Stilgherrian (@stilgherrian)

Wentworth Falls NSW AU

The below is an off-site archive of all tweets posted by @stilgherrian ever

April 9th, 2014

dfg77 Finally, someone falls for it. pic.twitter.com/HuAlJienR1

via iOS (retweeted on 9:10 PM, Apr 9th, 2014 via Janetter for Mac)

RT @OaaSvc: @stilgherrian do you have python installed? [Yes I do, tho it’s probably ancient.]

via Janetter for Mac

I could never be a hacker. I get bored too quickly and get the whole “Why do I even care about this stupid thing again?” mood too easily.

via Janetter for Mac

No, @jonoabroad, “physical access” leads to passwords, which in turn leads to remote access later. Think it through.

via Janetter for Mac in reply to jonoabroad

RT @andysommer: @stilgherrian try pa55word [This is getting pretty effing 1337 now…]

via Janetter for Mac

@monsieurpotts No, I don’t think so. Are you aware I’m 100km+ from Sydney?

via Janetter for Mac in reply to monsieurpotts

@GreenJ Electronic Frontiers Australia has horses now?

via Janetter for Mac in reply to GreenJ

Yeah look, the router is there [points], behind the bar. If I offered to help them fix the stuttering in the stream I’d get physical access.

via Janetter for Mac

Just to be clear, it’s not admin / admin.

via Janetter for Mac

Anyway, no court would convict me if I played them this music playlist.

via Janetter for Mac

RT @michaelneale: admin/admin - and then prison. [Nah, first offence.]

via Janetter for Mac

Oh, you are all such rogues! Sadly the known defaults do not work.

via Janetter for Mac

Ah, there’s more than one way to skin a cat. Any suggestions for how to proceed from here? Hypothetically speaking? pic.twitter.com/61bpmRYboz

via Janetter for Mac

I’ve got the ping time blowing out to 3200ms, uploading and downloading massive files, but I can’t kill the goddam music stream. Sigh.

via Janetter for Mac

Hmmm… Not working as well as I’d hoped.

via Janetter for Mac

Just discovered the bar’s shit music playlist is visa Spotify. Switching to their Wi-Fi and uploading a video file. That should kill it.

via Janetter for Mac

I see that @GuardianAus has corrected “Bob Carr dairies” to “diaries”, but we still have “businesss class travel”.

via Janetter for Mac

@NewtonMark Do collect your jacket on the way out.

via Janetter for Mac in reply to NewtonMark

@JeremyJacobs Hah! “Arsehat” has been adopted by some journos here in Australia, yes, though I think the American “asshat” is the origin.

via Janetter for Mac in reply to JeremyJacobs

RT @drearyclocks: To be fair to Bob Carr he’s really tall and probably needs the legroom and champagne. [There is that, yes.]

via Janetter for Mac

@JeremyJacobs (Please don’t let my quoting of Carr’s arsehat comments cause you to think I agree with him on that. Twitter kills nuance.)

via Janetter for Mac in reply to JeremyJacobs

@JeremyJacobs and I’d like to learn more. But criticism of the state of Israel equated with an attack on Judaism? Seems disingenuous.

via Janetter for Mac in reply to JeremyJacobs

@JeremyJacobs One of my disappointments is that a trip to Jerusalem / Left Bank that was being planned for me didn’t happen…

via Janetter for Mac in reply to JeremyJacobs

@JeremyJacobs This is the core problem. It becomes impossible to discuss. Where does one go from here?

via Janetter for Mac in reply to JeremyJacobs

Bob Carr also complains about being “reduced” to business class travel, which would obviously be an enormous burden. theguardian.com/world/2014/apr…

via Janetter for Mac

Mind you, better worded, it’d be worth observing that criticising a foreign policy that sucks up to Israel is not, of itself, anti-Semitic.

via Janetter for Mac

Australian foreign policy has been ‘subcontracted’ to wealthy Jewish donors, says Bob Carr, helpfully. theguardian.com/world/2014/apr…

via Janetter for Mac

s_bridges Just got an update on the search for from JACC Chief Coordinator Air Chief Marshal Angus Houston (Ret’d) pic.twitter.com/5lGoYrKFMj

via Tweetbot for iOS (retweeted on 7:55 PM, Apr 9th, 2014 via Janetter for Mac)

MT @1njected: We can extract the private key on FreeBSD after restarting Apache and making the first request with ssltest.py [Oh, um, yay?]

via Janetter for Mac

@frogpondsrock I can’t compete with photographs of dogs. Just can’t be done.

