the balikbayan box issue

i still cannot comprehend what really is the big issue in this "balikbayan" box inspection. before this issue got hot and viral in press and media, i got informed by my balikbayan box forwarder that the BOC will be implementing this random inspection and my box (if randomly selected) will be subject to physical item inspection i.e. box will be opened and the contained items will be subject to inspection. i really did not care about it as i thought such inspection were already enforced. so what or where really is the issue?

just would like to list down what i know so far:
1) all cargoes are subject to inspection
many OFWs think that balikbayan boxes are not subject to inspection. there's no law or PD which exempts balikbayan boxes for inspection. the mode of inspection (whether physical or x-ray) is the discretion of custom inspector. in japan, they have all the scanning technologies, yet all cargoes even small parcels are being opened for physical inspection. for security purposes, i think the Philippines should do the same, especially bacterial contamination checks.

2) all exported items are subject to taxes
goods contained in the balikbayan box are subject to taxes. currently, exemption from duties and taxes of "balikbayan" boxes containing personal and household effects is limited to a total of $500. many OFWs including me didn't know about this limit till now. i thought it was $2000 (or 200k JPY) as it was indicated on the packing list of the balikbayan box forwarder i'm using. being a hot topic on the media, senate and congress is now eyeing to increase the limit to $2000.

3) items gone missing after the inspection are responsibility of the forwarder
many balikbayan box senders don't want their boxes opened being afraid that items might get stolen. from what i understand, the forwarder is being paid to guarantee the delivery of a package. the forwarder thus has the responsibility to stand and represent the sending party during the inspection; and to make sure all items are placed back into the box.
the BOC really has a big problem in gaining the trust of the public. there are many news and reports of corrupt custom officials in the airports.

4) what the BOC trying to implement is "random" physical inspection
till now BOC was a bit loose in enforcing these laws to the balkbayan boxes. now they are trying to do initiate a "random" inspection and not 100% inspection. i think this wont be totally random. they might have certain criteria to base to on which box they will be putting into test. they might be taking samples from boxes sent thru a specific forwarders; or could be those boxes which appears to be externally different.

i was interested to know what triggered BOC to change their policy for doing this random physical inspection of balikbayan box. watching the video of this senate investigation, the BOC failed to convey the reason behind this change but this leads me to ask the following question:

"because there was no report of drugs or armaments found in balikbayan boxes, BOC cannot enforce a random physical inspection?"

for whatever reasons, (maybe resource constraints) BOC did not enforce physical inspection and may have just relied into x-rays. the question is: is x-ray inspection really enough?. i have taken the case of japan doing physical item inspection of even small parcels despite of having hi-tech scanning systems. last time i bought a camera lens adapter from an online shop in the US, i received the package with a tape resealed by the Japanese customs.
it could also be for the same reason that BOC does not have a statistical number of incidents related to balikbayan boxes found to contain illegal drugs or contrabands, due to the fact they were not conducting physical inspection and that the departments' scanning systems are not able to detect such items.
im not against on this move of the BOC and it might be part of the "daang matuwid" initiatives of putting things into order. but they should be clear in conveying their motives. is it really for security prevention; or for more tax generation?

WAN Simulators

several years ago, i needed to emulate WAN for the ICA optimization thru WANScaler (now called CloudBridge), and i tried looking for software to simulate WAN behavior. here are the list of those i found in the internet. I evaluated most of them but decided to use WANem.

Frenzy 1.0 (free)
http://frenzy.org.ua/en/

WANem (free)
http://wanem.sourceforge.net/

Dummynet (free)
http://info.iet.unipi.it/~luigi/ip_dummynet/

WAN-emu (free)
http://speed.cis.nctu.edu.tw/wanemu/

NISTNet (free)
http://www-x.antd.nist.gov/nistnet/

Netem (free)
http://www.linuxfoundation.org/en/Net:Netem

Shunra (commercial)
http://www.shunra.com/

NetLimiter (commercial)
http://www.netlimiter.com/

PacketStorm (commercial)
http://www.packetstorm.com/

XPIdea WAN Emulator (commercial)
http://www.xpidea.com/Products/tabid/53/ProductID/19/Default.aspx

(this is a repost of my notes from our internal blog system. posting it here for future reference)

G11N Testing: Static UI Resource Verification Methodology & Tools

I belong to the Life-Cycle Maintenance team in Citrix Tokyo where we are responsible for testing and release of bugfixes, enhancements and new feature releases. Our team used to be under the Globalization Services organization before it got moved to the global LCM group. Though we primarily do functional regression testing on the bugfixes, we also have given some degree of focus to G11N testing. If the bugfix or the new features being tested has some user-interface related codes, we make sure that the UI elements are properly accessible and displayed correctly on their corresponding language platforms. Some examples of these UI elements are string event messages in the event logs, wizards and dialogs, and control labels. 

