Product Fails – Online banking Email Alerts

For some time I have been both impressed and baffled by the effectiveness of transaction alerts in the banking sector.

To put things in perspective, I would be looking specifically at email transaction alerts from some of our banks. SMS alerts are good but most times provide just about enough information to tell you that there was a credit or debit transaction on your account.

Overall, and I’m not being biased to favour any one bank, but I think Guaranty Trust bank provides the fastest email services for transaction alerts in Nigeria. This is purely based on my experience and not on a general consensus or extensive research.

On the other hand, considering the speed at which Diamond bank is able to send SMS alerts for transactions, I wondered why their emails were coming in almost 24 hours after the transactions were made. In one occasion the same emails came in multiple times the same day, given the impression of multiple transactions.

In order to better understand what was going on at Diamond bank with their email alert system, I examined the email headers that I received with my transaction alerts.

So here’s what I found out.

  1. The emails are created and dispatched right on time at the exact moment the transaction is recorded in their ERP application.
  2. Next, another server mbankerpro-ho (10.0.5.246) processes the emails and hands them over to the next server in line which is dbxchangehubDR.diamondbank.com
  3. Now this server dbxchangehubDR.diamondbank.com (10.0.5.207) seems to be the bottleneck in the system as it takes a lot of time (over 6 hours) to transfer the emails to the edge server that is responsible for sending out the emails to the world. From the headers this server appears to be running a version of Microsoft SMTP server with id 8.3.348.2.
  4. The emails are finally dispatched by the edge transport server dbedgesvrdr.diamondbank.com (62.173.44.21) which does a good job of dispatching emails in record time to the final recipients – you and I, the account holders.

With this I think there is a need in this bank and probably in some others for an upgrade to their internal email processing system. It appears that the queue is somehow being processed very slowly or probably being processed in an ad-hoc method.

Also, it is important to note that the edge server does not have a valid SPF record which makes it a candidate for spoofing and fraudulent emails. I wouldn’t go heavy on the absence of DKIM records for signing these emails but this one is also good to have.

50 Free Courses in the Technology Section of Udemy

Here’s a nice list of free IT courses on Udemy.com.
You can check out my short list of sites providing reliable online education here https://doctorfox.wordpress.com/2013/01/04/places-to-get-quality-and-free-education-online/.

trustonailende

Below are a list of 50 free courses in the technology section of Udemy. I had to comb through 87 pages to find this. I teach the little I have learned in my 10 years of programming on my training blog Truston Teaches Tech.

