Stilgherrian (@stilgherrian)

Wentworth Falls NSW AU

The below is an off-site archive of all tweets posted by @stilgherrian ever

March 15th, 2017

OK, I’ve had enough.

via TweetDeck

Mind you, it’s a great testimonial. “The Dept of Human Services’ IT systems: not quite as shit as the Australian Ta..twitter.com/i/web/status/8…2Z

via TweetDeck in reply to stilgherrian

And people wonder why their cybers are fucked. twitter.com/bigmac/status/…

via TweetDeck

COMPUTERS ARE DIFFICULT YOU KNOW.

via TweetDeck in reply to stilgherrian

WELL IT’S AN IMPROVEMENT STOP YOUR WHINGING. twitter.com/NewtonMark/sta…

via TweetDeck

@PeteLawler That’s outside. I don’t want to go outside.

via TweetDeck in reply to PeteLawler

“ATO and Immigration beaten by pilloried Human Services in cyber audit”, writes also @dobes zdnet.com/article/ato-an…

via TweetDeck in reply to stilgherrian

“ASD hands out government-protected cloud certification to two local players”, writes @dobes zdnet.com/article/asd-ha…

via TweetDeck in reply to stilgherrian

Me at @zdnetaustralia: “​Machine learning can also aid the cyber enemy: NSA research head” zdnet.com/article/machin…

via TweetDeck in reply to stilgherrian

OK, since it’ll be a short while before my meds kick in, let me plug a few things. Here we go, possums.

via TweetDeck

Back at my hotel in Goulburn or Cowra or Mesopotamia or wherever the fuck this is.

via TweetDeck

That moment when leaving that you stand straight and speak politely in a valiant but futile attempt to convince the staff you’re not drunk.

via Tweetbot for iΟS

kriemhildsrache YOU👏🏻CAN’T👏🏻CALL👏🏻YOURSELF👏🏻GOTH👏🏻IF👏🏻YOU👏🏻DIDN’T👏🏻CONTRIBUTE👏🏻TO👏🏻THE👏🏻FALL👏🏻OF👏🏻THE👏🏻ROMAN👏🏻EMPIRE👏🏻

via Twitter for iPhone (retweeted on 9:49 PM, Mar 15th, 2017 via Tweetbot for iΟS)

@kcarruthers I know about these things, and in this case I know exactly how to fix it. Sigh.

via Tweetbot for iΟS in reply to kcarruthers

Hmmm. There’s something a bit sharp in the top end of the vocals mix, and I so want to fix it.

via Tweetbot for iΟS

“Provided”? That’s a bit previous. They’re still providing it. twitter.com/ACSCConference…

via Tweetbot for iΟS

This is about the fourth time I’ve seen Axis of Awesome and they continue to be fun.

via Tweetbot for iΟS in reply to stilgherrian

Oh excellent we have Axis of Awesome on now.

via Tweetbot for iΟS

@PeteLawler @theweeklytv I will. Because, re my tweet about Tuesday, I’ve made a terrible mistake.

via Tweetbot for iΟS in reply to PeteLawler

Oh shit. Today’s not Tuesday.

via Tweetbot for iΟS

All the “important” cyberpeople are at the next table. It just smells of Canberra. It smells good enough to lick.

via Tweetbot for iΟS

GeorgeBludger Malcom is tough, he’s gonna get tough now, look, you better get out of the way, he’s going to get really really rea..twitter.com/i/web/status/8…Wv

via TweetDeck (retweeted on 8:48 PM, Mar 15th, 2017 via Tweetbot for iΟS)

Well obviously @ProfBrianCox is, once more, telling lies. Lies lies lies lies lies. twitter.com/stilgherrian/s…

via Tweetbot for iΟS in reply to stilgherrian

The chicken was acceptable.

via Tweetbot for iΟS

I quite liked Luke’s routine. Tough gig in this room, so bravo.

via Tweetbot for iΟS in reply to stilgherrian

First act up is Luke McGregor. Took a short while for the audience to get his style, but we’re there now.