We primarily test released products in LCM and I have encountered several unlocalized texts/labels in the previous versions of XenApp. I had made some inquiry regarding the testing coverage executed by the product team on those areas, and come to know that some of these UI issues were not covered during the tests. 

I made a study on how static UI resource verification could improve the quality on these areas and had created several tools to aid this process. I conducted a research on the file formats which are being used in Citrix products and had explained a methodology in covering possible issues on the localized products. 

Thoughts on UI Testing - Leveraging UI Resource verification

Above is the link to the PDF document which I wrote sometime in mid-2010. If you are into testing user-interfaces on localized platforms, I think it will be worth a read. I'll add more materials to these later, and if you have a question, please feel free to add your comments below.

Synfo: system info snapshot & diff tool

One of the testing coverage that we have in hotfix testing is install or upgrade testing. When the hotfix is delivered in an MSI patch i.e. an msp file, we have to make sure that the hotfix is properly installed - i.e. modified files, registry, services and drivers are properly updated; and also has to make sure that the hotfix, patched the right application.

Windows 2003 Add/Remove program app/patch entry

In WinXP or Win2003, the patches of an installed application are listed below it on the Add/Remove program utility (see left pix). In the figure, we can visually confirm that there are 2 patches installed to the SharePoint Services 3.0.

In Vista/Win2008 or later, all the applications and patches were now shown in the same hierarchy

Windows 2008 Program & Features panel

level; and it's hard to visually know which hotfix is a patch of which application. And considering that there are also hidden patches (those not visible in the Add/Remove program utility), there's a need for such a tool to list down all patches - visible or hidden.

Synfo was created to answer this need. This tool primarily make use of the Windows.Installer object to list all applications and patches, and also retrieve additional information from the registry to get the list of all installed components. Using the component's GUIDs, this tool will recreate the tree hierarchy structure of the application and its patches.

Other that the application and patches info, I also added the installed services info and system variables set in the system. This tool will then create a snapshot of these info in an xml file format as shown in the sample below:

Synfo XML output file

The root node is named as synfo and under it are 3 types of elements: info, services and products.

The info node will contain the system info where this utility was executed and also contains one env.vars subnodes which contains all the system variables set in the system

The services node, contains all the services info (node labeled as svc) with their id i.e. the service unique name. Each svc node contains all the attribute name and value pairs like service DisplayName and State.

The products node on the other hand contains all the applications (or products) installed in system which are being identified uniquely by a GUID. The product property values as well as the additional registry (reg.info) are also exported. If the product has patches installed in the system, these components will be listed under the patches child-node of that product. The count attribute shows the number of patches installed for that product. With this information at hand, it would easy to verify if the hotfix-under-test patched the right product.

This synfo tool does not only take a snapshot of the these info. It can also make a diff comparison of 2 synfo xml files. By comparing or getting the difference between the 2 snapshots, we would be able to verify what objects or properties changed, deleted or added! The figure below is a portion of the compare result xml file. Here it shows that there are 5 modified products. One of the modified product has 1 added patch and 1 removed patch. For modified values, the oldValue and the newValue will be shown side by side.
The tool could also add the xml stylesheet filepath to the output file if specified in the execution parameter.

Synfo compare result file

Tool Information:
requirements:  .Net runtime 2.0 or later is required.
download link: synfo.zip

Usage:
to dump the system info, run with no parameters.
 $>synfo.exe [enter]

to compare the synfo files:
 $>synfo.exe referenceFile [compareFile] [xslPath]
   referenceFile - the base synfo xml file. required
   [compareFile] - the synfo xml file to compare. if not specified, the current system state is used.
   [xslFilePath] - path to the result xml stylesheet. optional


Disclaimer:
This tool is provided 'as is' without warranty of any kind, either expressed or implied and such software is to be used at your own risk. 

