Thursday, November 21, 2019

My Anti-Virus Software mug

Product Page

While there are certainly more effective ways of recovering from a virus, this will definitely kill it (along with the patient).

Wednesday, November 20, 2019

The gavel is mightier than the checkbox

from here and here (image source one and two)

Your privacy preferences (perhaps we should start calling them preferences instead of settings, since they really only express what outcomes we would prefer not what actually happens) don't trump a court order or a search warrant. If the authorities are part of your threat model, relying on a checkbox isn't going to do you any good.

Why didn't InfoSec think of that?

found on Reddit

Just imagine if all we had to do to protect ourselves online was to put up "No Hacking" signs.

Tuesday, November 19, 2019

They'll never hack through this

from here (image source)

There are a lot of strange ideas about how to protect yourself from online threats. Some are even stranger than this. Did you know there were actually anti-virus crystals?

Niklas Roy: My Little Piece Of Privacy


Watch on YouTube

This is a fun idea. I think your actual privacy would be better served by a full curtain rather than just a tiny section of one, especially since the motion of this seems to make nosy passers-by even nosier, but as an interactive art piece that explores the concept of privacy I think it's great.

Monday, November 18, 2019

Just tell people you're entering the Miss America Online pageant

from here (image source)

When I see things like this I can't help but think that women should be much better smugglers than men. I can't imagine a guy pulling off something like this.

Seems secure

found on Imgur

Is putting the WiFi password on the router a thing people do? Are they just leaving it with the default password that's already pasted on the device? I was dragged kicking and screaming into the WiFi age, but I certainly don't have the password on the router (although I can see how that might be convenient, like a computer password stuck to the side of the monitor).

Friday, November 15, 2019

Seems more legit

from here (image source)

Now you might be thinking "Well we can see there actually is candy here so it is legit", but it's still the same candy-from-strangers threat as the more traditional candy van. Is that actually candy or just a ruse? What happens to you when you eat that "candy"? Will it incapacitate you?

The insider threat must blend in

found on Memedroid

We might see the difference, but those rabbits clearly think nothing is wrong.

Thursday, November 14, 2019

Howdy neighbour

from here (image source)

I suppose this could be a feature, rather than a bug. It may cut down on cleaning costs.

NSA "F**k Yo Privacy" phone case

Product Page

Next time you whip out your phone you could also make a statement against government invasion of privacy.

Wednesday, November 13, 2019

See something, say something

from here

Apparently this is a true story, and it's also an excellent demonstration of why average joes are terrible at deciding what is or isn't suspicious.

The reason no one holds Facebook accountable

found on Imgur

No, it's not because the data Facebook misappropriates and mishandles is worthless, it's because people believe it is. And to be clear, it's not all people who believe that, it's just the people the power to do something that believe it. They don't value what Facebook takes from us, so they let those abuses slide.

Tuesday, November 12, 2019

What could possibly go wrong?

from here and here

I have to wonder what the Australian government was thinking when they came up with this plan. It seems tailor made for abuse, and it would be one of the worst kinds of abuse.

Dual Core : 0x0A Hack Commandments


Watch on YouTube

Wow, it's been a long time since I listened to one of these. Lots of good advice in this song. You should consider listening a few times (and shutting the actual F up while you do).

Monday, November 11, 2019

Airport 'Security'

from here and here (image source)

How low can the TSA sink? No one is going to mistake that for a real weapon, but somehow that doesn't matter to the TSA.

Too Blocked; Didn't Read

found on Imgur

I don't think I've ever encountered an article on the Internet that had a headline so interesting I was willing to turn off my ad-blocker. I wonder where people got the idea users would do that.

Friday, November 8, 2019

It works the same way for backups

from here

So Baltimore failed to protect themselves against a ransomware attack and apparently they're now planning to fail again. I'm not sure there's any other way to interpret getting insurance equal to the cost of recovering unless you think you're going to need to recover again.

