Thursday, February 28, 2019

Braking News

from here

Coinhive is old, old news. Coinhive's imminent closure is actual news, and if any cybercriminal is late enough to the party to just start using their service now then their efforts will soon result in a broken criminal enterprise.

So you think your fence will keep people out


Watch on YouTube

If this is the kind of fence your security depends on, I'm afraid this slender pen-tester has some bad news for you.

I wonder if this is the kind of fence trump will wind up erecting at the Mexico border.

Wednesday, February 27, 2019

As many bits as it can take from you

from here


Because computers don't know the difference

found on Short Woman

Maybe you've heard that phrase before, maybe not, but it's a good phrase to repeat whenever anyone says they want a backdoor that only they can use.

Tuesday, February 26, 2019

Shockingly insecure

from here

Millions of people, who presumably have little or no choice about which utility company they use, have their security compromised by poor password security on the vendor's side. It's a data breach waiting to happen

How to blend in at a hotel

found on The Meta Picture

If you ever want to go unnoticed in a hotel hallway, just follow this woman's example

Monday, February 25, 2019

Being fitted with Internet of Shit overshoes

from here

Will the ridiculous penetration of computers into everyday things never cease? And will the inevitable fails never cease to amuse me? I don't think the world will be beating a path to Nike's doors anytime soon (at least not wearing these sneakers they won't)

Privacy should be serious business

found on Meme Generator

I actually think this is genius. Someone needs to hire Mr. T to be a privacy advocate. One exception, though - he's got to get a new key and hide it so that people can't make reproductions of it based on photographs.

Friday, February 22, 2019

It's not just the walls that have ears anymore

from here

Google may be in hot water, but they're hardly the only ones putting mics in things.

Seems Legit

found on Chuck's Fun blog

Very much like the concept of a wolf in sheep's clothing.

Thursday, February 21, 2019

It's not creepy if it's encrypted, right?

from here and here

When someone points out your creepy, privacy-invading hypocrisy and you literally laugh it off, you are well on your way to becoming a movie villain.

Filter Frustration

found on Meme.XYZ

I know this feeling all too well, and I imagine many other people do too.

Wednesday, February 20, 2019

Tuesday, February 19, 2019

To be on the cutting edge of security

from here

Just because changing your fingerprints is something only a drug trafficker or other criminal would do today doesn't mean it won't become mainstream in the future.

We "care" about security

found on Imgur

Does it ever seem like the people who claim to care about security only seem to care enough to throw money at the problem but not enough to actually change their behaviour?

Monday, February 18, 2019

Your first clue

from here

I dunno about you, but if I were doing "intelligence" work, I like to think I would have recognized a few more red flags than these ex-NSA folks.

I do not agree to the terms and conditions...

found on Meme Base

I mean, even if you ignore the possibility of malware being served to your browser, you'd still have to put up with ads. How many sites are really worth putting up with ads?

Friday, February 15, 2019

Sometimes smart things are dumb

from here and here

The entire concept just begs for someone to say "what could possibly go wrong", but it turns out what could go wrong already has and little is being done to fix it.

I don't feel so good

found on Meme.XYZ

The most powerful being on the Internet wants to connect us all.

Thursday, February 14, 2019

Happy creepy Valentines Day

from here

So as you might have guessed, there's all kinds of shenanigans you can get up to if you steal someone's phone number. Mobile phones are frequently used for authentication now so there's all sorts of accounts you'd be able to access and transactions you'd be able to authorize. Brian Krebs wrote last year about some ways you can help to protect yourself from this sort of thing.

We've got the best protection

found on Me.me

It's not a wall, or a fence, and I sure hope it doesn't cost $5.7B. I'd like to think it would provide actual protection, but coming from that guy you never know.

Wednesday, February 13, 2019

Don't you dare sneeze on me, human

from here

It sounds absurd, I know, but if they can encode malware into a DNA strand then, by the strangeness of computer science, there exists (at least in theory) a computer that would interpret my DNA as a virus, and another (theoretical) computer that would interpret your DNA as a virus, and so on and so forth.

