Free Android app to scan, read and generate QR codes and barcodes (ad-free)

There are quite a lot of QR code scanner in the Google Play Store nowadays. Some can also read and interpret QR code from a graphics file saved in the phone. There are also a few even capable to generate new QR code for you.

However, not all of them are free. And, most of the free one are not ad-free.

I have found one that really impress me. It is a 3-in-1 QR code scanner, reader and generator app, very simple to use, and most importantly, it is free for use and ad-free. This means it won't bombard you with any annoying ads!

This Android app is called QR & Barcode Scanner, QR Code Reader, QR Generator offered by Digital Seo Web. You can click here to download and install it from Google Play Store.

By using the phone's camera, it is able to scan and interpret most if not all QR codes and also 2D barcode types including text, website link, product, ISBN, contact, email, calendar, location, Wi-Fi, data matrix, EAN, UPC, Code39, Code128, Codabar, ITF, EAN8 and many other formats.

The app has a trigger for you to turn on your phone's flashlight during scanning environment with low light condition.

Upon successful interpreting of the scanned code, the result will be displayed on the screen, and you will be given options to open the web URL (for website link), save contact information to your phone contacts (for business card QR code), access to WiFi (for WiFi credential QR code), send it out as email, send it out as SMS, share it to other apps, or export it to a CSV file which will contain the date, type and interpreted content of the code.

This app has a very clear-cut menu.

You can read the QR code or barcode saved as PNG, JPG or other graphics file by using the Gallery function.

You can generate your own QR code by using the Generate function.

You can look back at the past scanning/reading results by using the History function.

This app is able to generate quite a number of QR code types, including personal profile, business profile, contact number, SMS message, plain text, email, website URL and company profile.

You can save the generated QR code as a JPG file in your phone by tapping on the "download" icon at the top-right corner. You can also share the generated QR code to other apps.

This app seems to be pretty new in Google Play Store, but it is really amazing. I highly recommend it for all Android phone users who are looking for a free, modest and ad-free QR code scanner, reader and generator.

DIY applying for China visiting visa with Kuala Lumpur CVASC using online appointment

Malaysian passport holder who intends to visit to China needs to apply for a valid visa before making the travel, as there is currently no visa exemption arrangement between China and Malaysia yet.

Application for the required Chinese visa needs to be done in the office of Chinese Visa Application Service Center (CVASC) available in Kuala Lumpur, Penang and Kuching. You can either complete the whole process by yourself, or choose to make the visa application through an agent, which will charge you additional fees for their service.

In fact, the process to apply for Chinese visa is pretty straightforward and fast provided you follow the procedure correctly.

The Kuala Lumpur CVASC office is located in Hampshire Place, Jalan Mayang Sari, 50450 Kuala Lumpur. You can take the LRT there by coming out from either Ampang Park station or KLCC station. The Hampshire Place building is within walking distance behind the Bank of China building.

If you drive there, you can park in the visitors car park of Hampshire Place, but the parking lots are quite limited. In case the parking at Hampshire Place is full, you can park your car in the visitors car park of Megan Avenue 1 just across the road.

Here is the procedure to apply for the China visiting visa by yourself with Kuala Lumpur CVASC.


Step 1: Get ready the required documents

You will need:

• A valid passport with more than 6 months before expiry date.
• Your passport must have at least 2 empty pages. The visa itself will take up one full page.
• A photocopy of your passport page with your personal information and photo, and the adjacent page with your signature.
• 2 pieces of passport size photos. Make sure the background of the photo is white (not blue) in colour.
• If you are travelling as tourist, you will need to submit a photocopy of your air ticket.
• If you are travelling for business trip, you will need to submit a letter of invitation from China and a letter of dispatch from your company in Malaysia. There are certain criteria needs to be explicitly printed in both the letters, including your personal particulars (full name, gender, date of birth, etc.), detail of the company that issued the letters respectively (name, contact, address, official stamp, etc.) and your visit itinerary. The date of both the letters must not be longer than 3 months from the date of visa application.

