Monday, September 30, 2013

how is this news?

from here (source image)

thanks to ryan naraine for tweeting this absurd 'news'paper headline (and for the title). of course the government is examining your social network data. we heard about them gathering data from facebook months ago. that was part of the whole prism brouhaha. then there's the phone metadata whose primary utility is in mapping social connections.

so you want to quit facebook?

see more hipster robot webcomics and pixel t-shirts

oh, facebook, why can't i quit you? oh, right, because you track me all over the internet even when i'm not logged in or have never made an account.

(edited to add: apparently rstevens' hotlink code links to his site but not this exact comic. here's the link)

Friday, September 27, 2013

it's the end of security as we know it

from here

it's the end of security as we know it, and i feel fine.

when the government talks of NSA oversight

tweeted by Koen Rouwhorst

Thursday, September 26, 2013

for extra-lawful intimate knowledge

from here (source image)

intimate knowledge is not the same as intimacy, clearly.

i wonder how the first lady feels about all the unwanted attention the president is giving other people.

XKCD on privacy

found on XKCD

that seems to be a pretty good list of the different sorts of opinions people have about privacy, but it's missing an important one: the one that sees privacy as an essential defense against the subversion of free will.

Wednesday, September 25, 2013

you're a keen one, mr. lynch

from here (source image)

i doubt you could actually swing that sword properly inside a normal home, but i'm sure if some pesky kids did break into his home and saw that then they'd never do it again. it doesn't need to be effective at cutting so long as it's effective at deterring.

chris the crafty cockney

fictional as this may be, part of the humour is in how true it is. while i don't think a thief would admit to it so readily, it's amazing how many signs people will actually overlook when it comes to placing trust in complete strangers.

Tuesday, September 24, 2013

where's that farm yard smell coming from?

from here (source image)

if you can't even tell the difference between a dog and a goat, i don't want to know what you think qualifies as security.

trust no one

found on fail blog

trust is such a hard problem. it seems like collectively we are always putting our trust in the wrong people. the safest bet would be to not trust anyone, but is that feasible? maybe we should just cut back on the trusting instead.

Monday, September 23, 2013

biometric guards

from here (source image)

it's no secret that fingerprints aren't secret. we leave them on everything we touch. as fingerprint biometrics become more and more common (and as they continue to fail to prevent attacks like these) there really will be an incentive to adopt the above adaptation - and i don't think i need to tell you what kind of an impact that will have on law enforcement when nobody leaves fingerprints behind anymore.

well, that didn't take long

well, it didn't take long for someone (in this case the chaos computer club) to defeat the fingerprint security in the new iphone 5s (using relatively easy to find or even household items). i guess someone is going to take home a nice crowd-sourced bounty from the istouchidhackedyet contest.

Friday, September 20, 2013

help, i've fallen and i can't get away from the cops

from here (source article)
clearly he didn't think through the whole "getaway" part of being a thief.

you can be anything

found on fail blog

thanks to steven maske for tweeting this clever twist on what one might have expected to be an inspirational phrase.

Thursday, September 19, 2013

the great firewall of cameron

from here (source article)

who cares if censorship is both doomed to failure and morally repugnant, won't you please think of the children? except when you're horny, because we don't want to promote that, but we won't let you at what you ought to be thinking about when you're horny because you're supposed to be thinking of the children.

oh the irony.

arming toddlers: what could possibly go wrong?

found on the daily what

kind of an interesting (and scary) statistic, but apparently toddlers have killed more people than terrorists have this year. with pictures like the one above, i'm not at all surprised.

who'd have thought that that zero tolerance nonsense in schools was actually more reasonable than most terror-related security theatre?

Wednesday, September 18, 2013

cry goatse and let slip the tubgirls of war

from here

thanks to annalee newitz for the inspiration (that's my story and i'm sticking to it)

(see cyber, sword fight, peen, lemon party, goatse, and tubgirl if you're unfamiliar with any of these terms)

the snooper's curse

posted on google+ by mathew murphy

as terrible as spying on one's own citizens is, a very small part of me does feel sorry for the people who wind up seeing the really nasty stuff that's out there. some things just cannot be unseen.

ah, what am i saying? the NSA and 4chan deserve each other.

