Friday, January 17, 2020

Your move, bike thieves

from here and here (image source)

I imagine this is only practical for Spiderman, but still, this seems like it's quite effective.

If you're guilty and you know it, hold it in

found on Snopes

Sometimes it's important to not draw attention to yourself, to not make yourself into a target. At times like those it's best if you didn't recently eat a large helping of beans.

Thursday, January 16, 2020

In case the crying or smell doesn't give it away

from here (image source)

No doubt the data collected from these things will be kept insecurely like so many other Internet of Things devices and eventually there will be a leak. Not the kind of leak you may be used to with diapers, but a leak none the less.

This is how hackers hack you using simple social engineering


Watch on YouTube

I sleep a little easier at night knowing I don't have a cell phone account for someone to do this to, but that's just one kind of account that could be broken into using social engineering. They could get into my ISP account for example, or perhaps (with extra effort) into some kind of financial account like bank or credit card.

Wednesday, January 15, 2020

You know there are a lot of vulnerabilities when even the NSA doesn't need any more

from here (image source)

How nice of the NSA to forego weaponizing this new vulnerability and reporting it instead. It really shows their softer, gentler side.

Listen to Ackbar Antivirus

found on Imgflip

Maybe (here me out here) the antivirus is right. It's certainly not unheard of for random sites on the Internet to be bad news.

Tuesday, January 14, 2020

Are you super-extra-certain no one unwanted is there?

from here

If you can't see or hear or otherwise sense who is in the room with your safe, why are you opening your safe? That sounds like insanity. Anyone could be there. I can't imagine what the folks at BoingBoing were thinking when they decided to hawk this thing.

ISHU anti-flash photography phone case

Product Page

Some time ago I became aware of this technology that renders flash photographs useless (useful if you don't want to be photographed), and it was in the form of a scarf, but the scarf is actually quite expensive (hundreds of dollars). It turns out the company has branched out into other things, and while many of them are sold out this phone case appears to still be available, is more affordable, and frankly more neutral in terms of who can pull it off.

Monday, January 13, 2020

To trust or not to trust the surveillance industry, that is the question

from here

If a simple bug can allow random people to view your surveillance feed, how well are those surveillance feeds actually protected? Who else could be watching them?

At least it's only Keyboard Cat

found on Izismile

Frankly, that could have lead to something much, MUCH worse than a 10 hour Keyboard Cat video. It could have been a Rick Roll, 2 Girls 1 Cup, or even malware. You can never tell where a QR code leads just by looking at it, unfortunately.

Friday, January 10, 2020

Is it Rex or Wrecks?

from here (image source)

So far I see layers that will keep out people and babies, but nothing specifically for dogs. Clearly dogs need to be part of the threat model so I would suggest something that's stronger than teeth.

Security theatre in a theatre

found on Izismile

I'm having a tough time imagining what the big deal about tortillas is. What's the threat model here? This seems way over the top for a food item.

Thursday, January 9, 2020

No one seems to be breaking that one anymore

from here

I'm just going to put this out there - some developers are going to see the headlines about SHA1 and shy away from it, but one of the easy alternatives to SHA1 is MD5 and without headlines telling them not to use that one either guess what's going to happen...

The World's First Cyber Crime: The Morris Worm


Watch on YouTube

The past can provide us with an interesting perspective on how we got to where we are now.

Wednesday, January 8, 2020

Oh Hell No

from here and here

Sony's Vision S definitely gets a nope from me. Maybe they thought we'd forgotten about their shenanigans years ago, but we haven't.

Exposing all the things

posted by cosmokyle

TSA scanners can't actually do this sort of thing... yet. I'm sure it's just a matter of time before the emotion detecting machines that they're trying to develop now are used against people in scenarios like this.

Tuesday, January 7, 2020

Always have a backup plan

from here

It's a shame that people lost their jobs because their company couldn't recover from ransomware, but it could have just as easily been a fire or hardware failure or some other disaster and there's no one you can pay to undo that kind of thing. If all you're planning to do is pay someone when disaster strikes it's not going to end well. You need to be prepared long before disaster strikes.

Zero Day bag

Product Page

This is for the whitehat vulnerability researchers. Blackhats might want to NOT advertise what they're up to while going about their real life.

Monday, January 6, 2020

The noise is coming from INSIDE THE HOUSE

from here and here (image source)

I'm sure the couple that mistook their robot vacuum for a home intruder are glad it was only a false alarm. I guess it was good practice in the event they ever do have a home intruder - or it'll train them to ignore the warning signs of a home intruder and they'll get a nasty surprise.

Camouflage Cat is gonna get stepped on

found on Izismile

I'm sure that cat's appearance didn't actually evolve as a way to blend into marble floors, and yet it does surprisingly well. Basically, for every appearance there exists a possible environment it can blend into. It's just a matter of finding it.

Friday, January 3, 2020

Junk Fax: The Next Generation

from here

If it doesn't ask for permission beforehand, why bother notifying afterwards? Never mind how creepy it is for a printer to just start printing on it's own when you're not even in the room.

It's conceivable that this is still a fairly new and unknown phenomenon, but don't count on it staying that way. Printers are now computers that also happen to apply ink to paper. Computers that perform automatic software updates using their WiFi connections. But importantly, computers that don't have real screens so they have to be creative about how they inevitably show you notifications.

If I'd known it was an IoT device, I would have kept looking for something else.

Reducing liquid volume in 3... 2...1...

found on Know Your Meme

If this were me I suspect I'd lose some of my liquid, but it probably wouldn't be enough.

Thursday, January 2, 2020

Can't quite put my finger on it

from here

I wouldn't bat an eye either, if I was trying to get some iris biometric system to recognize me. It would kinda interfere with the process.

Make It Easy Mechanic: How to unlock a car door (without a key)


Watch on YouTube

This looks like some handy knowledge to have in a pinch, but it also puts some perspective on the security of the car so that you can make more informed decisions and more realistic threat models. It's not just smashed windows you need to worry about, people may be able to get in with a shoelace.

Wednesday, January 1, 2020

Now we know why he was hiding

from here and here (image source)

In fairness, he was never supposed to be all that difficult to find in the first place. Kids could do it.

Sometimes biometrics are a little TOO convenient

found on Izismile

Even if she hadn't added her own fingertip, she could have easily used your finger while you slept. Then there's the authorities who can compel you to provide your finger to unlock your devices even when they can't compel you to give up your password - not to mention less legal attackers who could get your fingerprint in all sorts of different ways.