Stilgherrian (@stilgherrian)

Wentworth Falls NSW AU

The below is an off-site archive of all tweets posted by @stilgherrian ever

June 4th, 2015

Matt_Bove “You can have 15 extra seconds as long as I see VO of hot hockey players” @OHnewsroom

via Twitter for iPhone (retweeted on 10:20 PM, Jun 4th, 2015 via Plume for Android)

michaelneale @jonoabroad @stilgherrian not really my domain but I don’t think would be the optimal place to go on the pull.

via Tweetbot for iΟS (retweeted on 10:19 PM, Jun 4th, 2015 via Plume for Android)

God, I need to get out of here, this is just so wrong.

via Plume for Android

Discussing how pay scales for pentesters are proportional to to proportion of shaved / waxed / bald skin on display.

via Plume for Android

I do always feel more comfortable up the back with the crew. pic.twitter.com/KhJyJaMeHp

via Plume for Android

OH: “You seem to have a deep insight into the human condition. Do you work for Firemon?”

via Plume for Android

OH: “Why isn’t there a dance floor at AusCERT?” Jesus Christ.

via Plume for Android

NewtonMark Imagine if Brandis wrote poetry.

via Tweetbot for iΟS (retweeted on 9:11 PM, Jun 4th, 2015 via Plume for Android)

I don’t know, but the phone tried doing face-recognition on the round things. pic.twitter.com/jSU7eYOBHE

via Plume for Android

OH, to me, after making a controversial comment: “This is off the record, you cunt.” And I was slapped.

via Plume for Android

AusCERT Award for Best Security Initiative: Let’s Encrypt.

via Plume for Android

AusCERT Award for Organisational Excellence in Cyber Security: The Shadowserver Foundation.

via Plume for Android

AusCERT award for Individual Excellence in Cyber Security: Peter Fowler, SA Government.

via Plume for Android

“That’s not censorship,” says @JazzTwemlow, “That’s just evolution.”

via Plume for Android

On Westboro Church, “I don’t think you should use 21st century technology to spread medieval ideas…”

via Plume for Android

“In that I knew how long he spoke for, but I had no idea of the content.”

via Plume for Android

“Brandis’ explanation of metadata is an example of metadata,” says @JazzTwemlow

via Plume for Android

“My puritanical masters in the US objected to photos of me holding a glass of red this year. So this year it’s white.”

via Plume for Android

The obligatory sponsor speech from Firemon. pic.twitter.com/FAJQXDHmEc

via Plume for Android

This is a “chicken compression”, apparently. pic.twitter.com/h0T7dF6GD5

via Plume for Android

@SnarkyPlatypus Scroll back for his name. :P All I know it that he’s from NCIS.

via Plume for Android in reply to SnarkyPlatypus

@JustJimWillDo @SnarkyPlatypus Yeah, look, we get all types at this conference. Even NCIS.

via Plume for Android in reply to JustJimWillDo

@SnarkyPlatypus It was a brilliantly funny presentation too.

via Plume for Android in reply to SnarkyPlatypus

@SnarkyPlatypus Yes. And that’s why it’s so much loveliness at this event.

via Plume for Android in reply to SnarkyPlatypus

Terrible OPSEC is terrible.

via Plume for Android

And now the gap until the Gala Dinner…

via Plume for Android

@antisnatchor @0x1C The lovely Mr So did say something to the effect that the mission never ends. Does that seem right?

via TweetDeck in reply to antisnatchor

@rharpur @troyhunt @lady_nerd The whole presentation is / will be online as video. I’m not sure of the timelines on that.

via TweetDeck in reply to rharpur

@AtomicMPC I couldn’t quickly find a photo of the actual building. I am sulking. And not only because @0x1C hates me now.

via TweetDeck in reply to AtomicMPC

@0x1C I am not intelligent enough to understand your talk. :( Also, did you give out caps?

via TweetDeck in reply to 0x1C

The new INTERPOL Global Centre for Innovation (IGCI) in Singapore is a bit schmick! pic.twitter.com/T1jYF9Nt6m

via TweetDeck

Current prices of cybercrime services, via INTERPOL. pic.twitter.com/QChvJzrhIO

via Plume for Android

leemillburn Joke of the day by @JazzTwemlow “I poured this new antivirus on my laptop…” pic.twitter.com/qvxme7jdDT

via Twitter for iPhone (retweeted on 4:14 PM, Jun 4th, 2015 via TweetDeck)