via Tweetbot for iΟS

The universe ends in 20 minutes, folks. pic.twitter.com/QEscuWl1cm

via Twitter for iPhone

Our MC is Erin Molan, and she’s kicked things off rather well this evening.

via Tweetbot for iΟS

@vvlado @zdnetaustralia True, which is why I linked to the Monash guy story. I hindsight I’d have dropped in a quote.

via Tweetbot for iΟS in reply to vvlado

There’s quite a lot going on here too. twitter.com/Cyber_Roo/stat…

via Tweetbot for iΟS

Quokkas are a drunk person’s idea of a rabbit. twitter.com/NuclearAnthro/…

via Tweetbot for iΟS

@AusRob No you’re thinking of the Lighthouse of Ephesus.

via TweetDeck in reply to AusRob

[Makes note.] “Great Pyramid at Giza… Hanging Gardens of Babylon… Colossus of Alexandria… Rosewater in Jetwitter.com/R_Chirgwin/sta…vDiWJ61K

via TweetDeck

Today’s sessions at @ACSCConference are over. The dinner is tonight. Stand by for some lively celebration.

via TweetDeck

@caseyjohnellis Now don’t get me started about quokkas. However the poll results are clear. twitter.com/stilgherrian/s…

via TweetDeck in reply to caseyjohnellis

@NuclearAnthro Indeed. You can see why I was so happy to see one wandering down the verandah those few months back.

via TweetDeck in reply to NuclearAnthro

GreenJ there’s that sorted then. twitter.com/thehill/status…

via TweetDeck (retweeted on 4:45 PM, Mar 15th, 2017 via TweetDeck)

Quolls quolls quolls quolls quolls quolls quolls quolls quolls quolls quolls quolls quolls quolls quolls quolls quolls quolls quolls quolls.

via TweetDeck in reply to stilgherrian

I still call these guys a spotted quoll rather than a tiger quoll, because they have spots not stripes.

via TweetDeck in reply to stilgherrian

“Millions of records leaked from huge US corporate database” zdnet.com/article/millio… Must be a day ending in Y.

via TweetDeck

Me at @zdnetaustralia: “Machine learning can also aid the cyber enemy: NSA research head” zdnet.com/article/machin…

via TweetDeck

@zerointerupt @snare I hadn’t noticed that! Yes, that’s… innovative.

via TweetDeck in reply to zerointerupt

Just get this guy to do it for you. twitter.com/agdgovau/statu…

via TweetDeck

Video streaming over SIP to avoid being detected as HTTP. Cute.

via TweetDeck in reply to stilgherrian

BTW, @ablaich has illustrated his slides on Pegasus with this image. pic.twitter.com/oUgVE76ZT7

via TweetDeck in reply to stilgherrian

@snare It also frightens me that I’m in the second group. Not down in the weeds, obviously, ‘cos I won’t work in this, but yeah kinda.

via TweetDeck in reply to snare

@snare It kinda frightens me how many in the room are transfixed compared with how many are nodding “OK, this all seems straightforward.”

via TweetDeck in reply to snare

@munin Hey they seem to come in nice sequentially-numbered CVEs. I guess it’s a discount for buying the whole set.

via TweetDeck in reply to munin

@snare I only know the ones that are also used on breakfast cereal packaging.

via TweetDeck in reply to snare

@munin Yep. As I said, a textbook example. It makes it all look so easy, right?

via TweetDeck in reply to munin

The attack chain used in Pegasus. Kinda looks like a textbook example. pic.twitter.com/VKPQLqw8Ab

via Tweetbot for iΟS in reply to stilgherrian

This is the thing we’re looking at. Current cyberhexagon colour: Green. pic.twitter.com/EdmyKNbkyV

via Tweetbot for iΟS in reply to stilgherrian

I dunno how much of this I’ll tweet. This is a more technical thingo as my end-of-day treat.

via TweetDeck in reply to stilgherrian

Next for me: Andrew Blaich, Lookout, “Mobile Espionage in the Wild: Pegasus & Nation-State Level Attacks” acsc2017.com.au/wp-content/upl…

via TweetDeck

“Just put your hands into the box…” pic.twitter.com/SLBeSUNwM5

via Twitter for iPhone

Story filed for @zdnetaustralia. The cyber count is only six, but it’s got some other fun stuff in it.

