A few days ago, I started receiving all kinds of strange notifications and friend requests in an account that I don’t use for Facebook. I started getting concerned because of the volume of requests. I wasn’t sure if this was a phishing scam or malware, but I was getting annoyed at the number of pieces of mail being generated. The owner had signed up as Why-do U-Care. The name alone made be wonder what kind of scam was about to happen.
Of course each of these had a link to whatever I was being notified about. So, first in a VM to be safer, I clicked one of the links (the source of the email message actually was a legit Facebook non spoofed header, but just to be safe…) and without any trouble at all, I was able to reset the password to this phantom account.
.Here is the password change email I received.
Now how this person signed up with one of my email addresses and was able to use the account for a few days without verifying that email address is troublesome indeed.
Anyway, I reset the password and logged in to the account to insure that there wasn’t anything else going on that impacted me. This is some guy in California. A really stupid one to boot.
Next I got a throw away email address elsewhere and added it to the account, verified it, then set it as primary and removed my own misused email address. I changed the account name to DoNot Use. I then attached the email address that *I* own to a different Facebook account that *I* own as a secondary address. (Not my main account). Verified it, etc.
I then went into Why-DO U-Care, now DoNOT Use account with the throw away account login and scheduled it for deletion.
I am now getting about six of the following an hour from Facebook that look like:
Each time I click the button didn’t initiate this choice. This joker keeps trying to claim MY email address.
Facebook has a problem, and there is a person out there that needs psychiatric help and needs to be restrained from using the Internet (or at least who needs to understand he just can’t make up any old email address).
Seriously, Facebook allowed me to access this account just by initiating a password reset because I happen to own the email address this stupid person used. There is a security issue here, and this person should have never been allowed to use the account without acknowledging an email sent TO the email address he was trying to use. If anyone knows anyone at Facebook, please relay.
In Part 3, I wrote about setting up dynamic DNS and port forwarding for my cameras and desktop controller as well as authentication for all exposed web servers. Once this is set up properly, camera output can be viewed in real time, any time I want to check in on what’s happening chez moi. If I were to get a motion detection email alert, I could immediately recheck camera output from all my cameras.
The Blue Iris web controller Windows software that I selected is viewable from any web browser. It detects mobile use and presents an iPxxx interface when I access it from my iPhone or iPad. I’ve added the URL to my bookmarks and to my Home screen on my iPxxx devices. Here is what I see from my iPad after I enter the proper credentials (since authentication was set up):
I can select an individual camera from the drop down menu or just tap a camera to see a larger view.
I added a bookmark for the Blue Iris web server and also added it to my iPad and iPhone Home Screens for easy and fast access.
As I mentioned in Part 1, setting up the D-Link IP cameras (and IP camera in general most likely) is easy if you have a simple network. This means you
1. Only have 1 camera
2. Don’t need to access the camera either directly or through any software from outside your own home network
3. Don’t already have a web server running on the default port 80 (if your provider does not block this port)
If you are serious about DIY Home Security/Surveillance, you will need to configure multiple cameras on multiple ports, set up dynamic DNS (if you don’t have his setup already) and forward ports on your router. On your router, you should set up DNS reservations for your cameras, and if using a desktop software controller, a reservation for that computer and port forwarding for the port you are using for the desktop controller software web server. You can get free dynamic DNS from the folks at dyndns.com and if you have a decent router, there should be a place to enter your dyndns host name and password and the router will do the work of ensuring that if your Internet DHCP IP changes, updates are made seamlessly. D-Link actually offers a private branded dynamic DNS set up service from inside their admin interface. It should be ok to use this (last time I checked they were using the services of dyndns.com).
The heart of my home security system is motion detection and alerts. As I mentioned in the first post, I selected Blue Iris software as a desktop controller. It more than compensates for the shortcomings of the surveillance alert features that are missing from the D-Link camera and for the poor D-Link (free) Windows software supplied with the cameras (D-Cam View). For reasons I don’t understand, the more expensive DCS-942L camera does not have an email motion alert function. The less expensive DCS-932L does, but it is pretty limited.
The image above show the D-Link email setup.
Late last year, I decided that paying ADT $40 a month wasn’t worth it. I had 10 year old security equipment and they wanted a lot of money to upgrade to the latest and greatest systems.* I looked around and it became obvious that do it yourself home automation and home surveillance was something I would need to research. There weren’t any “kits” and local retail stores didn’t carry any electronics that I would want.
My first decision was on what kind of technology to use. My first step was video surveillance that included motion sensing and alerts. Looking around, there wasn’t much of a choice for configurable, functioning equipment. The only affordable player that qualified was d-Link. So, I picked up a few D-Link IP cameras. Two DCS-932L’s and two DCS-942L’s. In retrospect, I could have gone with all 932L’s. These are easy to setup if you just want to view them from within your own home and if you have no advanced needs. I will detail what I learned in another posting. Setting up to fulfill home surveillance needs was not trivial. That process alone will be a separate blog post. I can also tell you that while D-Link offers a free web based viewer for web browsers and a free app for the iPhone, you won’t want to use these. D-Link includes D-Cam Viewer software for Windows on their CD’s which is a real joke as it requires you to turn of UAC.
I settled on desktop controller from Blue Iris software that, while costing $50, does everything I could ask, including scheduling triggered alerts via email or SMS, etc., and it is viewable over the Internet with authentication protection. And there is a free iPad as well as an iPhone app that works beautifully with these cameras.
After setting up my cameras, etc., here is what I can see via a web browser accessing the Blue Iris controller remotely:
Each camera can be put on a schedule for triggered alerts. If one of the motion sensors is triggered, an email and/or SMS can be sent. I am quite happy with the video surveillance system.
*Note: I left the local ADT alarms intact, and shut off the monitoring service that cost $40/month, so if someone tries to come in through doors and windows when I have armed the ADT system, an ear-splitting alarm is set off.