Friday, November 30, 2018

So read the privacy policy for goodness sake

from here

Thanks to Michael Farrell for finding this gem in the Sleep Number privacy policy about them collecting audio from your room.

He's making you pissed and checking you twice

found on Vitamin-Ha

Pretty soon now the holiday travel rush will start and a whole lot of naughtiness is going to go down at airports thanks to people who got their authority from a pizza box.

Thursday, November 29, 2018

It's as easy as DELL

from here and here

I don't know how DELL's network was breached, but it sounds like they handled the situation pretty well, all things considered.

He's sure to spot anything suspicious going on

found on I Can Has Cheezburger

I don't know how the dog got there, but he's sure got a great place to keep an eye on everything.

Wednesday, November 28, 2018

We lose one way or another

from here

Either the cars fail or the test (CAPTCHA) fails. Both kinds of failure are bad for us.

(Thanks to Valdis Klētnieks for bringing this great observation to my attention)

How you know you've mastered the password

found on Izismile

I have actually achieved this, but only a couple of times.

Tuesday, November 27, 2018

I'm a little short this month

from here (image source)

If it keeps out even the account holder then the money will really be safe.

Anything can be a weapon if you hold it right

found on Imgur

This might not be real, but when it comes to Florida Man, anything is possible.

Monday, November 26, 2018

Master keys, shitty locks, and biometrics

from here and here

Forgive me for making a reference to a "theory" that is usually used to justify a sexual double standard, but I think in the case of fingerprint biometrics being fooled by fake fingerprints we're looking at something that fits the shitty lock classification much more closely.

You call that espionage?

found on Quick Meme

Just a reminder, 5 years later, what he did and why he still can't go home.

Honestly, I'm pretty sure a real spy would be able to sneak back no problem.

Friday, November 23, 2018

Why not both?

from here

Normally if a stranger violates your personal space and actually touches you, there's good reason to think they're up to no good, but in a dense crowd that rule of thumb breaks down, which makes it one of the best times for people who are actually up to no good.

If you don't help your family on the holidays, they will

found on Pictures Boss

As unpleasant as it may be to be the tech support person for your family, there are worse alternatives.

Thursday, November 22, 2018

How Wesley Snipes stops Woody Harrelson

from here (image source)

Maybe they ran out of wall or something, but whatever the excuse, that door isn't keeping anyone out. Except maybe white men, if 90's comedies are to be taken literally.

Private package

found on The Art of Trolling

It MIGHT be what you think it is, but the thought occurs to me that it could be something completely different too. That actually seems like it would be great prank packaging. I wonder if prank packaging is a thing.

Wednesday, November 21, 2018

The YOLO approach to customer relationship management

from here

I guess the rocket scientists in Elon Musk's employ must all be busy elsewhere if Tesla is handing out support forum admin access to multiple non-employees.

The Bot Whisperer

found on Imgur

Apparently input validation is something the bad guys need to do as well.

Tuesday, November 20, 2018

I guess they thought "hash" meant something else

from here

Instagram shouldn't have been able to leak user passwords this way because it shouldn't have them in the first place. That's the whole point behind hashing passwords.

I'd be sad too

found on I Can Has Cheezburger

Not being able to use a VPN online is like not being able to close the bathroom door. If you don't have the privacy you need, you're not gonna go.

Monday, November 19, 2018

Size is what really matters

from here

This is, perhaps, a controversial take on Randy Abrams' post about password constraints, but I think it bears out. The more complexity constraints you enforce, the fewer passwords there are that can satisfy those constraints and the less time it takes to run through them all. If I enforced a set of constraints that were so strict that there were only 5 passwords left that would pass all the rules, you can bet those 5 passwords wouldn't be considered strong.

Another way of thinking about this is, password policies leak information about the passwords in the system - information about what all the passwords have in common (they all have a character from set X, Y, and Z). Leaking information about shared secrets doesn't improve the strength of those shared secrets.

Crooks will be giving thanks all the way to the bank

found on Make A Meme

Friday, November 16, 2018

The most unhackable man in the world

from here

I don't know why they would put someone who's never used a computer in charge of cybersecurity, but I can't imagine it's going to end well.

Breaches are coming

found on Make A Meme

No one is immune to security breaches. It can happen to everyone, but it doesn't have to happen today. Be careful what you click on.

Thursday, November 15, 2018

As if the world's biggest ad company cares about privacy

from here

Having reached the pinnacle of online invasiveness in the name of serving you increasingly relevant ads, and after gaining a foothold in the real world with their personal electronics, Google has now moved on to gathering data from entire cities. Try opting out of that.

