Wednesday, January 31, 2018

A passcode might have prevented the entire thing

from here

Do you think anyone who happens to pick up your phone should be able to use it? To text as you? To make purchases as you? Well then maybe you can learn from Liam Neeson's character and put a damn passcode on your phone, or maybe enable the biometric lock feature if there is one.

(And hopefully my Imgur account doesn't get banned for 'spoiling' a 4 year old film)

Imagine how many rads HE gets

found on Quick Meme

You weren't really expecting people who found their jobs through pizza boxes to recognize they share an interest in safety with you, were you? They're too busy exercising their authority for that.

Tuesday, January 30, 2018

Forget leg day, don't skip OpSec day

from here

Apparently there are some folks who not only need to exercise their bodies, but their operational security skills as well.

Why ban when you can tax?

found on Steemit

There are a variety of ways that countries can try to control crypto-currencies. Banning is sure to be one of the least effective.

Monday, January 29, 2018

Not even YouTube is safe anymore

from here

I made this meme thinking that YouTube serving malicious ads qualified as a watershed moment. The idea of safe sites has been questionable for a long time, but the examples of legit sites violating the concept of safe sites by serving malicious content have always seemed (no matter how mainstream) to be sites that many people could reasonably ignore as not really important because they don't visit them. YouTube bucks that trend because virtually everyone who uses the Net has been to YouTube.

The thing is, this turns out to not be the first time YouTube has served malicious ads - it happened before in 2014 and I just didn't remember.

Maybe just don't share the passcode instead

found on Memebase

You might think not sharing the passcode could create problems, but those problems were already there and trying to maintain some semblance of privacy simply brought them to the surface.

Friday, January 26, 2018

Just a little before starting

from here

I never actually installed those updates. I figured the chances of me being among the first to be targeted using exploits for those vulnerabilities would be really low, and that the code that would need to run in order to launch the exploits stood a good chance of being stopped by one of my whitelisting layers, so there was time to wait and see what the fallout from those far-reaching patches would be.

Won't somebody think of the kittens?

found on MemeGen

Thursday, January 25, 2018

Just say no to 'RapeCoins'

from here

There's something deeply disturbing about the idea of recording sexual consent on the blockchain. On the surface it seems to combat the 'problem' of people changing their minds after the fact, but have the designers never once stopped to consider those might actually be cases of people changing their minds during? The capability for consent to change and be fluid like that seems to get forgotten a little too easily.

You know what else gets forgotten? Coercion. If someone is willing to coerce another into submitting to a sexual act, is it really that big of a stretch to imagine they'd also be willing to coerce the other into recording their so-called consent?

About the only thing this scheme could actually combat is instances of sexual misconduct where the victim isn't capable of giving consent because they're unconscious or otherwise incapacitated, and that's only if you ignore the possibility of the attacker cracking the device on which the victim's app resides.

There have been a lot of bad ideas for ways to use the blockchain but this one is one of the worst I've ever heard of and the fact that the idea has gotten as far as it has is equally disturbing because it means there are that many people who don't understand consent or coercion.

Spooks on a plane

found on Meme Center

That's one way to ensure the confidentiality of the info you're working on.

Wednesday, January 24, 2018

Also prevents catphishing

from here

This technique probably also prevents happiness. Your mileage may vary, but at least people can't snoop on your Tinder activities.

At least it's childproof if the child is inside

found on Meme Center

That's no way to keep people out of your car, but it may do a good job of keeping some people in.

Tuesday, January 23, 2018

It's just taunting me now

from here (source image)

You may have heard that ransomware has good customer service - the reason you hear that is because it's the exception rather than the rule when it comes to crooks. Most don't care what you think and absolutely do not take requests. I suspect if they did take requests most people would request their stuff back, not that more be taken.

It's just a new kind of sharing

found on Meme Center

I wonder if the people who made this understand how people use phones in real life. Not just the porn part, but all kinds of personal details and communications happen on phones and that shouldn't be so easily seen.

Monday, January 22, 2018

Does this seem legit to you?

from here (source image)

As amazing as this sounds, Facebook plans to ask users to help it identify fake news.

How exactly are the people who were essentially targeted by social engineers supposed to know who the social engineers are? If people knew who the right news sources to trust were then Facebook wouldn't need to worry about fake news in the first place. This is, at best, fake effort by people who can't be arsed to actually think about the problem of their users being exploited for malicious purposes.