You can apply for single-entry visa or multiple-entry visa. If you intend to apply for multiple-entry visa, you need to also photocopy your passport page containing your previous Chinese visa which was applied less than 2 years ago. For first time visit to China, you can only apply for single-entry visa or double-entry visa.

Fees will be higher for multiple-entry visa. The current schedule of fees is as below:

Step 2: Fill up the online visa application form and make the online appointment

In order to complete this step, you will need:

• A computer connected to the Internet.
• The computer is installed with Adobe Acrobat Reader.
• The computer is connected to a printer.
• Preferably to access the online visa application form and online appointment form using Google Chrome.

When you are ready, click here to go to the Kuala Lumpur CVASC Quick Access webpage. You might want to bookmark this URL for future access.

After you have reached the webpage:

• Click on the button inside the Application form box in the webpage.
• Follow the step-by-step instruction to fill up the online visa application form.
• Save your form online, and go through all the fields to review it. Make sure all information is correctly filled up.
• Finalize and print out your visa application form.
• Don't forget to manually sign on the printed application form.
• Don't forget to attach with your passport size photos (with white background) and all the supporting documents.
• Click on the button inside the Appointment box in the webpage.
• Fill up the online appointment form.
• Submit the appointment form online, and print out the confirmed appointment slip.

Step 3: Visit to CVASC for document submission

On the date and time of your appointment, bring your original passport, photos, all supporting documents and the appointment slip to CVASC office at Level 5 of Hampshire Place.

At the front counter, submit all your documents for checking. If all your documents are complete, you will be given a queue number.

Wait for your number to be called, submit your documents to the officer, and you will be given a pickup form with the date to collect back your passport.

The whole process should take less than 30 minutes from the time you step in Level 5 to the time you step out the office.

No payment is needed during document submission. You will only need to pay during passport collection.


Step 4: Visit to CVASC for passport collection

On the day of passport pickup, just bring along your pickup form and visit CVASC office at Level 6. There is no specific appointment time needed for passport collection. You will need to arrive at the office between 9.00am and 3.45pm.

Let the front counter inspect your pickup form, and you will be given a queue number.

Wait for your number to be called, submit your pickup form to the officer, and you will be required to make payment for your visa. You can either pay by credit card or pay by cash.

After payment made, just wait for a while and your passport will be returned to you with the visa in it. Make a last checking on the visa detail before leaving the CVASC office.

The whole process should take less than 30 minutes from the time you step in Level 6 to the time you step out the office.

Updated the firmware of my TP-Link RE450 AC1750 WiFi range extender to Build 20171215 Rel. 55534

I just discovered that there is a new version of firmware released on 15 December 2017 and made available for download on 22 December 2017 for my TP-Link RE450 AC1750 WiFi range extender. I should have discovered this earlier!

This is an important firmware update, because it includes the security bug fix for the WPA2 Security (KRACKs) Vulnerability.

Other enhancements and bug fixes in this version of firmware include:

• Improved online detection method and reduced unnecessary data traffic.
• Improved the system stability and wireless stability.
• Fixed the wireless compatibility with Volvo cars.
• Fixed the wireless compatibility with some wireless network card.

You can download the new firmware update file from TP-Link official website, under the Support > Firmware section.

To update the firmware, unzip the downloaded file, and upload it to your RE450 WiFi range extender by login into the device, and go to System Tools > Firmware Upgrade section.

Your existing configuration in the RE450 will still remain after this firmware update.

After the update, you will see the firmware version changed to 1.0.0 Build 20171215 Rel. 55534.