Ohisashiburi

"Ohisashiburi" (お久しぶり) is the Japanese word used to greet someone we haven't met for quite a long time. I have not posted any blogs for almost 2years! So it's really "Ohisashiburi" to all of you :). Well, I was sort of busy at work, at home and with some extra-curricular & charity works :). Anyways, I have several topics and tools which I would like to share this coming few days. Here are some of them:

• Synfo - dumps systeminfo, installed services info and installed products/patches info of a system into an XML file. Also provide compare feature for differencing between 2 synfo xml files.
• mstSIS - dumps the Summary Information Stream of an MST file.
• msidump - dumps all MSI tables including the _TransformView tables of the embedded MSTs into an XML file. Using the dumped xml files, the tool can also generate the diff (added, changed and removed objects).
• ResourceExporter (enumres.exe) - dumps the string and messagetable resource texts from Win32 native modules (DLL, EXE or VRS) and string resources from .Net assemblies. Also extracts and converts ADM, IDT, CXMI and Citrix XML resource files into enumres XML file format.
• ResourceCompare (rescmp.exe) - Compares the enumres XML files: cross-build or cross-language and reports possible resource related issues - duplicate IDs, unlocalized strings, newly-added/modified/deleted resource entries.

Please check them again soon... 

Glossary of Metro Manila Crimes

Most crimes are committed on the streets, while riding on public transportation, in shopping malls, and in other areas with high people concentration. The most frequent crimes perpetrated across the metropolis are pick-pocketing, robbery, confidence schemes, and to a lesser degree, credit card fraud. While these crimes are common to many other major cities, the names could be different for these are the ones used mainly in Metro Manila. 


NOTE: this is not my compilation. this was taken from an email forwarded to me by a friend where the name of the original author was missing.