via Janetter for Mac in reply to frogpondsrock

Yeah I so should’ve gone to . Well, I’ve learned from that error.

via Janetter for Mac

ASPI_org Australia has a choice: to be a relevant maritime power or not. The type of sub, number etc are tactical questions … ADM Harris

via Twitter for iPhone (retweeted on 7:50 PM, Apr 9th, 2014 via Janetter for Mac)

R_Chirgwin RT @ssharwood: Cebit AU has congratulated me on being approved for a press pass. An unusual approach.
[Speaks volumes about the attitude]

via YoruFukurou (retweeted on 7:49 PM, Apr 9th, 2014 via Janetter for Mac)

A dozen drunken, squawking arsehats who can’t decide what to eat or drink have decided they’re the most important thing in the room.

via Janetter for Mac

Why would that even be in doubt, @csoghoian? “Authority” is about the wishes of the server owner, not what’s technically possible.

via Janetter for Mac in reply to csoghoian

csoghoian It isn’t difficult to imagine a prosecutor arguing that probing a server’s memory w/ Heartbleed ‘exceeds authorized access’ & violates CFAA.

via Twitter Web Client (retweeted on 7:42 PM, Apr 9th, 2014 via Janetter for Mac)

@allaussiehiphop @mumbrella Oh, on “stealing” there’s this. zdnet.com/what-the-dicke… And a spot with @720perth yesterday to come tonight.

via Janetter for Mac in reply to allaussiehiphop

@allaussiehiphop @mumbrella Whereas much of what I do is analysis and op-ed, therefore I’m free to frame things pretty much how I want.

via Janetter for Mac

@allaussiehiphop In @mumbrella’s defence, remember the role of a news outlet is to report how people are framing an issue, not taking sides.

via Janetter for Mac

@MrShlee @_miw Oh thanks for that. I’ll apply my brain to it in the morning.

via Janetter for Mac in reply to MrShlee

CyberPrefixerAU Australians ‘wasting cybermoney’ on cyberhomeopathy

via CyberPrefixer AU (retweeted on 7:30 PM, Apr 9th, 2014 via Janetter for Mac)

@allaussiehiphop @mumbrella Bear in mind that newer material will be closer to my current thoughts that older stuff.

via Janetter for Mac

RT @Lyall: Actually the ‘real man’ language is more egregious. All men are men even the pathetic ones. [True. I’ll revise my anger.]

via Janetter for Mac

@allaussiehiphop @mumbrella There is indeed, and I’ve said as much many times. “Producer” and “distributor” are different things.

via Janetter for Mac in reply to allaussiehiphop

@frogpondsrock @BernardKeane That’s the second 404 report I’ve just received. Hey @crikey_news, it’s falling apart!

via Janetter for Mac in reply to frogpondsrock

Yeah I know, @shonadawes, and actually his wife seemed to be the one with the brain, so maybe he actually SHOULD defer to her. He’s useless.

via Janetter for Mac in reply to shonadawes

The issue isn’t gender. It’s stupid, indecisive people incapable of independent thought cluttering up the planet.-

via Janetter for Mac

NO, YOU DO NOT NEED TO CHECK WITH YOUR HUSBAND WHETHER YOU WANT AN EFTPOS RECEIPT OR NOT.

via Janetter for Mac

The tweet also works when re-written as follows, perhaps more powerfully:

via Janetter for Mac

Remarkably pathetic sexism in my immediately previous tweet, I know, so please re-cast it in terms of “individual” and “partner”.

via Janetter for Mac

NO YOU ARSEHAT SO-CALLED “MAN” YOU DO NOT NEED TO CHECK WITH YOUR WIFE WHETHER YOU WANT AN EFTPOS RECEIPT OR NOT.

via Janetter for Mac

@PeteDotAscian @crikey_news Mind you, that link works for me, so obviously you are on The List.

via Janetter for Mac in reply to PeteDotAscian

Why is the one bartender serving a queue of a dozen people waiting and watching a man stare the the beer taps in indecision? Pour another!

via Janetter for Mac

I daresay my column at @zdnetaustralia tomorrow will continue the Heartbleed dialog. People have so many feelpinions for me to consider.

via Janetter for Mac

Me at @crikey_news today: “Heartbleed reveals a big hole in Australia’s cybersecurity strategy” crikey.com.au/2014/04/09/hea…

via Janetter for Mac

@_miw True enough, and yet people are posting proofs of concept that are allegedly returning keys, passwords, cookies etc. I’m… undecided.

via Janetter for Mac in reply to _miw

RT @SnarkyPlatypus: @CosmicRami Are you suggesting we deport Tim Wilson to Egypt? I’d be up for that. [No, Egyptians have suffered enough.]

