Monday, October 31, 2016


from here

I wonder if anyone in the InfoSec community is planning on dressing up as a botted PC for Halloween.

Halloween Security System Prank

Watch on YouTube

This seems like an excellent way to deal with unwanted door-to-door marketers. I'm not so sure about it as a Halloween idea, however, since it's going to be kind of difficult to open the door and give kids candy when your head is stuck in the door.

Friday, October 28, 2016

At Least It's Not A Water Bottle

from here

Of course, that particular phone is no longer allowed on flights, but other phones (made out of essentially the same materials as the Galaxy Note 7) are still allowed on flights and water bottles are still not.

That Face When Your Guard Dog Doesn't Want To Be There

found on Izismile

I don't know about you but I would not be deterred by this dog (that I kinda want to call Scooter).

Thursday, October 27, 2016

Use All The Buzzwords!

from here

Do the folks at Tripwire know something I don't? It's possible, of course, but the more probable explanation is that they don't care about using the right terminology. It happens a lot in the security industry. It's a little bit like a mechanic who calls your gear shift the parking brake, and it's just as difficult to take them seriously when they do.

Seasonal Self Defense

found on Reddit

It seems like everyone wants to cash in on the fall season, however this particular example seems like it would be easy to lose in a pumpkin patch so caveat emptor.

Actually, I couldn't find a corresponding product page for this so I suppose technically there's no need for the buyer to beware.

Wednesday, October 26, 2016

Substitution Won't Be Much Better

from here

Somehow I don't think encrypting folks is going to be an effective way to protect them.

Just Keep Driving, Just Keep Driving

found on Ebaum's World

Considering the current problems with creepy clowns, I'd suggest you not pull over at this motel. It's a risk that's probably best avoided.

Tuesday, October 25, 2016

Wait A Minute, That's Cheating

from here

Y'know, I'm pretty sure when we were promised computers that were as easy to use as kitchen appliances, the idea was that computers would get easier, not appliances getting harder.

Overly Attached Fashion Accessories

found on Imgur

It's one thing to put a pedometer into shoes in order to track how many steps you take, but you don't need Google Maps for that. Google Maps integration is what you need in order to track where the steps take you.

Monday, October 24, 2016

Who DDoSes A DNS Provider?

from here and here

In reality there's a very big difference between taking down the entire Internet and taking down just part of it. There are all sorts of ways to monetize the latter. Nobody seems to want to draw that distinction, however, and if you are the one booted off the Internet, does it really matter that someone on the other side of the globe can still get online?

Whitney Avalon: Why I Love The New Facebook Timeline

Watch on YouTube

Wow, that's a creepy poem. Creepy but true. Do you know what's on your timeline?

Friday, October 21, 2016

What Does The Government Think Front Doors Are For?

from here

You just know it won't be long before the government starts asking for "front doors" again. Those bad ideas never go away for good, they just take a vacation until the government can find more favourable circumstances. Someone ought to explain to them what front doors really are and make them own up to actually wanting back doors.

When The Shoe Is On The Other Foot

found on Imgur

Those who would take away our privacy really should have to experience the same thing for themselves.

Thursday, October 20, 2016

Oh Security Vendors, You So Silly

from here

I don't know what the vendors at SECTor were thinking, but that's definitely what they were doing.

People Shouldn't Have To Stand For This Behaviour

found on Imgur

Pretty sure someone dumb enough to make such a request isn't going to find actual terrorists any time soon.

Wednesday, October 19, 2016

It's Not In Mint Condition Anymore

from here

Inspired by a story so bizarre it must be true. A worker at the Canadian Mint apparently smuggled several buttloads of gold out of the facility.

Does Whatever A Barrier Can

found on Droll Nation

When you were growing up, did anyone ever tell you that you made a better door than window? Well this guy seems to have really taken it to heart. I'm not sure how many people he could stop, but I'm sure he could stop some

Tuesday, October 18, 2016

You Can't Just Encrypt All Your Troubles Away

from here (source image)

Encryption doesn't stop SQL injection or cross site scripting. It doesn't stop malware or phishing. It's a rotten way to protect passwords. Encrypting things doesn't make all your security worries vanish, it's just one of the tools you need in your security toolbox.

For When You Want To Be Invisible At A Strip Club

found on Funny Junk

The idea behind camouflage is supposed to be that it allows one to blend into one's surroundings, so the pattern is supposed to resemble those surroundings somehow. This pattern, however, ....

Monday, October 17, 2016

Most Revealing Used File List

from here

Y'know, you could do worse than restricting your porn browsing to a virtual machine, but you might want to find a way to keep that VM from being recorded in the most recently used file list.

Do You Really Have A Private Life Online?

