Tuesday, June 30, 2015

Lazy Security Vendors Make Life More Complicated

from here

Inspired by the trials and tribulations Didier Stevens has to go through to make a tool capable of introducing the EICAR Standard Antivirus Test File onto systems for testing without getting blocked by security products elsewhere (like at the gateway or the IT admin's own desktop).

This shouldn't be difficult. It shouldn't require a special program at all, never mind rewriting the program to stay ahead of security tools, because the original specification stated that a file had to start with those special 68 bytes in order to be considered the test file. Anything else, including the EICAR web page I linked to, should be able to pass through security products unhindered precisely so that the test file can be easily transported to the systems that need testing. I mean, it was even designed so that you could fax it or read it out over the phone, for crying out loud.

I can only imagine how Padgett Peterson must feel at seeing his efforts to make the test file easy to use wasted by lazy security vendors. Thanks to Didier for the effort in trying to reclaim some of that ease of use.

Surveillance Kitty Has It's Eye On You

found on i can has cheezburger

Geez, at least the surveillance camera doesn't look like it's judging you.

Monday, June 29, 2015

Time To Lunch An Attack

from here (source image)

When you hide cryptographic key stealing hardware inside a flatbread, the jokes just write themselves.

Even Dogs Are Getting In On The Racial Profiling

found on the meta picture

I gather that police dogs actually can pick up the racial biases of their handlers, just as children can learn to be racist from their parents. I wonder if those dogs can pass it on to their puppies.

Friday, June 26, 2015

Other People Already Know The True Answers

from here

My mother's maiden name is watermelon and my favourite colour is 3.14.

This Type Of Deadbolt Is Not Safe

found on the meta picture

And now you know not to trust this type of security mechanism.

Thursday, June 25, 2015

You Deserve Better (Security)

from here (source image)

Hey, we all forget passwords. No need to beat yourself up over it.

8 Legged Threat

found on fail blog

Never underestimate your adversary, or you’ll wind up getting an unwelcome surprise.

Wednesday, June 24, 2015

Spy Dentures

from here (source image)

Thanks to @vanessa_amaya for tweeting an image of what could just be the next big thing in data smuggling.

Cool Iron Lock

found on the meta picture

Now there’s a cool lock. Imagine trying to pick that. You’d probably have to build new tools just to pick it. On the other hand, the slots in the key makes me think some parts of this lock are incredibly thin and could easily fail or simply be yanked out the keyway.

Tuesday, June 23, 2015

Probably Not The Fairy Tale She Was Expecting For Prom

from here (source image)

I'm not a lady so I wouldn't know for sure, but my gut tells me that if a girl is feeling a little bit nervous, showing up in a tank-limo is not going to put her mind at ease. It seems like he's overcompensating for something, and by the way - how long until he tries to 'storm the gates'?

Dog Vs. Cop Car

I get so used to hearing about police officers shooting anything that gets in their way, it's nice to hear about when they actually use restraint.

Monday, June 22, 2015

You Can't Make Bucks If You Keep Passing The Buck

from here

I have very little sympathy for content providers who won't take responsibility for the 3rd party advertising content they place on their own site. Either work with the ad-blocker companies to figure out ways to deliver ads safely or STFU.

Protection From The Cold

found on the meta picture

If you're crafty, I'm sure that you too could protect your feet from the cold.

Friday, June 19, 2015

But Call Them Front Doors Or People Will Get Upset

from here

Not that anyone in the security community is fooled by the whole "front door" thing, but I imagine the average person might be.

You Need To Cover Your Tracks Better Than This Guy

found on the meta picture

I mean really, who is that supposed to fool, the legally blind? Certainly not a literal or figurative big brother.

Thursday, June 18, 2015

Do You Think They'll Cop To It?

from here (source image)

Obviously the hose does not belong to the driver of that police car, and chances are if they didn't remember to pull out the hose then they didn't remember to pay for the gas either. Also, if they didn't notice when they ripped the hose off of the gas pump, you have to wonder how they manage to notice other crimes going on around them as they're patrolling.

Kangaroo Vs Drone

If you don't like getting spied on then guess what? That may be an entirely natural reaction, because it doesn't seem as though wildlife likes it either.

Wednesday, June 17, 2015

Encrypt All The Things (merchandise)

Encrypt All The Things @ CafePress 

Encrypt All The Things @ Zazzle

Due to some positive feedback I got with respect to the Encrypt All The Things comic I decided to make it into something people could wear or carry around or drink out of or have stuck to things. They're set to the minimum possible mark-up for CafePress and Zazzle (0% and 5% respectively).

And just in case both stores kill the products, you can get both the PNG file and the XCF file (for use in GIMP) by following this link. Alternatively, you can get something printed at the store of your choosing if you know of a cheaper place, or you can remix it and make your own design.

Who Protects YOU?

found on the meta picture

While it may be a bit of an exaggeration, the kernel of truth is that not everyone you think is there to protect you and look out for your interests actually is. As a result, a certain degree of self-reliance may be called for.

Tuesday, June 16, 2015

Honest Caller ID

from here (source image)

Thanks to NovaNation21 for posting the original honest caller ID image on reddit. There's a school of thought that says spammers send ridiculously bad spam emails in order to weed out people who might see through the ruse and waste their time or report them. It's a way of making sure you're dealing only with the most gullible recipients. Perhaps this caller ID is honest for the same purpose.

Snowden Makes A Great Point

found on memebase

Ok, so it's not quite as powerful as John Oliver prompting him to admit that the NSA is storing pictures of people's genitalia, but linking the right to privacy and freedom of speech together in this way still sends a powerful message.