@rohan_p He also confirmed that he IS Abbey, but without the tattoos.

via TweetDeck in reply to rohan_p

@rohan_p That was the scene So showed to intro his presentation, and he confirmed that it’s all true.

via TweetDeck in reply to rohan_p

Next, Steve Honiss, INTERPOL: Future of Policing: INTERPOL Global Complex for Innovation. Livestream at livestream.com/accounts/49315…

via TweetDeck

Um, because I know what 302 means, I know own an actual NCIS cap. pic.twitter.com/9cjqsU2cHm

via Plume for Android

“I always like a picture, and this one looks like the birth of the Universe.” pic.twitter.com/dbpQq8EyuU

via Plume for Android

The dichotomy between these straight NCIS slides and So’s pissingly funny monologue is just… oh, just look out for the video15

via TweetDeck

“I approached the situation as if it were a crime scene.” pic.twitter.com/mNlYDvVSQd

via Plume for Android

This. Presentation. Is. Hilarious. And. You. Should. Be. Watching. The. Video.

via TweetDeck

So says he never gets any sleep when in Australia ‘cos he’s having too much fun watching arguments in Parliament. Uhuh.

via TweetDeck

So is presenting a good, entertaining primer on setting up your incident response plan. pic.twitter.com/Miy58PDbfu

via Plume for Android

“NCIS is Navy. Does this look like a military campaign to you?” pic.twitter.com/LXLtHG3e2T

via Plume for Android

When So started at NCIS, they did have a mainframe. So if someone was hacking into it they’d have to be using punched cards.

via TweetDeck

So shows us THAT hacking clip from the NCIS TV show. “See when they’re on the one jeyboard? We are THAT good.”

via TweetDeck

Next up: Edward So, US NCIS”
“Network Intrusion Response: Case Study and Lessons Learned” Livestream at livestream.com/accounts/49315…

via TweetDeck

Me at @zdnetaustralia: “Air gaps still cheap and effective defence for critical networks: @e_kasperskyzdnet.com/article/air-ga…

via TweetDeck

Another (quick) story filed for @zdnetaustralia, so I don’t look completely unproductive.

via Plume for Android

@jamver @Bruce_Schneier @zdnetaustralia This precise point is also made by @MikePBurgess, in paragraph 3.

via TweetDeck in reply to jamver

Me at @zdnetaustralia earlier: “T​elstra CISO @MikePBurgess blasts cyber ‘attribution distraction’” zdnet.com/article/telstr…

via TweetDeck

Yes, I’m sure this is EXACTLY why women can’t get into the tech industry. twitter.com/PLENNetwork/st…

via Twitter Web Client

@semibogan @daviottenheimer @e_kaspersky This is one way where it’s hard to tweet conferences. “This is just what the presenter said…”

via TweetDeck in reply to semibogan

What a lovely day on the Gold Coast. pic.twitter.com/AfuYQtKJKX

via Plume for Android

@daviottenheimer @semibogan @e_kaspersky Ah, a very useful list, thank you. I shall go through that in detail when I’m not on deadline.

via TweetDeck in reply to daviottenheimer

TheNewDailyAu When a photo op goes horribly, horribly wrong and Twitter mercilessly mocks you: bit.ly/1ALrRd6 pic.twitter.com/HBL2YO6nGR

via TweetDeck (retweeted on 1:49 PM, Jun 4th, 2015 via TweetDeck)

@roninsec @Steve_Lockstep @zdnetaustralia @MikePBurgess No-one said attribution wasn’t “useful”. In fact, the opposite was said.

via TweetDeck in reply to roninsec

@StanDevia No, we’re talking about getting the Android to (say) visit a website with malicious code, as one example. Not about your apps.

via TweetDeck in reply to StanDevia

@semibogan @hubert3 @e_kaspersky @0x1C @KimZetter I shall do the same. I, too, have heard it’s great stuff.

