inspired by actual events
Friday, July 29, 2011
where's topiary?
this was inspired by the uncertainty as to whether that guy the british police arrested in shetland the other day is really the anonymous/lulzsec personality known as topiary.
Thursday, July 28, 2011
get cracking
yes, now i'm making my own videos.
this was made with goanimate. i also tried to do the same thing with xtranormal, but in spite of the fact that the characters seem more expressive, there are no props i can use and the voices are harder to understand.
giant ant safety guide
apparently someone's having a bit of fun putting up fake safety guides in locations where one might expect to see real safety guides. i'm sure hilarity will ensue.
Wednesday, July 27, 2011
Y U NO SEE
y'know, it's one thing when ordinary users are blind to the existence of non-signature-based anti-virus technology, after all who's there to educate them? but the information security community really ought to know better than to think signature-based scanning is all there is to AV. how is the knowledge supposed to trickle down to ordinary folks if the security folks remain willfully ignorant?
for the after-dinner party?
it's never really occurred to me before but maybe bathrooms aren't seen by some people as a place that requires privacy. maybe for some people it's a place were you entertain guests - like with a rousing game of musical chairs (i think you can guess which one is the musical one).
Tuesday, July 26, 2011
Y U NO USE DIFFERENT PASSWORDS
the thing that should amaze me (but doesn't) in this brief analysis of passwords from the recent sony compromise is how often passwords are getting reused. think about it, folks: if you reuse a password on multiple sites then when i find out your password for one of those sites, i find out your password for ALL of those sites.
police chase INSIDE jail
found on boing boing (originally from times union)
it seems to me that there really ought to be a better way to catch someone who's already in jail. at the end, with all those officers walking the prisoner back to where he belonged, it was almost like watching an incompetence parade. we won't talk about what kind of parade the progressively unclothed prisoner made me think of.
Monday, July 25, 2011
Y U NO USE ENCRYPTION
while sony was a prime example of this, it seems to happen with almost every company we hear about getting breached - they all seem to have unencrypted sensitive data in their databases. while encryption may not be a silver bullet, not trying to protect the data at all isn't even a rubber bullet.
don't stick that in there...
this was inspired by a previous post. i was hoping to find a picture of a baby sticking a USB drive in it's mouth, but this worked out even better.
Friday, July 22, 2011
big little dog
found on boing boing but apparently has made more mainstream media (such as the LA times) as well.
obviously even the smallest and simplest of security measures can be surprisingly effective sometimes.
angry brits
i kinda wish this was an actual mod for the angry bird game. who knows, maybe someone will make it.
Thursday, July 21, 2011
zero day video
found on dual core's site
this is apparently a collaboration between mc frontalot, ytcracker, and dual core. maybe i should be paying more attention to the nerdcore genre.
in case of emergency
i really don't know what to make of this. i want to believe the sign simply means you need to pull the fire alarm to unlock the emergency exit. but that lock on the fire alarm (who does that?) worries me and makes me think the worst; that you actually need a key in order to pull the fire alarm.
seems like a recipe for crispy critters if you ask me.
Wednesday, July 20, 2011
2 factor authentication humour
Y U NO STAY RETIRED
i actually don't really care why lulzsec came out of retirement to poke fun at rupert murdoch. this is just pointing out that they said they were done and now, well, clearly not so much with the whole being done business.
Tuesday, July 19, 2011
social engineering
it's not just kids that are vulnerable to social engineering of course, we all are to varying degrees. even i've been conned by a smooth talker once or twice in my lifetime.
Y U NO BE MORE SKEPTICAL
it would be nice if we could just trust whatever claimed to be security software, but as often as not these days those claims seem to be lies.
Monday, July 18, 2011
catch 22
i gotta say, if this is microsoft trolling users they did a good job. i can just picture folks trying to figure out how to click the allow button when the mouse isn't yet a permitted device. i imagine in the end they'd just be saying FFFFFUUUUUUUU!
Friday, July 15, 2011
i can haz strong passwerdz?
maybe this would help people (well ~50% of people anyways) choose stronger passwords.
would you punch you code into that?
sure it could be just a really cheap attempt to repair the keypad, or it could be part of the lowest of low-tech card skimmers. i certainly wouldn't feel comfortable using that.