Insecurity in the Internet of Things (IoT)

The Open Web Application Security Project’s (OWASP) List of Top 10 Internet of Things (IoT)Vulnerabilities sums up most of the concerns and attack vectors surrounding the IoT category of devices as below:

• Insecure web interface
• Insufficient authentication/authorization
• Insecure network services
• Lack of transport encryption
• Privacy concerns
• Insecure cloud interface
• Insecure mobile interface
• Insufficient security configurability
• Insecure software/firmware
• Poor physical security

During a research by Symantec in 2015, they found issues such as the following:

• Around 19% of all tested mobile apps that are used to control IoT devices did not use Secure Socket Layer (SSL) connections to the cloud
• None of the analyzed devices provided mutual authentication between the client and the server
• Some devices offered no enforcement and often no possibility of strong passwords
• Some IoT cloud interfaces did not support two-factor authentication (2FA)
• Many IoT services did not have lock-out or delaying measures to protect users’ accounts against brute-force attacks
• Some devices did not implement protections against account harvesting
• Many of the IoT cloud platforms included common web application vulnerabilities
• 10 security issues were found in 15 web portals used to control IoT devices without performing any deep tests. 6 of them were serious issues, allowing unauthorized access to the backend systems.
• Most of the IoT services did not provide signed or encrypted firmware updates, if updates were provided at all

 

The above information is excerpted from a Symantec white paper regarding the Insecurity in the IoT.

 

 

 

My electronic UV light mosquito trap

There has been increased dengue fever cases in my residential area. As a preventive measure, I have bought some electronic ultraviolet light mosquito traps to capture the mosquitoes found in my house.

The body of this mosquito trap is mostly made by plastic, which might be the reason for its cheap price selling at around RM25 only. Anyhow, as long as it works, I am happy with it.

The most important parts of this mosquito trap are its 6 LED lights on top which emit purplish visible light and ultraviolet light which function to attract the mosquitoes to fly to it, and a small fan to suck the mosquitoes down into the trapping chamber.

As you can see from the photo, the trapping chamber can be opened up like a drawer, and you can inspect the amount of insects trapped and died inside, wash it and put it back to the device.

Its fan will generate some noise during operation, not very loud, but still audible at close distance, especially during quiet time. It's suction is not very powerful, so probably can only able to suck in the mosquitoes which flied very near to it, and might not be strong enough to suck in larger insects such as flies, cockroaches, etc.

Now, this question is, does it really work? I really can find dead mosquitoes in the trap. There isn't much mosquito in my house all the while though.

So, it really works! It might not be as effective as those models that use electrocute to kill the insects, but at this price I think is a worth.

ADcase the handphone case with special dampers that can save the phone from dropping damage

ADcase (active damping case) is a very innovative handphone case invented by a German engineering student called Philip Frenzel. It has just won an award from German Mechatronics Society.

The phone case has special shock-absorbers made with metal springs at its 4 corners. In normal situation, the shock-absorbers are hiding inside the case, and the case just looks like other normal handphone cases.

When sensors inside the case detected that the phone is on free fall dropping, it will immediately unfold the metal springs before hitting the ground. In this way, it can effectively protect the phone from damage due to dropping.

After the falling, the dampers can be manually folded back into the case and are therefore reusable.

You can watch the video below to see how ADcase reacts when the phone is dropping.

Very brilliant idea, isn't it?

WiFi Alliance introduced WiFi Certified WPA3 to replace current WPA2 security standard

WiFi Alliance has just introduced WiFi CERTIFIED WPA3 (Wi-Fi Protected Access version 3) as the next generation WiFi security standard, bringing new capabilities to enhance WiFi protections in both personal and enterprise wireless networks.

Key capabilities of WPA3 include:

• WPA3-Personal: more resilient, password-based authentication even when users choose passwords that is simple to remember. WPA3 will leverage on Simultaneous Authentication of Equals (SAE), which is a secure key establishment protocol between devices, to provide stronger protections for users against password guessing attempts by third parties.
• WPA3-Enterprise: offers the equivalent of 192-bit cryptographic strength, providing additional protections for networks transmitting sensitive data, such as government or finance. The 192-bit security suite ensures a consistent combination of cryptographic tools are deployed across WPA3 networks.

