Monday, December 31, 2012

our liberties laid bare

from here (source image)

you think body scanners are protecting you? what about your liberties, how protected are they?

limitations of control

found on very demotivational

you can't entrust power to all people equally. whether it's the power to operate a firearm or the power to install programs, distinctions must be made between those who can be trusted and those who cannot. it would be nice if we could make sure everyone was trustworthy, but that's a kind of control we don't have.

Friday, December 28, 2012

virus-copters are not a roflcopter matter

from here (source image)

it's been said that anything you can do with self-replicating code can also be done with non-relicative code - i think winning a drone competition probably qualifies as something you can do without self-replicating code and thus something you can do better without self-replicating code (because then you don't have to worry about it spreading out of your control).

who porno-scans the porno-scanner watchmen?

found with google image search

based on some of the things you can read over at the taking sense away blog, these kinds of shenanigans may not be completely fictional.

Thursday, December 27, 2012

if you lock down a school...

if you lock down a school because you think an umbrella looks too much like a gun, you might be a security idiot


don't you know who i am?

Don't you know who I am?
by: infosecego

just in case the video doesn't make it clear, not all security "experts" are created equal. thanks to infosecego (whoever you are) for creating this video. shame i couldn't find a version of this on youtube (not sure how well xtranormal vids show up in google reader).

Wednesday, December 26, 2012


from here

i know wingdings may look like gibberish, but it's trivial to change the font to something readable. that's not encryption. that doesn't protect anything.

facebook privacy status

found on memegenerator

no matter what you write on your facebook wall it won't have any effect on what they do with your data.

Tuesday, December 25, 2012

wants to measure AV effectiveness...

from here

i'm looking at you, technologically impaired duck imperva. and i'm not the only one

gate rape

found on google image search

you might feel like this trivializes real rape, but y'know what? being coerced into subjecting yourself to a kind of molestation that leaves you feeling violated at the end really doesn't seem like it trivializes rape as much as say facebook rape or 'frape'. i can only hope this doesn't get similarly abbreviated, because that would give a perfectly good flavour a bad name.

(and does he really need to clench his face or get that kind of leverage for what he's supposed to be doing?)

Monday, December 24, 2012

the nightmare before christmas

last year i saw this wonderful christmas parody posted by maxim weinstein on the stopbadware blog, but i didn't see it until after christmas so i saved it until now. since fault tolerance loves redundancy, here's the entire thing.
‘Twas the night before Christmas, when all thro’ the house
Not a sound could be heard, ‘cept the click of a mouse;
The browser was open to Facebook, where else?
As friends posted updates about kittens and elves;

The children were nestled all snug in their beds,
While visions of smartphones danc’d in their heads,
And my wife at her laptop, and I at my desk,
Had just settled our brains for a much needed rest —
When out of my speakers there arose such a clatter,
I suspended a chat to see what was the matter.

To a shiny new window I shifted my gaze,
But then it was gone, leaving me in a daze.
The glare of the screen and the whir of the drive,
Made me think I was safe, and my PC alive;

When, what to my wondering eyes should appear,
But a dialog box, which just filled me with fear,
With a little old message, so simple and spare,
I knew in a moment it must be malware.

“Your files are hostages, don’t start to doubt,
And you’ll pay us a ransom to get them back out.”
“My Word docs, my e-mails, my photos and Quicken,
appointments and bookmarks and music, all missin’!”

“To Facebook Security, to the search engines too,
I need a solution! Please, someone, come through!”

As soon as it happened, I asked myself why,
And I thought it all through, then I said with a sigh,
“You never did update your browser or Flash,
and you still click on links that offer free cash.
You use anti-virus that’s three years too old,
and you click through the warnings, no matter how bold.”

But now it was too late to beat up myself,
I needed the help of some friendly elf.
And then in a twinkling, I saw in a post
Just what to do if your files were toast.

