Friday, June 22, 2018

How not to become the master of someone else' domain

from here (image source)

Obviously you shouldn't commit cybercrime, but even more than that, you really shouldn't do it in person.

There's more than one way to crack a password

found on Schlock Mercenary

The dialog at the very beginning is a little hard to follow, but otherwise this is an excellent illustration of what rubber-hose cryptanalysis means.

Go ahead and check out the Schlock Mercenary webcomic. It seems to have been going on for years and years.

Thursday, June 21, 2018

Encryption backdoors wouldn't be very bright

from here

Oh those poor FBI agents. What will they do if they can't break into everyone's cell phones?

Maybe exactly the same thing they did before everyone had cell phones?

How far do you have to go to unsubscribe?

found on Imgur

No matter where you go, the GDPR goblins will find you.

Wednesday, June 20, 2018

Alexa, would you please give us some privacy?

from here

Do we really want to stick these devices in hotel rooms after they were caught recording private conversations and sending them to random contacts?

If only online attribution were this easy

found on The Art of Trolling

If you could force suspects to cooperate with investigators, cybercrime and governmental cyber attacks would be a lot easier to deal with.

Tuesday, June 19, 2018

The 90's called and they want their phishing lure back

from here

I didn't know Rip Van Winkle was in the business of cybercrime, but apparently he woke up not too long ago.

When ennui attacks

found on LOL Super Fails

I imagine this must be the expression cybercriminals use when they don't get to use their bag of tricks.

Monday, June 18, 2018

You'd think one of the world's most powerful corporate surveillance platforms would be able to figure this out

from here

In theory they should also be able to tell if you hate your father. After all, the fact that they've performed psychological experiments to manipulate people's emotions means they must have some way of discerning what those emotions are.

However, the absence of a particular kind of connection should require a lot less analysis. It doesn't instill confidence in the efficacy of their ad targeting service if they can't even figure this much out.

Tactical Kitty

found on Memedroid

It is possible to weaponize cats, but this is not how you do it.

Friday, June 15, 2018

Almost as disappointing as the finger command

from here

What better way to celebrate 10 years of bad security jokes than with a bad security joke?

No Terrminators Allowed

found on Imgur

Thanks to Alex Girard for providing the most important CAPTCHA in the world. This is how we prevent judgement day and stop the robot uprising.

Thursday, June 14, 2018

I don't want a device that dies the same time as your company

from here

A company going bankrupt is a really stupid reason for a toaster or a light bulb to stop working. If people realized that the A in the CIA triad was so unreliable in IoT devices, the market would look a lot different.

If you wanna use my card you'll have to pay first

found on Meme XYZ

I suppose it could still be used as proof of age while maxed out, but that's no skin off my nose.

Wednesday, June 13, 2018

Gives new meaning to finding malware in the wild

from here (source article)

It's not like cyber criminals care who they harm. If there's money to be made by botting wildlife preserves, someone is going to do it.

Petty Pranks: How to annoy a phone scammer


Watch on YouTube

I wish I had the patience to do this sort of thing. Unfortunately I get mad too quickly and confront the scammers and that generally ends the call.

Tuesday, June 12, 2018

If the hackers don't get you the volatility will

from here

It kind of doesn't matter how safe you keep your coins. They could be in a hardware wallet, they could be in cold storage. They could be in a vault buried under ground. It doesn't matter because other people losing their money causes you to lose money too. Even if the number of coins you own doesn't change, their value still can and does when breaches happen. Your coins aren't safe until everyone's are safe - which will be never.

Reputations are hard to live down

found on Piximus

Windows Firewall might actually be perfectly fine nowadays, but nobody trusts it because it's Microsoft and Microsoft does not have a reputation for security

Monday, June 11, 2018

The name's Whiskers. Mister Whiskers

from here (image source)

Pets are remarkably good at catching us in compromising situations. Some of us will even let them come in the bathroom with us. It's a good thing no foreign powers have figured out how to exploit those talents (I think).

Be sure to use a different dog for each site

found on the PureVPN Blog

Good password hygiene is going to require a lot of dogs if that's how you manage your passwords.

Friday, June 8, 2018

And never touch anything

from here (image source)

Anyone who has access to you when you sleep can probably unlock your biometrically protected phone without you knowing about it.

Barriers: They're a good thing

found on Meme.XYZ

Just remember not to answer the door if it happens to ring the bell.

Thursday, June 7, 2018

Overdue process

from here

Has it not occurred to the authorities that they might have better luck with the phones if they used the fingers while they were still fresh? I suppose the family should be glad these cops didn't wait even longer.

British Privacy

found on Reddit

I guess they must have crisps in their computers too.

Wednesday, June 6, 2018

The Internet of Leaks

from here

There's a school of thought that it's not if you get breached but when. The logical conclusion to that line of reasoning is that everything gets breached if given enough time, and a breach of a DNA testing service/genealogy site is certainly not hurting that argument.

My uncle the scam artist

found on Imgur

I assume this uncle came from Nigeria or some place similar.

Tuesday, June 5, 2018

What we give up for convenience

from here

Just a shower thought. Yes, I have security-themed shower thoughts. No I will not admit to having a problem.

Keep your distance

found on Dump A Day

If I saw a squirrel trying to take a run at me after seeing that sign, I'd nope right out of there.

