Intel Security, Security or Extortion?

Bing, Yandex, Baidu, Google, Facebook, Sogou, Twitter and Yahoo all do the following; they respect and play by the rules when it comes to crawling sites. When these companies wish to crawl your site, they ask for permission via a request to your robots.txt. These companies respect the sites rules and follow them. Each of these companies identify their crawler with published user agents. These known agents alerts to their identity and intent. These user agent are useful determining if the crawlers seeks the mobile or desktop version of your site. Of course, these user agents are easy to spoof, which is why each of these companies backs their user agent with an rdns entry confirming their identify.

Intel Security / McAfee works by their own set of rules and as a security company pretty much acts like a rogue agent attacking your site. Intel/McAfee does not respect robots. Intel/McAfee uses a generic user agent that is common from bad actor states like the Ukraine, Russia and many countries in Asia; “Java/1.8.0_51” There is no way to distinguish a rogue crawler from Intel/McAfee. After much research we have determined that Intel/McAfee use IP's assigned to such names as pathdefender, or Digital Ocean. How many strikes does a webmaster need to block Intel/McAfee as rogue traffic.

After receiving unwanted traffic from the domain 104.131.0.0 we blocked all of Digital Ocean. Standing up a new site using our common blocked traffic database, Intel/McAfee was blocked as a bad actor in this domain, failing to identifying themselves and using user agents that are known for attacks, they were justifiably blocked.

Here is the rub and where the hubris and true arrogance of this purported security company surfaces. Intel/McAfee is blocked from access to our established sites, yet denied access, they labeled our new site as suspicious, they said they scanned our site and found viruses and malware and they presented a highly inflammatory warning to go back to safety; a load of excrement. The fact is we blocked them, so the message about the malware and viruses they found was a flat out lie.

Through inference and trial and error we determined who was behind the rogue crawls from 104.131.94.252 and 72.5.66.72 with known hacker user agents, spurious DNS; IP's we had blocked as bad actors; Intel! We had no choice but to succumb to Intel/McAfee's extortion; either we allow their rogue agents from unknown IP's onto our site and install their site seal, or they would block our site. Pay up or get blocked, we had no choice but to allow their rogue traffic and install their site seal; extortion.

We find Intell/McAfee to be bad actors that do not properly identify themselves, and if you do not allow their rogue agents onto your site, they will maliciously and without merit label your site as dangerous when in fact they are the problem.

We urge Intell/McAfee to follow the example of Google, Microsoft, Yahoo, Twitter, Baidu, Facebook and Sogou and establish and publish a branded user agent, then back it up with published and identifiable ip addresses via rdns. As security company, shame on you Intel for acting like the very actors you purport to block with your security software.

Seeeduino Stalker v3 Defect

Companies should  pay me to QA their products.  If there is a defect, I will find it.  On my current project, I needed to prototype a pulse counter.  I planned to outsource this, but the Point Six counter itself had so many material defects, namely battery consumption and the counter clock rate too slow,  I decided to build my own.  An EE buddy suggested Arduino.  Arduino is robust, thriving space, I was a kid in a candy store.  "Arduino, I just met a board named Arduino, and suddenly I've found how wonderful a sound can be; Arduino."  Knowing what I wanted, not sure how I would get there, I dove in.  I am not an EE, which my EE buddies love to point out.  EE and CS are kinda of like cats and dogs.  I concede to anyone with an EE, you are smarter then me.

Knowing what I want, lacking confidence to spot a defect, imagine the frustration in discovering the underlying component I was using to prototype has a major design flaw.   Seeed Studio offers a low power board with great components for a battery operated design.  It uses the lower power ATMega328p, has an efficient switching regulator, built-in support for lipo battery and solar charging; delicious.  It also has an XBee socket.  It was the ideal board for my battery operated pulse counter prototype.

Perfect until the wheels feel off.  For whatever the reason, Seeed decided to create an out-of-the box conflict between the serial interface and the xbee; they both used pins 0 and 1.  Out of the box you cannot access your xbee socket and then see what it is doing via the serial monitor.  Clearly Seeed considered this and included "pads" on the back of the board to allow for pin 2 and pin 3 (td/rx) on the xbee socket to remap to P5 and P6 on the mega; great.  Only problem; doesn't work.  Here is where the lack of confidence comes into play.  Seeed introduced a hidden variable into my project, challenging me.

The air was thick around here.  My boxer decided to spend more and more time on the driveway while I yelled and cursed at this board; "why the F isn't this working!!!"   Seeed is in absolute denial, even though this was revealed months ago on their own forum, where they admit to the defect.

Here is the thing; there is an obscure design defect on the Stalker V3.  The P5 pad does not go anywhere, Seeed knows about and they are engaging cavete emptor; let the buyer beware; not cool at all.  The problem is I like this board.  They acknowledged the defect months ago on their forum, yet they have not updated their docs, nor stated how they plan to resolve this problem.  This does help explain when Seeed was blowing these boards out at 80% off a month ago; suckers.

If you are curious, look at the lower left corner of the V3 schematic by the R16 resistor

http://www.seeedstudio.com/wiki/Seeeduino-Stalker_v3

See how the P5 does not attach to the right of the R16 resisitor on the P5 Pad but goes direct to P0 on the mega?   It should look like P6 to the R15 resistor.  The reason this is a such a big problem is the xbee and the uarts both map to p0 / p1 and conflict; you cannot have the uarts -and- and xbee at the same time without remapping the xbee.  This is why they put in the p5 and p6 pads to allow for both uarts and xbee.  Problem is, they didn't catch their P5 mistake and went into to production with the defect.  There is second defect as well, which only adds insult to injury; the through-hole on the xbee does not goto P2 nor P3.  P9 tests ok, but P2 and P3, that path is missing.

This is the only way I could get this board to work properly.

Elegant, don't you think?

SEEED, it is time to recall this board and make this right.  At the very least, disclose this defect.