Wednesday, July 31, 2019

You might want to keep them out of your bedroom

from here

This is something that probably bears repeating A LOT. Those smart speakers and smart phones and smart watches and other devices that obey your commands aren't simply computers, there are also people listening in to help the computers improve. All the major brands (Amazon's Alexa, Google Assistant, and Apple's Siri) of digital assistants are made of people, at least in part.

And honestly "Digital assistants are made of people" seems like it could make a pretty good catch phrase.

Do we even care about catching crooks?

found on Eat Liver

If banks (or any number of other types of establishments that use surveillance cameras) cared, I'm pretty sure they could buy better cameras. Clearly better cameras are out there.

Tuesday, July 30, 2019

Somebody stole mah bukkit

from here and here

Thanks to Munin the idea of using the Lolrus image macro for data breaches involving Amazon S3 buckets.

This is why I turn away when walking the dog

found on Imgur

Our four-legged friends deserve privacy too, even if they're doing their business out in public. I don't watch them so they don't get to watch me.

Monday, July 29, 2019

Let's call a spade a spade

from here

I saw the term surveillanceware used in this Ars Technica article and it got under my skin. I've also seen stalkerware and creepware, and they all facilitate the same thing - spying on the person using the device the malware is installed on. Why do we need all these terms for the same thing? Do they add anything meaningful? Not that I can see.

The term surveillanceware is particularly bad. Compared to "spy", the word "surveillance" is harder to spell, harder to say, and unfamiliar to the less educated members of society. If I were trying to give spyware a PR make-over, surveillanceware seems like a good way to do it, and that begs the question: who would try to do such a thing?

The God Defense

found on Izismile

Not gonna lie, I'd probably kick him out of the car too. But hey, it worked, he got away from his captors, so good for him.

Friday, July 26, 2019

Don't quit your day jobs

from here

This browser from Avast isn't the first time I've seen a security vendor shipping their own browser, and it probably won't be the last. But frankly, if I wanted all my apps to come from the same place, I'd have stuck with Microsoft. I can't help but think the resources that went into making a browser no one wants could have been better spent improving their anti-malware product.

It looked good on paper

found on Imgur

Have you heard the claim that locks only keep honest people honest? Well this seems well suited to testing that hypothesis.

Thursday, July 25, 2019

Making private browsing private again

from here

It might not be perfect, but if major websites are actively trying to thwart it that suggests incognito mode must be doing something right.

When mother nature is your adversary

found on Imgur

They say intelligent threats are harder to defend against, but this doesn't exactly look easy if you ask me.

Wednesday, July 24, 2019

Dear corrupt government officials and the people who bought them

from here

It should go without saying that all electronic financial transactions rely on encryption for protection. Unless the wealthy want to drag huge sums of cash around to pay for their expensive lifestyles for the rest of their lives, they should maybe see about pressuring the administration to change course on this ridiculous backdoor crusade.

Oh... It was a bum threat

found on Funny Memes

It used to only be airports where you couldn't make jokes about bombs, but now it seems bathrooms are also on the no-joke list. I guess you should stay home if you're going to be dropping depth charges.

Tuesday, July 23, 2019

What would be really smart is if the diapers could change themselves

from here

I'm sure the security on these smart diapers is just as crappy as any other IoT device - and why not? Who would want to hack a diaper? But someone probably would want to hack the servers and get your personal information.

My what big files you have, Grandma

found on Imgur

Apparently there's a story behind this picture, in the form of a YouTube video

Watch on YouTube


Monday, July 22, 2019

Talk about slacking off

from here

Apparently Slack didn't show abundant enough caution the first time around and now have to try again. Somehow I tend to think 4 years later is too late to do any real good. If those credentials were going to be misused it would probably have already happened by now.

Tell me something I don't know

found on The Art Of Trolling

I guess when you use ShadyURL on an site that is actually secretly shady you potentially wind up with truth in advertising.

Friday, July 19, 2019

What are you trying to say about me, Google?

from here

No, I'm not reminding myself to get bigger or last longer or transfer funds or anything like that. For all the smarts that goes into GMail, you'd think it could tell that an email I compose to myself while logged into the web interface would be enough to rule out the possibility of spam. Apparently that's not the case.

The Troll Science of camouflage

found on The Art Of Trolling

For what it's worth, it seems to me that the camouflage pattern wouldn't work nearly as well if it were polka dots.

Thursday, July 18, 2019

Malware experiences inflation too

from here

I don't know if I should feel sorry of the people who get caught by this malware or not. Seems like a bit of karmic balance being restored, to be honest.

But what if this inflation extends to other things? What's next? Are we going to get fake invoices for the sale of entire stores rather than just items from their inventory? Will a coalition of Nigerian princes start requesting our assistance? Fake HR documents for a country instead of a company?

If he's not afraid, I'm not afraid

found on Funny Junk

On the one hand it's very difficult to take that warning sign seriously with a cat there. On the other hand, why do I get the feeling that cat is looking at me like I'm prey?

Wednesday, July 17, 2019

Not so secret hiding place

from here (source article)

You're going to have to try harder than that to pull one over on the authorities. They may not be geniuses, but anyone with the gift of sight can see the problem here.

Privacy for pups


Watch on YouTube

Clearly humans aren't the only members of the animal kingdom that value privacy. Why else would this dog stop playing as soon as they discovered people were watching? Some things we're just more comfortable doing in private, without having to worry about the judgmental gaze of others.

