Intel Security, Security or Extortion?

Bing, Yandex, Baidu, Google, Facebook, Sogou, Twitter and Yahoo all do the following; they respect and play by the rules when it comes to crawling sites. When these companies wish to crawl your site, they ask for permission via a request to your robots.txt. These companies respect the sites rules and follow them. Each of these companies identify their crawler with published user agents. These known agents alerts to their identity and intent. These user agent are useful determining if the crawlers seeks the mobile or desktop version of your site. Of course, these user agents are easy to spoof, which is why each of these companies backs their user agent with an rdns entry confirming their identify.

Intel Security / McAfee works by their own set of rules and as a security company pretty much acts like a rogue agent attacking your site. Intel/McAfee does not respect robots. Intel/McAfee uses a generic user agent that is common from bad actor states like the Ukraine, Russia and many countries in Asia; “Java/1.8.0_51” There is no way to distinguish a rogue crawler from Intel/McAfee. After much research we have determined that Intel/McAfee use IP's assigned to such names as pathdefender, or Digital Ocean. How many strikes does a webmaster need to block Intel/McAfee as rogue traffic.

After receiving unwanted traffic from the domain 104.131.0.0 we blocked all of Digital Ocean. Standing up a new site using our common blocked traffic database, Intel/McAfee was blocked as a bad actor in this domain, failing to identifying themselves and using user agents that are known for attacks, they were justifiably blocked.

Here is the rub and where the hubris and true arrogance of this purported security company surfaces. Intel/McAfee is blocked from access to our established sites, yet denied access, they labeled our new site as suspicious, they said they scanned our site and found viruses and malware and they presented a highly inflammatory warning to go back to safety; a load of excrement. The fact is we blocked them, so the message about the malware and viruses they found was a flat out lie.

Through inference and trial and error we determined who was behind the rogue crawls from 104.131.94.252 and 72.5.66.72 with known hacker user agents, spurious DNS; IP's we had blocked as bad actors; Intel! We had no choice but to succumb to Intel/McAfee's extortion; either we allow their rogue agents from unknown IP's onto our site and install their site seal, or they would block our site. Pay up or get blocked, we had no choice but to allow their rogue traffic and install their site seal; extortion.

We find Intell/McAfee to be bad actors that do not properly identify themselves, and if you do not allow their rogue agents onto your site, they will maliciously and without merit label your site as dangerous when in fact they are the problem.

We urge Intell/McAfee to follow the example of Google, Microsoft, Yahoo, Twitter, Baidu, Facebook and Sogou and establish and publish a branded user agent, then back it up with published and identifiable ip addresses via rdns. As security company, shame on you Intel for acting like the very actors you purport to block with your security software.

Seeeduino Stalker v3 Defect

Companies should  pay me to QA their products.  If there is a defect, I will find it.  On my current project, I needed to prototype a pulse counter.  I planned to outsource this, but the Point Six counter itself had so many material defects, namely battery consumption and the counter clock rate too slow,  I decided to build my own.  An EE buddy suggested Arduino.  Arduino is robust, thriving space, I was a kid in a candy store.  "Arduino, I just met a board named Arduino, and suddenly I've found how wonderful a sound can be; Arduino."  Knowing what I wanted, not sure how I would get there, I dove in.  I am not an EE, which my EE buddies love to point out.  EE and CS are kinda of like cats and dogs.  I concede to anyone with an EE, you are smarter then me.

Knowing what I want, lacking confidence to spot a defect, imagine the frustration in discovering the underlying component I was using to prototype has a major design flaw.   Seeed Studio offers a low power board with great components for a battery operated design.  It uses the lower power ATMega328p, has an efficient switching regulator, built-in support for lipo battery and solar charging; delicious.  It also has an XBee socket.  It was the ideal board for my battery operated pulse counter prototype.

Perfect until the wheels feel off.  For whatever the reason, Seeed decided to create an out-of-the box conflict between the serial interface and the xbee; they both used pins 0 and 1.  Out of the box you cannot access your xbee socket and then see what it is doing via the serial monitor.  Clearly Seeed considered this and included "pads" on the back of the board to allow for pin 2 and pin 3 (td/rx) on the xbee socket to remap to P5 and P6 on the mega; great.  Only problem; doesn't work.  Here is where the lack of confidence comes into play.  Seeed introduced a hidden variable into my project, challenging me.

