Wednesday, July 31, 2013

are you hungry?

from here (source image)

are you still hungry? looks like someone found a way for junk food to be even less healthy.

who let the spooks out?

found on i can has cheezburger

Tuesday, July 30, 2013

the mystery of passwords

from here (source image one and two)

the mystery of passwords is why do we put something so valuable into something so unreliable.

NSA customer service

found on gene spafford's pinterest

Monday, July 29, 2013

the don't call it overkill for nothing

from here (source image)

when you take excessive steps to protect against malicious software or spam, it's simply wasteful. when you take excessive steps against people, it's much, much worse.

Wednesday, July 24, 2013

what's good for the goose is impossible for the gander?

from here or here (source image)

it beggars belief that the NSA, with all their equipment and all their funds for handling massive amounts of email and other data can't search their own email. if true then it suggests the only thing necessary to protect email from foreign spies is to do whatever it is the NSA is doing to defeat their own search capability.

Monday, July 15, 2013

there's caution, paranoia, and batshit crazy

from here

i don't know what the government was thinking when they destroyed $170K worth of hardware in order to get rid of malicious software, but apparently their IT department thinks malware works by some kind of magic that can infect anything connected to the computer.

computer peripherals don't work that way.

secmeme on temporary hiatus

i'm sorry to have to do this, i know it won't do the site any good, but since this is still largely a one-man operation, and since i'm still cleaning up after a flood last week, the time that i would normally be dedicating to this site just doesn't seem to be available.

i tried to make up for the lack of internet at home last week by staying late at the office to queue up some scheduled posts, but the time i spend doing that is time that i'm not spending getting things back into order at home and i'd very much like to go back to sleeping in an actual bed at some point.

as such, i just can't make this my priority right now. there is still one post left in the queue. that's the last one for the time being. things should return to normal soon enough, though, maybe even by next week (i hope).

Friday, July 12, 2013

secret courts: what could possibly go wrong?

source tweet

are they laughing with us? at us? who knows? (thankfully it's just a parody twitter account)

false alarms in layman's terms

found on google image search

not quite sure what a false alarm is or why it's so bad? if this doesn't explain it i don't know what will

that isn't cryptic AT ALL

from here (inspired by @jgrahamc's tweet)

thanks to john graham-cumming for reminding us that with crypto the devil can sometimes be in the details.

facebook earth

if privacy is dead, let's try this.

this was supposed to be fiction, but with the revelations about the NSA, i wonder how much besides the product name is actually fictional.

don't mess with people's tech

found on the chive

you'd think crooks would have wised up by now that devices like laptops and smart phones can be easily tracked.

sad surveillance camera is sad

found on memebase

poor installation or maintenance of your security measures can make them sad, and if they're sad you'll probably wind up sad too.

Thursday, July 11, 2013

longer passwords make stronger passwords

found on google image search

it's not quite a "keep calm and carry on" sort of saying, but i think it works anyway.

how much do you hate protection?

found on the zooom

if you hate protection so much that you fake even the most mundane aspects of it then then you're gonna have a bad time. when it comes to safety or security, you really don't want to fake it or use measures that are just for show.

don't underestimate your adversaries

from here

with all the talk of advanced persistent threats and nation states and industrial espionage, it's easy to forget that unsophisticated attackers like script kiddies can still be very successful with nothing more than copy-n-paste.

don't take a lawnmower to a gator-fight

found on thechive

i suppose it's better than not bringing anything to a gator-fight, but if i had to fight a gator, that would not be my weapon of choice.

vader is unimipressed with your authoritarian regime

found on memebase

unfortunately the power to spy on a planet isn't nearly as fictional as the power of the force.

blending into the background fail

found on memebase

ghillie suits disguise you when you quietly sneak around plant life, not when you sit in a planter making noises

Wednesday, July 10, 2013

home security test

from here (source image)

not to put too fine a point on it, but if your pet door works as a bypass for the lock on your door then is there really a reason for having a lock on your door?

i can't see the difference, can you see the difference

link to tweet

the NSA likes their beer the same way they like their tapped communications - undifferentiated.

we have met the enemy, and they are us

found on tumblr

a corrupt government must always consider it's citizens the enemy since they would always fight to eliminate such corruption if they knew about it.

Tuesday, July 9, 2013

stop and smell the flowers, not stop and smash them

found on thechive

i'm not sure what those flowers did, but i'm pretty sure that's some sort of abuse of authority right there.

tin foil hats just got an upgrade

found on thechive

i have no doubt that this would not actually keep your communications secret. they travel from your computer to many other computers before finally ending up at the computer of the person you're communicating with, and they can be intercepted at any point along the way. if you're worried about people reading your communications, use encryption.

snoop the rainbow

PRiSM Pins
PRiSM Pins by secmeme
See more Prism Buttons at

yes, i've been busy making things again. it's no my little droney, but i'm still kinda proud of it. although this is just showing a pin, i pretty much put this design on everything zazzle had (minus the ones with cut-outs in the middle) so t-shirts, hats, bags, drink-ware, etc.

deterrence win?

found on the art of trolling

this apparently represents a picture of a woman wearing stockings designed to make her legs look hairy in an attempt to deter "pervs". i imagine this could make quite a few guys lose interest. unfortunately, just like things designed to attract attention, you don't get to select who gets affected by this. hope you don't bump into your crush while you're wearing these

don't say it on an open line

shared on G+ by the hacker news (thanks to anton chuvakin for bringing it to my attention)

yeah it's supposed to be a joke, but these days who knows. it might be best to act as though this is real because it might actually be.

a cockatoo picking locks

now these may not be the same kinds of locks that a human would face, but it's still interesting that other animals can break security controls as well.

