Wednesday, September 18, 2019

Who's leaking your data?

from here (image source one and two)

I'm very surprised at the kind of information these app vendors are sending to Facebook (and others).

It's starting to seem like you can't trust the trackers.

If you use a menstruation tracking app it would probably be a good idea to check and find out where your data is going.

I only want American corporations spying on me

found on Meme Base

I'm sure China does get data like that. Just like the American government gets similar data when you use an iPhone.

I wonder, though. When it comes to this kind of data, are you more concerned about China knowing it or someone closer to home?

Tuesday, September 17, 2019

I guess somebody passed the test

from here (image source)

I think if anyone was going to fare well in a physical pen-test, you kind of expect it to be The Law.

I have to wonder if actual burglars have ever tried that excuse when caught. I don't expect it to work against law enforcement, but if they're just caught by some Joe Schmoe then some social engineering could get them out of a sticky situation.

Becky Stern: Compubody Sock Origin Story


Watch on YouTube

I'm sure the image of the "laptop privacy sweater" was one of the more famous privacy-related memes that circulated the Internet back in the day. I may have even posted it here at some point (if only I could find that post). Well, now you can find out how that object came into being - and how practical it is or perhaps isn't.

Monday, September 16, 2019

For when proof is needed

from here (image source)

The hats are merchandise you can buy and wear, and although they're not technically security related I can't help but wonder how many digital forensics investigators are out there wearing hats like this already because their taste in terrible visual puns is as bad as mine.

Look who's keeping secrets now

found on Imgur

Not gonna lie, I am impressed to see this kind of awareness from a cat, even if the effort was ultimately futile. This is the kind of thinking I'd expect from a human child, not a house pet.

Friday, September 13, 2019

The cat and mouse game of cybersecurity

from here and here

"I'm in!" or some derivation thereof is a pretty stereotypical portrayal of a hacker succeeding in getting access to something, as is the wide-eyed face illuminated by a computer monitor.

I like to imagine this little kitty is accessing the local vet's computer system, making sure their next visit is delayed as long as possible.

Please preserve the illusion of privacy

found on Meme Base

As poor as the visual privacy is in a public washroom, the aural privacy is even worse.

Thursday, September 12, 2019

Quick, while the authorities are still watching

from here

Maybe this guy didn't understand the meaning of the word "supervised", but most criminals have enough sense to keep their noses clean while "the man" is watching.

Stop looking at me, I need privacy - shirts

Product Page
Product Page

These seem like great shirts to wear when you want to remind people to mind their own business.

And you know what? People could stand to be reminded of that from time to time, so kudos to the person who designed these.

Wednesday, September 11, 2019

Show me all matches at Cambridge

from here (image source)

Facebook Dating has reached the US and the cynic in me suspects that Facebook's past privacy violations (I'm not going to entertain the notion that they're simply "gaffs") will have little impact on the success of the venture.

Dad's password advice

found on Fail Blog

You know why they're called Dad Jokes? It's because you're being pun-ished.

Tuesday, September 10, 2019

Pre-owned is a little too close to pwned

from here (image source)

If you ever wondered what happens to IoT devices that get returned, now you know. They get resold apparently without getting reset (and probably without being checked for any software tampering).

Kind of makes you wonder how criminals might be able to make use of this as a way to get into other people's networks or even just to collect data from their networks that could be useful for other crimes.

Shielded and unshielded padlocks


Watch on YouTube

Today I learned, well, this. I'd never heard bypassing padlocks before, but now I know and so do you.

Monday, September 9, 2019

They don't call them duh-fault passwords for nothing

from here (source article, image)

Device manufacturers really aren't doing enough to educate the public on how to use their products securely, but in this case it seems like the manufacturers themselves don't understand security. Why even have a password at all if you're going to leave things this wide open?

Tweeting from behind the curtain

found on Imgur

Every time I see someone playing hide and seek, they're terrible at hiding. They're either behind a curtain with their feet sticking out the bottom, or they've stuck their head (and only their head) under a couch cushion, or something equally inane.

I like to think the Burlington Police had the same experience with Chris.

Friday, September 6, 2019

I think I see the problem

from here
Literally, if the government had simply watched with their eyes instead of their interrogation techniques, no one would have had any idea they were on a list much less sued about it and gotten it declared unconstitutional.

Definitely not a private washroom

found on Me.me

The lack of privacy is why you don't put men and women in the same washroom. Unisex is fine so long as it's one person at a time, and frankly the one-at-a-time washrooms are better because they have superior privacy.

Thursday, September 5, 2019

Will schools learn their lesson?

from here

Of all the organizations that could benefit from learning this lesson, a center for learning is one we might even expect to be capable of learning this lesson. Learning is kind of their reason for being, after all.

So hopefully, now that a bunch of schools have been hit by ransomware and it's become clear that they're desirable targets, maybe other schools will do the necessary thing and take care of their systems before someone takes them out.

Kids follow boat thieves with drone


Watch on YouTube

Technology can certainly be empowering, and this is a prime example and it shows that ordinary people (kids even) now have the power to do something that previously you would have only heard of the police doing - that is take off in pursuit of a criminal from the air. They didn't need a helicopter or a licensed pilot or any of the other resources associated with police choppers, they just needed a high-tech toy.

Wednesday, September 4, 2019

But hopefully not for much longer

from here

Imagine an online scam involving 80 people. It's huge!

Someone got a private showing

found on The Meta Picture

I suppose it's possible that what was going on here was open to the public, but I suspect it was not. I just wonder if this was before or after the public came through.

Tuesday, September 3, 2019

And I'd be concerned about the ones that are

from here (source article)

This kind of location data seems like a stalker gold-mine. You might be inclined to think that things are different for gay male hook-up culture, but gosh it seems to me that group has people after them too.

RFID rings

Product Page

RFID implants can open doors and unlock devices, and unlike a key card they don't need to be carried around, can't get lost or forgotten, and are generally just more convenient.

Some people are OK with getting chipped like livestock, or a pet, or inventory in a warehouse). Others might balk at the idea, since it's traditionally used for things that don't have agency or autonomy - and if it's associated with your job then having a symbol of your employer invading your body may be troubling. There's also the matter of it's relative permanence not being able to reflect your changing wishes (not unlike the problems with recording sexual consent on the blockchain).

Well, it just so happens there's a way to get similar convenience in a more socially acceptable package. There are many different varieties and styles from many different manufacturers (the above is just an example from the folks at Adafruit), and they are far more removable than anything embedded inside your body.


Monday, September 2, 2019

Best practice meets worst practice

from here

For all the good XKCD did in teaching people to use passphrases, they went and cancelled it out by using MD5 to hash them with. MD5 has been deprecated for over 20 years, and it was never good for passwords.

Thanks to Have I Been Pwned for raising awareness of both the breach and the bad practice.

Come and get it, porch pirates

found on I Can Has Cheezburger Animals

Anyone who's shitty enough to steal other people's packages deserves to get shit.