Friday, October 24, 2014

A Chain That's Only As Strong As The Weakest Lock

from here (source image)

Thanks to @attritionorg for tweeting the picture of a chain of locks. As some pointed out this is one way to allow multiple people to have access, but on the other hand this chain is only as strong as the weakest lock.

Just Make Sure You Use Your Tech Powers For Good Instead Of Evil

shared on Google+ by Chris Blasko

Thanks to Chris Blasko for sharing this story about using social engineering on a telemarketer. It occurs to me, though, that if you're going to play the fake tech support card, it would be even funnier to do it against tech support scammers.

Thursday, October 23, 2014

We Were All Born Ignorant

from here

At first blush this doesn't seem to relate specifically to security, however the phrase "you can't fix stupid" (and it's variants like "you can't patch stupid" and "you can't cure stupid") is something that gets repeated ad nauseum within the security community. Guess what? It's a meme, and unfortunately it happens to be an exo-toxic meme - which is to say it's toxic to others. It causes harm by fostering a culture of withholding knowledge that would enable people to help themselves and instead keeping that knowledge confined within an elite intelligentsia who then help those who need it as they see fit. It's egotistically self-serving and, because the growth of that upper class is slower than that of the general population, it is ultimately unsustainable.

So, I figure we need an immuno-meme to counter it, and I think reminding people that
We were all born ignorant
could just fit the bill. It's short, it's self-evident, it restores empathy with the people who don't know what it is you know, and it suggests that ignorance is something that can change. Just because someone hasn't learned something yet that doesn't mean they can't. We all have different experiences and are exposed to different things and someone's lack of knowledge is just as likely a result of a differing set of chance encounters than the ones that made you what you are today.

So what do you think? Are you willing the challenge the "conventional wisdom" that you can't fix stupid?

Somehow That's Not Reassuring

tweeted by Steven Maske

Thanks to Steven Maske for tweeting this cartoon about customer security concerns.

Wednesday, October 22, 2014

Perhaps Even Multiple Bad Times

from here

Apparently Dropbox and it's users have been suffering some security pains because a whole lot of people were reusing their Dropbox credentials at another site and that other site seems to have been breached. It sort of doesn't matter which site it was - when you use the same credentials on multiple sites, a breach of one is a compromise of your account on all of them.

What A Bunch Of A-Holes

shared on G+ by Chris Lacy

Thanks to Chris Lacey for sharing this play on words using the name of one of Samsung's products.

Tuesday, October 21, 2014

Should We Call It The 914 Scam?

from here (source reddit post)

Thanks to Alex Girard for bringing this interesting twist on the classic 419 scam to my attention.