As I followed directions, my fingers were crossed,
I just hoped and prayed that all was not lost.
An hour passed, and then it was three,
I rebooted again, and my files all were free!

Embarrassed, I posted my tale on my Wall,
to serve as a warning for friends one and all.
“You’re lucky,” said one, “some malware is worse.”
Lucky or not, this stuff is a curse.

So with that I learned a good lesson or two
about patching my software and thinking things through
before clicking on links that just don’t make sense
and backing up files before things get tense.

Now I leave you with this as I turn out my light —
A safe Christmas to all, and to all a good night.

he sees you when you're doing what?

Cyanide and Happiness, a daily webcomic
Cyanide & Happiness @

supernatural beings who reward children for good behaviour generally evoke some notion of spying, even if we don't necessarily focus on it. i wonder if that normalizes the idea of being spied on, or otherwise desensitizes children to it. would we be better off telling kids that they simply carry the good and bad they do around with them and that santa can simply see it by looking at them?

Friday, December 21, 2012

scumbag zuckerberg

from here (source image)

i'm not sure how this idea ever made it off the drawing board, but i know what kind of furor will erupt.

watch out for big brother droppings

from here (source image)

i just couldn't help seeing those cameras like a flock of unwanted birds.

Thursday, December 20, 2012

(password) size isn't everything

you could use the library of congress as a password if you wanted to, but it wouldn't be secure if you told people what it was. don't be as permissive about your security as this guy.

tries to steal car - can't drive stick

from here (source image and story)

believe it or not, this is not the first case of a carjacker being foiled by a stick-shift that i've heard of. i found this while looking for pictures from a different one.

Wednesday, December 19, 2012

child predators

i bet there are some parents who have a brand new set of threats to their children to worry about now. creepy guys in trench coats and panel vans aren't the only thing to watch out for. this video may be a fake, but the principle that animals can pose just as much of a threat to small children as people do is real.

Count Grabula

from here (source image one and two)

special thanks to and completely inspired by Gal Shpantzer

Tuesday, December 18, 2012

security cat

found on google image search
security cat, security cat,
does whatever a security cam can.
chases squirrels, any size,
jumps on dogs by surprise.
look out, here comes the security cat.

no such thing as safe sites

from here

serious, these days avoiding dangerous websites basically includes avoiding all websites. so many legitimate (and in some cases high profile) sites have either directly or indirectly served people malware (heck, even some google searches lead to malware) that there's really no safe havens left anymore.

Monday, December 17, 2012

virus protection, you're doing it wrong

found on google image search (and then cropped to a reasonable size)

judging by the fact that the condom is being used to protect the telephone jack, this must be a really old picture.

go home, security, you're drunk

from here (source image)

thanks whoever you are on myspace who posted this picture of a security guard who needed to go have a lie down. it wasn't easy to find a picture of a security guard worth making a "go home, X, you're drunk" meme out of. but it does demonstrate that, although integrity is of utmost importance to fulfilling the role of authority, we're still all only human and can be corrupted.

Friday, December 14, 2012

attention to detail

from here (source image)

surveillance is, intrinsically, a detail oriented task. if you don't pay attention to details then all kinds of things can slip past you.

if you advertise the fact that you're a spy...

if you advertise the fact that you're a spy on social networking sites, you might be a security idiot (and in the wrong line of work)


Thursday, December 13, 2012

is police medic an oxymoron?

found on memebase

on the one hand there seems to be a fundamental conflict between the roles of authority and care giver (with one role clearly winning out), while on the other hand this neatly underscores the extent to which serving the public's interests no longer seems to be what police are for.

click it faster!

from here

i hope, i really hope, that you know that if a document doesn't open the first time it's probably not going to open if you click it faster - and it's probably got something bad in it.

Wednesday, December 12, 2012

some people just like to watch people burn

found on memebase

just a scary reminder that sometimes security can work against people's interests if it's used thoughtlessly.

log all the things

from here

it may seem odd to you that someone might express such enthusiasm over something as dull as logs - that is until you've actually had to use logs - then the enthusiasm over fuller, more complete logs will seem entirely natural.

