Thursday, May 23, 2019

Couldn't happen to a more deserving bunch

from here

Thanks to Brian Krebs for letting us know that poetic justice still exists.

You don't want to see what I'm doing to your water bowl

found on I Can Has Cheezburger Animals

If the dog can get in then the door was probably not latched, which might as well be an invitation to a dog.

Wednesday, May 22, 2019

Should've stuck to stealing office supplies

from here

It's bad enough stealing from an employer in the private sector, but you'd think someone working for the government would know better.

Face Rekt

found on The Humor Train

There are a number of face recognition systems where this would probably work, but the iPhone X may not be one of them.

Tuesday, May 21, 2019

For when they don't make it easy

from here and here

Supposedly you can opt out of the facial recognition just by saying so, but it's not entirely clear to me what part you're opting out of - the scan that compares your face to your biometric template, or the image collection that's used to make the template in the first place.  If it's just the scan you're opting out of then frankly that's not good enough. I don't want my likeness enrolled into a facial recognition system against my will, never mind being verified by it after the fact.

That face when they think they're getting away with it

found on Reddit

That is a cat that really needs to work on its poker face.

Monday, May 20, 2019

The kind of thing an idiot would have on his smart car

from here and here

I know the combination mentioned in the movie is actually 12345, but that just means the unchangeable PIN found in this investigation is actually worse than the kind of thing an idiot would have on his luggage.

A rose by any other name...

found on Imgflip

And that's why I always answer "No" when asked if I want to send usage data or crash reports  or that sort of thing. If I want a vendor to have a piece of information for some reason, I will send it myself.

Friday, May 17, 2019

It definitely is...

from here

It seems like an incredibly stupid trick, but I guess it follows the same logic we've seen before - the people who can tell it's a scam think it's so obvious that there's no need to do anything about it and that leaves the scammer free to exploit the people who don't know it's a scam. 

However, if someone is claiming to be part of some official agency and demanding you pay them with gift cards or else then that is definitely a scam.

What not to wear to the airport

found on Oddity Mall

It appears that this was at one point in time an actual product you could buy. Maybe you still can somewhere, but the product page Oddity Mall was pointing to seems to no longer exist - probably for good reason, because a shirt like that can get you shot.

Thursday, May 16, 2019

No, YOU'RE pronouncing it wrong

from here

The thing about naming something using emojis is that there's no established way to actually say the name, which is kind of important if you want to talk about it. (Who talks anymore? Haven't you heard of texting?)

The site https://thrangrycat.com/ (because vulnerabilities require custom domains now) suggests Thrangrycat as a way to enunciate the name represented by three angry cat emojis (😾😾😾), but Three Tard rolls off the tongue better (and the angry cat emoji looks suspiciously like Grumpy Cat aka Tardar Sauce)

My Little Spy: Surveillance Is Magic

found on Memebase

How early are we training kids to accept being spied on?

Wednesday, May 15, 2019

Operating System of the Living Dead

from here

Now, I'm not saying they shouldn't have released a patch for XP. If they think XP needs a patch then by all means patch away. All I'm saying is they should pick a position - either the OS is dead or it isn't. Don't pretend you don't support it if you're going to continue releasing patches for it.

Mean Hints

found on Failblog

If there can be mean tweets, why not mean password hints?

Tuesday, May 14, 2019

Who updates the updates?

from here

Crashing ankle monitors seems like a worst case scenario for the people trying to keep criminals in line. It's the kind of thing that might make people rethink the wisdom of applying updates at all.

The password is weak? You're weak!

found on Reddit

Yahoo criticizing the password security of others is just a bit hypocritical, all things considered. I mean, maybe it would be worth it to choose an even stronger password (though that looks plenty strong to me) if it was going to be used on a site that didn't leak the account details (including passwords) for billions of users.

Monday, May 13, 2019

I think I'll hold it a little longer

from here (image source)

Better hope you only have to do your business next to skinny people.

We need to secure our border too

found on Canada Memes

Friday, May 10, 2019

Stuffed phish

from here

I don't know if it's a good idea, but it sure sounds like it would be satisfying.

Anything you post can and will be used against you in a court of law

found on Bad Chix

On the one hand it seems like the whole Miranda Warning needs to be updated to account for our modern era, but on the other hand it might stop otherwise dumb criminals from giving themselves away.

Thursday, May 9, 2019

Dirty deeds on a clean PC

from here

It's not hard to find advice about only going to trustworthy news sites or trustworthy download sites, etc, but people seem a little bit skittish about applying the same logic to porn sites. I wonder why that is. Either the principle is sound and holds for all kinds of sites, porn included, or the principle is hogwash and porn sites are the proof of that.

Life without privacy is ruff

found on Dump A Day

Wednesday, May 8, 2019

Forget Linux, this is the year of Facebook on the desktop

from here

With Facebook's plans to escape the browser (and the sandbox it represents), I expect to see them find new and worse ways to abuse the greater privilege they'll have with a native desktop app.