via TweetDeck

Announced today: “ASD Certified Cloud Services”, up to PROTECTED classification level. asd.gov.au/infosec/irap/c…

via TweetDeck

@kcarruthers There isn’t a media release as such, but it’s up on the ASD’s website. asd.gov.au/infosec/irap/c…

via TweetDeck in reply to kcarruthers

dandrezner WTF does that even mean? twitter.com/yashar/status/…

via Twitter Web Client (retweeted on 2:01 PM, Mar 15th, 2017 via TweetDeck)

@kcarruthers Media room. Up the big stairs, turn right, door on left labelled “executive”.

via TweetDeck in reply to kcarruthers

iain_chalmers “But there’s no evidence of systemic objectification of women in tech!” <sigh> ping @mpesce twitter.com/zenalbatross/s…

via Twitterrific (retweeted on 12:42 PM, Mar 15th, 2017 via Tweetbot for iΟS)

zackwhittaker It’s nowhere near as huge as Donald Trump’s tax returns, but we have a pretty big data breach story incoming in the next few minutes…

via Twitter Web Client (retweeted on 12:41 PM, Mar 15th, 2017 via Tweetbot for iΟS)

toomuchACSCswag Friend: Mandiant part of Fireeye now.
Me: Man, dey are.

via Twitter for Android (retweeted on 12:40 PM, Mar 15th, 2017 via Tweetbot for iΟS)

cyberfysicalroo Me, agile: Nation state APT is in my threat model

You, a clod: WordPress stores protected page password in plaintext

via Twitter for Android (retweeted on 12:08 PM, Mar 15th, 2017 via TweetDeck)

Next for me,: Marcella Hawkes, DPMC, with an update on Australia’s Cyber Security Strategy.

via TweetDeck

Bah. If they were properly evolved they’d just buy packet custard at the corner shop. twitter.com/tupac_katari12…

via TweetDeck in reply to stilgherrian

IDCARE wants to receive more recordings of scam calls.

via TweetDeck

Lacey: “Don’t be a monotreme, as much as they’re cute,” because they’e an evolutionary dead end.

via TweetDeck

The hashtag for cyber safety week was based on IDCARE’s research. Talking alound breaks the crisis cycle.

via TweetDeck

LetMicahDown Obama: “Where are you going…”
Biden: “Lunch with Rachel Maddow”
Obama: “What’s that in your hand…”
Biden: “Don’..twitter.com/i/web/status/8…ZJ

via Twitter Web Client (retweeted on 11:43 AM, Mar 15th, 2017 via TweetDeck)

@ApostrophePong Heh. Well at least you’re hitting the zeitgeist. But yeah, hexagons are a big thing in cybersecurity graphics at the moment.

via TweetDeck in reply to ApostrophePong

Affect of these scams on individuals. Physical is things like vomiting. pic.twitter.com/me3Yf9yzrU

via Twitter for iPhone

Here’s what the bad guys are after, with character translation problems. pic.twitter.com/yqduDBCmZ6

via Tweetbot for iΟS in reply to stilgherrian

Volumes are back up again now, though, so either these guys are back in operation, or a competitor has stepped in.

via TweetDeck in reply to stilgherrian

FBI, US FTC, Indian police arrested 770 employees in Thane, arrested 70. Scam call volumes to AU reported to IDCARE dropped 73%.

via TweetDeck in reply to stilgherrian

Targets have been persuaded to buy a bunch of iTunes vouchers to pay their “tax bill”. Hundreds of people.

via TweetDeck in reply to stilgherrian

The crims who do this act alone on each target, because they can build a relationship.

via TweetDeck in reply to stilgherrian

“So the govt says you owe $4500, you say you don’t. Who’s lying here?” Sound familiar?

via TweetDeck in reply to stilgherrian

“Criminals seek to activate the fear response and shut off our logical thought processes.” They’re targeting the amygdala.

