Thursday, December 13, 2018

Oh, I'm sure they'll never trace that

from here

It's interesting to read about malware that is technically clever but operationally dumb.

Coming to a gaming system near you this Christmas season

found on imgflip

Yeah, I'm sure many parent's are going to be seeing this fac after their kids open all their presents.

Wednesday, December 12, 2018

Like picking on your schoolyard crush

from here

I know it sounds absurd, but think about what happened after they caught Sabu, or the Mirai botnet creators. It kinda makes me think the reason they're dragging Marcus through the courts is because they desperately want someone with his capabilities working for them.

Thankfully times have changed

found on imgflip

I don't think I've ever had spam from a can; but from what I hear I'm not sure which kind of spam is worse, the electronic or supposedly edible variety.

Tuesday, December 11, 2018

Or will we need even larger units?

from here

Honestly, I'm actually surprised that security vulnerabilities could be enough to get Google to shut down their social network. In spite of their old motto, I expected them to be as bad as Facebook and just keep marching along regardless of the consequences to users. I guess there's still a few shreds of that "Don't be evil" ethos left. Too bad they don't direct that energy at YouTube.

'Tis the season to protect your privacy in your secret santa posts

found on Imgur

From what I can gather, that trend where people post pictures of their bank and credit cards online has branched out into other items with sensitive information on them.

Monday, December 10, 2018

The look in their eyes says it all

from here (image source)

I've heard of cats and dogs wanting to join their humans in the washroom, but apparently that extends even to our avian friends.

The keyboard shortcut for privacy

found on Meme Base

There's copy, there's paste, there's even undo. Why shouldn't we have a shortcut for privacy too? We probably don't think of Alt-Tab being such a shortcut, but for all intents and purposes it kinda is.

Friday, December 7, 2018

Authorities and criminals rejoice

from here

Australia has apparently decided that catching a handful of terrorists is worth sacrificing the privacy and security of all it's citizens. It's impossible to build a backdoor that only good guys can use, because the computer can't tell who the good guys are.

And because Australia is part of the Five Eyes intelligence alliance, it's not unreasonable to think similar legislation in Canada, the US, the UK, and New Zealand may now be a foregone conclusion.

You're gonna wish you stayed under

posted on Instagram by DankMemesGang

It's amazing how equating it with money can make people care about cryptography (or at least a handful of cryptographic techniques). Of course with the overall trend being not quite as positive these days, maybe fewer will care about it now. I know at least one colleague who recently dismantled his mining rig and sold off the video cards.

Thursday, December 6, 2018

Maybe the ransomware help desk can help with that

from here (image source)

I would be super impressed if someone actually convinced ransomware crooks to accept these Chuck E Cheese tokens.


found on Acid Cow

That poor little pup seemingly waits all day for its human's return. Like the saddest episode of Futurama.

On the plus side, at least there's a second set of eyes on the door.

Wednesday, December 5, 2018

Filter? I don't even know her

from here

No explanation, just a lame pun about bayesian spam filtering that popped into my head.

They're sneaking ads into everything these days, part 2

found on Imgur, tweeted by Ryan Russell

It seems spammers keep finding new ways of reaching you. A couple days ago it was through your home surveillance system and now it's through your printer. What will they think of next?

Tuesday, December 4, 2018

Maybe we should just change our entire identities

from here

This could be for any breach, but right now there are dueling breaches of Marriott and Quora and I'm starting to wonder if breaches are accelerating.

How much can it really hold?

found on Imgur

The NSA's data centers can hold a lot, and it may not be possible to overload their capacity, but wouldn't you like to try accepting that challenge anyway?

Monday, December 3, 2018

Getting nabbed while napping

from here

What I find most amazing about this story of sleeping burglar is that if you Google it you'll find out that it's actually happened quite a few times. People need to take more naps and less valuables.

They're sneaking ads into everything these days

found on Piximus

It's certainly a novel approach. Can you imagine what happens when those front door surveillance cameras become ubiquitous? I could see this method of advertising (or at least a derivative of it) catching on.

Friday, November 30, 2018

So read the privacy policy for goodness sake

from here

Thanks to Michael Farrell for finding this gem in the Sleep Number privacy policy about them collecting audio from your room.

He's making you pissed and checking you twice

found on Vitamin-Ha

Pretty soon now the holiday travel rush will start and a whole lot of naughtiness is going to go down at airports thanks to people who got their authority from a pizza box.

Thursday, November 29, 2018

It's as easy as DELL

from here and here

I don't know how DELL's network was breached, but it sounds like they handled the situation pretty well, all things considered.

He's sure to spot anything suspicious going on

found on I Can Has Cheezburger

I don't know how the dog got there, but he's sure got a great place to keep an eye on everything.

Wednesday, November 28, 2018

We lose one way or another

from here

Either the cars fail or the test (CAPTCHA) fails. Both kinds of failure are bad for us.

(Thanks to Valdis Klētnieks for bringing this great observation to my attention)

How you know you've mastered the password

found on Izismile

I have actually achieved this, but only a couple of times.

Tuesday, November 27, 2018

I'm a little short this month

from here (image source)

If it keeps out even the account holder then the money will really be safe.

Anything can be a weapon if you hold it right

found on Imgur

This might not be real, but when it comes to Florida Man, anything is possible.