via Janetter for Mac

RT @johnb78: wouldn’t that (not the exploit but the repeated request) trigger the usual detection systems? [See previous tweet. Maybe.]

via Janetter for Mac

RT @jasonjordan: with no logging of that apparently. [Correct, Heartbleed’s activity would be unknown, tho Big Security might spot it.]

via Janetter for Mac

Seeing many comments about Heartbleed that seem to miss that attackers could keep requesting 64k memory chunks again and again.

via Janetter for Mac

glengyron MT @mpesce: What are the odds that 3retailers in 3 countries would all be named Woolworths and would have no relation?

via TweetDeck (retweeted on 6:41 PM, Apr 9th, 2014 via Janetter for Mac)

@riskybusiness I did. Because I am a professional. See also twitter.com/stilgherrian/s… for further hilarity.

via Janetter for Mac in reply to riskybusiness

@riskybusiness Do humans have certificates we can “revoke”?

via Janetter for Mac in reply to riskybusiness

RT @riskybusiness: Maybe we should just revoke the lot [all SSL keys and certs] eh? [Yes, and then start with The Cull. We all have lists.]

via Janetter for Mac

@dhstratton No, the worry is the next layer down, I reckon. SMEs with no clue about infosec, web server not patched in three years.

via Janetter for Mac in reply to dhstratton

@SnarkyPlatypus Une fois certains faits ont été confirmés, l’absinthe va certainement sembler très attrayant. Méfiez-vous des cieux.

via Janetter for Mac in reply to SnarkyPlatypus

prestontowers Journalists near and far very excited. “I have read a book! Here is what’s in it!” stories to abound in tomorrow’s editions.

via Tweetbot for iOS (retweeted on 6:23 PM, Apr 9th, 2014 via Janetter for Mac)

@SnarkyPlatypus Bonjour. Bienvenue dans notre monde de la liberté, de la liberté et de la connaissance universelle. Je bois. Et vous?

via Janetter for Mac in reply to SnarkyPlatypus

RT @mpesce: @jonoabroad @5at5daily can we measure @stilgherrian’s cortisol levels in real time? [Only by inventing a new kind of maths.]

via Janetter for Mac

ddowza Instead of putting their money into worthwhile cybersecurity like upgrading OpenSSL - the US spies on HRW. theguardian.com/world/2014/apr…

via Twitter Web Client (retweeted on 6:12 PM, Apr 9th, 2014 via Janetter for Mac)

bengrubb CERT Aus refuses to answer whether it was affected by . Their response doesn’t answer question; spokesman refuses to talk.

via Twitter Web Client (retweeted on 6:11 PM, Apr 9th, 2014 via Janetter for Mac)

troyhunt Yeah, that’s what you think… pic.twitter.com/jDERRhBvHU

via MetroTwit (retweeted on 6:10 PM, Apr 9th, 2014 via Janetter for Mac)

Laughing about the email I just received.

via Janetter for Mac

@notaname So, the millions of embedded Linux boxes running Apache and OpenSSL that we call “home broadband routers”? Already on my list.

via Janetter for Mac in reply to notaname

Related, from 28 March: “The War Nerd: Who exactly are the Jihadis (and why aren’t there more of them)?” pando.com/2014/03/28/the…

via Janetter for Mac

“Does Brandis’ claim that, per cap, Australia is one of the largest sources of foreign fighters in Syria stack up?” theguardian.com/world/datablog…

via Janetter for Mac

@notaname I daresay that once outside the bounds of NIST etc, the psychological score is related to how understandable the bug is.

via Janetter for Mac in reply to notaname

@notaname @BernardKeane I’ll have a closer look at that tomorrow, thank you. I’ve downed tools and brain for today. Analytical skills gone.

via Janetter for Mac in reply to notaname

@snhcdftt I’ve now completely forgotten specifically why Safari annoyed me, but I’m sure someone will remind me.

via Janetter for Mac in reply to snhcdftt

MT @walkleys: Check out the prize for the 2014 Young Walkley Journalist of the year Award […] walkleys.com/awards/young-j… [Yes. Do. Wow.]

via Janetter for Mac

Ah, this joke never gets old, does it. Right now, in Katoomba. pic.twitter.com/MvVeYPFO3R

via Janetter for Mac

johnmcternan How generous. RT @GuardianAus: Union inquiry wont assume unions should be abolished, says commissioner trib.al/td5sidb

via Twitter for BlackBerry® (retweeted on 5:23 PM, Apr 9th, 2014 via Janetter for Mac)

