Monday, November 30, 2020

What's the genetic equivalent of a credit monitoring service?

from here and here (image source)

Genealogy sites have already suffered data breaches in the past, and more are sure to be coming in the future. Any data that gets collected will eventually be breached.

Keeping out unauthorized pests

foudn on Acid Cow

It's not like a human bouncer can easily get rid of a mouse. We're not as well matched to that particular threat model as Elwood here.

Friday, November 27, 2020

When you don't want people to know how many helpings you've had

from here and here (image source)

There should be no shame in going back for 2nds or 3rds or 4ths or ... Well, maybe you're exceeding the limits of other peoples' hospitality, but no matter - how much you eat is nobody's business but your own. Protect your dietary privacy and sneak some extra helpings.

That escalated quickly

found on Reddit

Is it an error? Is it for real? Do I want to find out the hard way? Nope. Consider me deterred.

Thursday, November 26, 2020

Maybe if they weaken each other we'll stand a chance

from here and here

I would love to see Apple strike a blow for privacy but I also admit that they are anti-competitive. If they harm the online ad ecosystem I won't shed a tear. Likewise if Facebook helps get Apple taken down a peg and weaken their stranglehold on their app store, I won't shed a tear then either. 

Rapper Who Is Very Concerned With Password Security

Watch on YouTube

This poor guy is learning a lot of valuable lessons the hard way in a very short period of time.

Wednesday, November 25, 2020

Skid marks in 3...2...1...

from here and here (image source)

Locked doors can't protect you from everything. They stop the big threats, but little threats can find ways around, and the smaller they are the more options they have. 

How to make face recognition "work" with masks

found on Ebaum's World

I like to think this might actually fool facial recognition systems. Not to the extent that they'll think you're the Tiger King or anything, but at least enough to think they see a face, and if it's not your real face then all the better. 

Tuesday, November 24, 2020

Leading a life of grime

from here

I think it's safe to say that virtually no one saw spy vacs coming, at least not that way. Your threat model might have included the vacuum having a vulnerability that let people break into your phone or your network or something, but a device with no microphone listening into ambient sounds is definitely thinking outside the box.

It's also a pretty useless threat model to a certain segment of the population, but maybe nobody wants to hear what those folks are saying anyways.

Thanks to Graham Cluley for bringing attention to this new wrinkle in the threat landscape.

Rainbow Table sticker

Product Page

 This, I think, is a good conversation starter. It's striking, and colourful, but what is it? It's a rainbow table, a staple of old-school password cracking. When someone asks what that weird symbol on your flask or laptop or whatever is, you can tell them about password cracking.

Monday, November 23, 2020

The muscles are just really tense back there

from here and here (image source)

There's no way he's going to walk out of the store like that. Someone is going to notice the merchandise he's hidden under his hoodie. It's just too obvious.

The Superman technique actually works

found on Imgur

That is quite a stark difference. Clearly she has a super power, and that power is disguise. 

Friday, November 20, 2020

It's obviously not the year of the password manager

from here

You'd think with all the extra free time people had this year they'd have finally worked out how to use a password manager to keep track of their passwords so they wouldn't need to use ridiculous ones like "123456" and "password" anymore. 

How NOT to foil surveillance

found on Reddit

Actually, if you read deeply enough into this it might be a good way to avoid surveillance - specifically talking someone else into doing the crime for you so that they get picked up on camera instead of you. If you just walk your own naked underage self into a video monitored business and rob the place, however, it's not going to work the way this describes. 

Thursday, November 19, 2020

Unconventional camouflage

from here and here (image source)

This probably won't be effective unless it's at a considerable distance, because the quality is kind of low, and if you ever do drive it anywhere you're going to give away the game. Honestly, you might be better off with a camouflaged tarp that you can remove when you need to move the vehicle.

(Criminal) Hacker's Paradise: A Security Awareness Parody Music Video

Watch on YouTube

While VPN's may not be as important on today's encrypted world wide web, there's still plenty of good lessons to learn from this song.

Wednesday, November 18, 2020

It's Brobdingnagian

from here and here (image source)

I feel confident that that gate will keep people out (or in) pretty effectively. How would you open it?

Some places just give you mints

found on Acid Cow

I've never encountered a freebie quite like this unlocked ATM, but now that I know it's a possibility I'll keep my eyes open. 

Tuesday, November 17, 2020

Sit. Stay. Play Dead. Good Car

from here (image source)

That seems like a really good way to prevent the theft of your bumper, but it's not going to stop anyone from driving away in your car.

Who's Watching The Watchers Who Are Watching You shirt

Product Page

Surveillance is ubiquitous these days, but it's also discreet, so you might as well wear something to remind people that they're being watched.