The air was thick around here.  My boxer decided to spend more and more time on the driveway while I yelled and cursed at this board; "why the F isn't this working!!!"   Seeed is in absolute denial, even though this was revealed months ago on their own forum, where they admit to the defect.

Here is the thing; there is an obscure design defect on the Stalker V3.  The P5 pad does not go anywhere, Seeed knows about and they are engaging cavete emptor; let the buyer beware; not cool at all.  The problem is I like this board.  They acknowledged the defect months ago on their forum, yet they have not updated their docs, nor stated how they plan to resolve this problem.  This does help explain when Seeed was blowing these boards out at 80% off a month ago; suckers.

If you are curious, look at the lower left corner of the V3 schematic by the R16 resistor

http://www.seeedstudio.com/wiki/Seeeduino-Stalker_v3

See how the P5 does not attach to the right of the R16 resisitor on the P5 Pad but goes direct to P0 on the mega?   It should look like P6 to the R15 resistor.  The reason this is a such a big problem is the xbee and the uarts both map to p0 / p1 and conflict; you cannot have the uarts -and- and xbee at the same time without remapping the xbee.  This is why they put in the p5 and p6 pads to allow for both uarts and xbee.  Problem is, they didn't catch their P5 mistake and went into to production with the defect.  There is second defect as well, which only adds insult to injury; the through-hole on the xbee does not goto P2 nor P3.  P9 tests ok, but P2 and P3, that path is missing.

This is the only way I could get this board to work properly.

Elegant, don't you think?

SEEED, it is time to recall this board and make this right.  At the very least, disclose this defect.

To 404 or not to 404

SEO is an onion skin, we don't make the rules, we just follow them.  What is a 404 code, this is a response code for a page to notify the crawler that the page no longer exists.  A page with "Page not found" needs to be created server side, in this example IIS, the only place to set a response code is on an aspx pape.  Its not enough to display in the browser, "We are sorry the page you have requested is not found"  You must also in codebehind set the response code to 404, otherwise the crawler sees your page not found as a 200 and indexes page not found.  In the imitable words of Geico, "Everyone knows that."

The question though, are those 404s hurting your page ranking, and the best MBA answer I gave is "it depends."  Part of your page rank is external links to your domain.  Let's say bloggers following your link on your site to hotdomain.com/hothotpage.aspx  Now you decide to change your site and hothotpage.aspx becomes frickenhotpage.aspx.  hothotpage.aspx no longer exists, but all the external links still exist.  Because the external links exists, crawlers keep looking for hothotpage.aspx and you keep returning 404 or if you are really intent 410.  The crawlers keep asking for hothotpage and anyone that follows the external link is getting "page not found."  THIS will effect your pagerank.   External links are essential to your page rank.  Get creative in your IHttpModule and do a 302 to frickenhotpage.aspx.

When to redirect and when to server.transfer.  If the page is truly not found, a typo perhaps, or some bot phishing looking for holes.  hotdomain.com/usercodes.php.   You do not want a 302 to your 404, you just want a 404 to usercodes.php, server.transfer will insert your pagenotfound.aspx with the header for usercodes.php.  But in the case when you are doing a redirect, the case of hothotpage.aspx, you want to notify the crawler of the 302 perm redirect to frickenhotpage.aspx with a normal 200.   This will preserve your external links and page ranking instead of 404 to dead links.  Best practice is to honor the external links and redirect to the new page.

While on this topic, invariably your site is being crawled.  How do you perform system maintenance.  Much like a 302 redirect to a new page with a 200 response.  Its a good idea to redirect all pages during maintenance, or failures with a 302 to a 503 System Unavailable.   This is arguable; server.transfer or response.redirect.  I favor the 302 redirect to a 503 page.

The Firebug plugin is a great way to see how this all works.

Responsive Web Design with ASP

Getting off the table, viewport, devicewidth, code-behind and the lifecycle of an ASP page.

