Posted on

NBN from Spintel + TPG HG659 modem

Just a quick feedback on my recent experience with Spintel and TPG NBN setup.

I had account with TPG in the past, but had to cancel it due to my travel overseas. I was left with their HG659 modem hoping to get reconnected upon my return and use my device. Unfortunately, they do not provide this option and I would have to use a new one. Although they supply it free of charge (just shipping cost to be paid), I consider this as waste of resources and environmently unfriendly. My request to not received a new modem looked more like a hassle to organise, rather than a preferable choice of the sales person I negotiated with. So I decided to look elsewhere. 

I came across Spintel that seems to have competitive pricing and provide flexibility I was looking for. I suspect they renting out some infrastructure / equipment from larger companies, so the time will show how sustainable they are. Since they provide great deal of flexibility, I think they are worth of try. Here is what I like about them:

  1. They offer 25/5 NBN speed (good starter)
  2. They offer BYO gateway option and reasonably priced modems to buy
  3. Their plan pricing is highly competitive (have you found cheaper?)
  4. No lock-in contract option or 6 months with credit back
  5. Simple online portal, no paperwork

I reached to their customer support via e-mail to get few questions answered and was very happy with a prompt response and answers provided. I ordered the service and in 2,5 business days the service was active. No dramas and clear communication: sms/email updates.

I tried to reach phone call support to discuss device settings for my BYO HG659 modem, but the queue was about 25 people large and waiting time was cca 50 minutes. Certainly, something they should look into to improve. However, playing with the modem settings myself, I managed to set it up in the meantime anyway. So, yes – TPG’s modem HG659 is ok to be used on FTTP NBN with Spintel. Here is the setting overview:


image: WAN Connection settings from HG659 administration

If you are looking for new connection or wish to compare your internet connection cost with Spintel, I am happy to put you on my referral list and they will help you out. Simply send me your name + phone / email address. 

Posted on

Basic invoicing in Aus

Invoicing is a very boring job to do, at least for me. I want to have it as simple as posible and certainly do not want to use Word or Excel spreadsheet for it. Coming from Czech Republic, I was used to an excellent service called Fakturoid. Unfortunately, I have not found a similar product in Australia. Even today, eight years later, the products are still behind the Fakturiod’s capabilities and its price/value ratio in my opinion. 

So what’s there on offer?

Here is the list of the major players in Australia (not considering desktop-only applications): 

Outsourced accounting service:


*SimpleInvoices – easy, online payments, but do not support bank feeds yet, no free plan but cheap

**WaveApps = best app I found for free, but they recently went through acquisition process and pulled out from Aus market (meaning they remove support for bank feeds). 

My personal experience:

Freshbook was great, but if you deal with more than 5 different clients it becomes relatively pricey ($25/month). 

WaveApps is great package, with Stripe integration, but the recent pull off from the market brings uncertainty. However, it’s FREE. Bank feeds are gone!  

Fakturoid is awesome tool but not for AUS market, unfortunately. 

QuickBooks is relatively price competitive ($10/month), provide wide range of features. Worth a try.

Rounded seems like a good product with nice features, but already double the price of QucikBooks ($20/month). 

SimpleInvoices might be too simple for the cost of $7.5/month. If they would include bank feeds, then it might be worth the $. 


For occasional invoicing, I would still recommend WaveApps being it free. If you want bank feeds, look into QuickBooks / Rounded. For more advanced stuff, probably Xero would be my preference over MYOB, Sage and Reckon. 

Overall, I still think there is a small gap in the market for a product like Fakturoid. Let’s see who is going to join the game. 

If you are using other software you want to share, please feel free to send me message via my LinkedIn profile or contact form. Thank you.

Posted on

Scam me? I’ll track you.

Believe it or not, there are people that have nothing better to do than scam other people. Whether they do it because of their financial needs or just for a bit of fun, I personally do not care and consider it wrong. Some of the scam I come across are 1:1 – interactive chats (phone/txt). 

Depending how sophisticated the scammer is, you might be able to uncover their identity, but generally the only thing you can do is to waste his/her time (option 1) to prevent them from scamming other people at the same time. Althought it sounds like a good idea, time is precious so consider that aspect too.

Option 2, get rid of the scammer as soon as possible. The quickest way seems to be to block the scammer, hang up the call, mark as spam, walk away etc. You can block users in most of the messaging apps, mobile phones, e-mails and other platforms. 

Then we have option 3, where you try to track the scammer. If it fails, you still pretend you are tracking him/her. He/she will leave usually very quickly. If you have their location, you can report or action further. 

Unless the users uses TOR or VPN, you can get their IP address and find approximately their location and internet service provider (ISP). You can then report it to ISP, national authorities and other scam reporting agencies. You could also go for a road trip if you like face to face contact, but that’s not usually recommended option, up to you:).