@llament @crikey_news To paraphrase Margaret Thatcher, “This minister’s not for explaininering.”

via Janetter for Mac in reply to llament

So it seems cert.gov.au hasn’t been patched yet. filippo.io/Heartbleed/#ce… Not the biggest problem we face, but not a good look.

via Janetter for Mac

@OaaSvc @ASPI_ICPC No, this is the thing that came out of, I think, the defence white paper process. I’ll look later. I’ve downed tools.

via Janetter for Mac in reply to OaaSvc

RT @OaaSvc: @stilgherrian @crikey_news we have a strategy? [A cyberstrategy? Yes, we do. I can send you a copy if you like.]

via Janetter for Mac

@expectproblems If you want to do a submarine simulator then I can introduce you to relevant people to help make it more realistic.

via Janetter for Mac in reply to expectproblems

The wonderful @mumbrella people are doing an excellent series on copyright infringement. Here’s the stories so far. mumbrella.com.au/mumbrellas-pir…

via Janetter for Mac

@adnh103 That’s wonderful, thank you. I’ll plug it in tomorrow’s @5at5daily and, momentarily, right here.

via Janetter for Mac in reply to adnh103

Me at @crikey_news today: “Heartbleed reveals a big hole in Australia’s cybersecurity strategy” crikey.com.au/2014/04/09/hea…

via Janetter for Mac

@expectproblems It turns out that a friend of mine is in charge of the Collins class upgrades. I should have a word.

via Janetter for Mac in reply to expectproblems

@expectproblems I have an enormous weak spot for submarines, and I am kicking myself that I didn’t go.

via Janetter for Mac in reply to expectproblems

5at5daily “5at5 number 31 | 9 April 2013”: Freedom, piracy, submarines, broken spinal cords and the deep, deep ocean. tinyletter.com/5at5/letters/5…

via Twitter Web Client (retweeted on 4:54 PM, Apr 9th, 2014 via Janetter for Mac)

I’m wishing I’d gone to today now. Sulks.

via Janetter for Mac

RT @shrydar: I wander disconsolately between Safari and Chrome. [This is my life also. Sigh.]

via Janetter for Mac

Thanks, everyone so far, the answer seems to be that Chrome for OS X is still the go. So really I need a computer with more RAM. Sigh.

via Janetter for Mac

Hey @mumbrella, do you have a master page listing all of the stories in your piracy series?

via Janetter for Mac

Which is the least-shit web browser for OS X currently? Asking for a friend.

via Janetter for Mac

I’m up the hill a bit in K-town having a quiet cider at that place, should that information be useful for anyone.

via Janetter for Mac

@snhcdftt Oooooh yeah, Heartbleed is a serious mess. More will emerge over the coming days, I believe.

via Janetter for Mac in reply to snhcdftt

Hey look, everyone, let’s fess up. We’ve ALL been over-reacting to Heartbleed, as @xkcd makes clear. xkcd.com/1353/

via Janetter for Mac

@snhcdftt I’m not sure I understand any more either, now that the conversation has unfolded further today.

via Tweetbot for iOS in reply to snhcdftt

@snhcdftt I’d start with @arstechnica’s explainers and then heartbleed.com, this sort of think ain’t tweetable.

via Tweetbot for iOS in reply to snhcdftt

zyzzyvamedia Dear @TurnbullMalcolm: Exactly what are you going to “get on with”? You still have no access to ’s copper network.

via Twitter for Mac (retweeted on 4:03 PM, Apr 9th, 2014 via Tweetbot for iOS)

zyzzyvamedia Seriously? (seriously.) @zdnetaustralia: switch without analysis about ‘getting on with it’: Turnbull zd.net/1g65te8

via Twitter for Mac (retweeted on 4:03 PM, Apr 9th, 2014 via Tweetbot for iOS)

He said “boffins”. Kill him.

via Tweetbot for iOS

“A civilisation built on software isn’t safe”, writes @mpesce on Heartbleed etc. abc.net.au/news/2014-04-0…

via iOS

Shiny Things of Middle-Eastern Appearance.

via Tweetbot for iOS

@semibogan @elronxenu Yeah look, you just stop that. We’re meant to be worrying about LOOK AT THE SHINY THINGS OVER THERE.

via Tweetbot for iOS in reply to semibogan

I heard about @YouCanPlayTeam on @1395FIVEaa earlier, while waiting for my spot. Godspeed, folks, you’ve a job ahead of you.

