Friday, October 30, 2015

Just Say "Ewww" To Shared Passwords

from here (source image)

If you thought shared passwords were a good idea, just imagine how that would work in the future when real world technology catches up with Hollywood.

Trick Or Treat? A Halloween Home Security Guide



Seems like some valuable advice here about preventing home burglary during the trick-or-treat season and beyond.

Thursday, October 29, 2015

Don't Make It Easy For Others To Dig Up Your Dirt, Kiddies

from here (source image)

Weak cryptography provides a false sense of security. Make sure you use strong crypto instead.

I Saw What You Did Last Night

found on hacknmod

I'm not sure but I think perhaps these surveillance jack-o-lanterns are scarier after the Snowden leaks. On the plus side, now you'll be able to figure out who's taking the "trick" part of "trick or treat" seriously.

And yes, there is still time for you to build one (or more) of these yourself. It's not halloween yet.

Wednesday, October 28, 2015

Your Secrets Can Be Gravely Important, Kiddies

from here (source image)

I figured it was time for some Halloween themed jokes so enjoy the Crypt Keeper making puns about security.

Don't Be A Wiener, Practice Good OpSec

found in the security poster library at security checks matter

I don't know how, after 8 or so years of doing this, I've never encountered this Security Poster Library before, but I think I've discovered a kindred spirit.

Tuesday, October 27, 2015

Is Your Security All Talk

from here
If your company name is TalkTalk, maybe talk is all you really have.

Don't Smudge Our Spy Window

tweeted by @sehnaoui

Thanks to @sehnaoui for tweeting this interesting bit of privacy advice. I'll be honest, though, the only two-way mirror I've ever encountered was conspicuous enough to not need such a technique.

Monday, October 26, 2015

How Not To Be Terrifying

from here (source image)

This could have been an intimidating individual who struck fear into the hearts of ordinary civilians. That is until he struck that pose.

Perhaps we should picture terrorists in this pose in future, to help us resist being terrorized.

Don't Argue With The Man With A Gun

found on funnyjunk


I guess this is the kind of logic you get when you discriminate against applicants whose IQ is too high.

Friday, October 23, 2015

Also Good Against Webcam Peepers

from here (source image)

That's ... not how you normally go incognito online, but it has it's strengths.

Just Keep Hiding, Just Keep Hiding

found on gizmodo

There may not be any security in obscurity, but that doesn't mean obscuring things (or yourself) isn't an effective strategy, because it clearly can be one (as shown in this scene from Ocean Planet).

Thursday, October 22, 2015

In More Ways Than One

from here

I just couldn't pass up the pun about a vulnerability in the Network Time Protocol that allows attackers to set victims' date and time back into the past.

Oh, I'm Just Pruning Our Attack Surface

tweeted by cara marie

Thanks to Cara Marie for tweeting this photo of security before the age of WiFi (even if you cut the power cord you won't stop your employees from connecting to external access points).

Wednesday, October 21, 2015

Not So Clever Girl

from here (source image)

In general, dogs are often good at protecting things in part because we selected for that trait when we developed them from wolves. We also selected for friendliness, however, and sometimes a dog comes along with too much of the latter quality.

Also Keeps Away Data Vampires

posted to facebook by rhett and link

I did some digging around and it turns out the true source of this image (and other related ones you should check out) is this collection of Electronic Folk Remedies by Gemma Correll

Tuesday, October 20, 2015

How We Lose Freedom In The Name Of Security

from here

We've grown accustomed as of late to the use of "terrorism" as way to scare people into accepting fewer freedoms in exchange for questionable advances in security, but before 9/11 this ploy was used a fair bit and it's still just as capable today (if we ever wise up to the terrorism ploy).

Give Me Back My Money!

found on funnyjunk

This is perhaps not the best thing to brag about, even if (or especially if) it's not true.

Monday, October 19, 2015

Nobody Reuses 4 Digit Codes, Right?

from here (source image one and two)

Thanks to Roustem Karimov for tweeting the picture for the Windows 10 Pin Setup page, as well as Jessy Irwin for selecting what seems like the perfect meme response to Microsoft's password lunacy.

Adam Ruins Security



Maybe you saw the airport security sketch, but that was just one part of a larger episode on security (and more specifically security theatre).

Friday, October 16, 2015

Cyber Here, Cyber There, Cyber Cyber Everywhere

from here

Cyberware, cyberthreats, cybercrime, cyberinsurance, cyberintelligence, cyberdefenses, etc...

Are you tired of the word "cyber" infecting everything? Does your version of CREAM stand for "Cyber Rules Everything Around Me"? If so then just sing this little song, over and over again, gradually increasing in volume until the bad man stops saying "cyber".


It's Cybercalifragilisticexpialidocious,
Even though the sound of it is something quite atrocious,
If you say out loud enough you'll give me a psychosis,
Cybercalifragilisticexpialidocious

Because I was afraid to speak about the breach we had,
Our PR team then spun the leak using the latest fad
But then one day I learned their words and spewed them like a hose
The strangest words you ever heard and this is how it goes

Oh Cybercalifragilisticexpialidocious,
Even though the sound of it is something quite atrocious,
If you say out loud enough you'll give me a psychosis,
Cybercalifragilisticexpialidocious


He traveled all around the world and everywhere he went,
He used his word and all would say "His brain's got space for rent",
When presidents and generals require advice from me,
I say my special word and then they pay me a huge fee

Oh Cybercalifragilisticexpialidocious,
Even though the sound of it is something quite atrocious,
If you say out loud enough you'll give me a psychosis,
Cybercalifragilisticexpialidocious

You know you can say it backwards and summon a two headed hybrid of Bruce Schneier and Marcus Ranum,
But that's going a bit far, don't you think?