via TweetDeck in reply to semibogan

@semibogan @e_kaspersky Ah yes, one of the few documented actual SCADA attacks, and a “lovely” one.

via TweetDeck in reply to semibogan

Suggestion from @e_kaspersky: put filter devices between SCADA and turbine, say, to remove obviously dangerous commands.

via TweetDeck

Steve_Lockstep .@e_kaspersky correctly (in my view) calls out that “any attack is possible” < because everything is software controlled.

via Twitter for iPhone (retweeted on 12:30 PM, Jun 4th, 2015 via TweetDeck)

Steve_Lockstep MyPOV: Because there are no air-gaps anymore, I would ban smart thermostats in power stations. Seriously. /cc @e_kaspersky

via Twitter for iPhone (retweeted on 12:27 PM, Jun 4th, 2015 via TweetDeck)

“Airbus confirms software brought down A400M transport plane” mentioned by @e_kaspersky theregister.co.uk/2015/05/31/air…

via TweetDeck

“A Cyberattack Has Caused Confirmed Physical Damage for the Second Time Ever” mentioned by @e_kaspersky wired.com/2015/01/german…

via TweetDeck

Which means that criminals will be able to sabotage SCADA systems just like nation-state actors.

via TweetDeck

A reminder (again) from @e_kaspersky that criminals can get hold of military-grade malware, and learn, and copy-paste the code.

via TweetDeck

I will say this is, broadly, the standard @e_kaspersky exposition with current examples. Obviously new to most people here.

via TweetDeck

Hackers were employed to hack SCADA of Antwerp port container system, so the container with their cocaine wasn’t intercepted.

via TweetDeck

Examples of IoT hacks include hack coal mine SCADA to steal coal, hack petrol station SCADSA to steal petrol.

via TweetDeck

shipw RT @sintixerr: “The Internet of Things” and “The Internet” have. always. been. the. same. thing. knowyourmeme.com/memes/internet…

via Echofon (retweeted on 12:10 PM, Jun 4th, 2015 via TweetDeck)

Steve_Lockstep .@e_kaspersky asks if anyone is doing payments yet from their ? A few!! pic.twitter.com/7R6meaUVYU

via Twitter for iPhone (retweeted on 12:10 PM, Jun 4th, 2015 via TweetDeck)

Next expansion of malware is Smart TV with payment integrated, says @e_kaspersky… and Kaspersky Lab already has a prototype15

via TweetDeck

The expansion of mobile malware is like the expansion of a red giant, says @e_kaspersky pic.twitter.com/SIBw0regJo

via Plume for Android

“Who here has an Android phone? Oh,” says @e_kaspersky, shaking his head in pity.

via TweetDeck

The number of threats in the Kaspersky Lab database. pic.twitter.com/I3x8t9L9E6

via Plume for Android

Next up, @e_kaspersky on “The Internet of Threats”, not on the Livestream.

via TweetDeck

Steve_Lockstep Clacherty: “It is not acceptable for a politician to say ‘I am not a tech head’” pic.twitter.com/WQRxxBuME6

via iOS (retweeted on 11:46 AM, Jun 4th, 2015 via TweetDeck)

I love it when people jot down my notes for me. twitter.com/iappleby/statu…

via TweetDeck

Steve_Lockstep Clacherty: already adverse effect on government accountability. /cc @jessradio pic.twitter.com/R7Kqzm9Fea

via Twitter for iPhone (retweeted on 11:42 AM, Jun 4th, 2015 via TweetDeck)

Ah yes, @maxious, this sounds like the sort of thing @will_ock would do. Got links, @will_ock? twitter.com/maxious/status…

via TweetDeck

Just mentioned by @OaaSvc: @SenatorLudlam asking for evidence that data retention works. youtube.com/watch?v=aYoGZp…

via TweetDeck

@FutureWiseAU @OaaSvc @bengrubb Ah yes, I think you’re right. I’m trying to find that link now. Ben’s case is still being appealed IIRC.

via TweetDeck in reply to FutureWiseAU

“Free speech and democracy vs. metadata and Telstra”, being @smh’s editorial on @bengrubb’s data. smh.com.au/comment/smh-ed…

via TweetDeck

The person who obtained their Telstra data that @OaaSvc just mentioned was @bengrubb, finding the best links now..15

via TweetDeck

@mpesce @swearyanthony So where do you hide the crucifix, exactly?