And you know what, $20M would buy a lot of backups.

Homeopathic Antivirus

found on Meme Base

Make sure you use honey and not molasses - or else you might slow down your computer.

Thursday, November 7, 2019

I bet this wasn't in your threat model

from here (image source)

How do you prepare for something like this? How do you defend against it? What exactly can you lock the steps onto in order to keep them from being hauled away?

No I Will Not Remove Your Virus mug

Product Page

I used to have a T-shirt that read "No I will not fix your computer". I wore it out. This looks like it would last longer, but I'll be honest - if someone comes to me with a virus problem I will help, regardless of what a mug might say.

Wednesday, November 6, 2019

We worked extra hard to find the least we could do

from here

On the plus side, at least the amount of the settlement won't go down if too many people claim it like certain other settlements I could name.

I wouldn't mind this kind of security screening

found on Imgur

If we could train an army of kittens to do what those large, intimidating dogs do, I'm not sure we'd still be using the dogs.

Tuesday, November 5, 2019

When your scope is too narrow

from here (image source)

This is what happens when no one is looking at the big picture, when everyone is just looking at their own little part and not seeing how things are supposed to fit together and work as a whole. This turnstile isn't stopping anyone.

How not to steal a chainsaw


Watch on YouTube

I don't know, maybe the chainsaw was worth more to him than what was already down there, but that just looks too dangerous.

Monday, November 4, 2019

Outsourcing done wrong

from here

What are the odds of finding a string of 5 hitmen that are all so greedy and lazy that none of them actually wants to bother doing the hit?

Deterrent Win

found on Reddit

I mean, I've heard of taking a hand or two, but that right there is harsh.

Friday, November 1, 2019

Security by decrepitude

from here

So technically security by decrepitude is just a subset of security by obscurity, so it's not really security at all. But that being said, I can't help but think the Air Force is going to be less safe if they move to something more modern than 8 inch floppies.

Privacy vs. Accountability

found on Imgur

On the one hand I'm as grossed out by people missing the toilet as the next person, but on the other hand I'm creeped out by the idea that someone would be able to see me do it and I kinda want to miss on purpose now just to uncover which bathrooms are safe from prying eyes.

Thursday, October 31, 2019

Encrypted at rest but not in transit

from here (image source)

In this day and age vampires must feel very threatened, so they stay safe and secure in their crypts most of the year. Except today of course. Today is the day they decrypt.

Surveillance Camera vs. Halloween Mask

found on Me.me

Surveillance cameras can be useful most of the time, but on a day when people are all wearing disguises? Not so much.

Wednesday, October 30, 2019

Tuesday, October 29, 2019

Tales from the Crypto Keeper

from here

Maybe we should rename Bitcoin to Satoshi's Monster.

Lock Picking Lawyer : Pumpkin Saw Converted into Electric Pick Gun


Watch on YouTube

It was meant to open a pumpkin but now it can open your locked door.

Monday, October 28, 2019

Click Here to Fix Now

from here

At least, there are no treats for you. The crooks behind scareware, on the other hand, get plenty of goodies from the people they trick.

Trojan Goodies

found on Memebase

And now you know why home-made treats aren't welcome anymore.

Friday, October 25, 2019

If only I could train an army of them

from here (image source)

You know that whole "bird brain" slur that was supposed to imply someone was dumb? You know we vastly underestimated birds in the process? Never underestimate your adversary.

What would you do for a password?

found on Reddit

There was an exercise carried out some years ago where people signed away their first born child in order to get WiFi so it wouldn't surprise me in the slightest if people also yelled "penis" in a crowded terminal.

Thursday, October 24, 2019

Hello ransomware vector

from here and here (image source)

Bonjour is a part of iTunes and iCloud for Windows. You might think that you have nothing to worry about with regards to this vulnerability that's being used to spread ransomware because you don't have either of those installed, but surprisingly you may have Bonjour if you've EVER installed iTunes or iCloud because it doesn't get removed when you uninstall, so make sure to double check your installed programs.

