Author Archives: Nick - Page 2

Making your business more like your brain

Did you know that scientists estimate 90% of the things you do in a normal day are unconscious?

Activities like walking, recognizing faces, chatting to colleagues.

The brain likes to automate these activities because it’s much more efficient. By learning and becoming proficient in a skill (for example learning how to change gears in a car while driving), your brain actually moves the processing done while performing that activity to a different part of the brain, the ‘expert’ region.

It wasn’t long ago, maybe just a few hundred years before today that getting enough energy to keep our bodies and our brain going was a daily struggle for most people. If you’ve ever watched Survivorman (yes it’s at least partly fiction but the point stands) you’ll see he is thinking almost obsessively about finding sources of energy (meat, moss, insects, roots). It’s the key to survival.

So as a survival mechanism your brain has learned to take note of the tasks you do regularly and stores them in a way that Read more »

My WTF moment

I’m working on some checklist / light process management software for small business.

I’m trying to put a lot of effort into the way it looks and feels, the way it guides the user to do exactly what they want to do at that point in time and not display any extraneous / useless data that will just clutter the screen. One of the key pages is their task list / checklist.

When it got to the point of writing the code to help users through their first login and initial setup of their environment I was thinking hmmm…. well there’s actually a few steps, do I need some kind of wizard for this, but where would it go? And I don’t want to force them to do all the steps right away. Maybe some kind of…….. checklist?

Then I realised, it’s checklist software, it’s sole purpose is to handle your list! Just make the setup tasks the first tasks on their list when they log in : P

Sometimes it’s hard to practice what you preach ; )

What is Systems Engineering?

In this article I’m going to briefly outline the role and purpose of a Systems Engineer. This should hopefully come in useful for either Project Manager’s in industries such as the Defence Materiel Organisation or Defence Industry who seek to hire one, or engineers who seek to become one. Although it’s a bit of a niche, the renumeration can be good due to the variety of different skills and technical background required, as well as the fact that there’s typically more demand than supply. For employer’s seeking one, it can be useful to understand their role better in order to determine whether the person is really suitable, or whether you could train a regular engineer into a systems engineer. In my mind, a potential systems engineer would want a strong technical background, the ability to read and understand mountains of documentation and turn that information into actionable tasks, and the ability to think big picture.

What is Systems Engineering?
Systems Engineering is fundamentally a tool for dealing with complexity in large systems.

It’s not necessarily suitable for all systems, but when projects get large, suddenly the things that seemed easy get more and more complicated. It can be hard to keep track of the scope of the problem, which can span multiple disciplines and have Read more »

Leet Process Software


I thought I’d post a -very early- screenshot of some software I’m developing.

‘Teams’ within an organisation are displayed hierarchially, and drawn dynamically onto the screen. The elements can be dragged and dropped to change the hierarchy, organisations edited and the focus changed to move up and down the chart.

Doing the chart this way instead of showing the whole thing really puts the user into the context of the organisation they’re focusing on. What is my boss doing? What are my subordinates doing? This page will soon be improved with chart lines through GWT Canvas.

Many more features to come. I hope to make it a 100% free, web-based team and task management tool, with many useful additional features. Release 1 coming soon!

Alpha Dog

Boston Dynamics have just released a video of their latest machine – Alpha Dog.

As per the contract he has to be able to carry 180kg’s of equipment, so they’ve made him bigger and loaded him with weight lifting weights (you can see them on the sides and back) to prove he’s up to the task.

The new version also doesn’t sound like a swarm of bees. Presumably outside all you’d hear is the clacking of his metal feet on rocks.

The closer we get to removing all humans from combat the better. And we can thank the US for spending so much money developing dynamic controls for robots, it hopefully won’t be too long before we see these in use by civilians. Next step, robotic firefighters to run into burning buildings, and maybe one to run and get things from the printer for me!

Here’s the link:
Alpha Dog – Youtube


(note: falling over at the end of the hallway is part of the program, he’s out of room)

And a bonus, some funny video’s of the old BigDog from the past:
Big Dog – Youtube


Post exploit privilege escalation

Something I’ve been looking into recently is privilege escalation.

You crack your way into a box (for example through the FTP service) and manage to hijack control of the thread. The problem is, you only have the permissions granted to the application. If it couldn’t edit system files, neither can you yet. This didn’t use to be a problem on old Windows configurations because often everything was run with administration privileges. These days, after compromising a box you may need to escalate privileges in order to achieve anything useful.

Here are two posts I found helpful on the topic:


Another option is to find, configure and use ready made exploits at or Or you may get lucky and find that Metasploit has options available for you.

From a Meterpreter console you can use the command ‘getsystem’ to attempt to automatically escalate privileges. Or, once you have a session type ‘search post’ to see all the modules you can use on that session, some of them are escalation. You simply ‘use’ that module, set the session variable to the session you want to escalate and type ‘exploit’, and wait to see if system or root is delivered straight to your door.


If you liked this post, please consider a Bitcoin donation. Even a few cents would be huge! My address is: 1HcgS9GCPRQ1APv2TcqZMMskDxLjBaAKsG

Kind Regards,
Nick Cooper

Science and Robotics

Robots are sneaking into our lives faster than anyone really thought (unless you say, lived in the 70’s, you probably believed we’d have robot butlers by now).

No robot butlers just yet, but the US Military and large technology corporations are pushing the boundaries. Read more »

Online Marketing and Competitor Analysis Tools

It can be really easy, when managing an organisation, to carry on with your business completely blind. Sure you have an idea, or even more of a feeling of what to do, but how grounded in reality are your decisions?

It’s really important to get that input. Common inputs are:
– Market research (to determine whether there’s enough demand before you dip your toe into the market, and what shape your product should take)
– Customer Feedback – How well did your product or service meet the expectations of the person who paid for it? This is invaluable
– Competitor Intelligence – What are the competition doing? While it can be dangerous to watch the competition too closely (you should pick an area and take the lead instead), it can be helpful before you get big to see what the land looks like from the eyes of those giants.

So today I’m just going to detail a few great tools you can use to get that competitive intelligence into your fingertips…

Read more »

Google+ Review

Just a quick review to cover Google +

Executive Summary: Look out Facebook, Google has polished the entire experience and added a few useful little additions of their own, integrated it really nicely into their current offerings, -and- they actually give a damn about user privacy.

Read more »

Auditor General pwns WA

A newly released report from the office of the Auditor general, shows that 14 out of 15 West Australian departments, when scanned by repeated “deliberately hostile” scans from the internet, failed to even notice the scans taking place. From here the testers collected information such as services running, version numbers and I’m assuming more, which showed a variety of possible attack vectors.

Three agencies were then selected for an active intrusion test, which was successful. None of these three detected the intrusion let alone respond or prevent further intrusion.

The office, given the  assessed the probability as ‘highly likely’ that all 15 could have been compromised.

It’s clear that Offensive Security is getting the upper leg on Systems Administrators, or were the personnel in this case merely under trained or under prepared?