Tuesday, September 17, 2013

cloud security dinosaur

from here

right, because just holding on to the keys is what makes it secure.

in this day and age, would you really trust a cloud-based service provider to not offer you encryption that had already been back-doored for an intelligence agency? you really ought to be doing your own crypto.

and the sad thing is, most providers actually regard the captioned strategy as an improvement.

run the company, forest, run the company!

tweeted by @Holocryptic

can people be this stupid? yes, yes they can.

can they get to be management? yes, that too.

is it any wonder the sorry state enterprise security is in when this is the quality of decision makers some folks have to work with? no.

Monday, September 16, 2013

every defense has a weakness

from here (source image)

every defense has a weakness, so don't get complacent.

sugar and spice and defeating biometrics

found on memebase

i'm sure we all feel more secure, now that apple is implementing a security feature that can apparently be defeated by 5 year old little girls.

Friday, September 13, 2013

'exercise' your rights

from here (source image)

your mileage may vary, of course. in canada we apparently arrest you if you blow bubbles, so i'm not sure what's pictured above would qualify as peaceful assembly.

the only secure password is the one you can't remember

the only secure password is the one you can't remember
just borrowing the title of troy hunt's blog post because i think it would make an excellent security catch phrase, and because i can't agree with it enough.

Thursday, September 12, 2013

situational oblivion

from here (source image)

it's amazing sometimes how people overlook the obvious ways they can protect themselves.

privacy is prohibited

found on

now, i'm not saying companies actually go this far, but giving up some elements of privacy (especially if you're an office worker who uses a computer) does seem to be the norm.

Wednesday, September 11, 2013

giving new meaning to the word hacker

from here (source image one and two)

i don't know if it will work or not, but i'm pretty sure somebody is going to try.

how to open a safe with a potato

posted to twitter by Tomi Tuominen

ah the potato, one of nature's most useful foods. sometimes i wonder if there's anything it can't do.

Tuesday, September 10, 2013

biometrics' dirty little secret

from here (source image)

just remember - the easier it is to collect the biometric info, the easier it is to collect enough info to create a forgery.

yet another reason privacy is important

found on cheezburger

i wonder if the wings are part of the learned behaviour.

Monday, September 9, 2013

i can haz ride home?

from here (source image)

some people do bad things, and some of them fail spectacularly. i feel safer knowing this driver is off the road.

you would cry too

found on very demotivational

somehow we trust people, whether we ought to or not, just because they're wearing the right uniform

Friday, September 6, 2013

thanks for nothing, NSA

from here

hard to believe the news about the NSA could get much worse, but it did.

and i learned a new word today: kleptography

do you feel violated?

we really ought to rethink whether what we're getting is worth the price of what we're giving up when we trade our privacy for services

Thursday, September 5, 2013

you have to be this gullible to go on this ride

from here (source image)

do you trust the guy at the wheel? how about the next guy and the guy after that?

see how useful spying can be

posted on google+ by elmar selbach

i was sure i'd seen (and maybe even posted) this before but i can't seem to find it.

Wednesday, September 4, 2013

physical security patches

from here (source image)

incredible threats indeed

posted to google+ by george baleta

Tuesday, September 3, 2013

if you think a non-disclosure agreement...

if you think a non-disclosure agreement is an appropriate way to deal with a shared-computer logon vulnerability, you might be a security idiot

"Hello, NSA" by Roy Zimmerman

i found this on boing boing's forums. i thought it was funnier than the video the main boing boing article was about.

Monday, September 2, 2013

not above the law

from here (source image)

sometimes it may seem like the authorities are above the laws they enforce. it's a good thing some laws can be enforced without them.

some protective measures seem questionable at best

found on failblog

when people say "won't someone think of the children" this is not what they meant.