via TweetDeck in reply to mpesce

My most recent on data retention: Australia’s data-retention debate hits Derpcon Zero” (Mar 2015) zdnet.com/article/austra…

via TweetDeck

@mpesce @swearyanthony You’re right, Mark, but we still like to see you on the TV.

via TweetDeck in reply to mpesce

In which @OaaSvc performs one of his most-requested musical numbers. pic.twitter.com/ivQSnL5Faj

via Plume for Android

That is to say, @OaaSvc is up, and he’s on the Livestream at livestream.com/accounts/49315…

via TweetDeck

Next up, Justin Clacherty, Futurewise:
“Mandatory Data Retention - These are not the policies you are looking for”

via TweetDeck

AndrewBGreene particularly bad when it looks like the boss is actually posing RT @HeathJAston PMO advancer fail: pic.twitter.com/8RmyuVVIxx

via Twitter Web Client (retweeted on 10:37 AM, Jun 4th, 2015 via TweetDeck)

cxi I once went to a Hands On Lab, and was all like, “Cmon, can’t we get a Pug?!”

via TweetDeck (retweeted on 10:32 AM, Jun 4th, 2015 via TweetDeck)

EvaMcGinness @Bruce_Schneier Sony was doing minimum security required by law only as risk was less than giving shareholders small bonuses.

via Hootsuite (retweeted on 10:24 AM, Jun 4th, 2015 via TweetDeck)

tsimonite Autonomous security robots patrolling in Santa Clara. pic.twitter.com/v9MDNSRBCR

via Twitter for Android (retweeted on 10:17 AM, Jun 4th, 2015 via TweetDeck)

@jplonie Ah. I was not in the room. I’ve been in the media work room, failing to get any media work done.

via TweetDeck in reply to jplonie

Wow that explains so much.

via TweetDeck

“The turtle is on its back, Bill, but you’re not helping.”

via TweetDeck

glengyron Is Blurb about to out himself as an android? twitter.com/joeobrien24/st…

via TweetDeck (retweeted on 10:10 AM, Jun 4th, 2015 via TweetDeck)

Awaiting the inevitable government call for a ban on milling machines, offices, and metal. twitter.com/SquigglyRick/s…

via TweetDeck

Steve_Lockstep .@briankrebs finds some hacker sites have Google code. < Funniest thing I’ve heard all week!

via Twitter for iPhone (retweeted on 9:49 AM, Jun 4th, 2015 via TweetDeck)

@0x1C @kofeyh Um, I need a moment alone now.

via TweetDeck in reply to 0x1C

@paulwallbank Mate, it’s me and @darrenpauli in Media Room 1, achieving SFA this morning.

via TweetDeck in reply to paulwallbank

jamver How does a kid smoke $1200 marihuana per week? (and still keep their Cyber Crime business running?) @krebsonsec doesn’t know

via Twitter for iPhone (retweeted on 9:40 AM, Jun 4th, 2015 via TweetDeck)

@0x1C @kofeyh Sounds like a couple of coffees might be needed. PoE.

via TweetDeck in reply to 0x1C

Finally settling back into the writing, now that @darrenpauli has STFU’d.

via TweetDeck

Does @darrenpauli ever shut up? (And yes, this is me talking.)

via TweetDeck

The livestream for today’s is, um, live. livestream.com/accounts/49315…

via TweetDeck

FionaPattenMLC Love the quotes marks around truth. Wonder if the archbishops made the same grammatical emphasis pic.twitter.com/V1jq809d7m

via Twitter for iPhone (retweeted on 9:04 AM, Jun 4th, 2015 via TweetDeck)

Me at @zdnetaustralia: “T​elstra CISO @MikePBurgess blasts cyber ‘attribution distraction’” zdnet.com/article/telstr…

via TweetDeck

I won’t be tweeting the @briankrebs or @Bruce_Schneier presentations, ‘cos I have deadlines, but you can watch the livestream.

via TweetDeck

Thu plan: Write for @zdnetaustralia from the AusCERT Infosec Conference conference.auscert.org.au/program; @5at5daily; AusCERT Gala Dinner; collapse.

