Friday, August 29, 2014

Don't Let Your Guard Down

from here (source image)

I don't necessarily mean that you should sleep with one eye open, but being completely oblivious to what's going on around you is unlikely to end well.

Presidential Privacy Theatre

tweeted by @noruweijin

thanks to @noruweijin for tweeting this example of Barack Obama pretending to respect Angela Merkel's privacy.

Thursday, August 28, 2014

Maybe Vendors Call Them Sophisticated To Justify All Their Research

from here

Could you look yourself in the mirror if you spent gobs of time on something that turned out to be mundane?

Good Guy Nigeria

tweeted by @SteveD3

Thanks to @SteveD3 for sharing this meme demonstrating what could easily have been used as an actual 419 scam.

Wednesday, August 27, 2014

Breach Notification? What's That Got To Do With Me?

from here

Just to be clear, this isn't a personal confession. It's just recognition that some people don't change their passwords even after they've been told that attackers have them.

Iron Bank Of Braavos

found on the meta picture

... And other people's debts as well if he's posting his card on the internet.

Tuesday, August 26, 2014

If Experts Are Legion, Why Are Breaches Still A Thing?

from here

I'm not expert, but don't you think an army of security experts would have eliminated most of our security problems by now? I know this isn't going to be a popular opinion, but most of the people who get called expert aren't. The community hands out that title far too easily, with all the predictable ramifications.

It's A Trap!

shared on G+ by Homero Navarro

Thanks to Homero Navarro for sharing this. Don't be fooled, officers. Even though they're free, they're not worth it (as free things often aren't).

Monday, August 25, 2014

Technologically Impaired Cyber Security Policy Maker

from here (source image)

Let's put someone without technical qualifications in charge of one of the most technical decision-making efforts there is. What could possibly go wrong?

Instant Car Protection

found on the meta picture

You might think this is just to protect the car from the elements and bird droppings, but oh no - at the end he appears to be locking it in place. I imagine someone could probably cut through the fabric and steal the contents of the car, but I don't think anyone's getting the car itself out of there.

Friday, August 22, 2014

Not Fat (merchandise)

store section

The joke earlier this week linking obesity to surveillance didn't really get a lot of interest, but I thought the concept was deserving of being re-worked into a t-shirt design.


As usual, the CafePress products have 0 markup, and the Zazzle products (which may take a bit to go live) have as low a markup as Zazzle allows me to enter (which is 5%) but are a little more configurable. Men's and women's wear in both stores, also kid's wear available (if you really want to put that on a kid or baby).

Somewhere In Nigeria

found on imgur

I don't believe for a second that there's an actual Nigerian prince out three somewhere trying to give away free money, and neither should you.

Thursday, August 21, 2014

Script Kiddies Get Way Too Much Respect These Days

from here

It's a crazy world we live in where any sufficiently advanced attacker is indistinguishable from a script kiddie.

Dear Diary, I Hope No One Reads This

tweeted by @kroppzoich2011

Thanks to @kroppzoich2011 for tweeting this German cartoon. Based on my recollection of cursive script and some struggles with Google Translate, I believe the words read:
Dear Diary,
My friend Obama has promised me firmly that my phone is no longer bugged!! That is so sweet of him!
Of course, we know how that turned out, don't we. German government staff being accused of spying for the US. Germany ditching Email in favour of typewriters, and various other countermeasures.

Wednesday, August 20, 2014

They Don't Call Them Duh-faults For Nothing

from here

If you're lazy, bad guys will probably get around to compromising you before you get around to protecting yourself.

Do As I Say, Not As I Do

tweeted by Rob Rosenberger

Thanks to Rob Rosenberger for sharing this Condescending Wonka meme highlighting the futility of military infosec policies.

Tuesday, August 19, 2014

If You're Just Passing Wind, Go To A Conference

from here (source image)

Thanks to Chris Wysopal for tweeting this picture of some interesting signage juxtaposition.

Overly Attached Girlfriend Takes On The NSA



I wondered what Laina thought of the NSA. Seems I have my answer.

Monday, August 18, 2014

Does This Surveillance State Make Me Look Fat?

from here

Thanks to Alex Girard for bringing this 'important' issue to my attention. I can only hope they start asking this on Fox News so that that demographic starts raising a stink about privacy.

Overly Attached Intelligence Community

tweeted by Renegade Cowboy

Thanks to Renegade Cowboy for sharing this. I wonder what Laina (overly attached girlfriend) actually thinks about the NSA.