With the evolution of WiFi security from current WPA2 to WPA3, we can expect:

• WiFi password to be a lot more difficult to crack.
• WiFi CERTIFIED Easy Connect - IoT devices can connect to WiFi network more easily.
• WiFi data sniffed and recorded without knowing your password will not be able to decrypt even if your password is obtained later.
• WiFi CERTIFIED Enhanced Open - communication in open connection (WiFi connection without the need of any password) will also be encrypted, therefore much more secured than WPA2 open connection. In current WPA2, if the WiFi is connected using open connection without the need of password, the communication between the WiFi connected device and access point is not encrypted.
• Stronger WiFi encryption by replacing the existing PSK (Pre-Shared Key) system in WPA2 with the new SAE system.

Anyhow, in order to enjoy the benefits of using WiFi WPA3, both the access point (or wireless router) and the connecting device must support this new WiFi security standard. Devices that support WPA3 will probably hitting the market from year 2019 onwards and gradually replacing the existing which only support up to WPA2.

My Dell DA300 6-in-1 USB-C mobile adapter

My Dell Inspiron 5370 laptop has limited output ports as a trade-off for its slim and lightweight design. It only has 1 USB 3.1 Gen 1 (Type-C) port with Power Delivery/DisplayPort, 1 HDMI 1.4b port and 1 combo audio port.

This means that it can only connect to the network using WiFi connection, as there is no Ethernet port. It is also not able to output its display to projector using VGA connector unless making use of an adapter to convert its HDMI output to VGA.

Luckily, Dell has made available a DA300 6-in-1 USB-C mobile adapter which is able to convert the USB-C port of the laptop into:

• HDMI 2.0 port that supports 4K display output
• DisplayPort (DP) 1.4 that supports 4K display output
• VGA port that supports 1080p full HD display output
• Ethernet network port that supports MAC address pass-through, PXE Boot, and Wake-On-LAN
• USB-A port with up to 10 Gbps data transfer speed
• USB-C port with up to 10 Gbps data transfer speed

This Dell DA300 mobile adapter is plug-and-play on supported Windows 10 computer. It can be used straightaway without the need to install any driver.

It offers seamless video, network, and data connectivity, in a neat, compact design. It price of around RM300 is quite reasonable for its 6-in-1 functions and its innovative design.

About the Cyber Kill Chain

The Cyber Kill Chain introduced by Lockheed Martin is a cybersecurity model to describe, in general, how a computer intrusion (hacking) through IT network is carried out in 7 distinguished stages. It was developed based on military attack kind of thought.

Anyhow, there is no common SOP in cyber-attack, and hackers are not necessary following the Cyber Kill Chain of planning and action in their attacks.

This model is however useful to plan for cyber-defense strategy and measure, and also for cyber-threat analysis to a networked computer system.

The 7 stages in Cyber Kill Chain are:

• Reconnaissance - the victim is observed, analyzed and studied by the attacker.
• Weaponization - tools are developed or obtained to exploit the weaknesses found in the victim.
• Delivery - the "weapon" is deployed to the targeted victim.
• Exploitation - once the "weapon" is successfully deployed, it will start working by looking for vulnerabilities in the victim's computer system.
• Installation - at the stage, access is silently obtained by the "weapon". It will find it way to communicate to the attacker using the computer network. Normally, a backdoor is established to enable such linkage.
• Command and Control - remote access to the victim's computer system is made available to the attacker. The attacker can take over control of the compromized system and issue command to it.
• Actions on Objectives - with the control, the attacker is able to proceed with the objectives of the attack, such as data exfiltration, data destruction, data encryption for ransom, etc.

With reference to this model, the defending party can plan for countering the attack by the famous 4 Fs strategy, namely:

• Find the enemy
• Fix the enemy
• Fight the enemy
• Finish the enemy

Cryptography - the essential technique in today computing world

Cryptography is the method of converting plaintext information into non human-readable form called ciphertext through a process called encryption, and reverse process to convert the ciphertext back to original form called decryption.

Today, knowledge in cryptography is crucial for every computer programmers and computer engineers. It is applied in everywhere in the cyberspace and it is a sin of omission if not applied properly to provide cybersecurity protection in the areas of confidentiality, integrity, authentication, and non-repudiation.

