Pros:

  • Offers different sized boxes, depending on how big your packages are, no weight restrictions
  • Accepts odd sized packages as well, gives you a quote on how much the cost is.
  • Free Item Consolidation, they remove the merchant’s boxes to save space! They can store your items for a maximum of 45 days
  • Online portal to manage your items, status of your box
  • Delivered at your door at no extra fee.
  • If you plan to ship a TV, for a fee you can request to have it powered on once it arrives(to prevent dead on arrival units).

Cons:

  • Slow, specially on busy season(Black Friday sale, Christmas – expect 6-8 weeks.
  • Manual system for payment, PayPal has extra charge
  • Recent news of pilferage by US Customs
  • Maximum insured amount is $200 only

I first used Pobox more than a year ago – when I found an Amazon deal for an Onkyo HTIB(Home Theater In A Box). The shipping experience is pretty straightforward – just let the online shop deliver to their California warehouse. You then provision your expected items on their website, together with their tracking numbers. They update the items when they receive it(usually 2-3 days), then you can advice them to ship at the next ship loading schedule. Remember to request the shipping invoice and pay early as they won’t ship the item until you pay the whole amount. I waited for 5 weeks before I got my package, but I was satisfied as I only paid $80 for a 30KG box! I shipped a total of 4 boxes from Pobox and transit times average is ~5.5 weeks.

Recently, there have been reports of item pilferages from the online communities. Pobox sent an email blast and they said that a company hired by the US Customs was reportedly stealing the contents of the boxes as they are being inspected. There are also speculations that the local staff are the ones stealing when the tracking info shows that the boxes were delivered to a different address or that there’s no one to receive the packages.

My Personal Verdict: Use PoBox for bulky and heavy items! There is a risk, no matter how small it is to have small items stolen. So don’t use it for small, expensive items like watches, jewelries etc. Consider also the cost of your purchase as they only have maximum $200 insurance per box(Take note! per box, not per item). I would use PoBox to ship speakers, strollers, oversized toys etc. Transit times is fairly long, so I suggest do not follow up until you’ve past 6 weeks from the date your box departed US.

Share Button

Windows vNext – Codenamed Windows Blue

Share Button

Since last week, news from the rumor mill talks about the next iteration of Windows 8, code named Windows Blue brewing up. Today, a Microsoft job posting kinda confirms this rumor with specific reference to the term: Could someone from MS HR spill the beans for this supposed to be secret project?

We’re looking for an excellent, experienced SDET to join the Core Experience team in Windows Sustained Engineering (WinSE). The Core Experience features are the centerpiece of the new Windows UI, representing most of what customers touch and see in the OS, including: the start screen; application lifecycle; windowing; and personalization. Windows Blue promises to build and improve upon these aspects of the OS, enhancing ease of use and the overall user experience on devices and PCs worldwide.

Windows 8 for me is an an optimized Windows 7 if you only talk about performance. However, it’s not just performance that make sense for most of us. The highly risky decision to combine touch with traditional desktop interface did not give Windows 8 the needed user acceptance for majority of us, but I trust that this will improve over time.  I hope Microsoft release OS updates just like Apple does on OS X, with significant increase in user experience and performance at a very reasonable price. I think Windows 8 price is not justifiable at this moment.

With rumors of the Microsoft VNext less than 3 months after Windows 8 was released, i would think MS is releasing an upgrade within the year. Would they listen to us? Well, your guess is as good as mine. 🙂

windows-blue-black-wallpaper1

 

Share Button

Fix: Evasi0n jailbreak, crashing Weather app

Share Button

The long awaited untethered IOS 6.x jailbreak finally arrives. Team Evad3rs released v1.0 of the jailbreaking utility to the public today.

The first time I tried to jailbreak my device, I ran all native iOS apps on my phone and noticed the weather app crashing when executed. The simple fix is to update evas1on installed on your phone! Here’s the simple steps.

  1. Open Cydia
  2. Under the Changes tab, you should see an upgrade to evasi0n 6.x untether. The latest version is 0.1-1.
  3. Try the weather app again and it should run now.

There you go!evasi0n_header_2

Share Button