Friday, July 30, 2010

how can i pwn thee? let me count the ways

found on Liquid Matrix blog

so, not only has this person given away their username and password to the entire world, allowing anyone to log onto twitter and pose as them, but they've also alerted everyone as to where they'll be at a particular time (so someone could either find them there or, more likely, find them absent from their home). might as well hang out a sign that says "want to rob me? i have an opening on the 29th at 4:30pm"

Thursday, July 29, 2010

what the bad guys think of the cloud

from Evil Inc comic

yeah, pretty much the more valuables you put in the cloud the more there is out there for the bad guys to purloin.

Wednesday, July 28, 2010

have passwords always been complicated?



there are a number of issues covered in this comedy skit, and i like how it highlights how gullible you have to be to fall for some of the attacks out there.

Tuesday, July 27, 2010

bike security fail

from Epic Losers

clearly some folks have as much difficulty with physical security are infosec people see with computer users.

Monday, July 26, 2010

Hijinks Ensue tackles rogue antimalware

from HijiNKS ENSUE

really, there's more to this than just the comic - you should read the associated blog entry as well. the artist/author has some well founded doubts about the entire concept of going to some arbitrary website and having it supposedly clean your computer.

Friday, July 23, 2010

when passwords meet car doors

from There, I Fixed It

the theory behind the captioning at There I Fixed It was that the gate latch was added to the car because the numeric code (see that panel above the door handle? that's for entering a passcode) is too hard to remember.

the thing is that the gate latch isn't a lock, it's a latch. if a latch alone was good enough the owner could simply close the door and not lock it (also, you can still use traditional keyed entry judging by the keyhole). it appears that this car door is in such a state of disrepair that it won't actually latch properly and needs to be held closed with this additional hardware. so the true moral of the story is that both security technology (the lock) and the infrastructure it works with (the door) need to be maintained or they won't do you any good.

Thursday, July 22, 2010

luigi's password


found on Gadi Evron's blog

yes, sometimes social engineering is that easy. be careful out there, you don't want to be the next luigi.

Wednesday, July 21, 2010

secrecy is sharing

orignally from The Joy of Tech comic

found on Emergent Chaos

it's certainly some bizarro logic at work. reminds me of Pierre-Joseph Proudhon and his "property is theft" concept.

Tuesday, July 20, 2010

oh firewall, oh firewall

from Andrew Hay's blog
Oh Firewall (sung to the tune of Oh Christmas Tree)

Oh firewall, oh firewall, your blinking lights protect me
Oh firewall, oh firewall, your blinking lights protect me
Each day you bring me such delight, safety in the dead of night
Oh firewall, oh firewall, your blinking lights protect me

Oh firewall, oh firewall, perimeter protector
Oh firewall, oh firewall, perimeter protector
Your rules are just, in line with policy and won’t be changed because you fuss
Oh firewall, oh firewall, perimeter protector

Each day you bring me such delight, safety in the dead of night
Oh firewall, oh firewall, your blinking lights protect me
unfortunately it seems he only did the one security carol. maybe he'll do more this year. might we request "silent log"?

Monday, July 19, 2010

the best antivirus


found here

so maybe best is a subjective concept. i'm sure it's the most satisfying, though.

Friday, July 16, 2010

all your grammar are belong to us

BrowserHijackingScare

100% credit for this goes to the Sunbelt Blog's Tom Kelchner (and Patrick). it's even Tom's caption. absolutely perfect.

Thursday, July 15, 2010

worms are bad, m'kay?


from the McAfee Labs blog

this was just a picture to go along with their blog post. they gave it the caption "a picture is worth a thousand words", and it's really true, a picture is worth a thousand words, but in this case i think there are only 3 words that will come to the reader's mind
Do Not Want
and frankly, that's a perfectly good message to send. you do not want a worm.

Wednesday, July 14, 2010

hello security


from Hello Kitty Hell

honestly, even if it is a real product, i'm not sure i can take it seriously.

Tuesday, July 13, 2010

matt on travel



a nice series of cartoons about airport security drawn by matt pritchett of the telegraph.

Monday, July 12, 2010

if you have something that's supposed to be encrypted...

if you have something that's supposed to be encrypted and you write the decryption key on it then you might be a security idiot...

(inspiration)

Friday, July 9, 2010

if you detect explosives by swabbing bags

if you detect explosives by swabbing bags instead of using your brain and possibly recognizing the ingredients for gun powder then you might be a security idiot...

(inspiration)

Thursday, July 8, 2010

Wednesday, July 7, 2010

protect yourself



a rather hilarious video from panda, and i really like how the message at the end is "protect yourself" rather than something patronizing like "we'll protect you" or "this product will protect you". that means that it conveys the message that you need to act responsibly rather than the message that X will make it so that you don't have to worry about anything.

of course in the video itself it seems a big panda winds up doing the protecting at the end so that sorta contradicts the message but it's still a much better message than some some vendors use.

Tuesday, July 6, 2010

Schrödinger's lock?


from failblog

really i think the absurdity of the message speaks for itself.

Monday, July 5, 2010

if you don't realize that prevention needs...

if you don't realize that prevention needs to be backed up with detection and recovery then you might be a security idiot.

Friday, July 2, 2010

i iz uplodin mai pichur

cellpwned

(inspiration from boingboing)

a cell phone thief actually did take a picture with the phone he stole apparently not realizing that when you take pictures with it they get uploaded to a central server instead of just staying local on the phone itself. whoops! bet he'll think twice about trying that one again. don't steal what you don't understand.

Thursday, July 1, 2010

if you think disabling anti-virus software in order to install...

if you think disabling anti-virus software in order to install other software is reasonable then you might be a security idiot