Until the nasty gram from Google about de-ranking a clients pages for not properly supporting mobile devices, I was plenty happy. I thought the pages looked fine, and actually adding the viewport header made them look worse on mobile devices. Can't fight google.

I had heard grumblings about tables and how pedestrian they are, but getting off them, it was like losing Flash again. Maybe that is a bit dramatic, but I have learned to coexist with HTML 5 and my Action Script code still has a home, but tables. They really had to go.

Life is simply better without them, F all the matching <tr and </td, good riddance. Tables will live on with html marketing emails, where divs will ruin your day, but divs just blend and they allow for the dynamic wrapping and sizing of the target device for a more robust user experience across devices.

This opened a new can of worms; making device width usable while your page elements are created.  Most static pages can be resolved via CSS, style="width:100%; max-width:640px;"  Yet for complex dynamic pages, you need to know the device capabilities when the page is created serverside.  As an example check out http://aqua8472.com/seeitwork.aspx  The grid elements are created dynamically and based on the device serverside.   In the ASP lifecycle, all server side events process before the page is rendered. That makes sense, the page is essentially static and has no contract back to the server, ajax muddies this, but for all practical purposes, once the server is done with its back end processing, the HTML is rendered and the server has moved on. Now I was facing a chicken and egg scenario, I want to size the elements on my page server-side based on the device. Problem...

To solve this touches on several areas within the page lifecycle. Essentially, I fed my device width via a webservice call and created a session variable with the width for use during server-side processing of the page. Customizing IHttpModule with an event for PostAcquireRequestState

allows for a redirect to a detection page, this detection page via a webservice call creates the session variable. Keep in mind this is only available to asp pages.

 privatevoidOnPostAcquireRequestState(objecto,EventArgsargs)
{
<<snippet>>
HttpApplicationapp=(HttpApplication)o;
BrowserSupport.BrowserInfobi=newBrowserSupport.BrowserInfo(app.Request);
if(bi.mobile)
{
 if(app.Session["deviceWidth"]!=null)
  ProcessASPX(app,newBrowserSupport.BrowserInfo(app.Request));
 else
 {
  if(!sPageRequested.ToLower().Equals("detectdevice.aspx"))
   app.Response.Redirect("/noc/detectdevice.aspx?r="+app.Request.Path,true);
 }
}
else
 ProcessASPX(app,newBrowserSupport.BrowserInfo(app.Request));

Javascript handles the detection of the device width and calls a webservice. Keep in mind, you have created a race condition and you need to wait for the webservice call to complete before redirecting to the original page passed in as a url param from OnPostAcquireState

<metaname="robots"content="noindex,nofollow"/>
<metaname="viewport"content="width=device-width,initial-scale=1"/>
 
<scripttype="text/javascript"lang="javascript"src="/scripts/jquery.js"></script>
 
<scripttype="text/javascript"lang="javascript">
$(document).ready(function(){
 varwindowWidth=(window.innerWidth>0)?window.innerWidth:screen.width;
 jdwebservice.setdevicewidth(windowWidth,
  setDeviceWidthOnSuccess,setDeviceWidthOnFail);
});
 
functionsetDeviceWidthOnSuccess(result){
 if(result){
  varurlp=location.search;
  varoffset=urlp.indexOf('?r=');
  if(offset<0){
   alert('Unabletolocateurlparam:'+urlp);
  }
  else
  {
   window.location=urlp.substring(offset+3);
  }
 }
 else
alert('Wearehavingtroublecommunicatingwithourbackendservers.Contactsupportwithmessagedetectdevice.setDeviceWidth.(result):'+result.get_message());
}
 
functionsetDeviceWidthOnFail(result){
alert('Wearehavingtroublecommunicatingwithourbackendservers.Contactsupportwithmessagedetectdevice.setDeviceWidth.Tryreloadingthispage.'+result.get_message());
}
</script>
 

In the detection page, we want to keep the crawlers happy by notifying them this is a temp 302 redirect and not a 200 success. Response codes can only be set by the server.

protectedvoidPage_Load(objectsender,EventArgse)
{
 Response.Status="302DeviceDetectionRedirect";
 Response.StatusCode=302;
}

The webservice is a simple call and looks like this.