So when the cat's out of the bag there's no need for dismay,
Just summon up this word and maybe sprinkle in "0-day",
But better use it carefully as misuses are rife,
For example (Yes?)
One day I said it to a pro and now we're foes for life,
Ow! And they made some wonderful points too

It's Cybercalifragilisticexpialidocious!
Cybercalifragilisticexpialidocious!
Cybercalifragilisticexpialidocious!
Cybercalifragilisticexpialidocious!


Of course this is a parody of a Mary Poppins song

There Is No Cloud (sticker)

found on sticker mule

Thanks to Chris Watterston for turning the "There Is No Cloud" meme into this great looking sticker that you can buy and (I assume) stick to your laptop.

Thursday, October 15, 2015

What The TSA Doesn't Know Can't Hurt Us

from here

Hopefully nobody tells the TSA that the human body contains more than the 3 ounces of liquid they allow you to carry on board, or air travel will grind to a halt.

What? No Disinfectant?

found on izismile

Have you ever had a computer that was so messed up that you didn't even want to touch it so you hosed it down instead? Maybe you should exercise more control over where your computer goes, then.

Wednesday, October 14, 2015

I’ll Be Right There After I Chain Up My Jeep

from here (source image)

Chains don't even do that good a job at protecting bikes. I'm not sure what this Jeep owner is expecting.

Just Don't Put Your Porn There

found on google image search

When disaster strikes, it really can be a saviour, and you might even thank god.

Tuesday, October 13, 2015

What Were You Saying About The Death Of Antivirus?

from here

A lot of people won't be happy to hear this but the fact is that if some chunk of data defines how to recognize a malicious thing, that chunk of data is a signature, and anything that uses chunks of data to recognize malicious things is for all intents and purposes an antivirus. You can't denigrate AV in one breath and then accept IOCs in the next without being a hypocrite.

Isn't It About Time This Changed?

found on the fredo & pid'jin webcomic

How ticked off do we have to get before this absurdity ends? Can we start focusing on actual threats instead of ridiculous terrorist/boogeyman hysteria, please?

(Do check out the webcomic, though, it's quite good)

Monday, October 12, 2015

TLS Is The New Hotness Now

from here

If you're still talking about SSL now that all versions of SSL are essentially deprecated, you should stop.

The Truth, Motherf*cker! Can You Admit It?

tweeted by Tony Arcieri

Thanks to Tony Arcieri for tweeting what we all feel when companies try to placate us with hollow sentiments that bear no similarity to how they actually act.

Friday, October 9, 2015

I Could Easily Find Out What's In There But I Don't Think I Want To

from here (source image)

Maybe it's just used as a latch instead of a lock? Maybe? Or maybe our intrepid photographer was lucky to get away.

Windows Update Insomnia

found on the accordingtodevin tumblr

Make sure to check out Devin's other cartoons on his tumblr

Thursday, October 8, 2015

Won't Be Telling You My Secrets Anytime Soon

from here (source image)

Did no one think maybe it wasn't a good idea to point the way to the secret nuclear bunker?

Need To Beef Up That Password

tweeted by @ItsAndyRyan

Thanks to @ItsAndyRyan for tweeting this delicious password joke

Wednesday, October 7, 2015

Do You Even Know What A Woman Looks Like?

from here (source article)

If you're going to disguise yourself as a woman, you might want to shave.

Bathroom Privacy, What's That?

found on the meta picture

Now the ladies can get a feeling for what it's like for men trying to use urinals.

Tuesday, October 6, 2015

You Know Security Is Backwards When...

from here (source image)

What kind of a world do we live in if guns are a viable container for smuggling candy bars?

Dear Site Operators...

found on memegenerator

If you're going to use HTTPS on your site, get your certificate from a reputable CA and make sure you don't let it expire.

Monday, October 5, 2015

This Is The Way To Never Improve

from here

This is the way to never improve,
Never improve,
Never improve,
This is the way to never improve,
Your security posture.

This House Is Monitored By The FBI

posted on reddit by UrbanToreador

I'm not so sure making yourself look like a terror suspect is going to prevent burglaries or result in burglars getting arrested sooner, but I would tend to expect many uncomfortable interviews with the authorities.

Friday, October 2, 2015

Camouflage Fail

from here (source image)

Thanks to the Madera Police Department for posting this mugshot and hilarious arrest story on their Facebook page. The guy literally spray painted his face black in hopes that police wouldn't notice him.

Too Much?

found on google image search

Normally I would have a hard time making a case for their being any such thing as taking privacy too seriously, but this... this sacrifices situational awareness for privacy. I'm not sure that's a healthy trade-off.

Thursday, October 1, 2015

But I LIKE Describing The Attack Technique Over And Over Again

from here

It never ceases to amaze me how people who are perfectly comfortable using terms like spam or virus or man-in-the-middle will still resort to describing pharming instead of just using the term pharming. It's almost as if they'd never heard of the word before. Next thing you know people will forget what BACN is.

Easier Done Than Understood

tweeted by @MalwareMustDie

Thanks to @MalwareMustDie for creating and tweeting this comic depicting a basic fact of life about being a script kiddie: Copy-n-paste requires no skill or insight - a trained monkey can do it.