No they can't

found on Imgur

Just remember, whenever anyone says that the government can keep their secret access / backdoor / golden key / whatever they want to call it safe from the bad guys, the correct response is
NO THEY CAN'T

Friday, January 19, 2018

Someone must really like to pay

from here

So a hospital that HAS backups still pays the ransom when they get ransomware because they don't think restoring from backups will be fast enough? (see story)

If your backups aren't good enough or fast enough then you're paying for something you can't use and should find a different solution. If your backups are just fine then you shouldn't need to pay the ransom. There is no good reason to pay for both, and in so doing fund the next wave of attacks by the ransomware purveyor.

Why have backups at all if not for emergencies?

Are you ready for 6 more years of this?

found on Quick Meme

Warrantless spying will be allowed to continue for at least 6 more years thanks to the efforts of your representatives in government. I'm sure the FBI will love the increase in encrypted communications as a result.

Thursday, January 18, 2018

Are you ready for the full disk encryption challenge?

from here

With the cinnamon challenge, and now the Tide pod challenge, it's clear that people are willing to do things for no other reason than because they were challenged. So maybe that can be used as a way to practice better security... by issuing security challenges.

So you want to security destroy data


Watch on YouTube

I mean, if I had one of these at my disposal, I'd be securely destroying data all day long. Thermite would get me more involved too.

Wednesday, January 17, 2018

Throw another box onto the mining pool, it's getting chilly

from here

As a Canadian in winter this seems like it might be a great idea... until summer comes along. Maybe the bitcoins you mine can pay for the increased cost of air conditioning?

Not so secure messaging

found on Reddit

It's always important to be certain of who you're communicating with before you send sensitive information. Maybe it's not really your friend. Maybe it's not really your bank. Double check, it'll save you hassle in the long run.

Tuesday, January 16, 2018

I think I'd like to make a withdrawal

from here (source image)

I think everyone would want to make a withdrawal, either to save their own money from a bank that obviously doesn't care about security, or to 'save' other people's money and 'look after it for them'.

And I wish I could turn off notifications

found on Dump A Day

If only software updates could be more like the people who just do their job and don't bother you. That would be awesome.

Monday, January 15, 2018

Shave and a haircut, 2 BTC

from here

Long ago there was a time when the cost of a shave and haircut really did amount to 2 bitcoins, but those days are long gone now.

Panda Pentesters

found on Dump A Day

Y'know, if they could actually use tools as small as lock picks I wouldn't put it past that one to actually try to pick that lock. Expressing curiosity about locks is exactly how people start to become lock pickers.

Friday, January 12, 2018

I hope you like clicking

from here

They can be really useful tools in the fight against malware, but boy are they high maintenance.

Ixnay on the asswordpay

found on Panda Strike

Transforming simple words using well known transformation rules doesn't make those simple words suitable for passwords, because password crackers already know those rules and try to use them to break passwords.

Thursday, January 11, 2018

When is a smart safe not?

from here
If your smart safe can be opened this way, I don't think it should qualify as smart or safe:


It's hard to imagine any kind of quality control went into this, to be honest. Surely a safe has to pass rigorous tests, doesn't it?

Place your bets

found on MemeBase

Sometimes the simplest ways are the best.

Wednesday, January 10, 2018

Hootercoins for everyone

from here (source article)

Kodakcoins, Whoppercoins, Hootercoins, Long Island Iced Tea Coins. Seems like the blockchain has the Midas Touch. I can't imagine the effects will be long lasting, however.

Lost: One residential porch

found on Wanna Joke

If you ever find yourself thinking you have nothing that criminals want, just remember you have no idea what criminals want.

Tuesday, January 9, 2018

iFaith won't save you this time

from here

Admittedly Apple products are spared from a great deal of the security monkey-business that Windows or Android users have to put up with, but don't let that lull you into a false sense of security. This is one of those times when even Apple devices are at risk, so vigilance will serve you better than smugness this time.

So that's the American health care plan

found on MemeGuy

I mean, if they can't keep you healthy, at least they can keep your info safe by keeping you out of the system in the first place.

Monday, January 8, 2018

Methinks the US Government doth protest too much

from here

If it's true that Americans first started to wonder about a connection between Kaspersky and Russian intelligence in 2012, then it presents an interesting timeline, since the indirect connection between McAfee and US intelligence was revealed just one year earlier.

I thought you only had to take off your shoes

found on Steemit

Surely there are ways of detecting dangerous items there without asking for an eye-full.

Thursday, January 4, 2018

Maybe it was on the whitelist

from here (source image)

You know, because it's white.

Actually I think practically everyone has to go through some kind of screening, probably because that's the kind of confused thinking that might occur if you asked people who got their jobs from pizza boxes to follow a whitelisting protocol.

How to undersell your deterrent

found on the Daily Mail

If you're looking to break into a house and are fully prepared to deal with Fido, you better hope the house you're breaking into used and accurate sign or you might find a moose charging at you.

This momma doesn't even seem to like photographers taking pictures of her offspring.