Tagalog Crime Name	Common Crime Scene(s)	Tactics Description
Salisi Gang	Hotel lounges, coffee bars, cafes, and restaurants frequented by perceivably wealthy tourists and businessmen	Suspects are typically well-dressed, mild-mannered, and project an aura of legitimate businessman or an affluent matron; complete with jewelry, attaché case and other props to appear and look wealthy. The perpetrator moves closer to the would-be victim and waits patiently until the victim is engrossed in a serious conversation with a companion or leaves his or her bags and other belongings unattended. In a swift motion, the perpetrator takes the unattended bag or belongings and casually leaves the place. Another variant, involves two or three accomplices who distract the would-be victim by engaging them in a conversation, often pretending to know the victim from somewhere or ask for a lighter. When distracted, the accomplice takes the unattended bag or belongings of the victim. Another tactic involves a perpetrator who loiters around the hotel ' s front desk and waits for a guest to deposit his room key or is busy conversing with the front desk staff during registration. Once the victim is already busy talking with the front desk staff, the perpetrator makes his move by walking beside the victims and grab the bags or belongings unattended in a swift motion and casually leaves the location.
Tutok-Kalawit Gang	Malls, sidewalks, schools, public buses, and jeepneys	Tutok-Kalawit involves a man or woman suddenly hugging a victim like they are old friends. In truth, the con man or woman is discreetly poking a sharp object on the side of the victim while quietly telling him to turn over his cash and valuables. Another variant of this criminal tactic would be two thieves accusing a victim of something bogus. The victim would naturally deny the charge and confront his accuser. The thieves would then ask the victim to show his/her ID. Since IDs are usually kept in wallets, thieves will grab the wallet from the victim and run away.
Ativan Gang	Bars, boardwalks, restaurant, and other tourist spots	Ativan perpetrators commonly victimize foreigners who roam alone in public places. The group is usually composed of three (3) to four (4) males or females who befriend the would-be victim. After gaining trust and confidence, the victim will be taken for a ride to other tourist sites and during meal time, the victim will be brought to their house usually situated in a squatter colony where the victim will be treated for lunch, snacks, or dinner. The served drink is spiked with Ativan – a powerful anti-depressant/ sleeping pill. Even before finishing the drink, the victim will succumb to a deep sleep and while sleeping, will be stripped of his cash and valuables and will be brought out of the house and left at a completely random location. Another variant of this tactic is when a male victim is se - duced and picked-up in a bar, restaurant, park and/or a tourist site by a gorgeous female, well dressed and well-mannered. The victim will be approached and befriended until a casual conversation and se- duction process takes place which culminates in negotiated se - xual activities. The victim will either be brought to a pre-arranged hotel/motel or to his own hotel room. Once at the designated room, the victim will be offered liquor or drink which the perpetrator mixes with highly potent Ativan pills. Once the victim is unconscious, the suspect will divest the victim of his cash/valuables, and then leave the victim at the scene. Most of the victims of this crime wake-up after two to three days and it takes another two days before the victim can fully recover from the drugs and discover the losses.
Ipit Gang	Crowded areas such as passenger jeepneys, railway stations, and malls	Ipit gang members operate in groups of four or five. Gang members shove or push a prospective victim to distract him or her, while their accomplice picks his pocket. In jeepneys and buses, suspects squeeze-in and distract their victims while their accomplice snatches the victim’s wallet and/or mobile phone.
Budol-Budol Gang	Malls, airports, restaurants, and coffee shops frequented by perceivably wealthy tourists and businessmen	Budol-Budol is a transaction scam principally involving a supposed bundle (budol) of cash that is actually padded inside with sheets of paper cut in the size of money. Only the exposed sides however are real money, everything in between are plain paper cuttings. Budol-budol gang members are often described as sweet-talking, charismatic, and convincing. Other victims even report having been hypnotized by the group. Reports and stories of the Budol-budol operations vary from a balikbayan (returning overseas Filipinos) urgently needing a huge amount in Philippine Peso in exchange for his Dollars, to a stranger ' s emergency offer to swap his bundle of cash with a mobile phone or an expensive piece of jewelry. After gaining the potential victim ' s trust the two parties barter their items – the bundle of money for whatever product the to-be victim is peddling. Mobile phones and jewelry are the most commonly lost items. Some high profile cases involve rare paintings, expensive furniture and millions worth of checks to the Budol-budol gang. After the deal is made, the gang and the victim splits. Another, more sensational and dramatic variant of this crime is the use of fake gold bars, which the suspects use as bait for their victims. The ploy commonly used involves a Filipino treasure hunter or a Japanese survivor has knowledge of a secret Japanese fortune which was plundered by the retreating Japanese Army during World War II which is yet to be completely recovered. A sample of the gold bar is shown to the would be victim for physical examination and since the gold bar actually looks genuine, an offer is made to sell the whole fortune by asking the victim to pay half the cost of the gold bars under terms and conditions agreed upon. One of the conditions is that the gold bars can be delivered or a map can be provided and brought to the site where the bars can be dug up. After the payment, the perpetrators will never show up and the victim will soon discover that the gold bars which were delivered or unearthed from the site are gold plated lead bars.
Kotong	Airports, hotels, restaurants, malls, and public parks frequented by foreigners and balikbayans.	The common victims of this MO are foreigners, balikbayans and their dependents who are lured into exchanging their foreign currencies into pesos at a rate higher than the prevailing exchange rates. The group/individual approaches and offers a tempting high rate to the would-be victim. During the transaction, which usually takes place outside or right in front of a foreign exchange shop, the equivalent peso is counted before the victim three times. Initially, the victim is allowed to count the money he will receive to make him feel confident that he will get the exact amount for his foreign currency. After, a recount is done by one of the perpetrators spreading the pesos in his palm to cover his fingers that are folding a portion of the bunch. The suspect distracts the attention of the victim, often by telling him to be extra careful of robbers, while wrapping the bundle of money in a newspaper or placing it inside a paper bag. The victim eventually discovers that he was shortchanged when he counts the money while inside a car or upon arrival at his house or hotel.
Laslas Bag/Laslas Bulsa	Malls, open-air markets, and public transportation	Perpetrators of this crime usually target victims in crowded areas. A man/woman/child pretending to be lost or selling an item approaches the victim to distract his/her attention. An accomplice slashes the bag/pocket of the victim who is busy being distracted by another suspect. All money and goods are stolen.
Ipit Taxi Gang	Taxis	The Ipit Taxi scheme usually involves three (3) perpetrators. . The trio uses a taxi cab spray painted with a different name and sporting stolen or fake license plates. The driver usually drives around looking for a potential victim who is hailing a taxi cab. Unknown to the victim, the locking mechanisms of both rear doors are not working. The driver then drives the cab to a pre-arranged area, usually a dimly lit street or highway, and slows down pretending he has engine/mechanical trouble. At this juncture his cohorts approach both doors of the cab, jump in and sandwich the victim who is forcibly divested of his cash and valuables. After the victim is robbed, the driver takes the victim and dumps him in a quiet place or highway. In another variant, the taxi driver, with the help of an illegal solicitor, will ask the victim to pay an additional amount or forcibly divest him of all cash and valuables, then the victim is dumped in a remote area.
Estribo Gang	Public transportation	Attackers prey on passengers inside a bus or jeepney by positioning themselves near the estribo or vehicle ' s exit and then hold up everyone inside. In other instances, a crafty criminal will set up at the exit of a crowded bus or jeepney and systematically pick the pocket of passengers passing through..
Bukas Kotse Gang	Main roads under heavy traffic, parking areas in malls, churches, schools, etc.	Thieves typically work in pairs.. Spotting a potential victim driving a car with unlocked doors, a pair will force their way into an occupied parked car or a vehicle stopped at an intersection. Other times, using a car of their own, the pair will force the victim to maneuver his or her vehicle off the road. One of the attackers will force the victim to open his door. The attacker pushes the victim to the front passenger seat, drives the car to a deserted area, and robs the victim. Sometimes, the attackers also steal the car.
Dura Boys	Public transportation terminals, jeepneys, and buses	This tactic is usually carried out by a group of three. The first member informs the victim that a man/woman has spit on her sleeve and back. The victim will be distracted trying to wipe the spit on her sleeve while one of the other members of the gang steals the victim’s valuables, usually a wallet or a mobile phone.
Akyat-Bahay Gang	Residential areas	The Akyat-Bahay is the most common robbery scheme in the Philippines . This crime is usually orchestrated by three to five people. These thieves target homes that are unoccupied especially during the holiday season (i.e. Christmas, Holy Week, and Summer Vacation) or during severe weather conditions (i.e. typhoons) when members of the household can barely notice break-ins into their homes. The gang also employs children who can easily enter homes illegally through tight spaces.
Pitas Gang	Provincial and city operation buses, jeepneys, motorized passenger sidecars (tricycles), and schools	Thieves typically target passengers seated near the windows of public buses, jeepneys, and tricycles. Among the items usually snatched by thieves include wrist watches, rings, necklaces, mobile phones, and hand bags. Another variant occurs when a group of thieves grab the ears of women and young girls and steal their earrings or snatch their bracelets from their wrists.
Zest-O Gang	Provincial/city operation buses.	This scheme is usually executed by three members. One of the perpetrators wears a bus conductor’s uniform and ask their potential victim “ilan ho” or “how many?” The unsuspecting victim assumes that the man is the bus conductor and responds with the amount of fare the victim should pay. The criminal then forcibly hands the victim a Zest-O juice or any food item and demands that the victim pay for the item. The two accomplices will vouch that the victim ordered from the vendor. The victim will then be forced to pay up.
Laglag-Barya Gang	Provincial/city operation buses, jeepneys, railway stations	Members of this gang drop coins or small bills near their victim. While the victim helps to scoop up the money, other gang members start robbing the victim. In most instances, a gang member blends with the crowd and serves as lookout or “stopper,” when someone tries to run after his companions.
Baraha Gang	Restaurants, shopping malls, department stores, supermarkets	Members of this gang are typically waiters and cashiers who target credit card users in business establishments. Once the victim gives his credit card to the waiter/shop attendant the card is swiped to a skimming device that will capture the victim’s credit card account.
Besfren Gang	Bargain malls and open-air markets	This gang targets shoppers who check out items sold in stalls (i.e. watches, jewelry, mobile phones, and other electronic gadgets). One of the gang members stands next to the victim and borrows the item being checked, pretending that he/she is a friend of the victim. The thief will quickly flee the stall premises bringing with him/her the said item. The store owner/attendant naturally assumes that the victim is an accomplice and will ask him/her to pay for the item.