Cryptography is the integral part of blockchains and crypto-currencies such as Bitcoin, Ethereum, etc. It is used to secure data transmission in WiFi communication, 4G LTE network, HTTPS web access, etc. It is also extensively used to secure file system in Apple iOS, Windows Bitlocker, SSD encryption, etc. It enables the implementation of digital signature.

Cryptography makes use of digital key(s) to perform the encryption and decryption process. There is one kind of cryptography called hashing which does not make use of any key, and the ciphertext is non-reversible to original information.

Keyless Cryptography (Hashing)
Hashing is a one way function that convert its input message into irreversible string of text called hash or digest, which normally has a length much shorter than the input message. The key concept of hashing is that the generated digest is unique to the input message, so that same input message will always generate the same digest, and different input message will not generate the same digest.

Hashing is commonly used:

• To store password for identity authentication
• To generate checksum or fingerprint to verify if the original information has not been tampered or changed
• In database and data storage for more efficient data searching
• In computer geometrics and computer graphics

Examples of hashing function are:

• MD5 (Message Digest 5) - designed to replace earlier version of MD2 and MD4. Still commonly used despite MD6 has been around to replace it.
• SHA-3 (Secure Hash Algorithm 3) - winner of the NIST hash function competition.  Commonly used in digital certificates. Supersedes earlier version of SHA-0, SHA-1 and SHA-2.
• BLAKE2 - Used in RAR compressed file checksum. Supersedes earlier version of BLAKE.

Symmetric Key Cryptography (Private Key Cryptography)
The same private key is used for message encryption and decryption.

It is commonly used in secured data transmission, such as SSH, WiFi with password, 4G LTE communication, etc.

Examples of symmetric key cryptography are:

• DES (Data Encryption Standard) - designed by IBM in 1970's. Modern supercomputer is able to decrypt DES encrypted information within just a few days. Still commonly used in smart cards, SIM cards, etc.
• 3DES (Triple DES) - more secure version of DES.
• IDEA (International Data Encryption Algorithm) - commonly used in Pretty Good Privacy (PGP) email signing and secured email transfer.
• ThreeFish - is the successor of Blowfish and TwoFish. Commonly used in SSH secured remote access.
• RC6 (Rivest cipher 6) - designed by RSA Security, patent just expired in 2017. Commonly used for secured data transmission and in bank ATM machines. Is the successor of RC2, RC4, RC5.
• AES (Advanced Encryption Standard) - commonly used by USA government and commercial sector to protect top secret documents.

Asymmetric Key Cryptography (Public Key Cryptography)
Consists of a key pair. The private key that should be kept secret with the owner, and the public key that needs to be known by others.

In the scenario of digital signing, the private key is used to sign the digital document, and the public key is used to verify the digital signature.

In the scenario of data encryption, the public key is used to encrypt the document to be sent to the private key owner, and the encrypted document can only be decrypted using the corresponding private key.

It is commonly used in Secure Socket Layer (SSL), Transport Layer Security (TLS), S/MIME, digital signature, blockchains and crypto-currencies.

Examples of asymmetric key cryptography are:

• RSA (Rivest-Shamir-Adleman) - named after its 3 designers. Patent expired in 2000. Compared with DSA, it is slower in digital signing and faster in verification.
• DSA (Digital Signature Algorithm) - patented but can be used royalty free. Commonly used in SSH and digital signature. Compared with RSA, it is faster in digital signing and slower in verification.
• ECC (Elliptic Curve Cryptography) - derived from DSA and based on Elliptic Curves theory. Commonly used in Bitcoin, Ethereum, iOS, etc.
• Diffie-Hellman - is used for public key exchange and not for digital signing or data encryption.

Is your organization still following the outdated password policy?

If you were told or forced to set up a so-called "strong password" which required to be determined as complex (must consist of combination of uppercase letters, lowercase letters, numbers, special characters, and so on...) just to safeguard your user account from password guessing, peeping, and/or brute-force attack, the policy is outdated and should be obsoleted as soon as possible.