Monday, November 16, 2020

"A fun playful name"

from here and here

It's hard to believe that they weren't trying to make a working exploit. It's not like it's an easy name for potential customers to deal with, it certainly wasn't going to bring in business. 

Persistently Infuriating Number

found on Reddit

Why shouldn't PINs present exactly the same problem as passwords? They're basically just really short passwords.

Friday, November 13, 2020

Why not both?

from here and here (image source)

It turns out this is a very effective way of stopping a car from being driven away by either a car thief or the rightful owner.

A bike thief wouldn't have a problem with it, though.

Go ahead and post your crime selfies

found on Reddit

With the kinds and quantities of incriminating evidence that Facebook and Instagram have on so many people, they could probably be just as effective as the FBI in many cases, and all their data was voluntarily provided.

Thursday, November 12, 2020

Lack of oxygen might stop you from clicking things though

from here and here (image source)

Not only will this not stop computer viruses, I don't think this is going to do such a good job of stopping biological viruses either, and it's not terribly safe. 

Don't try this at home.

It Wasn't Me - A Video Parody on Phishing

Watch on YouTube

Listen closely to this song, it contains valuable lessons about being skeptical of people reaching out to you over the Internet and asking for sensitive information. They're frequently not who they claim so you need to get in the habit of finding ways to contact the real organization they claim to represent and verify the authenticity of their claims.

Wednesday, November 11, 2020

Some are itchier than others

from here and here (image source)

Everything is covered quite effectively, but even if you did see something, whose something did you see? 

Privacy is good for your health

found on Acid Cow

Hopefully the dividers stay even after COVID-19 is gone, because privacy will always need protecting.

Tuesday, November 10, 2020

The security claims were pulled out of their ass

from here

The lesson we should all learn from Zoom is that it's not really end-to-end encrypted if a middleman holds the keys

Sniff Networks Not Drugs shirt

Product Page

Product Page

This shirt definitely has some sound advice on it. Sniffing networks doesn't harm your health and can theoretically lead to someone paying you money, whereas the other generally leads to you paying someone else for something that can harm your health.

Monday, November 9, 2020

At least the NPCs won't find it

from here and here (image source)

The problem with using video game logic to keep things secure (besides the inaccuracies in video games) is the fact that games are designed so that you can win, so things like hidden doorways aren't actually hidden all that well.

This really will keep things secure from NPCs, though, because NPCs don't exist in the real world.

Don't spend it all in one place

found on Reddit

I'm all for making the scammers put way too much effort in for far too little reward.

Friday, November 6, 2020

Maybe we need to start thinking like defenders again

from here and here

 There's a lot of credence given to the idea that we need to think like attackers, but if that was all it took then we shouldn't see hacker tests getting hacked.

Do you take Canadian Tire money?

found on Reddit

I'm only kidding of course. Canadian Tire money has actual value. I'd never send any to a scammer.

Thursday, November 5, 2020

At least it won't roll away on it's own

from here (image source)

It almost seems as though this person was only thinking in 2 dimensions and never even considered a 3rd. Not only are they not thinking outside the box, they aren't even thinking outside a square. 

You're not going to get very far in your defenses if you can't see all dimensions of the threat landscape.

The unexpected face of porch piracy

Watch on YouTube

In case you were under the impression that the longer your package waits on your porch, the more chance there is for thieves to take it, sometimes it seems your package never makes it to your porch at all.

Wednesday, November 4, 2020

Peephole Privacy

from here and here (image source)

You may not have realized this but people can actually peep IN through your peephole. You may want to invest in some sort of cover for that, and why not a sliding cover like you probably have for your laptop webcam? It doesn't have to look like a barn door. 

Government spies need love too

foudn on LOL Snaps

Maybe they'd have more fulfilling relationships if they... stopped spying on people.

Tuesday, November 3, 2020

Don't sniff the glue while building threat models

from here and here (image source)

Not all threat models are created equal. Some are just plain useless. What's pictured above is not a realistic threat, it's not something you have to plan for. More likely it's an eccentric war museum or an attempt to help a coral reef grow. But people who aren't good at evaluating threat models could certainly look at it and think it represents an actual military force instead of a military farce.

Uncle Scam Wants You shirt

While politicians aren't generally regarded as particularly truthful, when a scam artist gets into a position of authority it's a completely different (and much more dangerous) ball game. 

Monday, November 2, 2020

Do as I say, not as I do

from here

Well, the IRS and ICE aren't exactly beat cops, but if they're starting to use malware then you know it's going to continue to trickle down to more mainstream policing. It used to be that only intelligence agencies were crossing that line but it seems we are witnessing a slippery slope in action.

You're gonna need a bigger wall

found on Acid Cow

Clearly this wall is too short to stop this particular adversary. If I had to guess, it would probably be good if the wall was thicker too.