Friday, February 28, 2014

Goatse Cam HQ - No Such Thing As 'Undesirable Nudity'

from here and here

I don't know why anyone thinks the nudity that GCHQ has collected as part of it's Optic Nerve operation is "unwanted". I'm pretty sure the content will draw the type of people who want to see it.

Priorities - You're Doing It Wrong!

tweeted by The Intercept

The thing about corruption is the halls of power is that when enough people start revealing that corruption, the corrupt no longer have time to pretend to serve the interests of their constituents.

Thursday, February 27, 2014

Creepiest Alternative Ever To Using Boothbabes?

from here (source image)

Thanks to Alex Gantman for tweeting this photo. I gather miss Wolf actually wants to help raise awareness of online safety, and that's great, but I definitely wouldn't want any part in parading a teenage victim around a marketing venue.

RSA hearts NSA

tweeted by @CODEPINK

This was displayed at the RSA conference this year to protest RSA's accepting money from the NSA to weaken encryption (thereby weakening a tool people use to protect themselves and making it easier for the NSA to read their data). RSA denies knowing that was what would happen, but ignorance doesn't inspire anymore trust than intentional collusion.

Wednesday, February 26, 2014

The reason they call it dope

from here (source image)

It's got to make the authorities' job easier when the criminals present themselves like that instead of trying to remain unseen/unknown. If only all crooks were so obliging.

CISSP != Hacker

tweeted by Wim Remes

Unless being able to rattle off physical, administrative, and technical controls makes you a hacker (rather than, you know, hacking) then no, getting a CISSP won't make you a hacker. It might make you appealing to HR, though.

Tuesday, February 25, 2014

There's A Flaw In Your Plan

from here

I have zero faith in the encryption offered by service providers (like secure email providers or encrypted file vault providers) because their control over the encryption means they can bypass it, even if they (supposedly) never have the key.

Coding is hard

found at shirtstarter (courtesy of Ashkan Soltani)

It looks like someone has already immortalized Apple's now famous bug as a t-shirt. Wish I'd thought of that.

Monday, February 24, 2014

A Fail So Nice They Did It Twice

from here (source page)

If you use Apple products, it might interest you to know that pretty much anyone (including your Starbucks barrista) can read your supposedly secure traffic. More info at the ImperialViolet blog including a link to see if you're vulnerable.

Mistreating women? There's an app for that


found on seriously, for real?

A bra that responds to commands from an iPhone app? What could possibly go wrong?

Just in case money and fame aren't enough motivation for those who break into technologically protected things, now you can add lust to the list of potential motivators.

Friday, February 21, 2014

Maybe only for feet recognition

from here

Feet recognition, or pedo-biometrics would probably be the only form of metric that uses the foot.

First World Xbox One Problems

found on memebase

Biometric security is supposed to be convenient, but nobody thinks about the possibility that parts of you might get cut off (and it doesn't have to be gruesome to be a problem). Not so convenient then, huh?

Thursday, February 20, 2014

Clap On [clap, clap] Clap Off [clap, clap]

source tweet


Learning To Stand On Your Own

tweeted by SecurityTube

There's nothing quite like being able to do something yourself, without relying on others, whether you're breaking into computers or defending them. Learning can give you that independence.

Wednesday, February 19, 2014

If you can't tell the difference between journalism and terrorism...

If you can't tell the difference between journalism and terrorism, you might be a security idiot

(Inspiration - The idea of the truth getting out may strike fear into your heart, but that's not terrorism)

So that's what a terrorist looks like

found on seriously, for real?

Just when you think the spying has already gone too far, you see things like this. Can't a guy get a little privacy?

[Update 2017/01/27: In reviewing this old post and looking for where this animation originally came from it turns out it's from this YouTube video and it's not actually a terrorist at all - not that a terrorist would look any different in this situation]

Tuesday, February 18, 2014

They sneakin' in yo network, they snatchin' up control of yo devices

from here

The unfortunate reality is that the more things we make with computers in them, the more things that will eventually require patches. Most recently that really is your router, at least if you've got one from Linksys.

Rebranding McAfee

tweeted by Chad Essley

Thanks to Chad Essley for making this great cartoon poking fun at relationship John McAfee has with his old company (McAfee) and it's current parent company (Intel) which hopes to drop the McAfee name in order to distance the product from John. Personally, I'd like to see McAfee actually change his name to Intel just to piss them off.

Friday, February 14, 2014

Now you just need to help her get back home

from here

"Too good to be true" applies to all sorts of things online, including this.