Monday, June 15, 2015

Stick To Detecting Malware And Leave The Keygens To Me

from here

I understand why AV companies detect cracks and keygens as potentially unwanted programs but they really aren't serving home user interests by doing so. The entire "potentially unwanted application" classification seems designed to help enterprises protect themselves from liability. One wonders, then, why that feature isn't exclusive to the enterprise AV products.

A Bad Day To Be Working In Airport Security

found on the meta picture

It's bad enough when you fail almost every test that's given to you, but then to have those failures broadcast so that everyone around you knows about it - that's a recipe for a very bad day in the TSA. I'll bet the security theatre performers took out more frustrations than usual that day.

Friday, June 12, 2015

A Satoshi For Your Thoughts

from here

Bitcoin had such promise once upon a time, but now I'm not so sure. It's not actually anonymous, the value has dropped tremendously, it's questionable whether it's even profitable for home users to try to mine it, and it's starting to become synonymous with illicit activities like fraud, money laundering, and the online drug trade.

Passwords Aren't Just For Your Online Accounts

found on the meta picture

I wonder how much paper and ink this guy has wasted with this prank. The ink is probably the bigger issue since printer ink is, ounce for ounce, one of the most expensive substances known to man.

Thursday, June 11, 2015

Might As Well Hand It To Them On A Silver Platter

from here

There's something strangely ridiculous about sophisticated, state-sponsored attackers using malware against an anti-malware company. You'd think they'd know better, wouldn't you? They eventually got caught. They will always get caught. Malware can't remain hidden forever, especially on an anti-malware vendor's own network.

If It Fits, Guard Cat Sits

found on the fail blog

I guess there really isn't a cat big enough for that box to fit, so it's up to regular security guards to man that checkpoint (but if they should dress up in furry cat suits I'm sure the internet would appreciate it).

Wednesday, June 10, 2015

Account Recovery Vs. Emotional Recovery

from here (source image)

Thanks to @JamieDMJ for tweeting the screenshot of the security questions for what may or may not be a real service (it's a shame the "Saddest Pixar moment?" option at the end got chopped off by demotivational poster builder).

Take My Passwords, Please

found on the meta picture

This seems like the perfect keyboard for when you want to shoulder-sure someone and steal their passwords. Frankly, passwords are pretty much the only thing that don't show what you're typing right on the screen so I can't help but think this was actually intended for passwords.

Tuesday, June 9, 2015

Does This Login Page Look Funny To You?

from here (source image)

Thanks to Conrad Longmore for tweeting the original screenshot and posting an analysis of the campaign on his blog.

CEO Takes A Bullet To Demonstrate Protective Product

I guess when you need to protect your junk from gunfire, this is what you should use?

I dunno. I wanna protect my private parts as much as the next guy, but I tend to think I'd be better off avoiding getting shot in the first place.

Monday, June 8, 2015

I Wonder If I Could Get An Allowance

from here

If Facebook produced us then shouldn't they be obligated to pay child support or something?

Peek-a-boo Bathroom Doors?

found on the meta picture

It's a very neat feature, but I'm not sure it's the best idea for a bathroom door (based on the filename). What happens when this very neat feature breaks down? Ooops!.

Friday, June 5, 2015

Lady, That's Too Much Information For This Bus Ride

from here

I don't know why people discuss sensitive personal topics in public while surrounded by strangers, but I for one would prefer to not ride on the TMI bus where hook-ups, medical conditions, and banking passwords are broadcast for everyone to hear.

Cat Vs Alligator?

found on the meta picture

It's crazy enough seeing a cat scare off a bear, but a gator too? Who needs guard dogs when cats can do this?

Thursday, June 4, 2015

Who Wants To See Their Money Go On A Camping Trip?

from here (source image)

Thanks to Steven Maske for tweeting an image of a very suspicious looking ATM enclosure. Not only is it not securely embedded in a building like you see in banks, but it's not even clear who's responsible for it (ATMs in convenience stores may not be securely fastened to anything but at least you know who's responsible for them if something goes wrong).

Using The ATM Securely

found on the chive

Who knows, if you block out enough light, maybe you'll even stop hidden cameras from recording the PIN.

Wednesday, June 3, 2015

Better Check That Toddler For Guns And Explosives

from here

Considering the fact that the TSA advertises job openings on pizza boxes, this spectacular set of failures isn't all that surprising.

(The photo is just something that comes up when you search cheezburger for "TSA", by the way)

"Special" Forces

found on the meta picture

Place your trust in the authorities. They know what they're doing.</sarcasm>

Tuesday, June 2, 2015

The Birds And The Bees Never Covered This Part

from here and here

The saying "If you're not paying for it, you're the product" has some strange implications that I don't think people have completely thought through.

Did Facebook produce you? Did they produce me? No, I'm pretty sure our respective parents are responsible for that. Likewise, I'm pretty sure we aren't owned, and so that ownership can't change hands as a result of Facebook's business dealings.

It might be more accurate to think of us as resources that Facebook harvests. Like an orange juice company harvests oranges from orange trees, Facebook harvests our data.

Attacks Only Get Better Over Time

found on i can has cheezburger

We must always be improving our defenses because attackers keep on improving their attacks.

Monday, June 1, 2015

If By "Things" You Mean The NSA Then Yes

from here

Hard to believe in this day and age, with all the advances that have been made in computer power, people still think performance is a reasonable excuse for not encrypting things.

Ninja Stairs Expertly Blend Into Their Surroundings So They Can Sneak Up And Kill You

found on the meta picture

When things aren't plainly visible (whether it's steps in a staircase or file extensions on a computer) errors in judgement are inevitable.