[WebMethod(EnableSession=true)]
publicboolsetdevicewidth(uintdeviceWidth)
{
 boolbResult=false;
 try
 {
  if(Session["deviceWidth"]==null)
   Session.Add("deviceWidth",deviceWidth.ToString());
  else
   Session["deviceWidth"]=deviceWidth.ToString();
  bResult=true;
 }
 catch(ExceptionE)
 {
  Utility.SendEventLogError("("+HttpContext.Current.Request.UserHostAddress+")
  jdWebservices:setdevicewidth,Exception:"+E.Message);
 }
 returnbResult;
}

Now on a page load, for the parent div I set the width at runat server, then on its oninit, use the session device width as below:

<divclass="divIndexHeader"id="ixHeaderDiv"oninit="Div_Init"runat="server">

protectedvoidDiv_Init(objectsender,EventArgse)
{
<snippet>
notice we only mess with mobile devices, desktop are as designed.  
 BrowserSupport.BrowserInfobi=newBrowserSupport.BrowserInfo(Request);
 if(bi.mobile)
 {
  if(Session["deviceWidth"]!=null)
  {
   uintuWindowWidth=0;
   if(!uint.TryParse((string)Session["deviceWidth"],outuWindowWidth))
    thrownewException("UnabletoconvertSession[\"deviceWidth\"]
    toanuint,"+ (string)Session["deviceWidth"]);
   if(uWindowWidth<975)
    ((HtmlGenericControl)sender).Style["Width"]=uWindowWidth+"px";
  }
  else
   thrownewException("Session[\"deviceWidth\"]isnull,
    wasdetectdevicerunfirst?");
 }
}
For embedded elements with width:X%, they all fall in line based on the parent element width.  Having the power of server-side processing, allows for creativity to adjust/remove padding between inline-block or float divs.  

Getting creative, for our low resolution devices, like the iPhone, size your images to take the width of the device, then adjust the padding for higher resolution devices support based on your original layout.

<divid="divTour4"class="divIndexTour"runat="server"oninit="divTour_Init">

if(Session["deviceWidth"]!=null)
 {
  uintuWindowWidth=0;
  if(!uint.TryParse((string)Session["deviceWidth"],outuWindowWidth))
   thrownewException("UnabletoconvertSession...
  if(uWindowWidth<375)
  {
   ((HtmlGenericControl)sender).Style["Width"]=uWindowWidth+"px";
   ((HtmlGenericControl)sender).Style["padding-left"]="0px";
  }
  elseif((uWindowWidth<900)&&(uWindowWidth>376))
  {
   ((HtmlGenericControl)sender).Style["Width"]=(uWindowWidth*.75)+"px";
   ((HtmlGenericControl)sender).Style["padding- 
   left"]=(uWindowWidth*.12)+"px";
  }
 elseif((uWindowWidth<975)&&(uWindowWidth>901))
 {
  uintuPadding=75-((975-uWindowWidth)/2);
   ((HtmlGenericControl)sender).Style["padding-left"]=uPadding+"px";
 }

A good page to check out is http://viewportsizes.com/

Frequenting Pilot and Flying J could cost you thousands of dollars

Frequenting no-name, unbranded fuel sold at Flying J and Pilot because their islands were easier to get to was a bad-habit.  My ignorance of GM's reliance on the use of fuels with a high detergent content as part of injector health over time is manifesting in my injectors on my 05 Workhorse Chassis.  Pilot, which also own's Flying J, does not, has not, and will not sell its customers top-tier fuel and has elected to supply its customers with the low EPA detergent additives which GM states is insufficient to keep its injectors clean.  My loyalty to Flying J/Pilot, and my ignorance believing this was all a marketing ploy developed by Chevron and their Techron additive was a mistake.

