Stilgherrian (@stilgherrian)

Wentworth Falls NSW AU

The below is an off-site archive of all tweets posted by @stilgherrian ever

October 26th, 2013

RT @bigmac: Tonight’s war history lesson with @stilgherrian is SUBMARINES! See the passion in his eyes? pic.twitter.com/tenDhyUtd3 [Grrrrrrr…]

via Tweetbot for iOS

The incoherent Scot has attached himself to our party.

via Plume for Android

From Patrick Gray (@riskybusiness): “The enemy is not the NSA or Snowden or WikiLeaks [etc] but apathy.” Much applause.

via Janetter for Mac

(I assume you’re all adults with a brain and can tell when ‘hacker’ means ‘explorer’ and hacker means ‘criminal’, right?)

via Janetter for Mac

Ken Day: “Even though this is a technology conference, the core is people… Hacker are people… They are caught by people…”

via Janetter for Mac

As the MC wraps, a heckler calls out “We want more Scott [@SenatorLudlam]! He’s handsome and intelligent!”

via Janetter for Mac

That opinion on Assange losing support was from @SenatorLudlam, not me, but I do agree.,

via Janetter for Mac

RT @bigmac: @stilgherrian KEN DAY. As in not Barbie Night. [Yes, you are quite right. I am an arsehat. I also know a Ken Lay.]

via Janetter for Mac

Assange has probably lost some support from the way preferences etc were handled during the recent federal election.

via Janetter for Mac

A digression, but @SenatorLudlam praised @piratepartyau for running their preferences negotiations in public.

via Janetter for Mac

This panel was recorded, so I’ll try to get the whole thing for analysis. But I’m recording fro now on for my reference.

via Janetter for Mac

Lay has strong points to make about the “strong media” not being with us any more, and WikiLeaks filling the gap.

via Janetter for Mac

He points out that Assange has changed a lot since the days he was a young hacker. What has remained constant is his ego.

via Janetter for Mac

Ken Lay, the officer who arrested Assange back in the day, says that the movie “Underground” is 95% plus made up.

via Janetter for Mac

But now we’re onto the final topic, which is about Julian Assange and WikiLeaks.

via Janetter for Mac

As I walked into the room, all of the talk was about copyright and Mega Upload. But we’re now 90 minutes in.

via Plume for Android

The spooks will be even more off the leash under the new Australian government, says @SenatorLudlam

via Plume for Android

Just popped in to catch the last part of the panel.

via Plume for Android

RT @evilZardoz: Client OS distribution at 4PM at 2013! pic.twitter.com/AcxLtGWnf7 [I don’t know how many of these shocks I can take…]

via Janetter for Mac

@yinettesys @bernietb I’m actually fairly tame today. I shall be a disappointment.

via Janetter for Mac in reply to yinettesys

SCMagazineAU PhotoGallery: Ruxcon 2013 photos : Photos from Ruxcon 2013 in Melbourne. Continually updated over the t… bit.ly/1asISbD

via twitterfeed (retweeted on 3:50 PM, Oct 26th, 2013 via Janetter for Mac)

I’m currently having a beer on the balcony, deciding who to interview for the podcast(s) before the panel at 1700 AEDT.

via Janetter for Mac

The SEKRIT mission has been completed successfully. I did not buy The Green Thing With Horns.

via Janetter for Mac

RT @bigmac On a SEKRIT mission with @stilgherrian and of course he stops to admire this… pic.twitter.com/wD0uWnQnqY [It has horns to hold!]

via Plume for Android in reply to bigmac

@shipw Nah, just having lunch and figuring out how I’ll deal with the podcast recordings.

via Tweetbot for iOS in reply to shipw

If anyone wants me, I’m in the NE corner of the bar by the ATM. I’ll still be there even if you don’t want me.

via Plume for Android

This is now getting into specific tactics rather than broader strategies. Great for malware analysis, a bit too deep for my needs.

via Janetter for Mac

You’re looking for “odd” stuff: strange or unusual, different from what’s expected etc, exhibiting unusual behaviour.

via Janetter for Mac

Once you have understood a malware trick, how do you encapsulate that knowledge into a way of looking for variants of that trick?

via Janetter for Mac

Szabo is stepping through some example of suspicious-looking code that we can try to spot to flag something as malware.