via Tweetbot for iOS

YouCanPlayTeam AUSTRALIA: @AFL, @NRL, ARU, & @CricketAus are coming together to sign an agreement to eliminate discrimination: tvnz.co.nz/rugby-league-n…

via Twitter Web Client (retweeted on 3:52 PM, Apr 9th, 2014 via Tweetbot for iOS)

R_Chirgwin Just think: we ended up with SSLeay because in the 1990s, governments listened to spooks saying “ban encryption”.

via YoruFukurou (retweeted on 3:52 PM, Apr 9th, 2014 via Tweetbot for iOS)

@steve_evil @cPanel @purserj @Asher_Wolf @elronxenu I understand your point, but disagree. I may expand upon this in due course.

via Tweetbot for iOS in reply to steve_evil

@semibogan @elronxenu Ah really? This does assume no-one ekes had previously found this vuln, though, and as recent history has shown etc…

via Tweetbot for iOS in reply to semibogan

@purserj @Asher_Wolf @elronxenu I made this precise point in my yarn today. And @cPanel STILL haven’t said anything, for example.

via Tweetbot for iOS in reply to purserj

@Asher_Wolf @elronxenu While perhaps true, those edge cases don’t persuade a suburban SME to spend money on a sysadmin and new certs.

via Tweetbot for iOS in reply to Asher_Wolf

@elronxenu Feedback appreciated. Tho I’d argue that crypto software leaking keys is fatal to the mission. Later versions still live.

via Plume for Android in reply to elronxenu

In a real programming language, @jeamland, that wouldn’t even be possible.

via Janetter for Mac

jeamland So I see this:

if (td->td_opwait == 0)

And then later I see this:

if (td->td_opwait != NULL)

Some C coder’s gettin’ a spankin’.

via Tweetbot for Mac (retweeted on 2:47 PM, Apr 9th, 2014 via Janetter for Mac)

@voltagex Are you a customer of said large-ish institution?

via Janetter for Mac in reply to voltagex

@voltagex Hmmm… Working in the media, I have the advantage of being able to apply Public Shaming, but you don’t want that with security…

via Janetter for Mac in reply to voltagex

@WGoodings Oh thanks, Will, much appreciated. I do post as many spots as I can, all useful back-links to your site. ;) Cheers.

via Janetter for Mac in reply to WGoodings

RT @elronxenu: I wouldn’t call the openssl bug “fatal”, @stilgherrian. Serious yes, but fatal is unfixable. [True. Will moderate next time.]

via Janetter for Mac

And the @1395FIVEaa spot is done. I think my recording my have screwed up, though. Botheration.

via Janetter for Mac

On hold at Adelaide’s @1395FIVEaa to talk Heartbleed. crikey.com.au/2014/04/09/hea… You may choose to listen at fiveaa.com.au

via Janetter for Mac

Barry Urquhart from Marketing Focus, he was.

via Janetter for Mac

I just heard on @1395FIVEaa that 40% of Australian accountants don’t even have a web page. Didn’t catch the speaker’s name.

via Janetter for Mac

StephenAtHome Who cares if 85% of Americans don’t know where Ukraine’s borders are on a map? Neither does Vladamir Putin.

via SocialOomph (retweeted on 2:11 PM, Apr 9th, 2014 via Janetter for Mac)

@robcorr @Pollytics @NewtonMark Thanks very much, I’ll be reading that this evening.

via Janetter for Mac in reply to robcorr

RT @BillMcGev: How is not a trending topic? [Twitter’s “trending” is rate of change, not volume. Trending is done. @Asher_Wolf]

via Janetter for Mac

I’m talking Heartbleed crikey.com.au/2014/04/09/hea… on Adelaide @1395FIVEaa at 1345 ACST / 1415 AEST (in 15 min). Listen at fiveaa.com.au

via Janetter for Mac

@zackster I saw that it had happened, but I haven’t read anything in detail yet. That’s next on my agenda.

via Janetter for Mac in reply to zackster

Pinboard RFC6520 amended to read: “A HeartbeatResponse message SHOULD NOT completely and untraceably expose arbitrary memory contents to an attacker”

via YoruFukurou (retweeted on 1:46 PM, Apr 9th, 2014 via Janetter for Mac)

Every time a tech press release includes the word “journey”, a kindergarten teacher throws a child down a well.

via Janetter for Mac

@zackster Australia doesn’t have any mandatory data breach disclosure laws. Yet.

via Janetter for Mac in reply to zackster

@zackster Nah, it’s cheaper for the card companies if they just watch for signs of mis-use and reissue any cards as they’re compromised.

