Wednesday, November 30, 2016

Might As Well Assume The Position Right Now

from here (source image)

I'm sure the people who created this had a good idea behind it, but ignoring the security environment in which it will be used is unwise.

Escape Artist In Training

found on Daily LOL Pics

Figuring out how to bypass barriers others put in your way isn't just for escape artists (and hackers), it's for everyone. It's an essential part of exercising your freedom because there will always be people putting barriers in your way.

Tuesday, November 29, 2016

Textbook Case Of What Not To Share

from here

If "What not to share" reminds you of "What not to wear", you're not alone. I'm thinking we need a pair of privacy gurus who go around the Internet giving people social media make-overs. What do you think?

How To Make A Totally Secure OS

found on the Silicon Angle

I mean, if you want Totally Secure then that is pretty much the only way to do it.

Monday, November 28, 2016

Government Keeps Too Many Tabs On People Open

from here

You really have to wonder how intelligent these agencies could be if the US needs that many of them.

Making A Robber Clean Up His Act

Watch on YouTube

If the robber doesn't clean up his act after this, then at least he cleaned up those cars.

Friday, November 25, 2016

It's Not A Backup Anymore

from here

Just as backups should be kept separate from the original data, encryption keys should be kept separate from the encrypted data.

How Not To Use An Alias

found on Fail Blog

If your true identity is wanted by the authorities it makes a lot of sense to use a false one. If your false identity is also wanted by the authorities you really should consider coming up with a new one.

Thursday, November 24, 2016

Now Go Gobble Them Up

from here

Hope He Doesn't Find Anything

found on Government Propaganda

Is it just me or is the agent sticking his hand in the wrong part of the bird? Wrong hole, Mr. Turkey Security Agent. Wrong hole.

Wednesday, November 23, 2016

Where Mobile Privacy Goes To Die

from here (source image)

I don't know if there are still nude pics on those phones, but I bet at least a few of them still had some after they left their original owners' hands.

Crooks Have All Kinds Of Motivations

found on Izismile

This is kind of a sad story and as a result I find myself uncharacteristically rooting for the criminal. It's a clever hack of the legal system, and if it works as intended then good for him.

Tuesday, November 22, 2016

Privacy? What's That?

from here (source image)

This is just one of many examples of things in our everyday world that we take for granted but which subtly train us to think less about privacy less because privacy is absent from their design.

Guard Dog Fail

found on Open Geek

On the other hand, if this was instead meant to be an alarm dog, maybe this is a win (assuming it hasn't become alarmed at it's own shadow).

Monday, November 21, 2016

Your Access Is Disabled

from here

It's hard for some characters to get the respect they deserve when they get labelled as invalid. Our security would be better if we could be more inclusive of such characters.

10 Ways You Could Be Getting Spied On

Watch on YouTube

It sounds like a bunch of crazy conspiracy theories but the post-Snowden world appears to be one in which some of the crazier conspiracy theories have turned out to be true, and most if not all of the things mentioned in this video have some basis in reality. That doesn't necessarily mean you're likely to be targeted for surveillance, but on the other hand some of these things aren't targeted techniques.

Friday, November 18, 2016

That Would Be Super

from here

I gather Crypton is a higher quality example of ransomware so if someone can crack the encryption it really would be super. In the mean time, make sure you've got good backups.

Because They Weren't Threatening Enough Before

found on Dump A Day

There are alternative explanations too, like it could be invisible, but no matter what alternative I come up with, they're all scary.

Thursday, November 17, 2016

Serious Just Means They Aren't Laughing

from here

It never ceases to amaze me that sites are still doing this even in 2016. It's like they don't even notice other sites getting breached.

What Not To Wear

found on The Meta Picture

If Apple's white headphones were enough to make people targets for muggings back in the early days of the iPod, then this backpack is particularly ill conceived.

Wednesday, November 16, 2016

Ain't Nobody Gettin' In Now

from here (source image)

I suppose if it's harder for people to get in then, technically, it's even more secure.

Your Word Against My Screenshot

found on Owned

Making threats is a lot more complicated these days. It's hard to do it without it being recorded somewhere where it can be used against you in a court of law. As such, maybe you just shouldn't threaten people anymore.

Tuesday, November 15, 2016

Which Is Cheaper In The Long Run?

from here

Ultimately it would be cheaper to restore from backups, and I tend to think they must have enough storage space in that facility in Utah to handle backups for all their data.

I Can't See What You Did There

Watch on YouTube

Finally, a good application of the principle of camouflage for cars. It's not meant to hide the car but rather hide the details of the car so that prototypes can be driven in public without giving away secrets the manufacturer isn't ready to reveal yet.

Monday, November 14, 2016

The Internet Of Shitters

from here

The bathroom is probably not going to be a hub of cyber-hygiene. Hopefully those devices can be wiped clean.

Know Your Adversary

found on Ted Rall's blog

It's always important to know who your adversaries are and what their capabilities are so that you can formulate strategies for dealing with them.

