Tuesday, April 7, 2020

Don't bite the hand that aids you

from here

Aren't state-sponsored hackers supposed to be intelligent? Interfering with the organization trying to help bring an end to the pandemic that's afflicting your country (among many others) doesn't seem like a terribly well thought out plan.

It's almost as if they don't realize it works against their best interests, which makes me seriously question the basic premise that APTs are supposed to be smart.

We're all in rough shape right now. This isn't rocket science. Stay the fuck at home, and leave the helpers alone.

That's one way to add privacy to your Zoom meetings

found on Imgur

Even though he doesn't have Windows, I think the 4th panel demonstrates why he needs those blinds.

Monday, April 6, 2020

Military grade self-own

from here

I can't help but wonder what the captain of that Venezuelan naval vessel was thinking when they attacked a passenger cruise liner. Clearly the armed military vessel was no match for an armoured but otherwise unarmed cruise ship.

Attackers need to be careful they don't bite off more than they can chew.

Not OK Google

found on Izismile

If being constantly spied on by devices and services is the price you pay for more relevant ads, the price is too high because I still won't buy.

Friday, April 3, 2020

From lockdown to lock up

from here

Threatening a cop with an invisible bio-hazard is incredibly dumb, but it's a threat anyone can make and it doesn't have to be against cops. Not only is it a bio-hazard that anyone can get their hands on, you don't even have to prove you have, just make people think you have it or might have it. No one wants to take that risk.

Password: The Game Show

Watch on YouTube

I don't think I've ever seen this before and now I feel like I've been missing out. They've taken the idea of guessing people's passwords based on their password hints (which often are just a word) and gamified it. I gather this is a bit from The Tonight Show that they occasionally do with the guests.

Thursday, April 2, 2020

Cheap, Fast, or Secure... Pick Two

from here

So it appears that Zoom's "end-to-end" encryption only counts as end-to-end if you consider Zoom's servers themselves to be one of the ends. Specifically, according to their own blog, they have software running on their servers acting like legitimate communication endpoints so that they can send the unencrypted data to devices that don't support their end-to-end encryption. It's a backdoor dressed up as a compatibility feature. We have to take them at their word that this backdoor will never be used by misbehaving employees and that various governments will never or can never compel them to use it to reveal our communications.

They could have (and arguably should have) simply told customers they can't use the end-to-end encryption feature when participants are using devices that don't support it, but they chose to compromise the communication channel instead so that users could maintain a (now false) sense of security.