For each sequence of symbols there exists a Turing machine for which that sequence is a virus.

It says it on the label so it must be true

found on Izismile

What a cunning plan. I'm sure no one will suspect anything.

Tuesday, February 12, 2019

I thought mono only made people sick

from here

Now I realize Mono isn't the malware here. It's a legitimate platform that enables a certain degree cross platform functionality. You know what also allowed things to be cross platform? Java - and look how that turned out. Java is notorious for being a vector of attack.

Even without the never-ending stream of vulnerabilities that came with Java, the simple act of allowing executables from a highly targeted platform (Windows) run on one whose defensive ecosystem isn't nearly as well developed is just asking for trouble. Especially now that the cat is out of the bag.


If he's not afraid, I'm not afraid

found on Dump A Day

A sign can be a perfectly good deterrent all by itself, as long as nothing contradicts it.

Monday, February 11, 2019

Don't let your IoT security spoil

from here

Even if browser-based interfaces do make it easier to control such devices, couldn't they be restricted to the local network? Why expose them to the entire world wide web?

How to annoy Facebook

found on the Art of Trolling

So, it might not be valid in your jurisdiction, but give it a try anyway. It couldn't hurt (unless you're Facebook)

Friday, February 8, 2019

You'd think identity thieves would take more care with their own

from here

Brian Krebs often has interesting stories about cybercriminals, but sometimes some of the details just stand way out, like an identity thief and SIM swapper who used his real name on a cybercrime forum. It's just a small detail in a much bigger story, but really who does that?

Good Guy Hacker

found on Imgur

I'm not sure the Good Guy Hacker meme has caught on yet, but the collection on Imgur is pretty good (even if some of them aren't exactly good guy sorts of things).

Thursday, February 7, 2019

You don't know where it's been

from here

Seemingly nothing bad happened in this particular instance, but you never know - there might have been malware.

All your base64s are belong to us

found on Meme Generator

I wish this wasn't real. I wish I could say that people who think that base64 encoding is the same as encryption were an urban legend, but the fact is I've seen people like that with my own eyes.

Just to be clear, if you try to protect data using base64 encoding, you're going to get pwned.

Wednesday, February 6, 2019

The best defense isn't always a good offense

from here

I can't imagine a C-level executive who assaults researchers will remain at the C-level for very long, at least not unless he's representative of the culture at Atrient.

Be on the look out


Watch on YouTube

Perhaps their lack of situational awareness is because they were in a hurry to get back to their donuts

Tuesday, February 5, 2019

Cloudy with a chance of data loss

from here

I hope you didn't have a lot of important pictures stored only in Flickr, because apparently they're planning on purging quite a bit of them, starting today. This is why you need backups, not just for the stuff you put on your computer but also the stuff you put in the cloud (after all, that's just someone else's computer).

He seems like such a nice young man

found on Vitamin Ha

I mean, when you pick up a hitchhiker you always wonder if the person might be an ax murderer. At least this guy is up front about it.

Monday, February 4, 2019

Bet they're good at exploiting vulnerabilities

from here and here

I can only guess that giving themselves a name that sends chills down people's spines is part of some sort of psychological warfare.

I wonder how the Italian official pictured above would actually feel about this Italian company.

Information kiosk with a badge

found on Memes Monkey

Whatever you think of security guards, it seems the reality is much more banal.

Friday, February 1, 2019

Reel Security

from here

Frequently when I hear someone say "AV" outside of the security field they're talking about Audio-Visual not Anti-Virus. The same thing happens surprisingly often within the security field. The worst is when they're talking about the audio-visual team at an anti-virus conference. I can only imagine how confusing this is to people who aren't as familiar with computer security.

I feel safer already

found on Reddit

While you should use some kind of anti-virus, never forget that (just like every other security measure you use) it needs to be worth the time/effort/cost. If something is as bad as the thing it's supposed to stop - don't use it.