That's a shitty way to keep a secret

found on Fail Blog

If a dumb idea works, then it's not really a dumb idea.

Wednesday, November 14, 2018

That escalated quickly

from here

Thanks to Graham Cluley for writing this story about someone who lost the password to their account on a bitcoin exchange and decided the best way to regain access was to send them an explosive device.

You'd be forgiven if you thought this sounded like the work of Florida Man, but apparently craziness can happen in other places too.

Have you ever questioned the nature of your reality?

found on Imgur

I've observed that CAPTCHAs seem to be getting harder, but it never occurred to me that there might be a different explanation.

Tuesday, November 13, 2018

Someone should get a refund

from here

Pretty sure the answer is no. Even if you argue that it was protected between the time it was leaked and the time it was cracked, that was only a couple of hours, and if it was that easy to crack then there was never really any meaningful protection there in the first place.

The war on math is fought on many fronts

found on Imgur (source article)

It's not just wishful thinking (and ridiculous demands) about secure crypto backdoors anymore. Now simply solving equations in public marks you as a suspicious character.

Monday, November 12, 2018

And their privacy will fly the coop

from here (image source)

Pretty sure birds won't be expected to pay for that bird house, so instead their data will be collected, analyzed, productized, and resold.

Now pull my other leg

found on the I've Been Mugged blog

They all say it, but it's all just talk. If they really took it seriously then a lot of the things they make sure won't happen again would have been addressed before, not after, so that it didn't happen the first time.

Friday, November 9, 2018

The government must love them

from here

While this article suggests that Cisco's patching of it's 7th back door in a year is a good thing, I can't help but suspect there are still more. Normally you think of backdoors as being a rare occurrence, but Cisco has clearly deviated from that norm and it makes me think that their backdoors are like rats - if you see 1, there are 20 more you don't know about.

Vesselin Bontchev comically observed that if your house had 7 backdoors there wouldn't be room for walls.

Maddox: How to tell if you're vulnerable to CIA hacking tools

Watch on YouTube

One of the signs not covered in the video - if your computer has a button on it with a power indicator, you're vulnerable.

Thursday, November 8, 2018

What a buzzkill

from here (source article)

Just another reason why it may still be better to get your weed the old fashioned way. Those folks have got more practice at keeping secrets.

Go find your own screen to look at

found on Memedroid

And to think, you probably willingly take a tiny pocket sized computer out with you into crowded locations where people are bound to be looking at your screen.

Wednesday, November 7, 2018

Secret ballots on public ledgers

from here

I should be surprised that anyone thinks blockchains and elections are a good fit, but I'm not. There are people who think blockchains are good for everything.

They've got the car theft problem licked

found on I Can Has Cheezburger

It doesn't so much deter as it disorients. I could see it help to slow thieves down so they don't make a quick get away.

Tuesday, November 6, 2018

Except in Kentucky

from here

Gosh, I sure home nothing bad happens as a consequence of intentionally leaving an election-related server wide open like that.

Is there something about Kentucky that Americans know but the rest of us don't?

Typing blind

found on Imgur

The longer the password, the greater the fear typos - because, when you can't see what you typed, you don't know how far back you have to go to fix it.

Monday, November 5, 2018

These "secret" websites sure are convenient

from here (source article, source image)

Here's a quick tip for those old folks who run intelligence agencies: get someone who understands how the Internet works to come up with online communications channels, not someone who just used an online site building wizard to set up a web site for their uncle.

This may take a while

found on Reddit

Brute forcing good encryption, without the benefit of anything that could help you take shortcuts, is one of those things where the sun will burn out before it happens.

Friday, November 2, 2018

Not exactly a good hiding place

from here

On the one hand, the chef that killed, cooked, and served a person to people expecting vegetarian cuisine is clearly a dangerous person - but on the other hand, he's clearly also a moron. No reasonable person would think they could trick vegetarians into eating long pork unnoticed.

When you use a password manager

found on Meme Guy

I don't know most of my passwords. I let a password manager remember those details for me.

Thursday, November 1, 2018

So that's why people like it so much

from here

I've worked in open, highly collaborative environments for my entire professional career and I'm very team-oriented - so it took me an entire month of working from home to realize the privacy benefits.

If someone had just told me to look at it from a privacy perspective I never would have hesitated.

Don't leave home without it

found on Miss Techy

Is a VPN right for you? If primary school kids are installing VPNs on their phones in order to get around website restrictions on their school's wifi, then maybe ask yourself why haven't you found a reason to use a VPN yet.