via TweetDeck

@BXGD @PeteTerranova No, no it has to be your own poop. In the reply-paid envelope provided.

via TweetDeck in reply to BXGD

Receiving an update on @darrenpauli’s Chicken War situation.

via Plume for Android

@CSO_Australia Well, yes, I know SOME people have already not only “considered” but “implemented”.

via TweetDeck in reply to CSO_Australia

“Winners of the European Security Blog Awards”, via @BrianHonan bhconsulting.ie/securitywatch/…

via TweetDeck

“Japan’s deflation battle reflected in sagging blow-job market”, reports @tokyoreporter tokyoreporter.com/2015/05/30/jap…

via TweetDeck

kat9379 Nothing says “pussy whipped” more than blokes who have joint FB accounts with their mrs

via Twitter for iPhone (retweeted on 6:54 AM, Jun 4th, 2015 via TweetDeck)

@SnarkyPlatypus No idea. I was in bed early. It was all individual vendor hospitality last night. Conference dinner tonight.

via TweetDeck in reply to SnarkyPlatypus

@19bk69 @jeamland This is likely, at least for those who went to the @hacklabs event.

via TweetDeck in reply to 19bk69

The crowd are all∗ having an early breakfast and zooming into their day. pic.twitter.com/pVl1piMolH

via Plume for Android

Moon and balloons, and a Gold Coast dawn. pic.twitter.com/0FMy2Qt5h1

via Plume for Android

Regular listeners will be pleased to hear that I’ve just packed up my poo to send to the Australian government in their reply-paid envelope.

via TweetDeck

This also is a reasonable concept. twitter.com/jeamland/statu…

via TweetDeck

Infosec people don’t form so much a “community” as an “asylum”.

via TweetDeck

@myrcurial @Viss Well obviously. I have not forgotten our… “arrangement”.

via TweetDeck in reply to myrcurial

@Viss @myrcurial @Dropbox Hah! For me it’s also the 1password sync, plus large audio files that go into my podcasts anyway.

via TweetDeck in reply to Viss

@Viss @myrcurial @Dropbox Ms Rice is looking for more reading material. ;)

via TweetDeck in reply to Viss

@Viss @myrcurial @Dropbox “Sharing animated GIFs”? You should be thrown into the lava pits just for that!

via TweetDeck in reply to Viss

Today’s first story filed for @zdnetaustralia. Who said an 0400 start might be counterproductive? Kill me.

via TweetDeck

ashd_au Rise and shine .. Its time to go for a run!

via Twitter for Android (retweeted on 6:01 AM, Jun 4th, 2015 via TweetDeck)

@taosecurity I’ve got an op-ed coming later (Monday?) which ties together my views of this week’s and threads.

via TweetDeck in reply to taosecurity

@taosecurity Yep, and General Day made it clear (though I didn’t focus on that) that better exit monitoring was also key to ASD’s successes.

via TweetDeck in reply to taosecurity

@taosecurity @TheRegister @darrenpauli … but though I admit to being quite a fan of ASD’s Top Four, sure, it’s not the be-all and end-all.

via TweetDeck in reply to taosecurity

@taosecurity I do know @TheRegister @darrenpauli had a separate chat with General Day, so he may know something I don’t…

via TweetDeck in reply to taosecurity

@taosecurity @TheRegister @darrenpauli At least that is my understanding right now at 0450 AEST without checking my notes or the recording.

via TweetDeck in reply to taosecurity

@taosecurity @TheRegister @darrenpauli “No compromises” was a target. The chart’s non-zero 2013-2014 for compromises, but no exfiltration.

via TweetDeck in reply to taosecurity

Me at @zdnetaustralia Wednesday: “Australia’s cyber defence ‘pretty ordinary’ before ASD’s Top Four” zdnet.com/article/austra…

via TweetDeck

Thu plan, draft: Write for @zdnetaustralia; 0900 AusCERT Infosec Conference conference.auscert.org.au/program; @5at5daily; AusCert Gala Dinner; thud.

via TweetDeck

Thursday. You have already been defeated. Please hand your key to the attendant. Thursday.

via TweetDeck