  1. https://www.udemy.com/java-tutorial/?dtcode=1z3slwqa
  2. https://www.udemy.com/learn-html5-programming-from-scratch/?dtcode=vge5z78j
  3. https://www.udemy.com/mysql-database-for-beginners2/?dtcode=5b9p2hxa
  4. https://www.udemy.com/java-design-patterns-tutorial/?dtcode=9cf3m2qi
  5. https://www.udemy.com/blackberry-10-app-development/?dtcode=75cg5mw6
  6. https://www.udemy.com/getting-started-with-google-analytics/?dtcode=w5w42z8v
  7. https://www.udemy.com/how-to-build-a-mobile-app/?dtcode=qzurlg2f
  8. https://www.udemy.com/java-multithreading/?dtcode=1qaag6ll
  9. https://www.udemy.com/learn-backbonejs-stackmob/?dtcode=hrbibr2a
  10. https://www.udemy.com/cs-107-programming-paradigms/?dtcode=clerdhuc
  11. https://www.udemy.com/html5-programming-tutorials/?dtcode=rzcs3p5z
  12. https://www.udemy.com/learn-android-programming-from-scratch-beta/?dtcode=llg9ehwv
  13. https://www.udemy.com/creating-an-mp3-player-with-html5/?dtcode=rcxfnlkq
  14. https://www.udemy.com/introductiontolinux/?dtcode=z4m5aly4
  15. https://www.udemy.com/web-hosting-101/?dtcode=wcwi8b9l
  16. https://www.udemy.com/easy-phpeasy-2/?dtcode=9aq9wauj
  17. https://www.udemy.com/learn-javascript-jquery-from-scratch/?dtcode=dafsg79y
  18. https://www.udemy.com/build-an-app-business-in-80-minutes/?dtcode=e75ur2dl
  19. https://www.udemy.com/wordpress-101-course/?dtcode=rdzhzaxz
  20. https://www.udemy.com/programming-for-entrepreneurs/?dtcode=dcukvs2f
  21. https://www.udemy.com/coding-for-entrepreneurs-basic/?dtcode=nykd4l73
  22. https://www.udemy.com/html5-new-features/?dtcode=uctv7qtg
  23. https://www.udemy.com/wordpress-basics-how-to-manage-your-website/?dtcode=vmdhb537
  24. https://www.udemy.com/game-development-fundamentals-with-python/?dtcode=uzg7lhte
  25. https://www.udemy.com/introduction-to-web-development/?dtcode=9zrj9g13
  26. https://www.udemy.com/web-development-learn-by-doing-html5-css3-from-scratch-introductory/?dtcode=rmztlbyq
  27. https://www.udemy.com/plan-build-and-launch-a-wordpress-website/?dtcode=cv75bt79
  28. https://www.udemy.com/installing-and-setting-up-wordpress/?dtcode=9g44q2f3
  29. https://www.udemy.com/getting-started-with-php-programming/?dtcode=8av8ft1d
  30. https://www.udemy.com/intro-to-java-programming/?dtcode=s5z2n28y
  31. https://www.udemy.com/sublime-text-workflow/?dtcode=jzuqbkcm
  32. https://www.udemy.com/introduction-to-web-and-ecommerce-user-experience-design/?dtcode=7gmyn2p6
  33. https://www.udemy.com/learning-javascript/?dtcode=d5rqsuna
  34. https://www.udemy.com/html-workshop/?dtcode=21cexhja
  35. https://www.udemy.com/introduction-to-google-tools/?dtcode=e5vp95tf
  36. https://www.udemy.com/symfony-development/?dtcode=n1nkizdu
  37. https://www.udemy.com/mastering-ftp/?dtcode=98jgt2g9
  38. https://www.udemy.com/learn-php-fundamentals-from-scratch/?dtcode=2xzje9x2
  39. https://www.udemy.com/how-to-build-a-wordpress-website-in-a-weekend/?dtcode=7rzdzhpd
  40. https://www.udemy.com/integrating-payments-with-the-stripe-api/?dtcode=zrg2vjwj
  41. https://www.udemy.com/thumbs-rating-system-with-jquery-php-and-mysql/?dtcode=i7f3hj49
  42. https://www.udemy.com/the-what-and-why-of-apis/?dtcode=5wxbuufn
  43. https://www.udemy.com/introduction-to-bootstrap-3/?dtcode=thyqcqye
  44. https://www.udemy.com/build-your-email-list-with-mailchimp-or-aweber/?dtcode=69ksyejl
  45. https://www.udemy.com/getting-started-with-android/?dtcode=a6hyx547
  46. https://www.udemy.com/dream-in-javascript/?dtcode=9n1s58fw
  47. https://www.udemy.com/c-plus-plus-programming-lite-version-by-hitesh-choudhary/?dtcode=uq2wc7zv
  48. https://www.udemy.com/introduction-to-app-development/
  49. https://www.udemy.com/sql-server-for-beginners/?dtcode=2ux2xq1d
  50. https://www.udemy.com/java-tutorial-video/?dtcode=f7c21j3b

View original post

Beware of ISPs Data Cache – The Evils of Session Collision and Data Mix-up

If you’ve ever spent 2 or more hours trying to figure out why a perfectly working system suddenly begins to misbehave for only a select few people then you will easily relate to the rest of this post which I’m about to share with you.