How to remove Antivira AV malware

a friend brought to me her laptop which she was complaining that the antivirus was prompting too many viruses in the system. when i tried starting her laptop, i noticed right away that her laptop got infected by the Antivira AV malware. i searched on how to remove this malware but most of them suggests another tool to remove it! there are lots of it youtube. you can also check some of them here.

anyway, i wanted to remove this malware manually without having to install another tool (for which we don't know could be another malware). i came to know that this malware does allow you to run iexplore.exe and explorer.exe process. other processes are killed and antivira will prompt you that such exe file is damaged etc...

so here's how to remove it:
1. open explorer and go to %windir% (e.g. c:\windows)
2. rename regedit.exe to iexplore.exe and run it
3. on Registry Editor, go to HKLM\Software\Microsoft\Windows\CurrentVersion\Run
4. delete entries which have values pointing to ~%local~1%\temp\####.exe
5. if there's an entry for rundll32.exe ###.dll, delete that as well.
6. on the explorer, find the location of the exe in step 4.
you won't be able to delete it so just renamed it
7. locate the dll in step 5 and rename/delete it as well
8. reboot
9. after reboot, rename back the iexplore.exe to regedit.exe.
if there's already one, just delete it.
10. run task manager, kill any rundll32.exe process if there is.
the dll will try to add back the registry entry when it is killed.
so run regedit.exe and delete the runll32.exe entry.
11. do the cleanup using your usual antivirus program.
12. run IE and check your proxy settings. if you are not using any proxy, uncheck the proxy configuration in your Internet Options page.

happy computing.