via Janetter for Mac

So now, start with cursory analysis: basic triage, look for the cheap and obvious, requires experience and time to learn.

via Janetter for Mac

Opening points are about how signature analysis is failing ‘cos of the explosion of malware variation.

via Janetter for Mac

Next up, “50 Shades of Oddness - Inverting the Anti-Malware Paradigm” with Peter Szabo, SophosLabs. ruxcon.org.au/speakers/#Pete…

via Janetter for Mac

“Do you have any questions? You have fun, right?” instagram.com/p/f6UvudiFi-/

via Instagram

MT @evilZardoz: Distribution of the 69 clients on the WiFi at 1130 this morning. pic.twitter.com/yoUxYcmhCM [I’m shocked, so shocked.]

via Janetter for Mac

RT @vealmince: Shush. Some journo will see and claim there’s support in social media for a Labor spill. [True. So sorry.]

via Janetter for Mac

@marcoostini Thank you. But Kiwicon before I think. Sorry I was so vague before, I was in the middle of a thought.

via Janetter for Mac in reply to marcoostini

This is all being done with the Viproy VoIP Penetration Testing and Exploitation Kit. viproy.com

via Janetter for Mac

DDoS. All your SIP server belong to us. instagram.com/p/f6Rs7viFuS/

via Instagram

A list of convenient things to try for fun and profit. instagram.com/p/f6RkXsCFt-/

via Instagram

When I start typing “…” for , Android suggests an auto-complete of . NO THIS IS NOT ACCEPTABLE BEHAVIOUR.

via Janetter for Mac

I’ve popped in to “VoIP Wars: Return of the SIP” with Fatih Ozavci ruxcon.org.au/speakers/#Fati…

via Janetter for Mac

@darrenyatesau @silviocesare @R_Chirgwin Thanks for those tips. I’ll have a squizz during the week ahead.

via Janetter for Mac in reply to darrenyatesau

OK, having introduced the ideas and inked to github with all the code and a demo video, I shall take a break.

via Janetter for Mac

… as Babil just pointed out, that’d take a massive bunch more processor cycles. @richard_st

via Janetter for Mac

RT @richard_st: Surely taint analysis should be very unforgiving? E.g. that bitmap cache should then become tainted? [Yes, but… ]

via Janetter for Mac

Another: Write tainted data into a text widget to create an image in bitmap cache, read it back through OCR to get untainted text.

via Janetter for Mac

(Note that I have mangled his pseudocode into syntactically bad shite to make it fit into tweets.)

via Janetter for Mac

Another example: Write x_tainted to a tempfile, then x_untainted := cat(‘tempfie’). Jesus wept, there’s so many of these holes.

via Janetter for Mac

Or rather, x_untainted := echo(x_tainted). You got what I meant, tho, right?

via Janetter for Mac

Example: Untaint a variable by doing (with some set-up) x := echo(x). Like I don’t know what even.

via Janetter for Mac

He’s up to the third different way of bypassing TaintDroid. Each one is just idiotically simple. So simple I immediately understand.

via Janetter for Mac

“I have no shame to admit it was so simple to break it.”

via Janetter for Mac

So having outlined that, Babil is now stepping through how to defeat TaintDroid, work which upset his PhD supervisor.

via Janetter for Mac

It can be used to see what is done with stuff like your phone number and ID, credit card number, location etc.

via Janetter for Mac

TaintDroid is an implementation on top of Android to do dynamic taint analysis.

via Janetter for Mac

This presentation is about the inverse process: trusting “our” data and tracing it to see what the untrusted code does with it.

via Janetter for Mac

That style of taint analysis is used in languages like Perl to prevent untrusted data becoming part of an attack.

via Janetter for Mac

Traditionally, code was trusted and taint analysis was used to track untrusted data e.g. user input to make sure it was checked.

via Janetter for Mac

Taint analysis is about marking data variables of interest so they can be traced through the program to see where it goes.

via Janetter for Mac

Reminder: Mobile devices are a trove of personal data, many apps (partic “free” games) ask for more stuff than they really need.

via Janetter for Mac

Next up, “AntiTraintDroid - Escaping Taint Analysis on Android for Fun and Profit” by Babil (Golam Sarwar) ruxcon.org.au/speakers/#Gola…

via Janetter for Mac

@darrenyatesau @silviocesare I should start to explore. Our neighbour is starting to do the Arduino-drone combo.