This started with a rough idle on my 8.1 and a comment from my service writer on injector cleaning on my duramax.  Online searched took me to X66P ACDelco upper engine and injector cleaner.  My d-max was simple to perform and with my marginal injectors, I saw an immediate improvement in balance rates; all eight are now approaching zero.  So I started looking into doing the process on  my 8.1.   Not so fast.  There are a couple of givens; the process must be done in high concentration 16oz cleaner to 64oz of fuel, which requires a separate fuel supply.  At idle this takes app 2 hours to run through the motor.  The return line goes back to the temp tank and the onboard fuel tank is isolated from the process.  This mixture circulates through the temp-tank over and over until depleted.  The reason this was simple to perform on the duramax (sierra) is the fuel pump and filter are on the fuel rail, which makes sense because the rail on a duramax is over 20,000 psi, unlike an 8.1 where the fuel rail pressure is app 60psi.

On the 8.1, from burbs to boats to workhorse, it appears there is a single fuel pump in or near the tank and fuel regulator on the fuel rail with a return line to the tank.  Now the injector cleaner process becomes more complicated because isolating the fuel tank, also removes the pump and filter.  Now to achieve a highly concentrated cleaner a temp pump and filter is required.

To perform this cleaning on the 8.1, the temp-tank setup must also include a pump and filter, differing from the d-max process where the pump and filter were part of the rail.  Also the on-board fuel pump would need to have its fuse pulled.  This temp pump would need to achieve 56-62 psi or I am assuming the ecm would through a code.

Because of the ease and observable improvement in my injector performance on my d-max, ignorance in running non-top-tier fuel in my 8.1 and a subsequent rough idle, I am investigating how to do this on the 8.1, which is raising more questions.

On the diesel there was little risk, the temp-tank lines were not under high pressure, no external pump or filter were necessary.  Now to DIY on the 8.1, if I understand correctly, I need a high-pressure external fuel pump of at least 60psi and an external filter as part of a temp tank assembly.   The cost of such a pump is not prohibitive, but the high pressure (100psi) on the supply side to the fuel rail is what is giving me caution, the failure point is a hose clamp to a temp fuel line at a hot motor.

To clean the 8.1, I found a pressure cylinder on Zoro.com.  The cylinder is pressurized from external air and has a built in regulator.  Depending on the manufacturer, there is a port on the fuel rail where the cylinder charges the rail.  On Chrysler and GM this port is type Schrader.   To keep the mixture from flowing back to the tank, which can both dilute the mixture and damage the fuel pump, you need to pull the fuse for the fuel pump -and- keep the pressure at least 5 lbs under the pressure of the regulator on the fuel rail.  This will keep the regulator closed and prevent backflow to the tank.  On the 8.1, fuel rail pressure is 60#.  To be on the safe side, I performed the procedure at 50#.
Zoro Canister Fuel Rail Cleaner 

The inconvenient truth is this was all avoidable.  Now I need to unring the bell and hope it is a recoverable error on my part for not educating myself about injector health, balance rates and the differences in EPA requirements and what Arco, Chevron, Shell and even Valero, are putting into their fuels because of what all vehicle manufacturers want.  The damage in frequenting Flying J/Pilot is done and now I need to perform a cleaning process and hope to undo the damage.

Purchasing from Pilot/Flying J over time was a mistake, the remedy was additives at my expense, or a better grade of fuel; but I simply did not appreciate what was happening slowly over time.

linqToTwitter example

How to do a quick test of linqToTwitter with VS 2012 .net 45 and forms.

Login with you test account on dev.twitter

Under tools/Manager

This will create the two keys that link your app on twitter to your test application.

Now lets get started

In Visual Studio (2012+), create a new windows form application.

Open the NuGet Package Manager under tools, start the console

Enter install-package linqToTwitter

https://linqtotwitter.codeplex.com/SourceControl/changeset/view/8c63d7991761#BuildScripts/ReadMe.txt

Confirm you projects package.config is up to date with:

https://linqtotwitter.codeplex.com/SourceControl/changeset/view/8c63d7991761#New/Demos/Linq2TwitterDemos_Console/packages.config