After receiving two calls following an email with the same issue which I had never heard of or experienced, I decided this was it – This Means WAR (me on the one side and the problematic system on the other).

Eye Looking Over Person On Computer

Looking through the carefully stacked mini optimized web server running Apache, with MPM-Worker, having a protective DNS layer caching system with DDos protection, I knew this would be another onion peeling exercise – hopefully there would be no tears in this case.

An application I  had built and maintained for a client using the popular CakePHP framework and the technologies listed earlier had suddenly started sharing customers’ personal details between selected users at its own leisure.
Two customers had called and emailed my client claiming they “no longer felt safe” with this platform. In order to stall the crisis and provide more resources for the investigation (debugging), I asked my client to request for a screen shot from the affected users.

I was having other clients projects concurrently running and time was ticking on all of them. What do you do when you have problems attacking you from multiple directions?

To cut to the chase, I had no option left but to put out the fire in the house before trying to build up other storeys.
I stopped work on the other projects and then started with the first layer of the problem – localhost.
After conducting several tests on the app on localhost I knew there was no problem locally, and this had to be a remote live occurrence.

So quickly I switched to the first level of caching before the customers – the DNS cache. After turning this off I felt relieved and said to myself, now this problem should be gone. So I sat back and relaxed, only to receive another call moments later with the same complaint.

So this did not work and I was back to the problem again. Personally, I had not experienced the problem and it seemed strange and unfounded to me that this could really be happening.

The next attempt to resolve this could not have been at a better time. My high speed internet service provider was out of reach and I had to fall back to the GSM “broadband” modem. Right on the spot the phone rang and my client was explaining to me that they were on a live chat session with a customer who was experiencing the problem as we spoke.

Quickly, I sprung to action.

1. Check all the server logs

2. Check the database server for running queries.

3. Find out if there’s any system performance degradation or failure.

All of these led me to nowhere, just a few slow queries without any relationship to the main problem. Then I refreshed a page on the app which a user had earlier sent in with the mixed up data. And voila! I’m seeing another user’s information.

This was really creepy… It true, it appears my application is going bonkers.

Not the kind who easily gives in to defeat, I decided to do something out of the blues. I checked my IP address (41.190.2….), then checked the IP address of the users who had been complaining. The result was an astounding message to me which would fuel be my will to write this post detailing my experience. We were all using the same ISP at that moment within the same internet number range 41.190.0.0 – 41.190.31.255.

Suddenly my AHA moment had come. I almost would have screamed to myself – damn you EMTS!!! So this is your idea of incredibly fast internet speed with easy blaze! Caching page results for websites which clearly specify no-cache in their headers, then serving the most recent of those pages to every and any user on your network that requests for them. This is evil as I could end up looking at the private pages of a Facebook profile of someone on the street assuming we both access Facebook without HTTPS.

Surely, EMTS was saving bandwidth using this method, but they were also corrupting and mixing up people’s data along the way.

Hopefully they would resolve this soon. But rather than wait for a solution from them (if ever they realize that it’s a problem) and cause my clients more heartaches, I will have to quickly implement a random generator plugin to add random strings at the beginning of each users request.

If my hypothesis is right, this should prevent their caching server from caching every result as the same, while serving only unique requested pages to the correct user from whom the requests originated.

Get Disqus To Load in Firefox and Other Browsers

I am someone who loves simplicity in getting things done, and one of those things happen to be commenting on sites.
Having subscribed to the Disqus commenting system a while back, I decided to test their new features when they rolled out. It turned out that the new generation Disqus wouldn’t load on my Firefox browser.

So I looked up online for a solution and all I could see kept pointing me in the direction of plugins and all other non-effective solutions.

Finally I saw a post on the Firefox support forum that discussed this issue. Quickly my thoughts swung towards the plugins I had installed.

