new char siew menu for new season

Week Menu
I Char Siew Noodle
II Char Siew Rice
III Char Siew Kway Teow
IV Char Siew Spaghetti
V Char Siew Chop
VI Char Siew Rojak
VII Char Siew Mee Sua
VIII Char Siew Sandwich
IX Char Siew Curry
X Char Siew Prata
XI Char Siew Cutlet
XII Char Siew and …..Char Siew! (aka double-shot Char Siew)

dedicated to my good bro and myself (:

MessageMe SMS spam

there’s a round of spam (herein defined as copies of unsolicited messages that are delivered through electronic means) SMS on-going to get pple to install the Message Me app that reads something like:

“Get MessageMe (followed by a http colon slash slash msg dot me slash something something)”

messageme-spam

and there’s a fb status warning pple of its “severity” being shared:

“If u received SMS fm MessageMe, don’t click the link. Ignore & delete. It’s a spam virus going around. Once u click the link , the same SMS wil be sent out to ALL the contacts in your hp. And max out your SMS quota.text from Members”

out of curiosity and to be extra cautious, I checked out the URL with a browser running linux. the URL behaves like a redirect URL that leads you to d/l the app.

the origin of the SMS I’ve received two days ago is unknown. but the ‘severity’ may not as serious as the fb status that’s going around, cos like some forumers were saying, if the redirect URL can steal and max out your SMS quota, there exists a SERIOUS vulnerability in BOTH iOS and Android. chances of this is extremely extremely slim.

so what you could do is this:
(1) don’t support MessageMe for it’s spamming attempt (and other apps who do the same in future);
(2) ignore/delete the SMS, and beware of similar SMSes in future cos we won’t know one day a vulnerability could exists on more than one OSes at the same time and be exploited by crackers out there (:

—-
p.s. Thanks to Vincent for pointing out this possibility:

would it be possible that the URL will detect the OS and redirect to a different URL? E.g. it detects that the browser is calling the URL from a Android phone and redirect to a APK, which would usually prompt the user to confirm installing the app. If the user confirms, the newly installed app could possibly read the phone contacts and spam out SMSes.

i agreed to this possibility and i thought this is a cleverer way to spam. but i still maintain that by clicking on the link itself (without installing the app) and SMSes will be sent out points to a severe vulnerability in both iOS and Android; such a case is extremely unlikely here.

—-
pps. on further thought, if one’s contact list contains 2000 phone numbers, there is a chance of ‘maxing out’ one’s sms quota indeed if all 2000 phone numbers become recipients of the spam :O is the app kind enough to stop at a maximum cap (but will the phone know what’s your free SMS quota?), or will it just send out the maximum possible number of contacts in the phone? scary thought if one does not have unlimited SMSes and one’s no. of contacts exceeds one’s free SMS quota in a month :O

padfone 2 review – only one note

if u lands here via any search engine, chances are you are preparing to buy a new/used asus padfone 2 and looking for a review. OR, you connected your padfone 2 to the padfone station but your display/screen keeps on flicker flickering non-stop. this is not the usual review, but it’s purpose is to share ONE recent (shocking) experience with my own padfone2.

one fine day, i plugged in my padfone2 to the padfone station, and the screen keeps on blinking and flickering intermittently. yes, it’s absolutely abnormal.

so the hospital it’s sent to, and guess what the doctor tells me? “there’s a black thing that’s missing that’s causing the problem” i look and look and i really have no idea what the doctor is saying cos i din even realise there’s something there in the first place! the most shocking part follows:

“the replacement for the parts costs S$100 (singapore dollars),” said the doctor.
“what!?!”
“yes, you compare the socket with the one on the padfone station you will see the difference.”
“errr … hmmm … (actually i still cant tell what’s there or what’s not) … but why did Asus install something that will so easily drop out in the first place? i have never heard of such a problem from any other phone.”
“yes, just to set your expectation there. for this time, becos it’s the first time (err…sounds like it’ll drop easily again and again and again?!?) we’ll waive the charges”

today, after 5 working days, i get to get back the phone. and the first thing i do is to examine what’s “new” that went missing … hmm … seriously … such a small piece of thing cost $100 !?!

it’s real small, so i have taken a close up shot of it here:
padfone2-connector-highlighted

for those who owns a padfone 2, you can compare my photo with your phone and you’ll get what i mean (i think).

so the advice is this, for anyone who’s going to buy a padfone 2, (1) get a new set with warranty cover, (2) don’t ever ROOT your device before the warranty expires, (3) if you are buying a used set, make sure you inspect the charging connectors very closely, and make sure the black ‘parts’ shown in my photo are intact, (4) don’t buy this model, get the latest padfone infinity instead.

for record sake, the proprietary charging cable cost S$15 from the hospital.

and for record sake x2, ASUS has done away with this (stupid) connector and revert to the standard mini USB. so this problem should effectively be no more? i’m not sure 😛