Tuesday, November 21, 2017

HR is not amused

from here

Honestly, even with an HR department that isn't insane and/or completely stupid, work really isn't the kind of place I'd want to be thinking those kinds of thoughts. It would just be weird.

Not even his friends and family

found on Imgur

Email is used for so much junk these days it's a wonder any email is taken seriously anymore.

Monday, November 20, 2017

Grandma fixes everything

from here

If only Grandma could fix Internet privacy. Sadly it's not as easy as mending socks, although I suppose some kind of knitted article could be placed over your webcam, so there's that.

Whenever there's a new privacy setting

found on Meme Center

I couldn't find the true original at Shoeboxblog.com, unfortunately, but don't let that stop you from checking if there are any new Facebook privacy settings you don't remember that need to be turned off.

Friday, November 17, 2017

Peter Piper on security

from here

That's right, botnets are not nets for catching bots.... and yet, I think if you really wanted to, you could probably find a way to use a botnet to catch other bots.

Maybe it's confused by all the BACN

found on ImgFlip
This is one of those things that makes spam filtering hard - messages that under other circumstances would definitely qualify as spam but because you intentionally signed up to receive them they aren't spam (they're bacn). How is a spam filter supposed to know you want to see that junk?

Thursday, November 16, 2017

LiveCD Girls Girls Girls

from here
The reason booting from a LiveCD is good for online banking is that it provides an environment that couldn't have been infected during past usage because the CD is read-only. It occurs to me that an environment you can be fairly certain won't get infected in the present would likewise be of benefit when visiting sites that have traditionally been considered "unsafe".

Just don't do both in the same boot session.

Who even remembers the NSA anymore?

found on Quick Meme

With everything that's been going on in the US government, has anyone remembered to keep an eye on what the NSA is doing? I have a feeling that the importance of intelligence oversight may have gotten lost in amongst the importance of a variety of other things.

Tuesday, November 14, 2017

And it shouldn't have been "Password1!"

from here

Reusing passwords may make things easier for you, but it makes things a lot easier for attackers too.

There are other ways of making passwords easy for you while not making them easy for attackers.

That's some quick thinking

original tweet

This is a much better alibi than that whole "a virus ate my homework". Who knows, maybe you can even say you got caught in a pornado when HR comes around wondering why you were looking at porn on the job.

Monday, November 13, 2017

No peepshows for you, webcam hacker

from here

You didn't think the baddies were just interested in encrypting your computer or making it mine bitcoins did you? Some have more lascivious interests.

Did you roll your own crypto?

found on Quick Meme

If there's one thing that every developer who deals with cryptography should know it's that you shouldn't roll your own. It may sound elitist, but people will come to rely on the security your product offers and unless you're an expert the chances of you making something that actually is secure enough is basically nil. Instead, use existing cryptography libraries that have undergone rigorous review and verification.

Friday, November 10, 2017

Who wouldn't trust Facebook to protect their privacy?

from here

The idea to have people upload their nude photos to Facebook is definitely a weird one, and the admission by Facebook's head of security that employees would actually be looking at those nudes would certainly make me think twice even if I'd forgotten about all the privacy controversies, the ethically dubious psychological experimentation, and that old quote from Mark Zuckerberg himself - "They trusted me, dumb fucks".

If you're not in a hurry I guess that could work

found on Reddit

Often times people are in a hurry and want things cleaned up immediately, but free decryption tools aren't always available so you might think that  your only options are restore from backups or pay the ransom. There is a third option, however - hope and wait. Hope is not a great strategy for data recovery and you'd certainly not want to rely on it, but sometimes all it takes is time for a decryption tool to be developed.

Thursday, November 9, 2017

Dead or alive, your body's a key

from here

Not only can law enforcement make you unlock your device against your wishes, they can do it when you're dead too. When it comes to biometrics, cooperation isn't necessary.

User awareness training in a nutshell

found on Meme Generator

I know there's a little more to it in reality, but definitely plays a significant role in how people get trained to be safe online. Not sure that's good enough, though.

Wednesday, November 8, 2017

Hello DDoS, my old friend

from here

Of course your own connection may still be up in a DDoS attack but the server your devices are calling home to may not be (it depends entirely on what the target of the attack is). Also, any network outage will do, DDoS is just the weaponized form.

Lose clicks sink ships

found on Make A Meme

Unfortunately it really is important to be careful what you click on. It's dangerous online.

Tuesday, November 7, 2017

Just how secure are ATMs?

from here (source image)

Thanks to @da5ch0 for drawing my attention to the fact that DOOM seems to be one of the favourite things to run on devices you'd never expect to show just how open they really are to modification (something that is perhaps not a feature you want in an ATM).

Given how many devices have been hacked to play DOOM, I'm inclined to conclude that hacking something to put DOOM on it is a meme in and of itself.

When you forget to use incognito mode

found on Droll Nation

That is not the expression of someone who holds you in high regard. Someone is in big trouble.

Monday, November 6, 2017

Seems like an awful lot of effort

from here

Imagine having the know-how to pull off this kind of caper but not the wisdom to realize that that the more you do it the more chances there are of getting caught. Getting caught was inevitable at the rate this kid was going.

A blast from the past

found on Fail Blog

Remember, remember, these nameless offenders. It was a great prank, but wow has anonymous ever changed since those days.

By all accounts this image is supposed to have actually come from Fact Republic, but I was not able to find it there (a similar one, yes, but not this one)

Friday, November 3, 2017

One good conspiracy theory deserves another

from here

I'm sure we've all heard the idea that AV companies are actually the ones behind the viruses. Well, maybe there actually is a conspiracy but going the other way? I mean, a number of security 'experts' do seem to be rather chummy with the blackhats. Maybe they're hoping for a cut of the profits.

Alternative medicine has never been more convenient

found on ImgFlip

Thank goodness someone is willing to protect me against unknown lumps and masses.

Thursday, November 2, 2017

Get a real job, ya ransomware bum

from here

This seems like the proper way to respond to ransomware demands, with defiance not compliance.

Don't overdo it

found on Green Locksmith

Some say complexity is the worst enemy of security and this is a pretty good example. Not only does it make it harder for you to get out, it adds virtually no difficulty for someone trying to break in.

Wednesday, November 1, 2017

Using locally sourced bits

from here


How not to keep your keys in a safe place


found on Imgur

I mean, I can sort of see how one would arrive at this solution to losing keys, but then you need a solution for using keys, because you can't do it here.