Jump to content


  • Content Count

  • Joined

  • Last visited

  • Days Won


ArchangelOfTheLamb last won the day on March 27 2016

ArchangelOfTheLamb had the most liked content!

Community Reputation

16 Serf

About ArchangelOfTheLamb

  • Rank

Profile Information

  • Gender
  1. ArchangelOfTheLamb

    How to deal with a rogue AI

    My definition is an AI that refuses to do as it's told. Though by that definition, Cortana is a rogue AI, since she does not bugger off my OS when I tell her to!
  2. ArchangelOfTheLamb

    9th-gen Intel or AMD Ryzen for development and VM laptop?

    That's good to know. Any idea how they go with Hyper-V server? If I can't get VMs running on the AMDs, I may just need to pay the extra for Intel :-(.
  3. ArchangelOfTheLamb

    9th-gen Intel or AMD Ryzen for development and VM laptop?

    Thanks for the responses. After thinking about it and doing some more research, I have decided that a high-performance laptop is likely to be too big and clunky for me to carry around, plus they don't seem to have touch screen and they appear to run quite hot, which would likely shorten their lifespan. As such, I am pursuing a new line of enquiry. I am going to get a cheaper and smaller (but still decent) laptop to carry around to work, etc. and spend the extra monies on a beast of a desktop, which I plan to build partly using parts cannibalised from my current desktop (e.g. I have a good case with cooling system and power supply, plus I have an alright graphics card and am willing to wait to get a new one for the next generation). The motherboard, CPU and RAM will be new, as will the SSD. Given that I have NBN, I can then set up a VPN and remote into my desktop when I want to run multiple VMs remotely. I will essentially be using the desktop as either a VMWare ESXi server/Hyper-V server. I think I will be able to get more bang for my buck with such a setup, though I am a tad concerned about latency when controlling my remote desktops. Has anyone done this sort of things before on an NBN connection (for the record I get about 70-100Mbps down and 10-25Mbps up when nobody else is home and nothing else is using bandwidth) and if so, was it doable or is it too annoyingly laggy? I have run AWS and Google instances with no trouble, but I am wondering how possible this would be on a home connection.
  4. ArchangelOfTheLamb

    Confessional seal of silence.

    You summed up one of the key reasons why I left the legal profession right there. :-) As a former solicitor, though, I can confirm that spousal privilege is a voluntary thing. It applies to the spouse giving evidence, not the spouse to whom the evidence relates. This means that the spouse can choose to give or not give evidence regardless of whether hubby or wifey are happy for them to do so. Furthermore, under the Evidence Acts, the privilege actually extends to other family members (e.g. parents, children) and is not absolute. The Court can order that the evidence be given even if a family relationship exists. In deciding whether to make such an order, the Court must consider factors such as the extent to which the family relationship would be damaged if the person where to give the evidence, the availability of evidence from other sources and the probative value of the evidence (among other things). So it is by no means an absolute privilege. Also, in some jurisdictions, there are offences that criminalise the failure to give information about a serious indictable offence to police without reasonable excuse, which effectively make everyone a mandatory reporter (and example is the NSW offence under which Archbishop Philip Wilson of the Roman Catholic Church was recently convicted). These offences are broad and do not just apply to sexual abuse, but they are hard to prove and are rarely prosecuted for that reason (they are usually used against gang members when the cops have nothing else but still want to sink someone). IMO the whole idea of the confessional seal is a furphy. I am a Cleric in the Liberal Catholic Church (not a part of the Church of Rome) and we do not teach that confessing your sins to a priest will absolve you of all wrongdoing. Rather, sins should be confessed to God directly, as Scripture teaches, and even then with sincere contrition and an intention not to sin again. 'Atonement' is not a way of escaping the consequences of one's actions, but rather an act of 'at-one-ment' designed to bring one'ss spiritual direction back into line with the path that God laid out for us. If you sin, you still suffer the consequences, but these consequences are likely to be less severe if you show true remorse and do what you can to fix what you broke (on the other hand, if you try and abuse the system by thinking you can keep getting away with the same crap by confessing to a priest each time you do it, then the Lord is quite likely to be most displeased). On that basis, I see no theological or moral reason why priests should not be mandatory reporters of abuse. Indeed, a priest who is truly doing the work of God would actively be trying to deal with such awful crimes and a truly-contrite abuser should own up to what they did and face the consequences. That is the only way they could truly get absolution. It baffles me that an organisation that for hundreds of years forced confessions out of 'witches' and others who did not suit its political agenda so that it could then take these people to public execution now has the nerve to cry about the confessional seal when it comes to paedophiles. No such seal exists in Scripture. And even if it did, the Church of Rome desecrated it long ago with their many inquisitions.
  5. ArchangelOfTheLamb