Thursday, July 14, 2011
WHO wants my location data??
i don't know if it's for real, but i have difficulty imagining a better example of why people should be careful about sharing their location data. there are folks in this world you do know want to know your current location, ever.
sometimes crime REALLY doesn't pay
if you get the urge to steal something and demand a ransom for it's return, you might want to reconsider. it could end every badly for you. (one might even argue that it should end very badly for you)
Wednesday, July 13, 2011
misplaced priorities
you've got to wonder what this guy thinks that hard hat is actually protecting, because it certainly isn't his head. i suspect the ear protection isn't being used because it wont' even reach his ears from there. some things are more important than style, folks.
warning signs
you really shouldn't ignore warning signs or other indicators. they're there for your benefit and protection.
i hope neither of those kids has an 'accident'.
Tuesday, July 12, 2011
little red riding mood
made by facemoods, found on allfacebook.com and found thanks to @FSecure
apparently facemoods have a number of videos, but not all of them have to do with social networking security / privacy. the little red riding mood series of videos do appear to be about that topic, however.
scratch and win without the scratch
i don't know which is funnier, that the scratch-off film missed the secret box entirely, or that someone still bothered to scratch it. it just goes to show you need to check the quality of your security efforts or your secrets may very well not actually be secret.
Monday, July 11, 2011
you can't trust anything anymore
you gotta admit, goslings are a pretty effective decoy. most people would be looking at the babies rather than the parent.
identity thief did what?
normally you can't expect this kind of outcome when someone steals your identity. do not try leaving your own account in the hands of strangers. also, don't accidentally leave your account logged in as clearly other people like to make mischief at the expense of those who do. it would probably be safest to only check your facebook or other accounts from a computer you own/control.
Friday, July 8, 2011
perception of privacy
in theory there actually is privacy in this washroom, but i still think i'd have difficulty using it because it very clearly makes it seem like there is no privacy. i guess the perception of privacy (or for that matter the perception of security) can be important after all.
passwords are like...
i can't decide if the password advice on this shirt is meant to compare passwords to underwear or to diapers. the picture kinda doesn't help. all good advice though.
Thursday, July 7, 2011
privacy awareness win
some people think privacy is dead because nobody cares about it anymore. clearly more people care about it than some might like to admit. a concern for privacy is clearly still part of the public consciousness.
what failure to understand protection looks like
oh, if only there were some sort of head mounted sun-blocker so that he wouldn't have to hold his hand up like that through out the entire game.
Wednesday, July 6, 2011
scammy UI fail
i've always hated those pop-ups that try to plead with me not to leave the current page. i've always thought there must be something unsavoury about the page if they have to do that (like emails that start with the words "you don't know me but..."). it's funny to see one that is so shoddy in it's construction that the button it asks you to press in order to stay isn't even present.
Tuesday, July 5, 2011
make believe security
although the compromise after compromise after compromise seems to finally be over for sony, the underlying story isn't. we'll have to wait and see what comes out of the law suits, and whether the share holders can force the CEO to step down. the accusation that they fired a bunch of security staff before the problems began is very interesting though.
keep your car on a short leash
once again people are using the bicycle security model on a car. considering how poorly that works for bicycles (they do get stolen a lot) maybe folks should rethink using this approach on cars.
Monday, July 4, 2011
keeping a lid on things
i'm not really sure what they're trying to 'secure' here. it seems like an extreme measure. i almost want to take a hammer to the tank to find out what they've got hidden i there - and that makes this a security fail.
they're either using security tools inappropriately (where security isn't needed) or they're trying to secure the unsecurable (locking the door of a glass house).
stop forwarding that crap to me
thanks to weird al yankovic for this awesome song (and thanks to mikko hypponen for drawing my attention to it's existence)
there are all sorts of things in the song that ring true, from hoaxes to chain letters to social engineering to the importance of BCC:. from your lips to their ears, al. i hope it wakes some people up.
Friday, July 1, 2011
if you think the word "indestructible"...
if you think the word "indestructible" has any place being used to describe malware then you might be a security idiot.
(inspiration)
(inspiration)
well you can't beat that
so if leaking user info really is the goal there are 2 obvious ways to go about it. break into an organization, steal their data, and post it on pastebin like lulzsec did - OR - get hired by an organization which makes leaking user info part of it's business model. what an elegant solution.
Subscribe to:
Posts (Atom)