Tuesday, July 16, 2019

This may be harmful. Are you sure?

from here

You don't have to click Yes (or OK) on all the prompts. Consider trying the other buttons from time to time. Read and think about the dialog boxes to figure out the best thing to click.

Is your WiFi this secure?

found on Reddit

I'm sure you could find an answer to this online, but if you could get online why would you need the answer to this?

Monday, July 15, 2019

How not to implement the "Forgot Password" feature

from here

This Japanese 7-Eleven security incident is a great example of why idiot-proof systems aren't good enough anymore. You need to make them asshole-proof too.

What not to take to the airport

found on Izismile

This woman is going to get secondary screening, tertiary screening, and then whatever screening comes after that. That bag seems tailor made for causing problems at airports.

Friday, July 12, 2019

ZIP files and BAT files and DLLs - Oh my!

from here

I understand that technical jargon can be tough sometimes because it doesn't mean anything unless you're steeped in the technical minutia of the field in question - but fileless malware is just bad jargon.

A layperson looks at the word and then looks at what the word is being used to describe, and you know what they'll think? They'll think "No. This can't be the right word. There must be some mistake. That's not what this word means." This isn't a problem of the word being abstract, it's a problem of the word being too basic and too well defined outside of the field, and that definition contradicting how it's used inside the field.

Somebody came up with this term (turd), and they did a bad job. I understand that there may be a need for a word to encode the concept, but this is not that word, you need to go back to the drawing board.

Eureka! We've solved the problem!

originally tweeted by Joe Schmoe

Thanks to Joe Schmoe for this meme showing how antivirus vendors can really get that much sought-after property of having no false positives.

Thursday, July 11, 2019

Hang in there, $10s and $20s

from here

Using an hydraulic spreader to open ATMs is a pretty clever trick. Buying the thing on eBay is even better. Who needs shady dark web marketplaces when you've got eBay?

Robo Botnet T-Shirt


Product Page

This is rather nice design depicting sick laptops under the marionette-like control of an evil figure. Not a bad characterization of a botnet, all things considered, and it's not just on shirts, but also mugs, hats, ties, etc.

The designer also has some good designs for other security concepts too. Definitely check out their work.

Wednesday, July 10, 2019

It's not a bug, it's a feature

from here

Apparently if enough people complain, that feature turns back into a bug.

Airport Security Personnel - Not even dogs have faith in them

found on I Can Has Cheezburger Animals

You'd think that the airport, of all places, would be once place where that poor dog could let it's guard down. The dog knows better, though, and now at least that soldier can honestly say his luggage was never left unattended.

Tuesday, July 9, 2019

How not to be prepared for cyber-criminals

from here

I mean, as time goes on, the inmates are increasingly going to come in already knowing this stuff, so banning books is not a long term solution.

I see locks in Houdini's future


Watch on YouTube

Houdini is a cute dog, but if he's going to live up to his name he's going to have to keep escaping even when locks are used.

And if Houdini's owners want that enclosure to actually be useful for something, they're going to have to start using locks.

Monday, July 8, 2019

What's the worst thing they could change the license plate to?

from here

It's one thing to stick a computer into an appliance (maybe the computer can make the appliance function better?), but sticking a computer into something that used to just be a hunk of metal with a code painted on it? Digital license plates feel like the Internet of Things (which is already questionable as it is) jumping the shark.

Look who's attacking now

found on Memedroid

From time to time, collective effort can in fact turn the tables on an aggressor.

Friday, July 5, 2019

So that's how much they trust it

from here

This Faraday cage for your key fob is one of the worst indictments of keyless entry I've seen. Sure it makes things more convenient for you. It makes things more convenient for thieves too.

The real FBI will log you without telling you

found on Memebase

The party on top is probably not the FBI, but you never know when the FBI is really logging you so it's probably good to get that warning from time to time as a reminder.

Thursday, July 4, 2019

You've just been Alexized

from here and here

Do you understand the (lack of) privacy rights as I have read them to you?

Alexa is always listening and Amazon keeps the recordings forever. How free do you feel now?

I figure if pervasive surveillance is like imprisonment then there should be an analog to the Miranda rights that get read to who are arrested and about to be imprisoned.

Telepresent pen-testing


Watch on YouTube

Leave a demo telepresence robot open to the Internet and you should expect some random person to find a vulnerability in the physical security of the demo space and penetrate the office's security from the inside out.

Clearly, even though the robot has no hands, the door should have been locked.

Wednesday, July 3, 2019

No security alerts for you

from here

A/V (audio visual) is certainly not the same as AV (antivirus), but I suppose disabling either one will stop the user from seeing those pesky warnings.

They have no idea who they're dealing with

found on Memedroid

These days people equate being anonymous with hacking (in part because of the group named anonymous) but if all it takes to make you think someone is a hacker is wearing a funny mask or changing accounts then the bar is set incredibly low.

Tuesday, July 2, 2019

'Unhackable' computer is patently absurd

from here

It's amazing to me that the patent office granted this guy a patent for an unhackable computer. It's clearly snake-oil. Claiming something is unhackable has never worked out in the past. Ever.

Run VPN T-Shirt ('cuz it's tricky)

Product Page

It took a moment for this Run VPN design to click. It's been a long time since I've heard any Run DMC. I wonder if the designer considered the "It's Tricky" angle when they were making this design extolling the importance of running a VPN.

Monday, July 1, 2019

Hopefully the crooks get their just desserts

from here

Thanks to Zach Whittaker for raising awareness about the incident, though it took me a bit to find anything else about it online.

They'll sniff out the contraband

found on I Can Has Cheezburger

Remember to show them plenty of respect and don't act aggressively.