via Janetter for Mac in reply to zackster

@harlyey @arstechnica Agree with all that, though I’d also factor in that rainbow tables exist for everything up to about 13 characters now.

via Janetter for Mac in reply to harlyey

RT @GordyPls: I’m surprised Brandis can speak so eloquently, what with the collective dick of the United States all the way down his throat.

via Janetter for Mac

“Securing our Freedoms”, being A-G Brandis’ speech to the US Center for Strategic and International Studies. attorneygeneral.gov.au/Speeches/Pages…

via Janetter for Mac

“Experts Find a Door Ajar in an Internet Security Method Thought Safe”, reported @nytimes on Heartbleed. bits.blogs.nytimes.com/2014/04/08/fla…

via Janetter for Mac

GreenJ Dept of prime minister and cabinet operative monitors social media response to recent a appearance of Dear Leader. pic.twitter.com/Nf2UbQOcIj

via TweetDeck (retweeted on 1:09 PM, Apr 9th, 2014 via Janetter for Mac)

@mgherman It’s more than “eavesdrop”, though. It’s extracting 64k chunks of server memory data. I was thinking mosquitos and cattle ticks.

via Janetter for Mac in reply to mgherman

Consider, @glengyron, whether you’ve ever seen me and Jessica Rudd in the same room.

via Janetter for Mac

glengyron I wonder what Jessica Rudd makes of the problems with Open SSL?

via TweetDeck (retweeted on 1:00 PM, Apr 9th, 2014 via Janetter for Mac)

@harlyey @arstechnica Seems modern enough for the task, though I’d personally go for a longer character count.

via Janetter for Mac in reply to harlyey

If that @crikey_news yarn contains inexactitudes, do let me know. I think my argument could be refined much further.

via Janetter for Mac

Me at @crikey_news: “Heartbleed reveals a big hole in Australia’s cybersecurity strategy” crikey.com.au/2014/04/09/hea…

via Janetter for Mac

In which @firstdogonmoon finds himself transported to “a mysterious world of yore”… theguardian.com/commentisfree/…

via Janetter for Mac

janmuenther While you’re all patching your servers, let’s take our hats off and have a minute of silence for all those appliances that won’t get fixed.

via Twitter Web Client (retweeted on 12:47 PM, Apr 9th, 2014 via Janetter for Mac)

@anthonycole Yeah, sounds like there’s nothing that really intersects with the kinds of things on my writing agenda at the moment. Thanks.

via Janetter for Mac in reply to anthonycole

@elisedavidson @rachel612 @ssharwood So there’s all my suspicions confirmed. I saved myself most of a day of my time.

via Janetter for Mac in reply to elisedavidson

I’ll be talking about Heartbleed on Adelaide’s @1395FIVEaa at 1345 ACST / 1415 AEST. Live stream at fiveaa.com.au

via Janetter for Mac

Yes, to those who have said it, @arstechnica’s Heartbleed advisory is excellent. Poor bastards. arstechnica.com/security/2014/…

via Janetter for Mac

@anthonycole Yeah, I’ve gotten rather sick of those over-produced keynotes. If there’s interesting news, it’ll stand up on its own.

via Janetter for Mac in reply to anthonycole

@elisedavidson @rachel612 Hah! No, solely due to having plenty that needed doing here, and that it’s not cost-effective media work to go.

via Janetter for Mac in reply to elisedavidson

There is evidence to suggest that my decision to cancel going to today was the correct one. @ssharwood

via Janetter for Mac

@steve_evil @semibogan That reading matches my own cursory look at that part of the issue. Still, major providers got some warning.

via Janetter for Mac in reply to steve_evil

Well, after all that cybering for @crikey_news, I need a long hot shower. It’s nothing to do with @0x1C, obviously. Baxoon.

via Janetter for Mac

@0x1C Oh dear. This is all getting out of hand. I am… speechless. @edhusicMP

via Janetter for Mac in reply to 0x1C

@PeteLawler I have a roadmap for dealing with that, but certain client issues are being dealt with first.

via Janetter for Mac in reply to PeteLawler

I do like the fact that the Heartbleed vulnerability has its own website. Respect. heartbleed.com

via Janetter for Mac

I say, @linode’s advisory re Heartbleed / OpenSSL is one of the better ones. Nicely done, guys. blog.linode.com/2014/04/08/hea…

via Janetter for Mac

Story filed for @crikey_news, by the way, so the day is going roughly to plan so far.

