Tuesday, September 18, 2018

Royal Bank of Scamland

from here

 If nobody has ever told you this before - don't click in links in emails purporting to be from your bank, Paypal, or really anything where you have an account. Chances are it's a scheme to break into that account.

All those moments will be lost in time, like tears in the rain

found on Imgur

Monday, September 17, 2018

People who work in glass offices shouldn't throw stones

from here

Leave it to a company whose business model revolves around making bets to tempt fate and lose.

That's one way to make a breach worthless

tweeted by jonny sun

In information security you may hear the term data minimization. It's a principle that says the less data you collect, the less value you pose to an attacker. For example, if a database doesn't have credit card numbers in it then it won't be very useful to carders.

If you can't add any data to an account (perhaps because you can't log in in the first place) then that seems like the principle of data minimization has been followed (even if that wasn't the intent).

Friday, September 14, 2018

When your OpSec is more like OoopsSec

from here

This story about a woman allegedly murdering her husband after publishing an essay about how to murder your husband has left me wondering "What was she thinking?" An essay like that was certainly going to make the authorities extra suspicious of her when her husband was shot dead.

You know they're well protected because it says security right on the box

found on Imgur

I'm not really sure what a security tampon is and at this point I'm afraid to ask.

Thursday, September 13, 2018

Gentle Reminder: Don't be evil

from here

Do you think the folks at Google are at all unaware that in order to be competitive as an advertising company they've actually become a corporate surveillance company? Of course not. They knew exactly what they were doing when they bought credit transaction records from Mastercard.

The bane of air travelers' existence

found on West Word

Wednesday, September 12, 2018

They are not interchangeable

from here

The only people who write about this stuff are technology writers. You'd think technology writers would know the difference. It is their job, after all, to know what they're talking about. But since this seems so difficult, I'll just have to repeat this simple rule of thumb over and over again:
Voice recognition tells you who is speaking while speech recognition tells you what they're saying

Stealth jokes just sort of sneak up on you

found on Me.me

They wouldn't be very good at their jobs if you could see them coming, Joe.

Tuesday, September 11, 2018

Well, maybe just a little one

from here

Leave it to Trend Micro to make what appeared to be an isolated incident into a "little trend". I can't imagine the browser history harvesting was all that important for security if they're willing to remove it.

Is any time a good time for that?

found on Off Vault

Updates always seem to come at the most inopportune time, but does an opportune time even exist? it seems like by now we'd have figured out when that time is if such a time existed.

Monday, September 10, 2018

Even a walled garden can have weeds

from here

One might justifiably point out that fake security/privacy tools have actually been around for a long time, but most people don't know that. For most people a privacy tool that takes advantage of the user is new.

For most people, the idea that Apple's app stores aren't perfectly safe is also new. That deserves some attention.

That's not creepy at all

tweeted by Chelsea Frei

I've heard complaints about this kind of thing before and it makes me wonder why advertisers keep pursuing increasingly accurate targeting for their ads. It's like they are tone-deaf to the idea that at some point targeting for ads is just going to be too close for comfort. For some people it already is.

Friday, September 7, 2018

That game doesn't even use money

from here (image source)

This must be the low-rent version of cracking an ATM. Rather than putting Doom on it, this just uses a game that was almost certainly already there.

Fake Sign Language Guy makes great passphrases

found on Me.me

Thursday, September 6, 2018

Couldn't they have just used a crypto-miner like normal cyber-criminals?

from here

Nothing quite like a true story to inspire a WTF? reaction. The idea that scareware is somehow still a viable model for a criminal enterprise in 2018 is only the tip of the WTF iceberg here.

Thanks to my mom for calling me at work about this ridiculous nonsense on her PC.

Now we know why they don't like Chinese tech companies

found on Huge LOL

That's the kind of private-by-design approach I'd like to see more of, actually.

Wednesday, September 5, 2018

Let's just hope it doesn't become everyone's business

from here

The Australian government wants backdoors built into things and justifies it with an example of a perp using Snapchat and Facebook, which aren't encrypted  and which already have facilities to provide law enforcement with everything they need.

(Thanks to Alec Muffet for tweeting the analysis)

Itty bitty kitty committee has an insider threat

found on FeedInspire

One of these things is not like the others and I'm surprised they'd stand for it. Oh, right, they're sitting.

Tuesday, September 4, 2018

Old Man 1, Shark 0

from here

No matter what kind of attacker it is, there is always a weak spot. You just have to know how to find it.

Automated Theft Machine

found on Vitamin Ha

I would advise not doing your banking at this machine. In fact, I would advise not getting too close to this machine because it looks like that space is big enough to fit a person.

Monday, September 3, 2018

Facebook, No!

found on The Art of Trolling

This is not the kind of mental imagery we want to elicit in the name of security

Blockchain is not the answer (merchandise)

Are you tired of arguing with people who think the blockchain can do everything? The ones who think all problems can be solved by storing data on a distributed, permanent ledger? Save your breath and just wear your opinion on your sleeve, or y'know, your chest.

I've added this design to both the CafePress store and the Zazzle store (which seems to be taking a while to become available). As always the mark-up is set at the minimum value the sites will allow. I've only done shirts so far, but if you're interested in more then let me know and I'll expand the offerings.

Thanks to Robert Slade for tweeting the idea.