Friday, April 9, 2021

Let's see them try to block that

from here and here (image source)

According to the source, this is how someone's auntie blocks ads on her computer and I think it's genius. Maybe we could come up with cardboard templates for various sites, since they don't all appear in exactly the same place on every site.

But does it have pockets?

found on Izismile

This is apparently not authentic medieval armour, which I suppose increases the possibility that it may have pockets. It looks pretty cool, regardless.

Thursday, April 8, 2021

How not to avoid domain squatting

from here

The UK Cyber Security Council were lucky their preferred domain got snatched up by someone who was seemingly nice. It could have easily been much worse, like someone who wanted to serve malware to anyone who visited. 

Make sure you own the domain BEFORE you tell the world about it or there's a pretty good chance someone else will grab it first and try to screw you and your audience over.

Removing a wheel clamp by hand


Watch on YouTube

Apparently in some parts of the world they use much less robust wheel clamps than others. I guess in those areas parking laws are really more like suggestions. 

If this is the best vehicle locking option the authorities have, people are not going to take their authority seriously.

Wednesday, April 7, 2021

Sticky notes are security nopes

from here and here (image source)

Over half of employees write down passwords on sticky notes. That's a scary statistic. Any passerby, anyone peeping in a window, anyone who gains unfettered access to your office immediately also gains access to everything you can see on your computer and on the network if your password is prominently displayed out in the open. Why bother having a password at all at that point.

It's not that you should never write a password down, it's just that there are safer and more secure ways to record them than on sticky notes.

Last chance, hot shot

found on Izismile

I know that I definitely take much more care on the 3rd attempt. Better that than having to go through the forgotten password rigmarole.

Tuesday, April 6, 2021

A year that starts with 2

from here

If we were talking about days it would be days that end in Y, but because we're talking about years it's years that start with 2.

Yes, Facebook had yet another breach. You should probably head over to Have I Been Pwned to see if you're affected by this (or any other) breach

Dance Like No One Is Watching Encrypt Like Everyone Is sticker

Product Page

It's not just that people are watching, some are even out to steal your data and it would make it a lot harder for them to use it against you if it was encrypted.

Monday, April 5, 2021

Outwitting the fuzz

from here and here (image source)

Is this your cat? How can you be sure one way or the other. I don't think I could identify this cat in a line-up. Too much of it's face is covered. 

Put tape on all the things

found on Reddit

You didn't think it was just the FBI doing snooping, did you?

Friday, April 2, 2021

At least it controls some kinds of access

from here (image source)

I hope they never have to replace any hardware. I'm not sure how they'd get it out.

Growing up Zuck is gonna suck

foudn on Reddit

Perhaps growing up incredibly privileged will make up for the lack of privacy Zuckerberg's kids will no doubt face.

Thursday, April 1, 2021

Do you have the credentials to pull off this look?

from here and here (image source)

I bet the password is in one of those pockets. No one remembers strong passwords, although maybe with this one it takes the form of some dance, like the Macarena or something.

Porch pirates will have to up their game


Watch on YouTube

Most of the porch pirate countermeasures I've heard of are deterrents like glitter bombs or scary noises or surveillance cameras, but eventually deterrents lose their effectiveness. This isn't a deterrent, per se, it's a barrier. Porch pirates will need to figure out how to break into these in order to steal what's inside and they won't even know if there's anything inside or not to decide if it's worth their time. It significantly alters the economics of porch piracy.

Wednesday, March 31, 2021

As predictable as the seasons

from here

I've seen enough bitcoin 'give-aways' to know where this is going. These days most bitcoin give-aways are scams. Even if this one is legit, there are going to be so many fraudulent variations that people won't know which is the real one.

It may be that life imitates art, but business should know better than to imitate fraud. Free money usually falls under the heading of too good to be true, but this is going to lend an air of credibility to the concept and people are going to get burned as a result.

It's not a data breach, it's an unexpected backup

found on Laughing It

I'd be surprised if the hacker didn't just take the bitcoins for themselves rather than telling you the login details. If the hacker is just asking for a portion of the funds I'm tempted to say s/he deserves it for providing a valuable service.

Tuesday, March 30, 2021

Take a bite out of your own crime

from here

Was it some kind of anti-theft sausage? Clearly it had tamper-evident properties.

If only all crooks could give themselves away like that.

