Malware can't steal your resources if there aren't any left to steal

It isn't really new news that Symantec have added crypto mining to Norton 360, but it popped up in my feed and it's still just such a ridiculous thing for a security company to do.

Car thieves hate this one weird trick

So let's say you've stuck an AirTag on a car that you want to steal and you follow the signal to the owners home. What happens when you can't find the car, or even the garage? Well, I guess you're out the cost of an AirTag. 

In reality, though, I suspect the driveway in place of a grassy yard is going to give away the car's location. It's still quite a well executed trick, though.

That would be a LOT of nagging

Don't you just love software vulnerabilities that affect nearly everyone and that most people can't do anything about? Wait, did I say love? I meant hate with the burning fury of a thousand suns. 

When your computer is secure but your job is not

What exactly are we protecting again? Just computers and data? I thought it was more than that. I thought we were protecting lives and livelihoods as well. Intrusive updates don't accomplish that.

What could possibly go wrong?

So now that COVID-19 tests are Bluetooth enabled (with all the consequences that come with that), when you get a positive result you have to wonder - Are you sick, or is your device sick? 

Biometrics are easy, they said

There are a lot of assumptions inherent in any authentication mechanism, but ones that are relatively new deserve to have things spelled out a little more clearly than just 3 words. It's not like they don't have room for more words, there's plenty of room.

The Patching Games

May the odds be ever in your favour whenever Patch Tuesday comes around. You never know how things will turn out.

Loose Tweets Sink Fleets sticker

Finally, the old adage about loose lips sinking ships has been updated for the 21st century.

How not to get away with something

This guy who stole his brother's identity only to find out his brother was wanted by the cops is going to have a very interesting family reunion one day.

I wouldn't be smiling

On the plus side, at least you get a warning and can look around for the camera and obscure it's view before you go. It would be worse if you didn't know about it.

The Biometric Bandit

This bad ex-boyfriend in China is yet another reminder that biometrics enable authentication without consent.

When your theft prevention mechanism is more of a suggestion

A chain of paper clips isn't going to stop anyone. At best it signals your preference that you wan the stapler to be used where it is, but even then, if someone is stealing your stapler then chances are they aren't interested in respecting your preferences.

How many patches before we can call it a quilt?

If you installed the previous Log4J patch, guess what you get to do now? That's right, you get to install a new patch all over again because the old one has multiple vulnerabilities.

All dogs can be guard dogs

You'd think these dogs would just be snacks, but clearly they do an excellent job of scaring the bears away. As the saying goes, it's not the size of the dog in the fight, it's the size of the fight in the dog - and these little dogs have a whole lot of fight in them. They don't even really need to be able to take on a bear in an actual fight, simply raising the alarm can be enough to protect people all on it's own. 

Of course, just because all dogs can be guard dogs, that doesn't mean they all are suitable as guard dogs. Not all of them have the right temperament for it. 

An escalation in the game of Cat and Mouse

I've seen cats in tanks too, but I think those have always been cardboard.

Somewhere between 0-Day and Old-Day

If you sit and stare at it long enough it definitely won't be a zero day anymore. Hurry up and submit it to the vendor before someone else does.

Even Google fails at asset management

This is your irregular reminder to check your network to see if there are any servers on it that don't need to be there anymore. One less server is one less thing to patch and one less thing that could be exploited in the absence of a patch (and if it's been running for 21 years you've got to think it's missing a few patches)..

The Cloud: Your Data On Someone Else's Computer shirt

The meme keeps evolving, but I still recognize that "someone else's computer" anywhere.

It smells like privacy!

If the smell of napalm in the morning smells like victory then it stands to reason that the smell of end to end encryption must smell like privacy.

Bank (pen) grade security

This seems like a lot of effort just to make sure the last spoon doesn't go missing. Maybe instead you could just take away the spoon and tell people they'll have to bring their own in future.

(And then you can see who brings break room spoons as "their own")

'Tis the season for InfoSec Predictions

I think we collectively oversell the idea of predictions in information security. There isn't any real prognostication going on. No one is peering into the future. They're just looking at what's going on right now and drawing some entirely reasonable conclusions about whether or not it's going to become a bigger problem in the next year. The real value is in identifying and highlighting the trends, but trends aren't really sexy the way predictions are, so a bunch of people like to set aside some time at this time of year to pretend  they have some special insight into the future rather than just telling people what they've been paying attention to recently.

I feel more secure already

I have mixed feelings about this. There are at least 2 different ways to interpret it.

  1. If they can't even get the dog part right then I don't hold out much hope for the security part
  2. Maybe this is an example of "You keep what you kill"

Can we go back to No Nut November?

So this is what has become of "crypto"? I bet Matt Blaze is regretting selling the domain now.

Privacy is NO LONGER a Social Norm

The title of this video harkens back to something Mark Zuckerberg said years ago, however, where Zuckerberg was using the statement as a justification, this video merely offers it as an observation. Regardless of our values or however much we might wish it were otherwise, privacy is not the norm any longer and that's costing us dearly.

Out with the old, in with the new, choose to opt out and we'll include you too

Given Verizon's blatant disregard for their customers' preferences, I think the lesson here is that there's only one kind of opt-out that matters - the one you do with your wallet. Don't give them your business if they can't live up to basic expectations of privacy.

Maybe they should have tried camouflage instead

Unless the button positions are randomized, an attacker wouldn't need to be able to read the screen, they can tell what buttons your pressing just by your finger positions. It would be cheaper and more effective to just erect a barrier on either side of the bank patron so that an attacker can't get into a position where they can read from the side.

Putting the arse in arsenal and vice versa

While jokes about weapons of ass destruction write themselves, the news story about the man who "slipped and fell" on a WWII mortar makes it clear that the doctors were not in a joking mood. As funny as it seems to us as readers, they had to consider the possibility that it was live ammunition and posed a real threat to everyone there. Even fake weapons need to be treated with care and respect because you never know how the circumstances might change. 

A Key Is A Metal Password sticker

While it's not strictly true (a key is more of a token than a password), they are both authenticators, and there's actually not that much difference between them. After all, if you write down your password on a slip of paper and then forget it, it becomes something you have rather than something you know. Likewise, if you memorize the bitting on a key, then with the right tools you could push the pins in a lock up the right amount from memory.

NPCs won't stand a chance

What about the people who follow the paved path, you say? They would still need to turn in order to operate and enter the door. This would literally only stop the people who have to come at the door head on and can't avoid this very narrow barrier

Try not to scare the shit out of the robber

I know what you're thinking - Why shouldn't you scare the shit out of the robber? The answer is quite simple. Robot vacuums and shit are a very bad combination

No wonder they got banned

I don't think NSO could reasonably claim to not know their products got misused, but I guess they should have been more proactive about dealing with it.

The Predator Defense

While it does look a bit like something out of an old Schwarzenegger film, it will cut down on phone thefts because the thieves would have to confront you to get it. Of course this is just step 1. Step 2 involves camouflage so the thieves can find you, and step 3 ... well, let's just say that if you can find a shoulder mounted laser cannon those thieves won't stand a chance.

Privacy by the Honour System

The Honour System of course requires trust. I for one don't have the requisite trust to use one of these. 

I also wonder how you're supposed to wash your hands afterwards.

Zuck on a Truck

When it comes to figures that have come to symbolize invasion of privacy, Mark Zuckerberg definitely give the Elf on the Shelf a run for it's money. The similarity is amazing too, their both so lifelike.

In case you weren't already sick of crypto

I can't resist a good pun. Or a bad one, apparently.

Camouflage can be a good way to lose your lunch

On the other hand, it could be handy for weight loss.