Monday, June 4, 2018

Maybe we should stop pissing it away

from here (image source)

Supposedly we value privacy, and yet we throw it away in favour of some of the most trivial things. Sometimes it's nothing more than a literal candy bar.

That would definitely stop me

found on Izismile

I have no idea if this is as effective as The Club at preventing car thefts, but I would definitely be deterred by it.

Friday, June 1, 2018

Redefining 'double-take'

from here (source article)

Can this be real? I wasn't expecting 51% attacks to be feasible, but apparently they are.

Her parents must have had a sense this would happen

found on Thug Lifer

What's really going to bake your brain is the question of whether she would have turned out that way if her parents had given her a different name.

Thursday, May 31, 2018

Just making some gun-bo

from here

You wouldn't think you'd need to warn people not to put firearms in the oven, but apparently you do.

There are MUCH better ways of keeping them secure and out of the hands of children. Putting them in a gun safe, for example.

Crypto means cryptography (merchandise)

online store

This is a rather nice design by Amie Stepanovich and available at Bonfire, but only for the next 4-5 days, so act fast if you want one of these shirts. Hurry up and show your support for the true meaning of Crypto.

Wednesday, May 30, 2018

The lowest common denominator in tech

from here

All other things being equal, the division between those who've added 2 factor authentication to their log ons and those who have not is rooted in a number of complex problems.

Sorry, the math puns just kept multiplying.

You mean that's not how they work?

found on Meme Base

To be honest, I think I'd rather see that particular group of people remain dumb.

Tuesday, May 29, 2018

Or vice versa

from here

There's a long running trend of not trusting people to do the right thing and instead designing devices in such a way that they aren't susceptible to human error. That was great when it came to preventing catastrophes, but when it creeps into banal things like when to drink water you realize how far the bar has been lowered when it comes to trusting each other to act sensibly.

On the other hand, the more technological crutches we have, the less we need to actually engage our brains, so maybe we're creating a positive feedback loop that is causing a race to the bottom of human intellect.

Small mistakes are all it takes

found on Fail Blog

Massive security breaches don't need massive blunders in order to happen. Even a little thing can allow them to happen, if it's the right little thing.

Monday, May 28, 2018

Can we interest you in a monitoring redundancy service?

from here

Just a thought that popped into my head after seeing one of those commercials on TV.

I wonder how they've been using our radio signals

found on Reddit

Thanks to Alex Girard for sharing this with me.

Friday, May 25, 2018

We are never getting back together

from here

If that is the way multiple companies are going to approach the GDPR (not only have multiple used dating-related phrases, multiple have literally asked "Are we breaking up?"), they don't deserve your data. You can do better.

All devices are smart devices if you're dumb enough

found on Sizzle

I'm starting to think there's a correlation between the amount of smart devices there are in the world and the amount of stupid people.

Thursday, May 24, 2018

Since counting is obviously not one of their strengths

from here

I mean, the only other explanation for the FBI's grossly overstated figures is that they were lying. However, given those two possibilities, Hanlon's razor insists that the most likely explanation is that they can't count.

Zuckerberg likes that you cared

found on Izismile

If you ever plot against Mark Zuckerberg, it probably wouldn't be a good idea to use Facebook Messenger. Just saying.

Wednesday, May 23, 2018

No wonder security feels like a chore

from here

As a bachelor, I frequently eat food out of the pot or casserole dish it was cooked in to reduce the amount of work involved in cleaning up afterwards. It may sound lazy but honestly, most innovations are designed to make our lives easier, so why get hung up on doing things that are unnecessary?

Now that I've realized how much time and effort is going into applying updates relative to how much benefit I'm getting out of those apps, I think maybe I should be applying the same philosophy to keeping apps that I do to using dishes. Reduce as much as possible.

Could you knock?

found on Img Flip

The bathroom is the last bastion of privacy - the one place where no one tries to claim privacy is dead.

Tuesday, May 22, 2018

I shall hug him and pet him and call him Rootkit

from here and here

If you're wondering what packet sniffing has to do with rootkits - that's one of the things the original one did.

Nobody is falling for that one. Nobody

found on Meme XYZ

I've seen the first panel before. It's neat that people are building new security memes out of old security memes.

Monday, May 21, 2018

That was unusually helpful of them

from here

I don't know about you, but malware writers helping out sounds awesome. More of that, please.

Is there a #MeToo for airline passengers?

found on Meme Base

I've certainly gotten a disturbing pat down on the front of my trousers before when the wand supposedly false alarmed on my zipper. This was before enhanced pat downs went into effect and before agents were given the special training on how to deal with that area.

I imagine many people in that sort of situation don't even consider raising a stink about it. I know I didn't. The TSA are the authorities in an airport, so who would you report them to? And even if you did, how could you know for sure you wouldn't risk missing your flight? We probably shouldn't think of the violations as just part of the price of flying but I think to a large extent we probably do anyway.

I think the TSA has always had creepers in it. It's a job where ordinary folks are given extraordinary power over other people and sexual assault is very much about power so it kinda seems like a perfect fit.

Friday, May 18, 2018

Gee it would be a shame if that got logged somewhere

from here and here

It's amazing the kinds of things some web developers think they can leave in the URL.