Say It With SQL Injection

original tweet

Thanks to Ben Nunney for tweeting this part SQL injection - part Valentines Day poem.

Thursday, February 13, 2014

In Soviet Russia, Olympics Watch YOU!

from here (source article)

I don't know if there are really cameras there or not, but when a government official says there's video evidence of monkey business in bathrooms it would certainly make me concerned about privacy.

Operation GTFO

from webwewant's flickr stream

This is the NSA slide we want, but probably not the one we're going to get.

Wednesday, February 12, 2014

Something's Taking A Bite Out Of Crime

from here (source image)

I don't know about you, but I'm more scared of it when I don't know what it is, and that should make it an even better deterrent than a traditional "Beware Of Dog" sign.

10 Ways A Condom Can't Protect You...



You may laugh (that is the general idea after all), but using a protective measure to protect in ways it was never intended for is ridiculously common. For example, I've lost count of the number of posts I've done of people chaining up their cars like they were bicycles.

Tuesday, February 11, 2014

This is a test. Do you know the right answer?

from here (source image)

This is a test, and by answering this question correctly you fail. It's probably a sad comment on the state of distrust in our fellow man (or woman) today but, if someone starts asking you for random pieces of personal information, they're probably up to no good.

A Gravely Serious Matter

found on memebase

If you died before you had a chance to do anything about your browser history, would you want someone to clear it for you? Maybe not, but what if instead you were simply downsized at work - would you want to keep your browser history there a secret? I've seen some browser histories that I wish I could unsee, so I imagine some people would want this kind of assistance.

Monday, February 10, 2014

What Computer Security Folks Never Appreciate

from here

I don't understand why people in InfoSec complain about removing malware from their family's computers when it really means they have an opportunity to see live malware samples in the wild.

Would you vote for him again?

found on google image search (I can't remember what I was searching for)

Given his failure to clean up the abuses of authority he promised to end, or to do anything meaningful to preserve privacy in the wake of the mass spying revelations, I probably wouldn't vote for him either (not that voting for him is an option anymore).

Friday, February 7, 2014

Send your complaints about Big Brother here

from here (source page)

Yes, this is a real web page for a real Canadian spy agency and that is really the address you have to use to lodge complaints. What would Orwell think?

(Thanks to Travis Lupick for tweeting about this)

Please resend your exploit demo...

source tweet


One thing you might not know about the world famous computer security personality Mikko Hypponen (unless you follow him on twitter) is what a joker he is. Here he is role-playing someone who doesn't understand that launching calc.exe is pretty standard fare for demonstrating an exploit.

Thursday, February 6, 2014

No Malware For You!

from here (source image one, two, and three)

A long time ago I arrived at a fairly simple principle about sharing malware: never give malware samples to someone you don't know that you can trust not to do stupid or malicious things with them. The fact that spreading malware is one of the techniques the FBI uses pretty much excludes them being trustworthy in this context.

(Inspiration - thanks to Howard Fuhs for bringing this to my attention)

Wednesday, February 5, 2014

If you launch DDoS attacks...

If you launch DDoS attacks in order to fight people who launch DDoS attacks, then you might be a security idiot (and a raging hypocrite)

(Inspiration)

Metadata (Hallelujah parody)



Thanks to Glen Greenwald for putting this excellent parody on my radar.

Tuesday, February 4, 2014

Scumbag Fake AV

from here (source image one and two)

I always knew that if I did a cartoon involving fake AV that I'd represent it as a brown shield, called "Big Brown" (in reference to Symantec's "Big Yellow" and McAfee's "Big Red"). The brown was going to be poop, but out of the blue I got inspired to make it the pattern of scumbag steve's hat and I just had to use it right now.

TSA Has Weird Priorities

source tweet

It's an absolutely true observation, the TSA does precisely this because they focus on the relatively rare threat of terrorism rather than the relatively common threat of petty theft.

Monday, February 3, 2014

Give a man a phish...

Give a man a phish and he'll empty other people's bank accounts. Teach a man to phish and he'll eventually empty yours.

This isn't the first parody of the "Teach a man to fish" parable using phishing (it really lends itself to it), but I felt like touching on the power of learning.

The Super Bowl's Not So Super Security

tweeted by Keith R. Parsons

They may have snipers, but that won't stop attacks coming in over the wireless network.

Thanks to Keith R. Parsons for tweeting this example of what not to do with respect to WiFi security.