via TweetDeck in reply to stilgherrian

Lacey is running through the structure of the brain and how it affects our reactions.

via TweetDeck

Mich11775 Abusing porting of phones - and using it to commit the broadest range of - is rife. Honest accounts fro..twitter.com/i/web/status/8…Rn

via Twitter for iPhone (retweeted on 11:25 AM, Mar 15th, 2017 via TweetDeck)

Definition of a crisis for these purposes. pic.twitter.com/gURgaLdTxP

via Twitter for iPhone

Cybercriminals need to create a crisis for the target, so they’re less questioning. Claim to be, say, government, bank, etc.

via TweetDeck

hrw Quote of the Day, by @nadimhoury bit.ly/2mpzC2N pic.twitter.com/yMUxxTRZ9F

via SocialFlow (retweeted on 11:15 AM, Mar 15th, 2017 via TweetDeck)

IDCARE provided support to families of those on MH370 and MH17, ‘cos the scammers targeted them by name.

via TweetDeck

New_Narrative CNN is reporting FBI Director Comey will go public on Trump-Russia probe. Going to be an interesting week

via Twitter for Mac (retweeted on 11:13 AM, Mar 15th, 2017 via TweetDeck)

These two people are believed to be behind many of those million remote access scam calls. pic.twitter.com/e2cwAsXkHR

via Twitter for iPhone

People record scam calls, send to IDCARE. Intel questions are: What made you believe it? When did you realise it was a scam?

via TweetDeck in reply to stilgherrian

IDCARE estimates that there’s more than a million phone scam calls coming into Australia each year.

via TweetDeck

RobinDLaws I feel like I should have predicted the future in which pornography replaces public works infrastructure. twitter.com/danielleiat/st…

via Twitter for iPhone (retweeted on 11:06 AM, Mar 15th, 2017 via TweetDeck)

We’ve got different cyberhexagons in this room, but they’re still excellent. pic.twitter.com/YJyDkR52We

via Twitter for iPhone

Lacey says about 23% of identity compromise hitting AU and NZ is via telephone remote access scams.

via TweetDeck in reply to stilgherrian

Next for me: Prof David Lacey, IDCARE, “The Psychology of Cybercrime” acsc2017.com.au/wp-content/upl…

via TweetDeck

maddow BREAKING: We’ve got Trump tax returns. Tonight, 9pm ET. MSNBC.

(Seriously).

via Twitter Web Client (retweeted on 10:41 AM, Mar 15th, 2017 via TweetDeck)

@alliecoyne Yep, up the big stairs, turn right, first (and only) open door on the left. You’ll see me.

via Twitter Web Client in reply to alliecoyne

@JoshMacTechie Mike did indeed allude to that, in a sideways fashion.

via TweetDeck in reply to JoshMacTechie

paulwiggins Spotted on Facebook. pic.twitter.com/fKzlyN5tpq

via Twitter for iPhone (retweeted on 9:56 AM, Mar 15th, 2017 via TweetDeck)

BernardKeane Big difference between clickbaiting and journalism too, Mia. Not that you’d know. twitter.com/AttardMon/stat…

via TweetDeck (retweeted on 9:53 AM, Mar 15th, 2017 via TweetDeck)

“mimikatz is the AK-47” of cyber, says Mike Sentonas. pic.twitter.com/LQBpKHD1Yv

via Twitter for iPhone

secvalve My thoughts: We’re in an arms race. Right now only defenders have info overload, let’s give it to the attackers too.

via Twitter for iPhone (retweeted on 9:47 AM, Mar 15th, 2017 via TweetDeck)

Re Frincke’s preso, “Machine learning needs rich feedback for AI teaching: Monash professor” (Oct 2016) zdnet.com/article/machin…

via TweetDeck in reply to stilgherrian

_Mike_Holm_ Michael Sentonas says stop focusing on malware, it’s just a tool used in attacks. Think about attacks without malware!

via Twitter for iPhone (retweeted on 9:39 AM, Mar 15th, 2017 via TweetDeck)