Monday, July 8, 2013

f'ing magnets, how do they work? not like this

found on the art of trolling

just in case you didn't know, troll science almost never works, and this is no exception. the only thing magnets repel are other magnets (and only if aligned in a particular way), so unless terrorists are firing magnetic bullets, this is not going to protect you from them (and even if they were using magnetic ammo, i still wouldn't hold my breath).

scum bag government

tweeted by @asheschow

so the kind of foreign policy that made the US so many enemies in the middle east over the past few decades is now being carried out in cyberspace? what could possibly go wrong?

i'm from the net, stupid, what kind of requirements are those?

from here (source image)

Rap mags try and use my black ass
So advertisers can give 'em more cash for ads, fuckers
I don't know what you take me as,
Or understand the intelligence that Jay-Z has
well, i suppose jay-z doesn't realize that samsung will try to use him in exactly the same way or maybe he's in on it and doesn't understand the intelligence the rest of the world has. but whichever it is, the number of permissions this app requires is too damn high!

couldn't you just cane them?

found on thechive

if all you're trying to do is protect your lawn, this is probably overkill.

situational awareness: because you never know...

found on thechive

never forget where you are or what kind of threats might be out there, or you might wind up having your own brown trouser moment.

let 'em squirm

shared on G+ by zdig one (thanks to paul ferguson for bringing it to my attention)

it's funny because it's true

Friday, July 5, 2013

you can trust government

found on the hacker news

just because you can doesn't mean you should, however. their interests are not the same as yours, nor are they necessarily aligned with yours.

just because someone else is doing it doesn't make it OK

found on roflrazzi

now if we can just get morgan freeman to type his name into prism

don't steal me, please

from here (source image one, two, and three)

locking up a wheel doesn't work that well for bikes, i'm not sure why anyone would expect different for a car. sometimes security measures only seem to keep honest people honest.


so apparently you can get past security by pretending to be part of security. great.

much like people dressing up like armoured car personnel when robbing banks, so long as you look the part nobody checks your credentials

the privacy implications of wearables

found on penny arcade

thankfully, unlike assholes, not everyone has glass yet. if you happen to acquire this kind of wearable computing device - don't be a glasshole.

Thursday, July 4, 2013

whatever floats your improvised shield

found on thechive

i just think it's funny to see a conflict between a conventionally armed police force and a bunch of protesters wielding inflatable toys. the cops sure know how to take the air out of their balloons

what we have here is a failure to communicate

tweeted by @areino

and the number one reason we still think of security as failing all the time is... the huge disconnect between the people who know security and the people who make decisions. they delegate responsibility but not authority and expect good things to happen.

obsessive compulsive security

from here (source image)

you really have to wonder, sometimes, who this sort of thing is supposed to stop

Denial of Bicycle attack

found on memebase

i doubt anyone would do that to their own bike, but i could see someone doing it to their enemy's bike

cyber, cyber, cyber... cyber, cyber, cyber...

tweeted by @oncee

some people think cyber is one of the most overused words (is it really a word on it's own and not just a prefix?) in the security jargon lexicon.

Wednesday, July 3, 2013

the authorities are so cute when they're small

found on the metapicture

go head and read that with david attenborough's voice.

you have to do everything right

found on failbook

bobby clearly has a very strong password. unfortunately, that's not enough. you also have to avoid getting tricked into giving your password to others. unfortunately it sometimes seems that when it comes to protecting yourself you have to do everything right.

protection win?

from here (source image)

never underestimate the power of deterrence.

are you team edward?

found on google image search

i admit it, i'm kinda jealous. i had the idea to do this some time ago but never got around to it. now someone has beaten me to it. someone's even making merchandise off of this.
online store item page

i guess the only thing left is for me to write spylight fan fiction. maybe i'll call it "50 fibs each day"

sound like a familiar business model to you?

tweeted by @mortman

in theory, if this were open source then the backdoor would be findable, but that doesn't mean people would actually look for it.

Tuesday, July 2, 2013

nosy or snouty?

found on i can has cheezburger

seems like everyone's sticking their nose in your business these days, or sometimes even their snouts.

maybe that's to pay for any damages

found on thechive

there's dropping the ball, and then there's this. can't get much worse unless he left behind his birth certificate and a note from his mom.

you lift sixteen docs, what do you get?

from here (source image)

thanks to mikko for tweeting this. i don't know who came up with this originally, but i can't help imagining data analysts, filthy from printer toner dust, shoveling reams of documents with this old song playing in the background.