The question we should all be asking is, how long until the Facebook rootkit?

For every measure there is a countermeasure

found on The Meta Picture

And since countermeasures have a tendency to escalate, I imagine some people would counter this countermeasure with fire.

Tuesday, May 7, 2019

I sure hope we got better at attribution

from here

I wonder if the people dropping bombs even remember the pirate printers.

Wears Waldo

found on Meme Base

Some hiding spots are better than others, but that one takes the biscuit. I never imagined there was such an adult version of Where's Waldo. Maybe I should have known better.

Monday, May 6, 2019

Getting crushed by Facebook

from here and here

I can't imagine using Facebook to keep your secret crush a secret. There is a very high chance of them screwing it up. They have a long history of not being able to keep private things private.

Handcuff shim earrings

product page

I guess this is for when you want to look stylish while escaping from the authorities.

Thursday, May 2, 2019

The more you know...

from here

Just an interesting bit of history for a fairly ubiquitous idiom. I never even thought to ask about the meaning of "read between the lines" until I stumbled across this piece of information

Maybe if they were as stringent then as they are now...

found on The Meta Picture


Wednesday, May 1, 2019

It's good to know how serious he is about privacy

from here and here

I'm not sure how Zuckerberg came to the conclusion that privacy was a laughing matter, but at least he's showing his true colours.

There's more to security than keys and locks

found on Imgur

All defenses fail, from time to time, which is why we generally employ multiple layers of defenses. When one layer fails there are others to pick up the slack.

Being in a safe environment is itself a defensive layer.

Tuesday, April 30, 2019

When your OpSec is more like OoopsSec

from here

This person targeting governments and embassies may not be caught yet, but I can't imagine it'll be long before they are.

Give 'em your heart, not your passwords

found on Meme Base

Intimate partners are a difficult threat to mitigate because of the trusted access they have to you and your life. One thing they shouldn't need to be trusted with, however, is your personal passwords. The relationship should be able to function just fine without them accessing your accounts.

Monday, April 29, 2019

It's fine as long as we can't see your face, right?

from here (image source)

You've got to ask yourself, who installed this and thought it was OK?

Well, technically it is data

found on The Chive

We all hid things when we were kids. Some hide things as adults. Some are so good at hiding things and keeping them secret it's their job. I don't think that guy is one of them.

Friday, April 26, 2019

Always change the 'duh'-fault password

from here

Just another reminder of how important it is to change the default password on your devices, whether that's your router or the GPS trackers you have installed in your fleet of cars.

They really don't trust that guy

found on Make A Meme

Seems like these cameras must be focused on everywhere one person in particular might be seen. Maybe they should have invested in a motorized version that can be pointed in all sorts of different directions - or maybe just get rid of the problem person in the first place.

Thursday, April 25, 2019

A picture is worth a thousand logins

from here

I used to bypass facial recognition with photographs all the time a couple decades ago. Supposedly there are ways of preventing that from happening now but apparently they don't always work.

Security theatre of the absurd

found on Reddit

It's even funnier when you remember that this all takes place "under the sea".

Wednesday, April 24, 2019

I'm sure people without fingers would love gumprint recognition

from here (source article)

People want so desperately to get rid of passwords that they'll grab onto anything, even garbage like this. Biometric authentication is complicated, and the worst enemy of security is complexity. That complexity makes it fragile, and that's not a good property for a security feature to have.

Leaking in a galaxy far, far away

found on Meme Base

On the one hand, some people might like to send Wikileaks' Julian Assange to a galaxy far, far away, but on the other hand it would really spoil the story.

Tuesday, April 23, 2019

What could possibly go wrong?

from here

Always be wary of advice to disable your AV. Unless it's causing a problem that's literally stopping you from using the computer, there should be another way to deal with the problem.

And if it is causing a problem that's preventing you from using the computer, only disable it for the few moments it takes to change whatever setting needs changing or uninstall whatever update needs uninstalling. You don't want to leave the door open to attackers too long and you certainly don't want to risk forgetting it's disabled.

They are still out there

found on Your Account Has Been Hacked

With all news about large scale data breaches and governmental cyber-attacks, but the bottom of the barrel still exists. Don't focus so much on the things in the news that you forget about these guys.

Monday, April 22, 2019

Now where's B and A?

from here (image source)

I just viewed some videos of how this thing works and it's actually pretty neat. It seems you can program in your own combination (something you can't do with traditional padlocks). As such, I fully expect an usually large proportion of the ones found in the wild can be opened with the Konami code or some variation thereof.

Terms of Service

found on Reddit

People will give up their privacy pretty easily in exchange for something they need, but that isn't a reflection of how little they value their privacy, rather, it's often a reflection of how much they need the thing they're getting in exchange.