Thursday, July 31, 2014

That's Some Prehistoric Snake-Oil, Right There

from here

I'll never understand what the allure is supposed to be considering how awful the military's infosec track record is.

How Not To Stand Guard

found on the meta picture

The original caption for this was "An Awesome Guard" but on second thought, perhaps a guard that prone to "Monkey see, monkey do" isn't that great after all. Seems like he's too easily distracted to actually keep the area secure.

Wednesday, July 30, 2014

Your Expectations Are Too Damn High

from here (source image)

This comic about Keith Alexander was inspired by David Auerbach.

Are You Qualified For The Position?

tweeted by Swati Khandelwal

Thanks to Swati Khandelwal for tweeting this (hopefully) tall tale. This could get you a job or jail.

Tuesday, July 29, 2014

The Problem With Being Able To See Too Much

from here (source image)

I wonder if privacy starts to lose meaning to system administrators too.

If There Were No Guns The World Would Be Way Better

found on memebase

I think the world would be a much better place if there were no exploits. Then we could finally focus on the important things, like dumpster diving, and how to pick a lock with a hair pin.

Monday, July 28, 2014

On The Internet Of Things Nothing Will Be Up To Date

from here

You think people will be anymore conscientious about updating their refrigerators than they are about updating their word processors?

Privacy Monitor

The actual instructions for this can be found on Instructables. I'm surprised I haven't heard of anyone doing this to a laptop screen so that they can enjoy watching porn on airplanes. Although, if you're a road warrior, this could also help avoid shoulder surfers from seeing confidential info too.

Friday, July 25, 2014

Better Not Be Storing Passwords In Plaintext Form

from here
If your bank is enforcing simplicity requirements instead of complexity requirements, maybe you should find a safer bank.

Don't Call It A Pentest

tweeted by Steven Maske

Thanks to Steven Maske for tweeting this comic about the gross misunderstanding about relationship between a vulnerability scan and a penetration test - hint: it's like the difference between signing your name with an X and writing a Shakespearean sonnet.

Thursday, July 24, 2014

"Military Grade": The True Story Of Agent.BTZ

from here and here

Obviously, "Military Grade" doesn't mean what you think it means.

Scared Of Webcam Hackers?

link to tweet

Thanks to Maarten Boone for tweeting this visual gag and caption. I'd probably just put something over the webcam, but that's me.

Wednesday, July 23, 2014

They Don't Call Them Security Suites For Nothing

from here

When all you have is a hammer, everything looks like a nail. So what do people have that makes them think all AV looks like a signature-based scanner?

How To Deal With A Computer Virus

tweeted by Heather Brooke

Thanks to Heather Brooke for tweeting this photo of a security advice column parody appearing in a print publication.

Tuesday, July 22, 2014

The Post-It Note Password Fail Is Passé

from here

In this day of ubiquitous photography and videography, a lowly post-it note on it's own where few people will ever really see it can't hold a candle to password fails that get broadcast on international television or plastered all over the Internet.

What Is Two Factor Authentication?

tweeted by Eugene Kaspersky

Thanks to Eugene Kaspersky for tweeting this cartoon demonstrating one of the rarer forms (since it doesn't include a password) of two factor authentication comprised of both token-based authentication (at least 2 different kinds) and biometric authentication (seemingly 4 different kinds, including dental authentication? wow).

Monday, July 21, 2014

Some Perks Are Perkier Than Others

from here

Are the NSA's nudes any better than the stuff that's already all over the internet? How?

Since When Is This OK?

found on the meta picture

Gosh. Women don't actually need privacy when they're trying on bras in the change rooms, do they?

Friday, July 18, 2014

What Do You Expect When They're Screwing Us?

from here (source image)

Apparently getting access to the world's largest repository of revenge porn is a fringe benefit of working for the NSA.

The Internet Can't Keep A Secret

tweeted by @Brillian_Ads

Thanks to @Brilliant_Ads for tweeting this brilliant ad promoting privacy. The text on the side reads "The Internet can't keep a secret. Keep your privacy offline".

Thursday, July 17, 2014

Security Research: Fun For The Whole Family

from here

Why do infosec pros complain about doing family tech support again?

Expect A Lot Of Clicking

tweeted by Isabel Forkin

Thanks to Isabel Forkin for tweeting this photo, and thanks to the person who made/wore this punny t-shirt about penetration testers.