Monday, November 26, 2018

Master keys, shitty locks, and biometrics

from here and here

Forgive me for making a reference to a "theory" that is usually used to justify a sexual double standard, but I think in the case of fingerprint biometrics being fooled by fake fingerprints we're looking at something that fits the shitty lock classification much more closely.

You call that espionage?

found on Quick Meme

Just a reminder, 5 years later, what he did and why he still can't go home.

Honestly, I'm pretty sure a real spy would be able to sneak back no problem.

Friday, November 23, 2018

Why not both?

from here

Normally if a stranger violates your personal space and actually touches you, there's good reason to think they're up to no good, but in a dense crowd that rule of thumb breaks down, which makes it one of the best times for people who are actually up to no good.

If you don't help your family on the holidays, they will

found on Pictures Boss

As unpleasant as it may be to be the tech support person for your family, there are worse alternatives.

Thursday, November 22, 2018

How Wesley Snipes stops Woody Harrelson

from here (image source)

Maybe they ran out of wall or something, but whatever the excuse, that door isn't keeping anyone out. Except maybe white men, if 90's comedies are to be taken literally.

Private package

found on The Art of Trolling

It MIGHT be what you think it is, but the thought occurs to me that it could be something completely different too. That actually seems like it would be great prank packaging. I wonder if prank packaging is a thing.

Wednesday, November 21, 2018

The YOLO approach to customer relationship management

from here

I guess the rocket scientists in Elon Musk's employ must all be busy elsewhere if Tesla is handing out support forum admin access to multiple non-employees.

The Bot Whisperer

found on Imgur

Apparently input validation is something the bad guys need to do as well.

Tuesday, November 20, 2018

I guess they thought "hash" meant something else

from here

Instagram shouldn't have been able to leak user passwords this way because it shouldn't have them in the first place. That's the whole point behind hashing passwords.

I'd be sad too

found on I Can Has Cheezburger

Not being able to use a VPN online is like not being able to close the bathroom door. If you don't have the privacy you need, you're not gonna go.

Monday, November 19, 2018

Size is what really matters

from here

This is, perhaps, a controversial take on Randy Abrams' post about password constraints, but I think it bears out. The more complexity constraints you enforce, the fewer passwords there are that can satisfy those constraints and the less time it takes to run through them all. If I enforced a set of constraints that were so strict that there were only 5 passwords left that would pass all the rules, you can bet those 5 passwords wouldn't be considered strong.

Another way of thinking about this is, password policies leak information about the passwords in the system - information about what all the passwords have in common (they all have a character from set X, Y, and Z). Leaking information about shared secrets doesn't improve the strength of those shared secrets.

Crooks will be giving thanks all the way to the bank

found on Make A Meme

Friday, November 16, 2018

The most unhackable man in the world

from here

I don't know why they would put someone who's never used a computer in charge of cybersecurity, but I can't imagine it's going to end well.

Breaches are coming

found on Make A Meme

No one is immune to security breaches. It can happen to everyone, but it doesn't have to happen today. Be careful what you click on.

Thursday, November 15, 2018

As if the world's biggest ad company cares about privacy

from here

Having reached the pinnacle of online invasiveness in the name of serving you increasingly relevant ads, and after gaining a foothold in the real world with their personal electronics, Google has now moved on to gathering data from entire cities. Try opting out of that.

That's a shitty way to keep a secret

found on Fail Blog

If a dumb idea works, then it's not really a dumb idea.

Wednesday, November 14, 2018

That escalated quickly

from here

Thanks to Graham Cluley for writing this story about someone who lost the password to their account on a bitcoin exchange and decided the best way to regain access was to send them an explosive device.

You'd be forgiven if you thought this sounded like the work of Florida Man, but apparently craziness can happen in other places too.

Have you ever questioned the nature of your reality?

found on Imgur

I've observed that CAPTCHAs seem to be getting harder, but it never occurred to me that there might be a different explanation.

Tuesday, November 13, 2018

Someone should get a refund

from here

Pretty sure the answer is no. Even if you argue that it was protected between the time it was leaked and the time it was cracked, that was only a couple of hours, and if it was that easy to crack then there was never really any meaningful protection there in the first place.

The war on math is fought on many fronts

found on Imgur (source article)

It's not just wishful thinking (and ridiculous demands) about secure crypto backdoors anymore. Now simply solving equations in public marks you as a suspicious character.

Monday, November 12, 2018

And their privacy will fly the coop

from here (image source)

Pretty sure birds won't be expected to pay for that bird house, so instead their data will be collected, analyzed, productized, and resold.

Now pull my other leg

found on the I've Been Mugged blog

They all say it, but it's all just talk. If they really took it seriously then a lot of the things they make sure won't happen again would have been addressed before, not after, so that it didn't happen the first time.

Friday, November 9, 2018

The government must love them

from here

While this article suggests that Cisco's patching of it's 7th back door in a year is a good thing, I can't help but suspect there are still more. Normally you think of backdoors as being a rare occurrence, but Cisco has clearly deviated from that norm and it makes me think that their backdoors are like rats - if you see 1, there are 20 more you don't know about.

Vesselin Bontchev comically observed that if your house had 7 backdoors there wouldn't be room for walls.

Maddox: How to tell if you're vulnerable to CIA hacking tools

Watch on YouTube

One of the signs not covered in the video - if your computer has a button on it with a power indicator, you're vulnerable.

Thursday, November 8, 2018

What a buzzkill

from here (source article)

Just another reason why it may still be better to get your weed the old fashioned way. Those folks have got more practice at keeping secrets.