via Janetter for Mac

NewtonMark Singapore decides “graduated response” is too intrusive, proposes ISP-level site blocking instead? arseh.at/4jwr <boggle>

via Tweetbot for Mac (retweeted on 11:51 AM, Apr 9th, 2014 via Janetter for Mac)

phildobbie After negotiating a deal between content rights holders and ISPs John Stanton will resolve the Israel Palestine conflict

via Twitter for Android (retweeted on 11:51 AM, Apr 9th, 2014 via Janetter for Mac)

For some reason I couldn’t just retweet @mirandadevine’s tweet or even favourite it. I got an error message instead. [Shrugs.]

via Janetter for Mac

Yesterday @mirandadevine posted this photo of George Brandis’ graduation day at Oxford, 1983, with Tony Abbott. pic.twitter.com/EZPpihQp60

via Janetter for Mac

OK, writing now. You lot can just shoosh for a bit.

via Janetter for Mac

One of the rosellas just issued an alarm call (I don’t know why) and all the red-browed finch just suddenly flocked off.

via Janetter for Mac

Wed plan: Write for @crikey_news; finish writing up SEKRIT thing; resolve cashflow emergency (done?); produce @5at5daily; quiet evening.

via Janetter for Mac

And another six red-browed finch just arrived, so that’s 14 now. Alas, no camera within reach, and moving would scare them off.

via Janetter for Mac

There’s now eight red-browed finch scampering about outside my window at @bunjaree (photo March 2013), plus rosellas. pic.twitter.com/DKY1Yk9s30

via Janetter for Mac

@mjec @bengrubb Write a rootkit into the allocated memory, or something? Or is RCE impossible with this one?

via Janetter for Mac in reply to mjec

If I understand correctly, @edhusicMP, “Underwood” is American for “Urquhart”? OK, I’ll go away now… @0x1C

via Janetter for Mac in reply to edhusicMP

@bengrubb @mjec Early days, early days. And hey, who else found this vulnerability, at any time in the last two years?

via Janetter for Mac in reply to bengrubb

RT @jeamland: So if the NSA had Heartbleed why did they need Lavabit’s keys? [You’ve never spoken to a philatelist, have you?]

via Janetter for Mac

dalmaer If your software has no bugs:

- you have no users, or
- you have no features, or
- you are Donald Knuth.

via Twitter for iPhone (retweeted on 9:14 AM, Apr 9th, 2014 via Janetter for Mac)

@mjec @bengrubb And my understanding is that an exploit could potentially push data into web server memory as well as pull it out.

via Janetter for Mac in reply to mjec

@bengrubb It’s about pulling stuff from server memory. Who knows what you’ll get if you just keep grabbing stuff and analysing it later.

via Janetter for Mac in reply to bengrubb

@bengrubb There’s a school of thought, which I subscribe to, that would say EVERYTHING should be encrypted for privacy.

via Janetter for Mac in reply to bengrubb

@bengrubb Yes, that’s pretty special, isn’t it. I shall be referring to that one.

via Janetter for Mac in reply to bengrubb

@juhasaarinen “Over-caffeinated”? Why? Is there something happening news-wise today?

via Janetter for Mac in reply to juhasaarinen

@cPanel You have no Heartbleed advisory published yet?

via Janetter for Mac

@comedy_nerd The “Why?” paragraph of the linked-to article is the raw basics. Then try this from @bengrubb. smh.com.au/it-pro/securit…

via Janetter for Mac in reply to comedy_nerd

I do wish @ChrisGatford would stop breaking the internet. Some of us are trying to use it.

via Janetter for Mac

So @ChrisGatford’s Hacklabs says 10% of ASX 200 companies’ websites were heartbleeding last night Australian time. hacklabs.com/team-penetrati…

via Janetter for Mac

Pinboard Hope this is the final nail in the coffin of Eric Raymond’s stupid “given enough eyeballs, all bugs are shallow” bromide.

via YoruFukurou (retweeted on 8:13 AM, Apr 9th, 2014 via Janetter for Mac)

djrbliss At least now that is patched, OpenSSL is 100% bug free.

via Twitter Web Client (retweeted on 8:13 AM, Apr 9th, 2014 via Janetter for Mac)

“Flirty Bots.” Fuck I love the 21st Century.

via Janetter for Mac

Press release just received: “Flirty Bots on Tinder Pose Threat to Australian Singles”. It’s going to be one of those days.

via Janetter for Mac

That’s OK, @SnarkyPlatypus . @Airbnb has probably lost their keys too. They’re still Heartbleeding everywhere. filippo.io/Heartbleed/#ai…

via Janetter for Mac

@drsimmo I believe they are the options, yes.