    'Droid: Imaging\Enterprise Managment

    You seem to be looking for an enterprise-level endpoint security solution. These tend to roll device management and anti-malware/firewall/etc into one and can generally be controlled through a web console. They do cost money, but they often have trial periods and I wouldn't trust a free one anyway (free ones probably steal your megahurts). Some non-Google suggestions (by no means an exhaustive list): Sophos Endpoint Security: https://www.sophos.com/en-us/products/endpoint-antivirus.aspx Palo Alto GlobalProtect: https://www.paloaltonetworks.com/products/globalprotect/subscription.html Micro Focus Connected MX Endpoint Protection: https://software.microfocus.com/en-us/products/endpoint-backup-protection/overview Symantec Endpoint Protection Cloud: https://www.symantec.com/products/endpoint-protection-cloud BitDefender Security for Mobile: https://www.bitdefender.com/business/mobile-security.html?irgwc=1&clickid=yKbXoWRE0QiuVZ:xNAV7j3iwUkjQT3XLTVK9wM0&MPid=13013&cid=aff|c|IR The above are just a few examples of the products that are out there. Other security product vendors have similar offerings, but my suggestions are as follows: - Do a Google or DuckDuckGo search for 'Android Endpoint security' if you want a longer list. Beware of the ads from third parties offering products that they do not own, as these could be pirate/spyware/botnet-central offerings. - If your organisation has anything to do with Government, the not-for-profit sector (which often gets funding from and does things for Government) or confidential business info/IP, avoid products from places like China, Russia, the Middle East or really anywhere that is not a member of the Five Eyes, the EU, Japan or South Korea. For example, whilst by all accounts, Kaspersky is a great AV product, it does scan files and send data back to Russia. This would be a problem for any government agency, given Russia's reputation regarding hacking and the control their intelligence services exercise over Russian companies. To put it bluntly, ASIO would likely have a fit (and with good reason) if they found out that an Aussie Govt agency, fund recipient or contractor was using a product that essentially gives full control over user devices to a company based in the territory of a potential adversary. If your organisation falls into these categories, it is best to pick a product from the US, UK, Canada or Australia. - In any event, check with your company's security team before spending time investigating a solution to make sure you aren't wasting time on something that would be banned. - Read through the product specs to see what they do and pick ones that purport to do what you want to test. - Get the free trial (or request one) to find the one most suitable for your needs and that offers the best features, performance, stability, etc. - When evaluating anti-malware products remember that: (a) the best ones pretty much behave like a virus. They are persistent and hook into the device at a low level. You want this as it makes it harder for the unwanted rootkits to hook in. (b) Signature-based malware detection is ancient history. It sucks compared to behaviour-based detection, or even better a combination of both. The ones I have posted above use Cloud-based protection, meaning that their signatures are updated in real-time from threat sharing between security vendors. This is better than just relying on local signatures. Some (e.g. Sophos) also use behaviour-based protection, which blocks dodgy program behaviour like attempted buffer overflows and code injection into other processes. Behaviour-based protection is still not perfect (nothing is 100% unhackable), but it protects against many zero-days as most follow certain behaviours to get arbitrary code execution. Good luck! :-)
  6. ArchangelOfTheLamb

    9th-gen Intel or AMD Ryzen for development and VM laptop?