via Janetter for Mac in reply to darrenyatesau

This seems an awful lot of work to go to just to avoid the arduous burden of turning on a tap.

via Janetter for Mac

So now @silviocesare is getting onto “Gardening with Arduino”, to automate his back yard irrigation system.

via Janetter for Mac

“If you’re going to buy a $6 alarm system, you really need to reconsider the value of your property.”

via Janetter for Mac

I love how various steps of @silviocesare’s recipes are “Do some Arduino coding”.

via Janetter for Mac

@bigmac Yep. @silviocesare has refreshed my serial port knowledge today and is now bringing me up to date. A great beginner’s guide talk.

via Janetter for Mac in reply to bigmac

Talking thru “Cloning an Infrared Disarming Remote of a Consumer Grade Home Security System” volvent.blogspot.com.au/2013/09/clonin…

via Janetter for Mac

So far @silviocesare has been running through the shopping list of the hardware and software you’ll need. I’ll find a link later.

via Janetter for Mac

UART enables you you have a serial console into the device, like old-school command-line terminals.

via Janetter for Mac

Key tool for this stuff is the Universal Asynchronous Receiver/Transmitter (UART), like an embedded RS232 serial interface.

via Janetter for Mac

This presentation is essentially an intro to what’s possible for people getting into hardware hacking. I’ll tweet a few key ones.

via Janetter for Mac

darrenpauli My write up of @silviocesare hardware hack. He used a $20 ‘toy’ to open garage doors, deactivate alarms m.scmagazine.com.au/News/356907,20…

via Twitter for iPhone (retweeted on 8:59 AM, Oct 26th, 2013 via Janetter for Mac)

First up for me, “A Beginner’s Journey into the World of Hardware Hacking” by @silviocesare ruxcon.org.au/speakers/#Silv…

via Janetter for Mac

The conference program is at ruxcon.org.au/schedule/ and I’ll be choosing between sessions as I go along.

via Janetter for Mac

Sat plan: Ruxcon conference all day ruxcon.org.au, mute to avoid many tweets; writing en passant; 1900 Ruxcon party.

via Janetter for Mac

@msjenjenjen Thanks. And I will do a new one, to get to the Kiwicon hacker conference in Wellington next month.

via Janetter for Mac in reply to msjenjenjen

@msjenjenjen It always does. Melbourne is one of my favourite cities, and it’s been too long since I was here.

via Janetter for Mac in reply to msjenjenjen

@msjenjenjen Heh. Thanks for the recommendation, but I found the real coffee, and have also obtained Emergency Bacon.

via Plume for Android in reply to msjenjenjen

Mobile. More or less.

via Janetter for Mac

ChrisGatford If you know which physical security tool this defeats maybe you should work for us @hacklabs Come find me at pic.twitter.com/8ocNPNxFGH

via Twitter for iPhone (retweeted on 8:00 AM, Oct 26th, 2013 via Janetter for Mac)

Me at @zdnetaustralia yesterday: “Smart TVs are dumb, and so are we” zdnet.com/smart-tvs-are-…

via Janetter for Mac

At Corrupted Nerds yesterday: “Breakpoint Day 1: Smart TVs to the digital arms trade” corruptednerds.com/blog/breakpoin… Day 2 notes coming later today.

via Janetter for Mac

@beist @zdnetaustralia My pleasure, Sir. :) I very much enjoyed your presentation. I hope to see you today at Ruxcon.

via Janetter for Mac in reply to beist

Sat plan, draft: Ruxcon conference all day ruxcon.org.au, mute to avoid many tweets; writing en passant; 1900 Ruxcon party.

via Janetter for Mac

@GarvilchMariana Thank you. Suitable procedures will be followed very, very shortly.

via Janetter for Mac in reply to GarvilchMariana

WHY IS DECAFFEINATED COFFEE EVEN A THING WHAT IS WRONG WITH YOU ARE YOU TRYING TO KILL ME OR SOMETHING.

via Janetter for Mac

Oh dear God this planet hurts so much. Obviously I wasn’t drinking until 0300 at all.

via Janetter for Mac

I am sure there must be a reasonable explanation for why I smell like the inside of a dead camel.

via Janetter for Mac

Saturday. And this is not in the least bit painful, no Sir.

via Janetter for Mac