(thanks to dave lewis for tweeting the phrase)

Tuesday, December 11, 2012


found on google image search

t'is the season for making jokes about santa's security, i guess. hope he's jolly enough to be understanding about it.

jurassic passwords

from here

actually remembering passwords is so last is guessing them.

Monday, December 10, 2012

snow camoflage

found on memebase

never underestimate what people will do to disguise or camoflage themselves or their attacks.

why security vendors won't sell you what you need

from here (blank box here)
think about it. could you sell that? complex, never complete, and absolutely requiring the customer to put the right parts in the right place - good luck.

(this one's been a long time coming)

Friday, December 7, 2012

the most interesting AV complaint in the world

found on quickmeme

no offense to the most interesting man in the world, but i don't encounter that myself. maybe he's just downloading the wrong products.

personal space apparently no longer exists

from here (source image)

honestly this appears to go beyond just personal space - i have the sneaking suspicion that in order for both to be used properly 2 people have to occupy the same physical space. perhaps it's designed for a particular configuration of conjoined twins.

Thursday, December 6, 2012

click here for free antivirus scan...

found on

hopefully most people who aren't philip j. fry can tell those are scams to get you to install malware.

security dinosaur

from here (source image)

i decided to try my hand at creating a new advice animal meme (like technologically impaired duck or lame pun coon or philosoraptor, which have all appeared here more than once). what do you think of security dinosaur? i can think of all kinds of out-dated security-related statements for him to make.

Wednesday, December 5, 2012

this is more for cyber-consumption, grandma

found on quickmeme

oh grandma, it's not that kind of anti-virus. actually, there are some very clever parents and grandparents out there - i'm not sure why they're always used as examples of technological inexperience.

if you choke someone to death for shoplifting...

if you choke someone to death for shoplifting a pair of DVD players, you might be a security idiot (and you might be out of a job)

(sad inspiration)

Tuesday, December 4, 2012

better get AV

found on quickmeme

y'know, as recently as last year that might have seemed like insane advice befitting the geeksquad gus meme. but this year? maybe not so much.

nietzschean privacy

from here (source image)

thanks to sean sullivan for pointing out that mannequins that stare back at you actually exist. i think i would have been able to sleep better at night not knowing that.

the caption is a play on nietzsche's quote "When you stare into the abyss the abyss stares back at you". i wonder what else nietzsche might say if he were a modern day observer of privacy issues. maybe:
That which does not track me only makes me fonder

Monday, December 3, 2012

what if computer viruses are really made by...

found on quickmeme

this is probably one of the best ways to express this particular thought - because conspiracy keanu is generally an obvious nutter.

cyber weapons have no masters

from here

i really don't know what possessed the US to decide that their cyber weapons should be exempt from the requirement for human judgement but it's pretty much an epic fail waiting to happen.

i, for one, do not welcome our new cyber weapon overlords.

Friday, November 30, 2012

no need for a condom

found on quickmeme

and here we have "dreamy bill gates". i really wish this was called "sleep deprived bill gates" so as to be less ambiguous.

oh yeah, and thanks for all your help with the viruses, bill.

Fus Roh Doh!

from here

just another way to say "careful where you click"

Thursday, November 29, 2012

maybe an STDD

found on animal memes

well, it's a fair question, but i'm leaning towards sexually transmitted digital disease, just to differentiate from the original variety.

when you outlaw proxies...

from here

could russia be planning to ban Tor? hope not, but they wouldn't be the first to try if they did.
(thanks to josh corman and anonymous for bringing that to my attention)

Wednesday, November 28, 2012

bad security advice

found on google image search

ok, this is called bad advice cat for a reason. whatever you do, don't take this advice.

number of cards skimmed is over 9000!

from here (source image)

  • Skimming equipment - anywhere from a few hundred to a few thousand dollars
  • Getting caught by the authorities - a few years in prison
  • Getting compared to a Dragonball Z character for your crimes - priceless
i'll go ahead and say it - leonid rotaku is the goku of card skimming.