via Janetter for Mac in reply to drsimmo

@SnarkyPlatypus Then again, that’s only helpful if they’ve also changed keys and certificates their end too. This is a vast schmerozzle.

via Janetter for Mac in reply to SnarkyPlatypus

@SnarkyPlatypus For each site, check that they’re clear using filippo.io/Heartbleed/ before changing passwords etc.

via Janetter for Mac in reply to SnarkyPlatypus

@drsimmo I feelpinion, based on precisely zero research, is that it’s all about tribal zealotry.

via Janetter for Mac in reply to drsimmo

If what @tqbf says is true, and I have no reason to doubt him, then we’re going to be pulling dead pigeons out of OpenSSL for months.

via Janetter for Mac

tqbf So let me understand this: get anything into an RFC, no matter how obviously silly, and you can commit it directly into OpenSSL?

via Tweetbot for Mac (retweeted on 7:31 AM, Apr 9th, 2014 via Janetter for Mac)

I can hear the sound of the machine that turns liquified dinosaurs into electricity.

via Janetter for Mac

Yes, @drsimmo, WordPress is quite, um, ecumenical. It provides (from memory), Flash, Silverlight and HTML5 upload widgets.

via Janetter for Mac in reply to drsimmo

RT @paulkidd: If you take that NHMRC report on homoeopathy and dilute it a thousand times, it actually say homoeopathy works.

via Janetter for Mac

“Major Australian Health Study [NHMRC] Has Found No Reliable Evidence That Homeopathy Works” businessinsider.com.au/a-major-austra…

via Janetter for Mac

Watching client WordPress installations update themselves. I see it happen ‘cos ClamAV flags the Silverlight file uploader as suspicious.

via Janetter for Mac

@sylmobile And at any time while private keys and passwords were exposed, someone could cruise in, drop a rootkit, and you’d be pwned.

via Janetter for Mac in reply to sylmobile

“Aust’s freedom debate is dominated by a narrow, inconsistently applied definition of freedom”, writes @profsarahj theage.com.au/comment/freedo…

via Janetter for Mac

RT @PeteLawler: @juhasaarinen Wrong headline. ‘As usual, only a couple of admins are allowed to scramble by their management…’ [True.]

via Janetter for Mac

glengyron SSL -> SL

via TweetDeck (retweeted on 7:12 AM, Apr 9th, 2014 via Janetter for Mac)

“Admins scramble to plug giant OpenSSL security hole”, writes @juhasaarinen itnews.com.au/News/382211,ad…

via Janetter for Mac

kjhealy Here we see some bay area sysadmins dealing with the Heartbleed issue. pic.twitter.com/lG0Icl87uh

via Twitter Web Client (retweeted on 7:05 AM, Apr 9th, 2014 via Janetter for Mac)

Wed plan, draft: Write for @crikey_news; finish writing up SEKRIT thing; resolve cashflow emergency; produce @5at5daily; quiet evening.

via Janetter for Mac

@sylmobile Apart from all the private keys and certificates that have been exposed for up to two years, you mean?

via Janetter for Mac in reply to sylmobile

RT @PeteLawler: cert.gov.au too, apparently… (ht @mjec) [Confirmed. Condition YELLOW SUBMARINE at cert.gov.au.]

via Janetter for Mac

Amusing myself by opening my OS X Keychain, looking at the list of trusted CA root certificates, and laughing and laughing and laughing.

via Janetter for Mac

@profsarahj @SachaBlumen I am willing to be appointed Commissioner for Wednesdays.

via Janetter for Mac in reply to profsarahj

Websites in Alexa top 10000 which tested vulnerable to as of 1800 UTC. gist.github.com/dberkholz/1016… HT @missuze via @OkanovicM

via Janetter for Mac

Just to be clear, this was a dream. As far as I know, neither @edhusicMP nor @0x1C murdered anyone yesterday, or at all this week.

via Janetter for Mac

Does any of this ring any bells, @edhusicMP @0x1C, or do you two need some time to get your story straight?

via Janetter for Mac

The detective interviewing me insisted on doing so at a folding wooden table set up next to the woman’s bloody corpse. @edhusicMP @0x1C

via Janetter for Mac

The key evidence linking me, @edhusicMP, @0x1C and me to the murder victim was a “strong interest” in black patent leather shoes.

via Janetter for Mac

In last night’s dream I was interviewed by police in relation to the murder of a young woman, and @edhusicMP and @0x1C were key suspects.

via Janetter for Mac

Wednesday. Fuck fuck fuck fuck fuck the upfuckage in this world just goes on and on and fucking on when will it end. Never. Wednesday.

via Janetter for Mac