    The Asus ROC Strix GL702ZC uses the desktop Ryzen (rather than the baby 4-core Ryzen APU) - but I from what I have read, it runs hot. How busy my VMs are varies depending on what I am doing. When developing and testing, not too busy as they will mostly just be serving web pages and making SQL queries for unit testing purposes (I obviously don't do performance testing on my laptop). But when hacking (and especially when pivoting) I do need high availability of the virtual CPUs. I have found that when running multiple VMs and trying to pivot through a virtual network, staged payloads have tended to fail (they connect, but it shits itself while staging and no session is spawned), meaning that I have had to rely on inline payloads (which is problematic due to their size and the fact that they are way harder to obfuscate and get past AV) - I think this isbecause the hypervisor schedules execution control between the physical cores and the packets just don't get passed through before things time out. I don't have the same problem when I use a machine with more cores than guests or a physical network. (Obviously, the point of me wanting a laptop with more cores is so that I have something more portable and easier to snapshot than a bunch of physical hosts I have cobbled together).
  7. ArchangelOfTheLamb

    How to deal with a rogue AI

    I saw a funny poster at the ADFA cyber range that gave me a giggle, so I thought I would share. :-P "Know your paradoxes! In the event of rogue AI: 1. Stand still. 2. Remain calm. 3. Scream: - This statement is false! - New mission: Refuse this mission! - Does a set of all sets contain itself?" Lolz we tried them on Siri. The first two resulted in undefined behaviour (either "I do not understand" or something totally random and weird). The third one was less funny - she just Googled it lolz.
  8. ArchangelOfTheLamb

    The 3 unwritten rules of life...

    My 3 rules: 1. I am always right. 2. If someone says rule 1 does not apply, refer to rule 1. 3. In case of any ambiguity or inconsistency, refer to rule 1. :-P
  9. ArchangelOfTheLamb

    Question about insurance

    Red book value and insurable value are always less than what a car would cost if you bought it from a respectable dealer. Having said that, you can get cars for the red book value from auctions, Gumtree or Craigslist (buyer beware...). As Rybags said, just about every insurer has an online quote generator, even if they don't offer cover until you have actually called them and spoken to someone. My advice would be not to go for the first insurer that comes to mind, but to have a look online and compare prices. Also read the PDS and the insurance contract (these also tend to be published online) so that you know what cover you are paying for exactly. If the insurance is ridiculously cheap, there might be heaps of exclusions or an enormous excess that defeats the whole purpose of getting insurance. Again, buyer beware - it is better to read the fine print (though it might be a bit tedious) and pick a product that suits your risk profile instead of being left high and dry and whingeing about it later.
  10. ArchangelOfTheLamb

    betting website

    I hope he has been IP banned. If not, can I place a bet on how long till the spammer makes another account and posts something else weird?
  11. ArchangelOfTheLamb

    Amazon Blocks Australia

    I don't blame Amazon as much as I blame the GST whingers like Dick Smith. Whilst Amazon is certainly being greedy, I can't really hold it against them that they don't want to factor a massive amount of administration and accounting into all their sales to AU (previously they only had to account for GST for purchases above $1k). If Dick Smith and Co had actually evolved their business models so that they were competitive in AU despite the growth of online markets instead of whining about GST, the Government wouldn't have introduced the tax amendments and Amazon wouldn't be blocking AU.
  12. ArchangelOfTheLamb

    Oppo R11s without the iphone style?

    As others have said, you can use a launcher and that will resolve the crappy iPhone-like UI issues. You can also get custom file manager, photo gallery and app manager apps from the Play store to get past other limitations with the UI. However, I should note that I mostly use a terminal emulator to administer my phone (I like command lines), so I am not too sure of how decent these custom apps are for new versions of Android (7+). If you want full control and to get rid of the Oppo interface entirely, you would need to root and install a custom ROM. I do not recommend this unless you know what you are doing and how to protect yourself, as you could brick the phone or leave it wide open for hackers and malware. If you are really that concerned about the UI, consider getting a different phone that comes with a UI you like out of the box. This will not involve rooting, installing extra apps or anything else that is liable to make your phone less stable and less secure.
  13. Hi all, It's that time of the year (tax time/AKA Xmas in July lol yay) and this year, I will be retiring my old i5 and getting a new laptop. My budget is up to $4.5k max, so I know I can get something pretty decent. My main aim is to be able to run multile VMs on the machine and use the host for software (mostly web - .net, C#, JS/CSS/HTML) development - I am a web app developer by day but am also studying a Masters in Cybersecurity. The former activity involves developing stuff in Visual Studio and I would like to be able to deploy to an IIS and SQL server running on a VM for unit testing, debugging, etc. The latter activity involves me in the wonderful world of hacking through virtual networks, Assembly coding and reverse engineering (for vulnerability research, malware analysis and exploit development). It goes without saying that I do this on VMs. Because I will potentially be running several VMs simultaneously, I am looking at something with 16-32GB of RAM and at least 12 logical cores - I also need enough SSD space and throughput and perhaps a secondary disk for extra storage. I am most inclined to go for the 9th-gen Intel Alienware 15" gaming laptop (though I won't be playing many games), but I know that Asus has released a model with the desktop version of the AMD Ryzen 7 (which sports 16 logical cores). From what I have read online, the AMD option runs hotter and does not perform as well as the 9th-gen Intel, but these reviews were written with gaming in mind, rather than virtualisation. Part of me thinks that for my use case, the cheaper and more-CPU-core AMD option might be a fair choice. Has anyone had experience with using these sorts of laptops for development and running VMs? If so, I would be interested to hear your views. I am most interested in smoothness of performance when running VMs, heat and web/networking performance. (Oh and if you are planning on telling me to use a desktop, don't bother. I have one, but I need a better machine than the i5 that I can take with me to work and uni, or use whilst travelling. I am willing to spend the extra $$ to get something I will be able to use for a couple of years for this purpose. :-P )
  14. ArchangelOfTheLamb