I imagine there are those who think it's a bad idea to think of the police as adversaries, but I also imagine those people are privileged in some manner.

(And yes, I know that the Sun Tsu quote is normally "Know your enemy" but I'm not comfortable painting police with that particular brush because the consequences of that militaristic frame of reference are particularly undesirable.)

Friday, November 11, 2016

And We'll All Get To Watch

from here

I've lost count of the sample apps and example code that make this mistake.

Beware Of Nose Pickers

found on Izismile

This seems like a cool trick, and I can imagine people using it while keeping tabs on a certain President who will definitely need keeping tabs on, but keep an eye open for people picking their nose while looking in your direction, because you never know.

Thursday, November 10, 2016

That Seat Though

from here (source image)

I suppose if the bike is beat-up enough, lifting the bike 6 inches might not be worth the effort to a thief.

The Power Of Shame

found on GAGfm

I very much doubt that a sign like this will lead to the return of the stolen plant, but I think it very well could help keep more from getting stolen because now people will be looking for it and people who might be tempted will know others are watching.

Wednesday, November 9, 2016

That Would Be A HUUUUGE Relief

from here

Hacking the election has been an ongoing theme online for the last little while, but I think I finally found a justification I can get behind.

Always Good Advice

found on Daily LOL Pics

It's especially good advice in actual prison, but even if you aren't it will still serve you well.

Tuesday, November 8, 2016

You're Spelling It Wrong!

from here

Thanks to Lesley Carhart for pointing out that ordinary people have some difficulty spelling arcane infosec terminology. Although fisting isn't one of the examples she mentioned, that type of typographical error (replacing one letter with another nearby on the keyboard) is among the most common spelling errors in general.

How Is TSA Screening Like A Pizza Parlor?

found on Zazzle

Would you believe I found this while looking for stuff about the TSA advertising jobs on pizza boxes? I wonder how many other intersections there are between the worlds of airport security and pizza.

Monday, November 7, 2016

The Internet Of Lobotomized Things

from here

How smart can something be if it can't operate on it's own (because it's brain or at least part of it's brain is literally outside of it's body)? At the very least, all those smart devices will occasionally need updates, even if their function doesn't change, and yet nobody will think they need to apply updates because what the heck kind of update does a light bulb or toaster need in order to do it's job?

How Not To Make A Clean Get Away

Watch on YouTube

I guess the lesson here is to not bring a gun to a power washer fight. It's not that a power washer is scarier or more dangerous than a gun, because that's definitely not true, but rather because a gun doesn't make things easy enough against a power washer compared to how easy it makes things against an unarmed victim.

Those carjackers are unlikely to clean up their act after this, but they will probably look for easier prey next time.

Friday, November 4, 2016

Maybe You're Looking At The Wrong SITE

from here (source image)

I wonder if script kiddies would have difficulty with cross site scripting as well.

What Date Is A Good Date For An Update?

found on Zoopraxiscope

The fact of the matter is that anything with a computer in it is going to need updates on occasion. It's best to think of it like a chore, like cleaning your house or washing your clothes. It's something that needs to be done, even though it's tedious and you'd rather be doing something else.

Thursday, November 3, 2016

Nobody's Going To Steal That

from here (source image)

Hopefully she's got the combination. Even so, though, I imagine entering the combination in the mirror would be harder than entering it normally.

How To Stop The Robot Uprising

found on Rock Paper Cynic

Just think, as annoying as CAPTCHAs are, at least they're somewhat effective at stopping the bots.

Wednesday, November 2, 2016

Can't We All Just Get Along?

from here

Now, I'm not generally one to defend Microsoft, but full disclosure is a tool to get uncooperative vendors to take action on vulnerability reports, and not only has Microsoft developed a reputation as being a company that does take action, but also 10 days isn't nearly enough time to decide that they aren't going to take action.

Presumably the early disclosure was because the vulnerability is being actively exploited, but active exploitation doesn't make developing a patch any easier or less time consuming. Nor does it make users magically capable of using the disclosed information to protect themselves, and users are the people who are actually affected by disclosure, not the vendor, because disclosure will ensure that exploitation increases.

I Make Computers Sick In Order To Play Music

found on The Meta Picture

It may seem clever but, with all the USB malware out there, there are all kinds of ways this can go wrong for people wanting to enjoy music. On the other hand, if you ever needed to smuggle data, that form factor seems like it would help it go in and out of  various bodily orifices pretty smoothly.

Tuesday, November 1, 2016

How Do You Avoid Slipping In Your Own Snake Oil?

from here (source image)

Thanks to @SwiftOnSecurity for tweeting the screenshot of that page. The page itself appears to no longer be there. I can only assume McAfee figured out they shouldn't be making such an aggressive promise of security.

Should Also Work Against Vampires

found on MehLOL

I don't know how likely the threat of the undead really is, but I suppose this could also keep out grave robbers.