Being a web developer I have always used Firebug and Web Developer plugins for manipulating the DOM and other necessary functions. However, this time I remembered one setting that was not necessary. I had Disabled Referrers.

This was the culprit! Once I unchecked this option under the “Disable” drop-down link in Web Developer, Disqus was back in business!

Here’s a small screen shot  of what it looks like.

Uncheck Disable referrers if disqus is not loading

What the Heck Can We do With Our GIS?

Reading this article on the Mindsumo blog I remembered not too long ago we had engineers in Lagos aggregating GIS information for the state.

So I wonder today, where is this information and how can we (residents) leverage it or build innovative solutions that would solve some of the city’s pressing challenges?

 

Following below is an excerpt of the post:

According to the worlds greatest source of knowledge, the legendary Wikipedia, a Geographic Information System (GIS) is a system designed to capture, store, manipulate, analyze, manage, and present all types of geographical data. Put a little more simply, a GIS is the merging of cartography, statistical analysis, and database technology. Put even more simply, it tells you the stuff that’s in an area, bro.

A GIS contains a record of the geographical information in an area, details on what occurs there, and can predict what the consequences of changing the geography would be. For example, engineers use a GIS before deciding to build a new road to determine if it will even have a positive impact on traffic flow in an area. One could also be used to find a suitable location for a construction project by searching for an area with 5,000 square meters of free space, soil types appropriate for the scale of the building, and within 500 meters of a road. A wide variety of information about traffic habits, elevation levels, population density and socio-economic factors can be recorded and put to use in a GIS.

The question we want answered at MindSumo is: What would you do with one? How would you build a more prosperous and industrious city using all the different types of geographical information available? Build windmills to provide power in large flat areas? Gather the largest construction projects in the areas least prone to an earthquake? Place housing at the top of hills to avoid flooding? There are infinite ways to use the vast amounts of data we are now able to gather about the areas we live in, so how will you work them to your advantage?

via The Mindsumo Blog

Personalized Self Uploaded MTN Caller Tunez – Setting it up

How to subscribe to MTN Caller tune service

Here is how you can easily set up the caller tune on your MTN powered mobile phone:

– Dial the caller tune zone on 4100 and listen

– Press 1 to download a new caller tune

– Enter the caller tune code for the song you want

– End it with a hash(#)

– Follow the voice prompt to complete your subscription

Your new caller tune will now be set up and in a few seconds, you will receive a text message:

“Your callertunez was processes successfully”

How to set up a DIY(Do it yourself)/Personalized/Customized MTN Caller Tune

So you might already have or have not subscribed to the callertunez service. Now what about if you just want to create a tune by yourself and upload it to MTN server? Well MTN Nigeria allows you to do this in the set up referred to as DIY caller tunez service.

To set up DIY service, here’s what to do:

– Dial the same Caller tune zone on 4100

– Press 4 to DIY your favourite song or tune

– Then press 1 to begin

– After the beep, record your tune to the phone e.g voice or song from your background (Limited time allowed)

– Press # when finished

– Listen to the tune when replayed

– Press 1 to submit it

– You would hear a voice feedback telling you that you have succeeded. You will receive a text message shortly.

Note:

It appears dialing the MTN Callertunez zone 4100 is not free as you will be billed for the time you spent on the call.

Also, the service costs N50.00 per month and for every caller tune set up for your phone.

You can browse some preloaded caller tunes on the MTN website at: http://callertunez.mtnonline.com

via EconomicPot

 

Developers Parapo October At Co-creation Hub Lagos

In this month’s event, we get to talk directly with the guys at the top financial switching providers in Nigeria.

After so much rambling and questions Mr. Femi Ogungbamila talked to us about a number of new and planned products in the pipeline.

Basically, Interswitch promised to provide a self-service sandbox for new merchants to test their applications.

Also if you have information you wish to share with Interswitch urgently you can send an email to quickteller@interswitchng.com to get rapid responses from Interswitch.