I’ll grab Mike’s slides later. Here’s the intro for now. pic.twitter.com/ZkkHy1stRc

via Twitter for iPhone

Up now: Michael Sentonas, CrowdStrike, “Att(h)acking democracy: From The Frontlines of 2016 Breaches”

via TweetDeck

ericpink The theme of this years Conference is “Are we using the right tools for the job?” twitter.com/stilgherrian/s…

via Twitter Web Client (retweeted on 9:36 AM, Mar 15th, 2017 via TweetDeck)

As expected, NSA’s Dr Deborah Frincke alone was worth the price of admission.

via TweetDeck

First audience question for Frincke: Can you elaborate on the WikiLeaks CIA dump? Frincke: No.

via TweetDeck

How do we get more different kinds of eyes looking at these problems? pic.twitter.com/0FCqVjehRV

via Twitter for iPhone

Oh yeah, and every nation needs to think about where it is here, and that changes over time. pic.twitter.com/s9g3yeD1tW

via Twitter for iPhone

Lots of detail here on how an attacker can screw up you big data / machine learning processes. pic.twitter.com/a75hKuHJPD

via Twitter for iPhone

Frincke is moving so fast that I can just get each slide up before another barrage of detail. pic.twitter.com/ZK3ikqFKyn

via Twitter for iPhone

I like the phrase “rigorous scientific” in this slide. pic.twitter.com/rE1fk8Ro8S

via Twitter for iPhone

NSA can have research programs running 20 years, but ultimately it must have an operational focus. pic.twitter.com/244UVBgb8x

via Twitter for iPhone

That makes sense, I reckon, since NSA (like GCHQ etc) grew out of the pure-maths roots of the WW2 codebreakers.

via TweetDeck in reply to stilgherrian

Frincke says that science is part of discussions all the way to the top of the NSA. A science-based organisation, can I say?

via TweetDeck

I’m sure this slide is on the NSA website, but nevertheless it contains many subtleties. pic.twitter.com/8PA2DkNcKU

via Twitter for iPhone

First up, Dr Deborah Frincke, who heads the research directorate the the NSA.

via TweetDeck

And @ACSCConference kicks off. The head of cybers at ASD does to formal opening. pic.twitter.com/TkzWW80zE2

via Twitter for iPhone

KetanJ0 This is a strangely framed shot? pic.twitter.com/HOaRjJ8FD1

via Twitter for Android (retweeted on 8:27 AM, Mar 15th, 2017 via Tweetbot for iΟS)

Which vendor has the best t-shirts or hoodies? Your time starts now.

via Tweetbot for iΟS

Mobile. Well, through the foyer to wait for my transport. Have I left enough time to get to the National Convention Centre?

via Tweetbot for iΟS

This sounds like the worst sex session ever. twitter.com/mikeal/status/…

via Tweetbot for iΟS

@ApostrophePong Yeah I was thinking that March is very late for snow in DC.

via Tweetbot for iΟS in reply to ApostrophePong

ryanjameshiscox Some nutcase in Perth cycled nearly 7 hours for 200km just to form a goat 🐐 pic.twitter.com/eyHLCD7BCZ

via Twitter for iPhone (retweeted on 8:06 AM, Mar 15th, 2017 via TweetDeck)

hypatiadotca I just can’t stop laughing at this pwnage pic.twitter.com/JKltrWOCwR

via Twitter Web Client (retweeted on 8:01 AM, Mar 15th, 2017 via TweetDeck)

@ApostrophePong I see that you’re snowed in, so I’m guessing beer may be involved.

via TweetDeck in reply to ApostrophePong

In case you’re wondering what I’m talking about..Stwitter.com/stilgherrian/s…ey

via TweetDeck in reply to stilgherrian

I won’t be able to walk into that room ever again. twitter.com/ericpink/statu…

via TweetDeck

Wed plan draft: @ACSCConference all day, including conference dinner acsc2017.com.au/program/. Mute to avoid all the cybers.

via TweetDeck

Wednesday. You can be certain of success if you buy the right brands. Wednesday.

via Tweetbot for iΟS