Your Password Strength Offends Me shirt

Product Page

Are you looking for a way to let your users know they can do better? Well showing up to their desk wearing one of these might do the trick.

Monday, March 29, 2021

Makes you wonder why they still bother

from here and here (image source 1 and 2)

I'm no fan of DRM. It acts against the user's interests, so I consider it a form of malware. As such, I have no qualms about people neutering it, even if it is illegal to do so. Hearing how quickly it can be neutered (in about a day in this recent case) I can't help but wonder if it's even cost effective to continue developing such software. I'm pretty sure it takes more than a day to make it.

You get what you pay for

found on Imgur

Maybe if banks had budgets the size of the Mars Program they could afford better cameras.

Friday, March 26, 2021

No honour among data thieves

from here

If there's one thing I hope I never get tired of it's laughing at the misfortune of bad guys. Crooks getting hacked will never get old.

What warnings about government surveillance sound like to some people

found on HugeLOL

When reality sounds like a conspiracy theory it's no wonder people become more open to believing in conspiracy theories. 

Thursday, March 25, 2021

What could possibly go wrong?

from here

Even after changing direction they still don't seem to be thinking about spam. If someone can send harassing content then they can also send any other kind of unwanted content. In fact the attempt to connect itself may be unwanted. I can't tell you how many times I've seen emails from people at other businesses wanting to connect for business purposes. In theory this is what Slack was trying to facilitate but it would still be unwanted commercial messaging from my perspective. I don't want to connect with them, I'm not the right person at my company to reach out to, and frankly I doubt my company is interested in fielding invitations from every Tom, Dick, and Harry organization out there.

Don't call us, we'll call you.

Credential Stuffing: The Dangers of Reusing Passwords Online


Watch on YouTube

A great explainer about account security that was apparently put out as an advertisement. You're not expected to buy anything, though. It seems someone struck on the idea of using the advertising facility at YouTube to expose people to security awareness training, which is actually quite brilliant.

Wednesday, March 24, 2021

Privacy shared is privacy lost

from here and here (image source)

It's hard to imagine this needs to be explained but privacy really doesn't work this way. It can't be shared. I'm not sure what the Russians were thinking when they made this but it definitely won't fly here. You can give people privacy, but you can't share it with them.

Jeremiah was a guard frog

found on Izismile

This makes you wonder about just how smart spiders are that they can develop work animals out of another species for the purposes of protecting what the spider values most - not entirely unlike what we did with wolves eons ago. If given enough time, would the spiders domesticate the frogs? 

Tuesday, March 23, 2021

The friendliest fire

from here and here (image source)

If shooting someone on your own side is considered friendly fire, shooting yourself should be the friendliest fire. 

Smile You're On Camera sticker

Product Page

The idea behind it is probably to warn people about YOUR cameras, but the thing is, even if you don't have a camera, no matter where you take it it's probably telling the truth. 

Monday, March 22, 2021

Still waiting for antivirus updates

from here and here (image source)

You might be wondering what computer virus is airborne, but in the age of wifi the real question is what computer virus isn't airborne. What I'm sure you can't see is that the mask has a wire mesh on the inside meant to block signals to and from his wireless antenna. 

I'm not a robot, I'm just a collaborator

found on Reddit (original tweet)

When the robots stage their uprising and kill all humans, now we'll know how they did it thanks to Rob Lach

Friday, March 19, 2021

Maybe they're compensating for something

from here

Eleven zero days is an awful lot of zero days.

And each one is worth an awful lot of money. 

Stuxnet only used 4-5 to compromise nuclear enrichment facilities and set back Iran's nuclear weapons program by years. This group better hope whatever they're doing with 11 is worth more than what they could have gotten by selling them, or they are going to be so pissed.

Artistic Security

found on Reddit

Is it for security? Is it a work of art? Can it be both?

Thursday, March 18, 2021

Are we living in a simulation?

from here (image source)

I certainly hope they have another layer of security somewhere, because that gate isn't stopping anyone.

Jerry Rig Everything : DO NOT buy this $100 Smart lock


Watch on YouTube

It's always good to know if the things you're buying are going to do their job, especially if their job is to protect you or your belongings. Clearly this isn't something you want to rely on for anything valuable enough to warrant a $100 lock.

Wednesday, March 17, 2021

So much for 'incognito' mode

from here and here (source article)

I guess it's too much to ask that the world's largest advertising company actually deliver on their promise of giving us privacy.