Wednesday, July 16, 2014

Don't Write Cheques That Your Ass Can't Cash

from here

Silly Trustwave. Snake oil is for snakes.

Low Tech Anti Face Rec

tweeted by @Cryptotraveler

Thanks to @Cryptotraveler for tweeting this demonstration of the weakness of facial recognition systems. This might draw a bit too much attention if you're really trying to hide from FRS, though.

Tuesday, July 15, 2014

How To Throw Yourself To The Internet Wolves

from here

This is apparently what a journalist with the Wall Street Journal did. I'm dubbing this 2MFA, or Too Many Factors Authentication - where the hype about 2FA (two factor authentication) actually gets so intense that it generates enough of a false sense of security for people to feel like they can afford to throw some of their security away.

The Computer Gods Accept Your Password Offering

tweeted by Rik Ferguson

Thanks to Rik Ferguson for tweeting this ecard about the absurdity of modern password policies.

Monday, July 14, 2014

Indicator Light? We Don't Need No Indicator Light

from here

And the creepy folks who do this without the indicator light coming on? The government.

No Innovation For You!

link to tweet

Thanks to Mike Foley for sharing this joke he overheard.

Friday, July 11, 2014

Infosec Chicken Little Rides Again

from here

Thanks to Pete Lindstrom for the inspiration behind this comment on all those security experts wringing their hands about us 'losing the war' against the bad guys.

No One Stands A Chance Against The Washington Drones

produce page

This Conservative Outfitters design is brilliant. Wish I'd thought of it. Also, I want one.

Thursday, July 10, 2014

My Logins Bring All The CSIRTs To The Yard

from here

Do you test every web-form you see?

When The NSA Is Pro-Privacy

tweeted by @GenOppFL

Thanks to @GenOppFL for tweeting this comic about how the NSA feels about being watched.

Wednesday, July 9, 2014

Old Nags

from here (source image)

Sometimes you just have to use the tools available to you when dealing with an opponent. If that happens to be a gift for being annoying, then so be it. Even nagging can be bad ass if you do it right.

Dispatch, I Need Backup!

Sometimes backup doesn't mean copies of data, but it almost always means some kind of redundancy, like additional police officers. And sometimes that's not sufficient on it's own to get the job done.

Tuesday, July 8, 2014

Bet They Close The Door When They Poop, Too

from here

I've often wondered why the people who defend intrusions into our privacy bother getting dressed in the morning. What are they trying to hide?

Don't Mooove

found on i can has cheezburger

I suppose (?) securing your cow like it was a bike makes sense. It's just so weird though.

Monday, July 7, 2014

And The NSA Gets A New Innocent Target

from here

Apparently, if you use Tor or Tails (or even just search the web for them), the NSA takes extra special interest in you. So save your friends the hassle associated with searching for those tools and just share this page with them.

Torrorist merchandise

product page

Well there's a missed opportunity. Here I was making jokes about how if you used Tails the torrorists win, but I never thought to put the word torrorist on a t-shirt. These guys did, though, and they say they'll donate the proceeds to the Tor project.

Friday, July 4, 2014

Just Try To Avoid Splinters

from here (source image)

That's a warning sign that isn't going to deter anybody.

Well, You're Not Wrong...

found on memebase

Normally we compare machines to ourselves, but the other way around works too.

Thursday, July 3, 2014

If you think the Linux Journal is an extremist forum...

If you think the Linux Journal is an extremist forum, you might be a national security idiot


Almost a Victory for Privacy in the USA

found on memebase

It's hard to get excited about some of the victories we see when stuff like this is still going on.

Wednesday, July 2, 2014

Lets Make Our Own OpenSSL

link to tweet

We aren't at 10 yet, but with LibreSSL and now BoringSSL, we're getting there.

And yes, that is supposed to be a parody of a famous nursery rhyme

The Gunfighter (And The Evil Narrator)

This is an example of how we can lose our autonomy to a person or organization that knows too much about us. It's kind of scary how they can abuse that knowledge to manipulate us and the people around us, isn't it?.

Good thing we never hear about that happening in real life, right Facebook?

Tuesday, July 1, 2014

Thanks For Sharing

from here (source image)

Under the circumstances, perhaps we should all show a little more restraint in what we share online.

R$A: $ure, You Can Trust Us

tweeted by Mark Stanislav

Thanks to Mark Stanislav for tweeting a picture of what looks like either a card or sticker of some sort, referencing RSA's apparent deal to weaken encryption in return for money.