Security Issue BLE Security Keys – Advanced Protection Program

I have two keys for my Google Advanced Protection Program.

  • Kensington VeriMark
  • Feitian MultiPASS FIDO

VeriMark is a USB only device but also acts as a Windows Hello Biometric authentication source, its dual purpose and very handy. I’d say the cheapest way to get Windows Hello in any PC.

VeriMark also acts as a Windows Hello device

Mutipass is a handy tool, as it has 3 interfaces – USB, BLE & NFC.

Recently Google found an issue with security keys with BLE & I first noticed in my Feedly but soon got an email as well.

I thought I can’t get a free replacement key but surprisingly Feitian’s K13 (1,2 & 3) were listed as options. Mine is K13 3, marked with ③ at the back of the security key.

There is this form via which you can get a free replacement after you enter your address, provided you’re in the US and have purchased the Titan key; if you are outside the US and doesn’t have the Titan branded key but still have something similar, I am not sure if you are either affected or if you are entitled for a free replacement key. In this page that I referenced above, there is a comment section where you can post queries, I have asked whether my mutipass is affected and am waiting to hear back from Google.

If in case K13 3 is affected, I hope Google can send out a free replacement or at least offer the new unaffected Titan keys in the Indian Google Store for me and others to purchase.

I’d hate to turn off APP just because of this key issue, as otherwise I can’t use my OnePlus 6.

If in case you too are enrolled in APP, check and see your mileage. Good luck!

Links:

Google’s blog post about the issue

Page where you can check/request a replacement key

Feitian’s general page

Update:

Google is kind enough to discount almost everything – MultiPASS and e-PASS bundle at $1 but customs wants $29 for an item valued at $40, sad.

The new world of Subscription

₹40,569 / year

or

₹3,380 / month

We’re living in a subscription world for better or worse & I just found this wonderful app to keep track of due dates/renewals.

And also to be mindful of how much I’m paying as well as how many subscriptions I’m having.

https://play.google.com/store/apps/details?id=de.simolation.subscriptionmanager

For makers, it’s a constant revenue stream instead of a one off income; if priced right without greed – I agree with this trend, as it’s a way to pay a small fee monthly without long term commitments and as a way to support the developers.

Continue reading “The new world of Subscription”

ACT Fibernet rolls out IPv6 in Chennai after Bangalore

ACT after testing it out in Bangalore, has now enabled IPv6 in Chennai; making ACT as the only ISP after Jio to provide services in IPv6.

Right now they’re using 64 prefix.

500px-world_ipv6_launch_logo-svg


Sites to see if you are IPv6 enabled:

Recommended IPv6 DNS:

  • 2620:fe::fe / 2620:00FE:0000:0000:0000:0000:0000:00FE
  • 2606:4700:4700::1001 / 2606:4700:4700:0000:0000:0000:0000:1001
  • 2001:4860:4860::8888 / 2001:4860:4860:0000:0000:0000:0000:8888
  • 2620:0:ccc::2 / 2620:0000:0CCC:0000:0000:0000:0000:0002
  • 2606:4700:4700::1111 / 2606:4700:4700:0000:0000:0000:0000:1111
  • 2620:0:ccd::2 / 2620:0000:0CCD:0000:0000:0000:0000:0002
  • 2001:4860:4860::8844 / 2001:4860:4860:0000:0000:0000:0000:8844

Update as of 1st Sept 2019 – ACT customer service informed me on a call to my inquiry that v6 is no longer offered; they only activate WAN side v6 when the dynamic IP pool is congested and normally v6 is not offered. Even funnier is business customers with static IP’s are never presented with v6 and are stuck with v4 alone. Pity as v6 will soon gain wider adoption in India after Jio comes up with its home broadband.

Update as of 30th Sept 2019 – Not sure what happened, I am fully getting WAN side V6 now; it can mean two things – either the load is constantly high and thus V6 is available or they just started activating V6 full time. Either way, IPv6 is active and usable with ACT.

Fix for A newer version of OneDrive is installed error

Recently I was being bugged by OneDrive not starting; as a O365 user I wasn’t able to use OneDrive with NGSC (Next Generation Sync Client) to download files on the go.

If you face a similar situation, follow these steps, in this particular order – if possible.

  • Navigate to HKCU\Software\Microsoft\OneDrive & delete it. i.e, Delete the OneDrive registry keys under the Microsoft folder.
  • Use Revo Uninstaller, while I used the pro version, the free version can also be used; no difference. Just run it, pre-configure it to do a back up of the registry and also a system restore point. It will try and run the native uninstaller & nothing will happen. Once you see the ‘Scan/Next’, click on it and remove all registry keys and left over files it displays.
  • Sign Out & Reboot.
  • Do not download the usual OneDrive installer from https://onedrive.live.com/about/en-in/download, that will be 24,XXX KB on disk; this is unusable. Get the one from here https://go.microsoft.com/fwlink/p/?linkid=844652, it should be 25,239 KB on disk. Install this, open OneDrive settings & click on “Add an account”
  • Navigate to C:\Users\Karthikeyan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs & delete all previous OneDrive shortcuts. Goes without saying, replace my name with your user directory name.
  • Create a new shortcut and point it to C:\Users\Karthikeyan\AppData\Local\Microsoft\OneDrive\OneDrive.exe
  • Pin this new shortcut to the start screen or to the taskbar & use this to launch OneDrive moving forward.