If you need to get someone’s IP address, the process is quite simple:

  1. think of a link they would click on, eg.
  2. create a tracking URL for your link, via
  3. mask the url with short URL service (sniffip does it already, but you can use other services)
  4. share with a scammer and lure him/her into clicking on it (here you need to get creative)
  5. collect data, report scammer or work out other plan

Example of a tracking link looks like this:

Coinbase Exchange

This looks like link to Coinbase Exchange, but it goes to:

  1. shorten link
  2. then to tracking link
  3. then finally to your original link

There are automatic redirects between each link, so the user will see only the last destination upon loading the page. Note: a simple hover on a link will show the link which should be already a first warning that something is not quite right and the scammer would probably walk away. Also, using web dev tools, you can see all three links as you get to your destination, so it’s not perfect way of tracking, but a simple one. 

Other options

There are many options available, depending on the scenario and communication channel you use. This is out of the scope for me now, but here is another example:

Tracking a scammer can be done also by allowing him/her to remote into your “computer” and use Wireshark to get their IP address. The “computer” in this case is an isolated* virtual machine where you can let them play while you are collecting the network data you want. Recommended for advanced users:). *isolated = ideally out of your private network

Another way to annoy a scammer, is by pointing messaging bot onto their profiles and hacking or scamming THEM instead. Some of their account profiles are easier to create, but some might require phone numbers, 2FAs etc, so the process of getting one might be a tiny bit more painful for them when they lose access to it.

Note: do not track your friends and family :). Use it only as protection against those who do the wrong. Thanks

Posted on

E-mails and DMARC, DKIM, SPF (basics)

E-mails, the “outdated” communication channel that still sticks around. If you wish to set up almost any account today (2019), you have to have an e-mail address or mobile number already in 99% of the cases. You would most likely have one already and there is a high a chance of it being from Google, or Yahoo. If you are from non-english speaking country, you will probably use a local provider in your own language, for example in Czech it would be Seznam, Centrum or Volny. Now these e-mails work ok, but are not the most suitable for running business. Why?

  1. it’s considered unprofessional to use “free” services for business and not having your own domain (eg. “” vs “”)
  2. you have very limited control of your data if any at all
  3. you are exposed to 3rd party advertisement
  4. you have no guarantee of the service and usually no backups in place
  5. you are dependend on sending e-mails only from the systems they support
  6. you cannot used advanced marketing tools (which requires .TLD name)
  7. you have no central management and ownership of multiple accounts

There is probably more reasons to fill the list, but you get the idea.

Now, seeing that you would have a domain name already (eg., you might also have e-mail services enabled from your hosting provider.

E-mail services from hosting providers can be cheap, but also quite limited. They usually provide between 1-5GB per mailbox, which is very little if you compare it to a free GMail account with 15GB and offers additional services like GDrive, Photos, Apps etc. Another limitation is the interface and features you will get (understand “less”). Most of the providers (from my experience) use free open-source software Roundcube, which is probably the “best” on the market but still miles behind GMail in my opinion. On top of that, having a professional domain name and e-mail services enabled, you might start attracting spammers and fradulent actors to use your name or e-mail address for malicious activity. To minimise these, you will have to implement additional technologies such as SPF, DKIM and DMARC. You do not worry about these with free e-mail providers as they handle it themselves and what hacker wants to use e-mail address like “”, right? 

So what are these technologies in a nutshell? (very simplistic overview, use links for full details)

SPF – is a framework that uses a txt type DNS record, which helps identifying which hosts / servers can (is authorised) to send e-mails from your domain. Anything coming outside of listed servers should be considered as a spam (but not always is and there are other scenarious to consider). 

DKIM – is encryption based technology,  used for preventing tampering with e-mails, e-mail spoofing. Basically, what you sent should be the same as what the recipient sees upon this e-mail delivery. Again, there could be exceptions to this. 

DMARC – is a solution to a situations, where SPF and DKIM fail. Such as, your legit e-mail gets altered by an antivirus program before it is sent, or e-mails are forwarded etc. 

All of these tools help to prevent spam, but their problem is adoption. Some e-mail service provider do not use/implement them in their solutions. That means even if you have them implemented at your end and someone maliciously sends an e-mail on your behalf to lets say Alice, her client might not be built to support these checks and she might end up thinking the fradulent e-mail is legit. Regardless, it is a good practice to implement these tools and help fighting the spam problem. I would say, essential. 

Now if you need to choose a professional e-mail service, I worked with O365/, G-Suite, Proton-Mail to name few, but would be very happy to hear what you use and if it can be improved. Leave me a message on my LinkedIn or use the contact form

Posted on

Messaging apps and privacy

While reading about Edward Snowden, I came across his app for android devices called Haven. Haven app uses Singal app for sending data it collects and as you would expect, Signal uses end-to-end encryption. More importantly, it uses The Singal Protocol which is open source and although the app is not the market leader in terms of a number of users, it certainly tops when it comes to your security. This made me re-think about what apps are available, which apps do I uses, what data I share and what is actually available today on the market? What type of security do the apps offer to end-users and are they sharing users data?