Tuesday, November 27, 2012

do you have protection?

found with google image search

i've never even heard of sexually oblivious rhino before, but given the tendency for security threats to be compared to sexually transmitted diseases, i suppose it makes sense for this meme to cross paths with security on occasion.

a festive breach

from here (source image)

dumping shredded but still readable police documents on the crowd in a parade? what could possibly go wrong?
(thanks to mikko hypponen and dave lewis respectively for pointing it out)

folks, if it's sensitive enough to shred, then it's sensitive enough to NOT REUSE. shredding doesn't magically make it safe for public consumption.

Monday, November 26, 2012

password trouble

i seriously hope the real obama is smart enough to not fall for telephone scams from north korea.

steal all the identities

from here

apparently someone tried this for real over in greece.

Friday, November 23, 2012

creepy homeland security

found on google image search

i don't know about you, but i find that image to be disturbingly creepy.

passwords 2

remembering strong passwords is only half the battle.

Thursday, November 22, 2012

dumb ways to die

as i'm sometimes fond of saying, security is just a class of strategies for fulfilling our need to keep the people and things that are important to us safe, and i think you can see a number of the things mentioned in this safety video that could have been avoided with better security (inviting a killer into your house? wow, yeah, that is a really dumb way to die)

gotta give 'em credit

found on very demotivational

there's a form field you probably don't want to fill in.

Wednesday, November 21, 2012

can you help out a poor cyberwar vet who's down on his luck?

thanks to rob rosenberger for creating and sharing this demonstration of how absurd the idea of cyberwar is.

if you accidentally hand out your cocaine as candy...

if you accidentally hand out your cocaine as candy on halloween instead of keeping it in a safe place so mistakes like that can't happen, then you might be a security idiot


Tuesday, November 20, 2012

scumbag mac

found on the art of trolling (apparent source story)

hey, don't look at me, mac fanboys. i didn't make this one, i simply found it.

privacy international's "why privacy matters"

often times i just share things i think are funny because we generally have a soft spot for humour and as human beings we are prone to sharing humourous things. this isn't funny, in fact it's quite serious and thought provoking, but i still feel compelled to share it and i'm sure others will too.

memes aren't always about making you laugh, even though that seems to be the dominant form of memetic expression online.

also, the privacy international site where this came from seems to have some great stuff on it so you should definitely check it out.

Monday, November 19, 2012

SCADA security club

from here (source image)

it really sucks that the people keeping the lights on and the water running are so keen on silencing the people who are trying to point out that there are security problems. the emperor doesn't want to hear that he has no clothes.

what security cameras also capture

so this presents an interesting conundrum. security cameras represent a trade-off - by giving up a little privacy we gain a tool that (in theory) can help put bad people in jail. but this video demonstrates that they capture heart warming moments as well. does that ability to capture such feel-good moments cancel out any of the invasive downside of the cameras, or does the fact that someone watched those moments, recorded them, and put them on the internet actually make this more invasive.

tell you what, imagine that stealing kisses scene at the beginning was 2 guys who are still in the closet. or imagine that it's a couple who are married .. but not to each other.

we should only be so lucky to have some of these heart warming moments in our own lives, but the ability to decide if, when, and with whom those moments are shared shouldn't be a matter of luck.

Friday, November 16, 2012

hack back - what could possibly go wrong

found on senor gif

hack back, you say? attribution isn't that hard, you say? yeah right. if it's this easy to fool people in real life, it's even easier online.

Thursday, November 15, 2012

why is encryption not a piece of cake...

from here (source image one, two, and three)

doesn't it seem like NASA should be able to do better than this? i mean, even if encryption is 'haaaaarrrrd', NASA should still be able to do it easily, shouldn't they?