That is all! Now you can actually use OneDrive as it is supposed to work 🙂

Hat-Tip to the following sources:

LincolnLog’s reply – https://social.technet.microsoft.com/Forums/windows/en-US/09425bf9-55ee-4ade-831c-b4650799dd59/a-newer-version-of-onedrive-is-installed?forum=win10itprogeneral

Someone in UV – https://onedrive.uservoice.com/forums/262982-onedrive-archive/suggestions/18734299-fix-a-newer-version-is-installed-and-onedrive-fa

Quad9 Indian Server Location

I love Quad9’s service & am continuing to use it over my ISP, CloudFlare, Google and numerous other DNS service providers as Quad9 is both swift & safer.

 

I had a quick question, as per this tweet, Quad9 have a server in Mumbai, India & Columbo, Sri Lanka; which are closer to Chennai. However, I did a trace route and noticed I’m being responded from Singapore.

 

Tracing route to dns.quad9.net [9.9.9.9]

over a maximum of 30 hops:

  1     3 ms     2 ms     2 ms  R7000P [192.168.1.1]

  2     3 ms     3 ms     3 ms  XXX

  3     4 ms     6 ms     3 ms  broadband.actcorp.in [XXX]

  4     4 ms     3 ms     3 ms  broadband.actcorp.in [XXX]

  5     3 ms     3 ms     3 ms  XXX.STATIC-Chennai.vsnl.net.in [XXX]

  6     3 ms     3 ms     3 ms  XXX

  7     3 ms     3 ms     3 ms  ix-ae-4-2.tcore1.cxr-chennai.as6453.net [180.87.36.9]

  8    37 ms    36 ms    35 ms  if-ae-13-2.tcore1.svw-singapore.as6453.net [180.87.36.83]

  9    36 ms    35 ms    35 ms  if-ae-11-2.thar1.svq-singapore.as6453.net [180.87.98.37]

 10    35 ms    35 ms    36 ms  ae-6.r00.sngpsi05.sg.bb.gin.ntt.net [129.250.8.241]

 11    38 ms    35 ms    35 ms  ae-10.r20.sngpsi05.sg.bb.gin.ntt.net [129.250.7.18]

 12    36 ms    36 ms    35 ms  ae-3.r20.sngpsi07.sg.bb.gin.ntt.net [129.250.4.34]

 13    36 ms    36 ms    36 ms  ae-1.r01.sngpsi03.sg.bb.gin.ntt.net [129.250.4.175]

 14    36 ms    36 ms    37 ms  ge-100-0-0-11.r01.sngpsi03.sg.ce.gin.ntt.net [116.51.27.54]

 15    35 ms    36 ms    35 ms  dns.quad9.net [9.9.9.9]

 

Pinging 9.9.9.9 with 32 bytes of data:

Reply from 9.9.9.9: bytes=32 time=36ms TTL=50

Reply from 9.9.9.9: bytes=32 time=36ms TTL=50

Reply from 9.9.9.9: bytes=32 time=37ms TTL=50

Reply from 9.9.9.9: bytes=32 time=35ms TTL=50

Ping statistics for 9.9.9.9:

    Packets: Sent = 4, Received = 4, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

    Minimum = 35ms, Maximum = 37ms, Average = 36ms

 

I’m not sure why Singapore is preferred over within the country & neighbouring country servers which are closer in terms of distance. I had few theories, then I recollected learning about international fiber optical networks and then it struck me!

Idea Bulb

My ISP ACT Broadband is routing to Tata Communications/VSNL, this is expected as Tata is the Tire-1 with a landing in Chennai.

I hope there is a national optical fiber network which connects Mumbai & Chennai; and I know as a matter of fact that TIISCS directly connects Chennai with Singapore with its submarine fiber optic cable.

 

Then I looked into the cable landing points in India and the various international cables that touches each of the nodes.

Chennai is a cable landing point for 4 cables (more on this later)

  • BBG – This is not used as Chennai needs to connect to Malaysia to reach Sri Lanka and then Mumbai
  • i2i – Possible as this is direct Chennai to Singapore, also connects with SMW3; owned by Airtel though
  • SeaMeWe-4 – Connects directly from Chennai to Sri Lanka & Singapore and then Sri Lanka to Mumbai; owned by many including Tata and Airtel
  • TIISCS/TIC – As stated earlier, direct Chennai to Singapore, Tata owned

So with BBG & i2i removed from the equation, the remaining two directly connects Chennai with Singapore where TATA has its presence. Now I understood why my queries are routed the way it was.

 

Anyways, no matter which provider I choose, its more or less of the same story.

Ping statistics for 9.9.9.9:
Packets: Sent = 4, Received = 4, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 35ms, Maximum = 36ms, Average = 35ms

Ping statistics for 1.0.0.1:
Packets: Sent = 4, Received = 4, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 35ms, Maximum = 36ms, Average = 35ms

Ping statistics for 1.1.1.1:
Packets: Sent = 4, Received = 4, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 35ms, Maximum = 36ms, Average = 35ms

Ping statistics for 8.8.8.8:
Packets: Sent = 4, Received = 4, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 36ms, Maximum = 36ms, Average = 36ms

Since there is not much of a difference between the top services, I’m going with the safety net of Quad9 over the others. Whatever it is, even while I’m getting 1-2ms pings from my ISP’s DNS, sometimes even 0ms! I’m not going to use their DNS. I’m using VPN with/or DNSSEC/DNSoTLS service providers just because I can and I prefer it that way.

 

International Fiber Optic Cablr Landing Count:

  • Mumbai – 12
  • Chennai – 4
  • Cochin – 2
  • Thiruvananthapuram – 1
  • Puducherry – 1 (TBF)

As per https://www.quad9.net/12-new-quad9-cities, I understand and support their ideology; but I secretly wish that they put up one more server for India in Chennai.

Mumbai can act for the north India while Chennai can cater to South. Anyways, I’m quite happy with where Chennai is at, in the large scheme of things.

 

Quad9 Server Locations