With governments “blindly” pushing their thoughts into breaking encryption and creating backdoors for surveillance, the topic of our privacy and security gains importance in my eyes. I believe in free choice, free market and when it comes to privacy, I re-phrase my friend: “if you don’t value your privacy, you don’t deserve it”.

While researching about messaging apps that are available today, I came across a website SECURE MESSAGING APPS COMPARISON which brings a nice overview of the security aspects that might help you decide which app is right for you. The methodology of rating is also documented there. Wikipedia lists even more apps to compare if you wish to look further, but I am satisfied with this list for now.

As you can see in this report, WhatsApp is definitely the number one app in terms of users base. However, its connection with Facebook (that really does not have a good history when dealing with users’ private data), plus the fact that it collects user data and is closed sourced makes me want to run away. Telegram had its own boom too with the heavy marketing of end-to-end encryption (and ICO projects), but it too collects user data and worse it stores the data with decryption keys on servers. This to allow easy restore as Pavel Durov argues, but with its custom-built encryption as another weakness, I moving away from it.

Singal seems to top the list. It’s open-source (both server and client) so it provides higher trust. It might not have many users yet and advanced features as other apps might offer, but if you look for the privacy of your communication, Signal might be a good choice and even Snowden suggests it ;).

Lastly, do your research and choose what suits best your own needs, everyone is different.

Posted on

Malware WeKnow on Mac

I spent some time cleaning friends Macbook from weKnow malware and wanted to share this handy tips with you, should you need it.

Basically, it hijacks local Chrome policy and you need to remove/edit them via terminal/cmd line.

  1. cmd + spacebar (search for “terminal” app)
  2. use following commands:
    1. defaults delete <nameOfThePolicy>
    2. defaults write <naemOfThePolicy> -string “
    3. example:
      defaults write HomepageLocation -string “

Do not install “mac cleaners” or similar. If anything, just use MalwareBytes. Check all extensions and default search engines (Safari,Chrome,Firefox) and remove unknown/unwanted extensions and apps from Mac. There should not be any extra profiles, admin accounts or login items, so clear that too.

additional resources:

Posted on

Internet of Money vol.2

I have finished listening to an audiobook – Internet of Money vol.2 by Andreas Antonopoulos. It uses a different structure as opposed to the volume one and I consider it to flow better and be less disruptive. There are great examples, some of which have been discussed in version one but I still encourage people to take it off the shelf and get familiar with this technology. Great listening. Thank you, Andreas.

Here is a link to The Internet of Money vol.2 audiobook on Amazon


Posted on

SECURITY: two factor authentication (2FA)

authy vs google auth

2FA – optional for now, a must in near future

We live and operate in a digital world where security should be our priority number one, but let’s be honest, it rarely is. How many of you have really strong passwords that do not repeat and are changed frequently? I know! It is a painful, boring and time-consuming process. Well, luckily there are services like LastPass and other password management tools that help us simplify it and use our time better, liking chilling at the beach for example:).
Note: to get a premium membership for 1 year free, use this link for LastPass (not guaranteed) Continue reading SECURITY: two factor authentication (2FA)

Posted on

How to back up iPhone to external HDD on iMac

iTunes is storing backups by default on local (system) hard drive. That takes heaps of space, so the external HHD would be better choise.

To prevent this from happening, a symbolic link has be to created and point onto a folder in external hdd.

Following command in a terminal will do the trick.

ln -s /Volumes/1TB/Backup ~/Library/Application\ Support/MobileSync/

Just note the following:

1TB = name of external hdd (if it has spaces, then use “1TB”)

Backup = folder on external HDD

MobileSync = does not have folder “Backup” prior running the command


PS: this is general procedure, which might differ based on version of iOS, especially location of backup files on local hdd. Tested on macOs Sierra 10.12.4.

Posted on

My friend as personal assistant (VA)

So here is the idea. I’ve read that in near future we might see personal assistant using our own voice. Now that’s cool and weird a the same time. Wouldn’t we much rather hear some voice we love to hear? Why our own then? What about someone from our closest family, friend or love?

Disclaimer: I don’t take responsibility for any word listed in this video

There are endless opportunities and solutions available. Just to start and do it:).

Continue reading My friend as personal assistant (VA)

Posted on

Success judged by results

We measure success by results.

We tend to be driven by results rather than a journey. But once we shift our focus from the future (result stage) into present moment, not only we are far more efficient and successful in what we do, we also grow and become wealthier than ever before, regardless of the result.

Experience, knowledge and growth is our ultimate wealth.