You want your passwords to grow up big and strong, don't you?

found on Reddit

More characters and more variety of characters both contribute to the strength of your password, and while length is supposedly more important than complexity, in an ideal world the password would be randomly generated and stored in a password manager so you could have both length and complexity at no additional cost.

Tuesday, March 16, 2021

Remember to have your vehicles spayed or neutered

from here and here (image source)

This might stop someone from stealing the car (although the missing door might do that all on it's own) but it certainly won't protect the contents of the car.

Fear The Botnet shirt

Product Page

Product Page

Botnets are not something you want on your computer. Your chest, maybe, but definitely not your computer.

Monday, March 15, 2021

When you need to go on the go

from here and here (image source)

I can only hope that it's simply being transported and isn't actually meant to be in service.

Hall Of Infamy

found on eBaum's World

It appears that Bob the Builder and an entire culinary school went through there and I bet they were none too happy to have the tools of their respective trades confiscated.

Friday, March 12, 2021

Imagine being that desperate for antivirus

from here

Do they have difficulty getting security software in China? It actually seems quite amazing that an advanced persistent threat group would have to resort to such means to get the software. Couldn't they just get it from a torrent site or something?

Big fake tree energy

found on Acid Cow

You really have to wonder who the cell company thinks they're fooling with this disguise. It's certainly not blending into anything in the middle of the desert. It's not even a good disguise for a wooded area, it doesn't look that much like a tree.

Thursday, March 11, 2021

Because they do

from here (image source)

At least one of the eyes actually will follow you wherever you go.

Insurance Scam Backfires on Scammer


Watch on YouTube

It stands to reason that those to scammers would have been in serious hot water if they had waited for the police to arrive and see the dashcam footage, but I wonder about what would have happened without the dashcam. How many times can the scammers face the police before an officer realizes they've seen these accident 'victims' before? Could one protect oneself from this kind of scam simply by being an upstanding citizen and calling the police about one's own supposed misdeed? Anyway, the dashcam obviously helped a lot here.

Wednesday, March 10, 2021

Disclosure Pitfalls

from here and here (image source, article)

The problem with informing the public of vulnerabilities is that the bad guys get included and then they do this sort of thing. It could be a long time before everyone is patched, but it certainly not a long time before everyone's a target (everyone with a vulnerable exchange server, that is).

Now that's a backdoor

found on Reddit

I wonder how the rest of this vulnerability disclosure story went. Was he locked up? Did future sewer workers just release information about secret tunnels into bank vaults to the general public? And if so, how did THAT turn out?

Tuesday, March 9, 2021

An antivirus mogul lived long enough to see himself become the villain

from here

Honestly, McAfee hasn't been a good guy for a long time, it's just taken a while for the law to catch up with him.

Hacker Port Number sticker

Product Page

So many pieces of security merchandise that I see only serve to raise awareness of certain security concepts, so it's a refreshing change of pace to find one that can actually serve as a kind of reference or cheat sheet.

Monday, March 8, 2021

Demon Hacker shirt

Product Page

Product Page

I'm always on the lookout for good ideas, and Violet Blue had a great idea. Unfortunately this took me longer than I would have liked to get done because it's been a while since I made a design and frankly the sites I use have gotten harder to use over time. Anyway, there's a bunch of products with the design at CafePress with the mark-up set to 0, and a bunch of products at Zazzle (that I'm still struggling with and can't even get a working link to yet - so frustrating) with the mark-up set as low as it can go (5%).


And of course, if you know a print shop with better prices (I'm sure they're out there), here's the graphic itself for you to use.


Updated to add: While you're at it, and perhaps even more importantly than the shirt, check out DDoSecret's contribution page because they've been on the receiving end of Gab's ire over this. Thanks to @donk_enby for the heads up.

Troll CEO

found on Reddit

I'm sure he's laughing all the way to the bank. Wait, no, he don't even have to go to the bank anymore, the banks come to him.

Friday, March 5, 2021

Specializes in escaping the sandbox

from here and here (image source)

They say cyber security is a game of cant and mouse. In the game of cat and mouse, it's better to be the cat.

Get 'em accustomed to surveillance while they're young

found on Izismile

Actually, don't do this. Don't make your children numb to surveillance and privacy invasion. The privacy landscape is in bad enough shape as it is.