You need two more references

System.Configuration 

Microsoft.VisualBasic

Follow the code below:

using System;
using System.Collections.Generic;
using System.ComponentModel;
using System.Data;
using System.Drawing;
using System.Linq;
using System.Text;
using System.Threading;
using System.Threading.Tasks;
using System.Windows.Forms;
using System.Diagnostics;
//add references
using System.Configuration;
//this is for the messagebox in vb, not found in c#
using Microsoft.VisualBasic;
//this was added using NUGetPackageManager console PM>install-package linqtotwitter
using LinqToTwitter;  //version 3.1.2
 
/*
 * How to test linqToTwitter with PinAuthentication
 * This is the simplest way to test as there are no callbacks from twitter.
 * Written by David Dold on April 7, 2015 with VB 2012 
 * 
 */
 
/* Before you begin, in dev.twitter.com, setup up a test app under Tools, Manage Your Apps
 * Then add the values in base64 copy and paste directly from twitter into your consumerKey, consumeSecret
 * 
 * <appSettings>
    <add key="consumerKey" value="from dev.twitter" />
    <add key="consumerSecret" value="from dev.twitter" />
    <add key="ClientSettingsProvider.ServiceUri" value="" />  //
  </appSettings>
*/
 
/* compare your packagaes.config with the requirements on codeplex
<?xml version="1.0" encoding="utf-8"?>
<packages>
  <package id="Microsoft.Bcl" version="1.1.9" targetFramework="net45" />
  <package id="Microsoft.Bcl.Build" version="1.0.21" targetFramework="net45" />
  <package id="Microsoft.Bcl.Compression" version="3.9.85" targetFramework="net45" />
  <package id="Microsoft.Net.Http" version="2.2.28" targetFramework="net45" />
  <package id="Rx-Core" version="2.2.5" targetFramework="net45" />
  <package id="Rx-Interfaces" version="2.2.5" targetFramework="net45" />
  <package id="Rx-Linq" version="2.2.5" targetFramework="net45" />
  <package id="Rx-Main" version="2.2.5" targetFramework="net45" />
  <package id="Rx-PlatformServices" version="2.2.5" targetFramework="net45" />
</packages>
*/
 
namespace TwitterTester
{
    public partial class Form1 : Form
    {
        //be explicit, what is this vb?
        PinAuthorizer auth = null;
        public Form1()
        {
            InitializeComponent();
            try
            {
                auth = new PinAuthorizer()
                {
                    CredentialStore = new InMemoryCredentialStore
                    {
                        ConsumerKey = ConfigurationManager.AppSettings["consumerKey"],
                        ConsumerSecret = ConfigurationManager.AppSettings["consumerSecret"]
                    },
                    GoToTwitterAuthorization = pageLink => Process.Start(pageLink),
                    GetPin = () => 
                    {
                        return (string)Interaction.InputBox("Enter Pin", "Twitter", string.Empty, -1,-1);
                    }
                };
                //this returns void, assuming it throws an exception if something is wrong
                //"waiting" is on twitter, this will load the default browser, and then prompt the currently logged in twitter users with "Authorize <<your twitter app>> to use your account?"  
                //from credentials above created in dev.twitter.com "Tools-> Manage Your Apps"
                //you cannot "wait" on this, the handoff to the browswe will not occur
                auth.AuthorizeAsync();
                //this is not blocking, ideally this would block until authorized and then enable the tweet button...  
                button1.Enabled = true;
            }
            catch (Exception E)
            {
                lbInfo.Text = "Exception Constructor: " + E.Message;
            }
 
        }
 
        private void button1_Click(object sender, EventArgs e)
        {
            try
            {
                using (TwitterContext twitterCtx = new TwitterContext(auth))
                {
                    //in pure event driven programming this should be a BeginTweet, then a callback to OnFailedTweet or OnCompleteTweet.  
                    //MS added this async/await in vs 2012, .net 45, supposedly this is the same, meaning, this is not blocking and IDispatch is still processing windows messages
                    Task<LinqToTwitter.Status> task = twitterCtx.TweetAsync(textBox1.Text);
                    task.Wait();
  
                    //Task.Result is of type LinqToTwitter.Status
                    if (task != null)
                        if (task.IsCompleted)
                            listBox1.Items.Add("tweeted: ID: " + task.Result.ID);
                        else
                            listBox1.Items.Add("Task failed");
                    else
                        listBox1.Items.Add("failed");
 
                }
            }
            catch(Exception E)
            {
                lbInfo.Text="Exception TweetAsync: "+E.Message;    
            }
        }
    }
}

Run the app.