My Password Is The Last 8 Digits Of Pi hat

Product Page

Ironically, if your password is 8 numeric digits (any 8 numeric digits, doesn't matter which ones) then it is profoundly unsafe. It wouldn't take very long to brute force such a password. Don't choose your password that way.

Wednesday, October 23, 2019

Credentials that strain credulity

from here

No, I'm not fucking with you, they actually used those credentials for a web portal for managing credit disputes. These people are too stupid to be allowed to hoard the nation's credit information.

They finally got serious about The Hamburglar

found on Evil Milk

I wonder if the additional isolation makes the food prep area any more sanitary.

Tuesday, October 22, 2019

Guess they won't be playing cops and robbers in Kansas

from here (image source one and two)

It's hard to take authorities seriously when they arrest little girls for a hand gesture we've all made (probably on multiple occasions).

Anthony van der Meer: Find my Phone


Watch on YouTube

Phone thieves better be careful they don't rip off someone who can track them down like this. Had the owner been more inclined to include the police in his plan the crook might have been arrested.

You can learn more about this on Reddit, where the owner/director did an AMA.

Monday, October 21, 2019

More secure than a piggy bank

from here (image source)

I don't think I need to explain the anti-theft features. Anyone who has ever pet a cat more than the randomly determined number of times the cat will allow can almost certainly guess what they are.

Best of luck

found on Imgur


Friday, October 18, 2019

At least it still stops butt-dialing

from here (image source)

Being able to unlock a phone with a finger instead of a fingerprint is certainly more convenient, but sometimes convenience isn't worth the cost.

Graham Cluley has an interesting theory about how this problem works (that enrolling with the screen protector on means you enroll a fingerprint without ridge details), but doesn't see how a software update can fix it - and in the strictest sense he's right that a software update isn't going to make the ridge details magically appear, but the software update would be able to detect the absence of those ridge details. In essence it could detect when poor biometric data has been used for enrollment and protect users from the consequences of this failure by alerting them to it and/or refusing to use poor quality biometric data.

It seems so life-like

found on Imgur

As long as you don't look at the feet you might be fooled by this, and by extension you might be fooled into being on your best behaviour and not doing any crimes in that store.

Thursday, October 17, 2019

The enemy will never find him

from here (image source)

Of course the enemy is unlikely to search his mom's couch, so that might have something to do with it.

Treat Your Passwords Like Your Underwear coffee mug

Product Page

Changing passwords regularly is no longer best practice (it just causes people to select weaker passwords that they can easily change using an algorithm), but the other advice is still good.

Wednesday, October 16, 2019

Almost childlike in it's simplicity

from here and here (image source and article)

Everything is not awesome for those people. It seems the Toronto police have some master builders on the force.

It's clearly effective, but also nothing like anything I would have thought of, and I suspect most other adults wouldn't have thought of it either.

Watch out for these "potentially unwanted pilferers"

found on Dump A Day

Be careful they don't socially engineer you with their evolved eyebrows.

Tuesday, October 15, 2019

Really puts the wonder in Canada's Wonderland

from here

It's not that I WANT to go through a metal detector and have my belongings rifled through when I attend SecTor, rather it's just such a weird juxtaposition going to 2 different events where one has security in it's name while the other has security in it's actions.

Low-tech cat burglars can't be far behind


Watch on YouTube

On the one hand this seems like an ingenious effort by a Vietnamese tactical team, but then on the other hand I realize in horror that there is literally nothing stopping anyone else from doing exactly the same thing.

Well, nothing except the fact that you've got to transport a suspiciously long pole.

Monday, October 14, 2019

Keyless entry into the secured area

from here (image source)

I mean, if they'll confiscate a belt buckle shaped like a ray gun, or a coin-sized toy gun off of a sock monkey, they'll confiscate just about anything gun shaped. Better not make finger guns in their general vicinity.