Friday, August 15, 2014

Someone's Unclear On The Concept

from here (source image)


Rather than blending into the surrounding environment, the Ferguson police seem to stick out like sore thumbs.

TSA Cost Benefit Analysis

shared on G+ by Joe Hansen

Thanks to Joe Hansen for sharing this. Kinda makes you wonder why we put up with the TSA, doesn't it?

Thursday, August 14, 2014

So Now Reusing Passwords Is A Good Thing?

from here

How is anyone supposed to keep things straight in their head when there's so much conflicting (and sometimes down right ridiculous) advice out there. Like the idea that reusing passwords for low value sites is a good thing despite the obvious problem that most people wouldn't know how to tell a high value site from a low value one.

Sometimes I think people arrive at their security conclusions first and then search for ways to support them.

Don't Mess With This Dog

found on the meta picture

A guard dog with a machete is certainly enough to make me think twice about going someplace where I don't belong.

Wednesday, August 13, 2014

Nobody Has 100% Uptime

from here

Apparently LastPass users got a painful lesson in single points of failure. It's bad enough when a music or video game DRM server goes down, but when your password management site goes down you're locked out of everything.

Go On Sweety, I’ll Make Sure Nobody Sees Anything

found on the meta picture

Unfortunately, Granny is powerless against the awesome might of the ATM skimmer.

Tuesday, August 12, 2014

Chinese Cyber Spies Must Be Quaking In Their Boot Disks

from here

It's frustrating when a perfectly usable niche computer security term gets hyped so out of proportion that it stops meaning anything. The speculation that APTs possibly using less advanced (or even down right ordinary) techniques when that's all that's necessary is utterly pointless. If you can't out more mundane attackers then stop pretending you're fighting off the top of the attacker food chain.

Meet Jack. Or, What The Government Could Do With That Location Data



Did you really think location data was no big deal? Perhaps you'd like to reconsider that opinion.

Monday, August 11, 2014

You Designed Your Security Service Like A Phishing Campaign?

from here and here


I wonder if Hold Security understand how many ways they've done their identity compromise discovery service wrong.

The Problem With FaceRec On Phones

link to tweet

Thanks to Steven Metz for tweeting this joke. You were just joking, right Steven?

Friday, August 8, 2014

Can You Find The Dirty Password?

from here (source image)

Thanks to Matt King for tweeting the original photo. I have a feeling that at least some security researchers who look into password database breaches derive some puerile pleasure in finding things like this. I wonder if we all chose naughty passwords, would it make it more difficult for them to do presentations at security conferences?

0pen 5esame?

tweeted by Michael Pascoe

Thanks to Michael Pascoe for tweeting this cartoon about the pitfalls of the character replacement schemes people use to supposedly make passwords more secure.

Thursday, August 7, 2014

We Will Never, Ever, Ever, Ask For Your Passwords

from here

I don't think these folks quite get what never asking for your password means. It sure as heck doesn't mean you follow it up with a form asking for 15 passwords.

Free Candy Guy Has Upped His Game

found on the meta picture

Yeah, I wouldn't trust it either. I like my ATMs to be the opposite of mobile.

Wednesday, August 6, 2014

That Firewall Is Looking Mighty Suspicious Too

from here

In no way am I trying to suggest that people who do bad things shouldn't be caught and punished, but I do think the way it's being done raises some important questions.

That's Old News

tweeted by TK Keanini

Thanks to TK Keanini for tweeting this comic about one possible future of mass surveillance.

Tuesday, August 5, 2014

The Great Firewall Of China Is Ineffective Against Malware

from here

The Chinese Government appears to have decided that they only want anti-virus software that says "Made in China". Better them than us.

Daffy Duck Was Never The Smart One

found on the meta picture

Just because you have a way to defend yourself against attacks doesn't mean you should get cocky. It's bound to end poorly if you do.

Monday, August 4, 2014

Fashion Enforcers?

If you give the fashion police real enforcement powers, you might be a security idiot

(Inspiration - Surely there must be more pressing law enforcement matters than people wearing baggy pants)


Thank Goodness This Monster Is In Jail

found on the meta picture

You ever get the feeling like we spend too much time/money/energy on really minor threats?

Friday, August 1, 2014

Are Ya Ready Kids?

from here (source image one, two, three, four, and five)

This spongebob squarepants parody homage to Ed Snowden was inspired by @Explanoit

Use Of APT In Marketing

tweeted by @AdvancedThreat

Thanks to whoever is behind the @AdvancedThreat twitter handle for tweeting this pic making fun of security vendors who try to use APT in their marketing.