 
The oAuth requires a code provided by twitter.com to authenticate the currently logged in user to the default browser.  Cut and past the code into the (vb) message box.

Tweet away.

Good luck,

~David

Cuisinart Slow Cooker, ticking time bomb?

Rainy day in San Diego, a novelty to be sure.  Decided it was a day for chili.  Stopped by Ralphs and the tri-tips were on special, tri-tip chili, why not?  Came home cubed and seared the meat, caramelized an onion and off to my Cuisinart Slow Cooker and I was off.  The point of a slow cooker is to throw your meal in and take off.

What I did not know is that my slow cooker was slowly cooking itself.   I returned home to find the cooker was not cooking, no light, no one home.  Meal partially cooked, company on the way; ah what to do, but the uncooked meal is only the beginning of the story.

I hate throwing things away.   Especially looking at this rather large, small appliance wondering if it could be repaired and spare it an eternity in the landfill.   The cord would no longer retract so I started there and what I found was shocking.

The retractable cord had overheated, shorting out, and ultimately failed with melted wires and completely shorted out connectors.  This was not spontaneous, clearly my slow cooker had slowly been failing with a faulty design since day 1.

What you are seeing are corroded wires that were continually overheating until they finally broke off free of their connectors.  On the white retractable cord spool, the power cord had melted, along with the plastic housing.  The yellow disk, which should be white, suffered long-term heat damage and is where the unit is fed from the retractable cord, it too suffered long-term heat damage.  The saving grace is these failed, shorted out, burned components were all housed in sheet metal.

Maybe I missed the recall, sadly,  no nothing out there.  This UL listed device manufactured by a brand I trusted was a ticking time bomb.

If you own a Cuisinart slow cooker with a retractable cord, you may want to see if it is cooking itself.  An inspection is simple to perform and requires removing only one screw.  Pop the cover to the retractable cord housing and take a look, better then burning your house down.

According to Consumer Reports, Kitchen Fire Safety, fires from defective appliances are on the rise, with millions of defective products on recall list.  This Cuisinart clearly should be recalled, but was not.

ADCO Designer Series Tan/White Tyvek Class-A RV Covers

ADCO RV Cover Review.

Talk about planned obsolescence!  A decent cover should last more then a couple of years.  Each of the ADCO product covers I have purchased have disintegrate in about three years.  The cover I have now, this model, with the white Tyvek roof has a major design flaw. http://www.adcoprod.com/Universal-RV-Covers/Class-A-RV-Covers#cover51

According to Material Concepts a reseller of Dupont Tyvek 1460c, Dupont rates the product to lose half of its tensile strength in 24 months.  ADCO is selling a product that will fall apart by design, this cover has absolutely no long durability past the warranty period.

The Tyvek roof panel is not a single panel it is actually three panels of Designer SeriesTyvek sewn together, see pictures. Beyond the limitations of Tyvek, the cover is manufactured with two seams on the roof surface.  These seams are continually exposed to the sun. All the weight of the sides goes through each of the white panel seams, the Tyvek (white part) is much lighter weight then the side panels and it cannot handle it because the thread used is not rated for UV light and the elements and it rots.

Tyvek is not designed to last exposed to UV light past two years, couple that with rotting thread and in a couple of years and this cover is off to the landfill.

Bottom line: I paid good money for this!  My cover is falling apart and ADCO planned it that way, I consider that fraud.  ADCO is using a product, Dupont Tyvek, that will not last for this application.  My experience with their warranty department is their goal is to up-sell into a custom cover.

If you are OK knowing this is a disposable cover, then by all means.   I feel ripped off.

There has got to be something better out there, get it together ADCO.

I fixed my cover with a $10 roll of Tyvek Tape from Lowes.  Tyvek Tape is patented because it bonds to the Tyvek and becomes Tyvek.  I taped up all the failed seams almost nine months ago, it is still holding strong.  ADCO could have suggested this, but then again their goal is to keep selling disposal covers.