If you were also told or forced to change your password periodically, let's say every month or so, that thinking also has been admitted by certain cybersecurity experts to be foolish and will not make your account more secured.

Indeed, it only serves to make your life more difficult, and makes your account much more vulnerable if you eventually did either one of the following attempts to help remembering your latest password:

• Write your latest password on Post-It notes or inside your diary book.
• Tape your password somewhere near your computer (similar way to what character Nolan Sorrento in movie Ready Player One did).
• Keep your password in a computer file (text, Word, Excel, ...), either password protected or not.
• Store it with your web browser's auto-complete feature.

Apparently, the outdated password policy that required complex password and frequent change was derived from a 2003 National Institute of Standards and Technology (NIST) report namely "NIST Special Publication 800-63. Appendix A."

Interestingly, it is also NIST who has overthrown its own password guidelines in its recent NIST Special Publication 800-63A report namely "Digital Identity Guidelines:  Enrollment and Identity Proofing Requirements." released in June 2017. You can download the complete report here for free.

The new report has made the following important suggestions:

• Verifier SHOULD NOT impose annoying password complexity rules. They make passwords harder to remember. They increase errors because artificially complex passwords are harder to type in. They make most people remembering password by Post-It notes or computer file. It's better to allow people to use pass phrases.
• Verifier SHOULD NOT bother user with password expiration. That was an old idea for an old way we used computers. Only force a password change when there's indication of compromise.
• SHOULD use dual factor authentication (2FA). This is the proven to be the more robust and secure way.

Dual factor authentication adds an additional layer of security by requiring not only the password, but also another piece of information that only the account holder has or know. One of the most commonly used method for dual factor authentication is one-time-password (OTP) which could be  event-based (OTP is generated by triggering an event, such as a keypress, explained in RFC 4226) and/or time-based (OTP will keep on changing by time, explained in RFC 6238).

The account holder need to read the OTP from a token, and use it for successful account login. The token can be generated from a hardware device such as key fob, display card, USB authentication key, OCRA keypad, etc. It can also be generated and delivered to the account holder by software, in the form of SMS, email, mobile app display, push app notification, etc.

Note that the use of SMS or email for OTP is also outdated method which is vulnerable to trojan horse interceptions and/or malicious software crack-in. You can search the Internet for the following keywords to read more about how insecure to use SMS for OTP:

• ZeuS-in-the-Mobile (ZitMo)
• SpyEye-in-the-Mobile (SPITMO)
• Android.Bankosy

Besides, the OTP in SMS and email is very likely to be sent in plain text form, which subject to ISMS threats of interruption, interception, modification and fabrication along its way.

Therefore, all organizations should update their password policy for all users to be:

• Use pass phrases instead of password
• Use dual factor authentication with secure token (avoid using the outdated SMS or email method)

Google Chrome and Firefox will distrust websites with SSL/TLS certificate issued by Symantec / Verisign / Thawte / GeoTrust / RapidSSL

Web browsers Google Chrome (with 57.69% global market share as of March 2018) and Firebox (with 5.4% global market share as of March 2018) will start to distrust all the websites with SSL/TLS certificate issued by Symantec, Verisign, Thawte, GeoTrust and RapidSSL.

This means that soon in the near future, every time when you visit such websites using HTTPS protocol with Google Chrome, Firebox and possibly other web browsers which follow suit, the browser will give you a security warning before you can read their webpage.

Some of the affected popular websites including (but not limited to)...

 

In late 2017, DigiCert has acquired Symantec's Website Security and related PKI solutions which was the Certificate Authority for those affected Symantec, Verisign, Thawte, GeoTrust and RapidSSL SSL/TLS certificates.

Webmasters of all the affected websites can make arrangement with DigiCert to replace their SSL/TLS certificates with a new one issued by DigiCert, which is still trusted by Google Chrome and Firefox.

You can click here to read for more information about this issue.