Watch on YouTube

It's almost as if having a lot of friends works against you as far as privacy goes. Each one of them is a potential privacy breach waiting to happen. Of course, some social networking sites (like Facebook) give you the ability to be even more selective about who can see what. You can specify exactly who you share with, or you can even create a list of the people you really, really trust. Even so, some things are probably best shared OFFLINE.

Friday, October 14, 2016

Let's See You Decrypt Deleted Or Overwritten Files

from here

It's a shame security companies are more interested in giving customer what they want instead of what they need. Decryption doesn't even cover all the ransomware possibilities, never mind the possibilities outside of ransomware.

Half Baked Defenses?

found on Daily LOL Pics

Better stick a fork in whoever did this, I'm pretty sure they're done. On the other hand, this probably would block radio signals (unless the transmitter's antenna was connected to the foil).

Thursday, October 13, 2016

Hello Smart Bulb Update, My Old Friend

from here

When they sold us the idea that computers should be as easy to use as a toaster, I think we all expected that meant computers would be made easy, not that toasters would be made more complicated by adding computers to them.

Opening A Locked Hotel Door With A Credit Card

Watch on YouTube

It's not just that the door can be opened easily with a credit card, it's that even a 9 year old can do it. I'm sort of glad I don't travel much so ... I only have to worry about this happening in my apartment building.

Wednesday, October 12, 2016

Worst Selfie Stick Ever

from here (source image)

If I ever face an adversary with a gun, I hope it's one of these guys.

Lending Dollars To Those With No Sense

found on Funsterz

It's hard to believe there are enough people in the world who do this that it's become it's own genre of security fail. It's also hard to imagine that we could make things more secure without getting people like this to change how they think and act.

Tuesday, October 11, 2016

How Random Is That?

from here (source image)

Random number generators (RNGs) are kind of an important part of many cryptosystems, in part because their unpredictability makes their output unguessable (which is a useful property to have for, say, an encryption key).

(And yes, I have spent time with people wearing shirts/jackets that read "My other ride is a Harley")

Try Before You Pry

found on Imgur

Always expect people to find ways around your controls because some people just don't like control.

Monday, October 10, 2016

Maybe We Should Call It A Failport

from here

Inspired by Graham Cluley's tweet/post about a particularly clueless Syrian Electronic Army member.

I Guess They'll Need An Update

found on Doodle For Food

If they really gave up that easily, one wonders how they managed to get anything in their database in the first place. It's not like they can download codebreaking signature updates from a vendor's website.

Friday, October 7, 2016

Which One Gets Your Security Sloppy Seconds?

from here

Although it's definitely not a good idea to reuse your password, it's also clearly not that likely to bite you on the ass otherwise a lot more people would be trying to avoid it.

Not The Kind Of Cavity Search Most Violators Risk

found on Silly Likes

Of course, if you don't have cavities, this is probably a hollow threat.

Thursday, October 6, 2016

The Weakest Link In This Chain Was The Person Who Made It

from here (source image)

It's important to keep in mind that when it comes to security you aren't fighting against gravity or the wind or the natural tendency for things to move apart, you're fighting against people. If you forget that then it's entirely possible you'll employ completely ridiculous security measures.

Are You Protecting The Right Things?

found on Dump A Day

Wednesday, October 5, 2016

What Kind Of Yahoo Does That?

from here

Not only was it incredibly stupid to decide to cave into the government's demands for unconstitutional access without a fight, and to hide it from their own security team when there was no way it was going to stay secret, but doing this AFTER all the fallout from the Snowden revelations displays a complete disconnect from the values that users (and technology workers) have expressed over the last 3 years.

How To Keep Public Restrooms Clean

found on Owned

Things would have to be pretty desperate for me to give up my privacy and use a restroom like that, and if nobody else is willing to use it either, imagine how much you can save on cleaning supplies.

Tuesday, October 4, 2016

The Authorities Are A Doubled Edged Sword

from here

It's slightly ironic that in the process of entrusting the authorities with our protection we make them less trustworthy. Arguably, we still need them, but perhaps we should find a way to trust them less while still making use of them.

Threats Don't Stay The Same Forever

found on Meme Base

Threats evolve over time. If defenders don't also evolve to match them then they're not going to last very long.

Monday, October 3, 2016

Cameras And DVRs And Fridges, Oh My

from here

Well, this isn't a fun development. Apparently the source code for one of the most potent botnets in history has been released. Expect copycats. Lots of them.

The Deep Web Explained by Keanu Reeves

Watch on YouTube

It's not a terrible explanation, though I suppose it's too short to give the viewer much nuance. Still, most people haven't got the foggiest notion about the deep web or the dark web and a short explanation is probably exactly what many people need for an introduction to the topic.