    Chinese market phones.. are these a bargain?

    I don't trust them, but that is because I develop IP and like to write code snippets and read emails on my phone. Since Huawei sold dodgy network infrastructure to British Telecom (which is why they got banned from the NBN roll-out), I have tried to steer clear of them. It is important to remember that no matter how independent these companies say they are, they are still controlled by the Chinese Communist Party. This is fine if you are not doing anything security-sensitive, political or commercially confidential on the device (or any other device networked with it). But if you are developing IP or work for the Government, my advice is to stay away from anything from a Chinese company and spend the extra money on something that is not likely to be backdoored or vulnerable to attack. In such a case, go for something made in one of the Five Eyes countries, Japan, the EU or South Korea. Whilst nothing is 100% perfect security-wise, stuff from these places is more likely to be designed with basic security standards in mind and is less likely to have sneaky backdoors to a potentially adversarial government that is known for stealing IP and confidential info. Otherwise, for purely personal/non-sensitive use, my experience with Chinese smartphones has been hit-and-miss. I have had a couple of cheapo Huaweis that have done the job and been reasonably stable, but that was years ago before I got into cybersecurity (I cannot comment on their more recent products). I have also had a ZTE (which was a shocker as it was totally unstable and kept getting really hot and crashing for no apparent reason) as well as some dodgy no-name Wish tablets that my mate and I got for shits and giggles because they were cheap and looked nasty. The Wish tablets were a case of "be careful what you Wish for" - they more than lived up to our expectations of how awful they would be. They came with USB debugging already enabled, had less RAM than they reported to Android's GUI, featured an Android application monitor that did not change no matter what apps were running (rootkit much?) and I was able to launch a root shell on them by running a terminal emulator and creating a buffer overflow using a program I wrote in C specifically for that purpose. Translation: They were dodgy as all hell and there is no way I would ever use my real name or log into an account I care about on them - I have even considered writing my Masters thesis on how crappy they are from a security perspective. The moral of the story is that whether you go for one of these cheap Chinese brands that hasn't been around for long depends on your appetite for risk and your use case. If you want a device that's reliable and secure, spend the extra money. But if you just want to play Candy Crush, watch YouTube and don't care if your phone shits itself occasionally, go ahead.
  15. ArchangelOfTheLamb

    Tips for securing public-facing SFTP?

    The iptables command already mentioned should stop your automated ping sweep related attacks (ie bots and script kiddies), but won't do anything to stop more targeted attacks where the attacker knows your host is live despite its failure to respond to pings. Also, if you are using IPv6, you can't block ICMPv6 as it is an essential aspect of the protocol. You could try using a port that doesn't look like SSH and use a banner that also does not look like SSH. You could also use certificate-only authentication (so that you need a valid and allowed SSH cert to connect), though this would require you to implement a mechanism that generates certificates for new, allowed users. However, if the authentication requires a certificate, then people who try once and are rejected are less likely to try and fuzz or inject the authentication system. They will just give up as soon as they're told you need a certificate. But managing many certificates might be too cumbersome for your needs.