How to enable using F8 during boot up to enter safe mode in Windows 10

Seasoned MS Windows users are very likely to have experience using F8 during computer boot up to enter into "safe mode" of the Windows operating system.

In many occasions, "safe mode" can save your day to enable you to fix something that is broken in the Windows system. Such occasions including but not limited to:

• Windows update has caused problem and instability to the system. 
• Problematic hardware device driver (normally arises after new driver update). 
• Incompatible screen resolution with the monitor causing blank screen or distorted display.
• Windows is infected by virus or malware that unable to be removed in "normal" mode.
• Problematic software/application that causes system crash (and unfortunately it autorun during Windows start up)
• Minor damage to Windows registry or system file due to improper power off.

You can keep on pressing the F8 key on your keyboard during boot up of Windows 7 to enter a boot up menu that include the "safe mode" boot up option. However, this F8 function is disabled by default in Windows 8 and Windows 10.

You can still reboot Windows into "safe mode" if you are able to boot into the login screen of Windows 8/10 and the login screen is still functioning properly. You just need to hold down the Shift key on your keyboard while clicking on the Power icon in the login screen and select the Restart option to reboot your computer.

You can also create a bootable Windows recovery USB drive that can be used to fix Windows problem.

If you want to enable using F8 during boot up to enter safe mode in Windows 8/10 as another rescue resort, here are the steps.

Step 1: Enter Command Prompt with Administrator's right

Click on the Magnifying Glass in Windows Quick Launch bar and search for "cmd".

You should be able to find "Command Prompt". Right click on it, and select "Run as administrator". This will open the Command Prompt window with Administrator's right.


Step 2: Change the Boot Menu Policy to Legacy

In the Command Prompt, type the following command and press .

bcdedit /set {default} bootmenupolicy legacy

This command edits the boot configuration data (BCD) to bring back the F8 safe mode function.

Upon successful execution, you will see the message "The operation completed successfully". You are done!


Step 3: Testing

Now, restart your Windows and test your F8 key. It should be able to call out the following Advanced Boot Options menu.

If for any reason you want to roll back and disable F8 during boot up, you can use the instruction in Step 1 to enter Command Prompt with Administrator's right again, and issue the following command instead:

bcdedit /set {default} bootmenupolicy standard

A family visit to Sewing World Gallery @ Sky Park One City Mall

In the older generation not too long ago, sewing machine had been a common item found in many household. At that time, sewing (and perhaps knitting, too) was an essential skill learnt by most housewives.

Then, sewing machine had been unconsciously become lesser and lesser seen in household nowadays. It prone to become industrial item found in clothes and fashion factories.

Meanwhile, the Mostwell Group which is the sole distributor of Janome sewing machines in Malaysia has been endeavoring to bring back the continuation of sewing arts and crafts into today's households by organizing numerous events, trainings and programmes to teach everybody from age 7 onwards who are interested to learn about sewing to master the skill.

The Sewing World Gallery located at 1st floor of Sky Park @ One City Mall with close proximity to the LDP USJ toll (accessible via a junction near to Shell petrol station) is an over 10,000 square feet gallery showcasing many sewing products made by their students. There, you will open your eye to realize that sewing is indeed a kind of arts and crafts similar to drawing, calligraphy, pottery, painting, etc.

 

Entrance to the Sewing World Gallery is free of charge. Inside the gallery there is also a small museum of sewing machines and tools, a small auditorium, and a classroom for interested parties to sign up for their sewing classes.

Sewing inspires creativity. They show you how old jeans can be transformed into new life as cushions, handbags, and other creative items.

There are also interested stuffed toys, some of which are as big in size as a human.

Inside the gallery, you can also find the largest bag in the world recorded in Guinness World Records which is as large as a garage.

There is also the largest display of handmade fabric flowers recorded in Guinness World Records, showcasing 99 names of Allah (known as Asma'ul Husna).

The Sewing World Gallery is really a nice educational place to spend your leisure time with your family and friend. If I am not mistaken, it is the first and only gallery of its kind in Asia.