Monday, November 30, 2015

Someone Can't Find The Hole

from here (source image)

I'm not sure who, but someone is clearly doing something wrong.

Operations Security Bling By @Jessysaurusrex

tweeted by Jessy Irwin

Unfortunately I don't know the story behind Ms. Irwin's famous OpSec necklace (so famous people have been known to recognize her by it, ironically enough), but I imagine one could assemble something similar out of one of the many sets of alphabetic necklace charms available for purchase online.

And if you don't know what OpSec means, now's as good a time as any to learn.

Friday, November 27, 2015

Choose Your Shopping Battles Wisely

from here (source image)

I don't think Black Friday or Boxing Day sales have devolved to this level yet, but there have certainly been injuries and even some deaths, so be careful out there.

Surveillance Dog Has His Eye On You

found on i can has cheezburger

This is probably as good at deterring burglary as a surveillance camera, too.

Thursday, November 26, 2015

Maybe You Should Wear Some Brown Trousers Too

from here (source image)

I can only assume this person evaluated the various risks and decided this was the best way to protect what really mattered.

I Could Have Sworn It Was Around Here Somewhere

found on just post

I never actually saw the movie "Dude, Where's My Car" but I assume a camouflage paint job was not actually part of the plot. Should it have been?

Wednesday, November 25, 2015

Giving New Meaning To The Word "Unlocked"

from here (source image)

I'm pretty sure that filing cabinet can now be opened by anyone.

Federal Bureau of Incompetence

found on the meta picture

Maybe you should, I don't know, use actual evidence to find threats instead of using decoys and hoping extremists are as stupid as waterfowl.

Tuesday, November 24, 2015

Someone's Gonna Be In Hot Water For This

from here (source image)

You're also not going to get any help by visiting Purell.com.

I Spy With My Ubiquitous Electronic Eyes

found on Scratch Media

From change we can believe in to we can't believe in him at all. That's quite the change, Mr. President.

Be sure to check out David Pope's other cartoons - this isn't even the only one about government spying.

Monday, November 23, 2015

I Bet There's No Lineup For This Port-O-Potty

from here (source image)

Could we stop giving the job of designing  washroom facilities to people who see no need for privacy?

Don't Be A Square, Be Careful What You Share

tweeted by the grugq

Thanks to the grugq for tweeting this image that promotes opsec through old-school peer pressure.

Strangely, although it mentions opsecprofessionals.org, and although that site has humourous media, I can't find this particular image there.

Sunday, November 22, 2015

Some Thoughts On Attribution

What some of you may not realize (since I've never explicitly pointed this out before) is that I actually go to some effort to attribute the found content that goes into this site. I may not find the true origin of a work, but I at least specify where I found something or whose tweet I saw that something in. Those with a keen eye may have even noticed a pattern wherein the morning posts are 100% found content and the afternoon posts are ones where I have had at least some part in the production (even if I'm simply adding a funny caption to an existing image, which is itself linked to in some way).

When it comes to people reposting my own original work, I'm not terribly concerned with attribution. After all, what's important is that the ideas those works engender spreads far and wide and I don't want to be an impediment to that in any way. The point of the Security Memetics project has always been to take advantage of memes to facilitate the decentralized distribution of information in order to spread security awareness more effectively. I want things to spread from one person to another and properly attributing those works is baggage that can hinder that effort.

That being said, I'm not a terribly big fan of people reposting my original works and then either taking or accepting credit for them. The very least they can do is acknowledge that they simply found the work in question. Maybe it seems strange to abdicate credit in one scenario and then complain about in another, but the fact is that as much as I believe in this project, I also recognize that I'm not very good at it. I'm really not very good at any part of it, whether it's producing content that continues to spread on its own, finding and amplifying the signal of other content producers, eliciting contributions from others, or even raising awareness of the existence of the (created or curated) content here. I suck at this, but someone has to see this idea through.

In the 7+ years I've been working on this project only a few pieces have ever really enjoyed what I would consider success from a memetic standpoint in the sense that they continue to spread long after the fact. The two that stand out are "On the Internet of Things nobody knows you're a fridge" (which was obviously inspired by this classic cartoon by Peter Steiner, and apparently a tweet by Frank Swain that has since been deleted (perhaps he tweeted the cartoon?)), and "There is no cloud, just other people's computers" (which was my way of expressing a prescient sentiment by Graham Cluley as an easily repeatable catch phrase, and given the minimal memetic drift I've seen in the retellings, I think I must have done a pretty good job).

Whether it's ego or selfishness or something else, some human part of me wants those successes to remain my own rather than be claimed either actively or passively by someone else. What will I do about it when it happens? Probably not much. It's not my way to stamp my feet and demand acknowledgement. However, armed with the self-realization that it's important to me, what I can do is work even harder to attribute the content that goes into this site for the benefit of other creators, because... I know that feel, bro.

Friday, November 20, 2015

Don't Make A Hash Of The Punchline

from here and here

Security jokers cannot live by clever puns alone.

You Don't Want To Break Into My Place

found on uncommon stuff

This burglary-deterring doormat is an actual thing you can actually buy, and as a soon-to-be home owner I think I want one - especially since it will be the absolute truth.

Just one problem, though - how do you keep it from getting stolen?

Thursday, November 19, 2015

How Can A Search Warrant Unlock A Phone?

from here (source document)

Since technology can't read, much less authenticate search warrants, technology that can be unlocked with a search warrant must invariably also be able to be unlocked fraudulently by those without search warrants.

Exploits Are Coming

found on wanna joke

This is, perhaps, not the best strategy to take when updates come out. At least not if you want to keep your computer and the information on it secure.

Wednesday, November 18, 2015

They Need To Improve Their Accuracy Somehow

from here (source image)

With a failure rate of 95%, the TSA needs all the help they can get.

Do You Offer Volume Discounts? Asking For A Friend

tweeted by George Dinwiddie

Thanks to George Dinwiddie for tweeting this cartoon that seems to depict a shady character offering to either sell people their forgotten passwords or otherwise get them back into their inaccessible accounts.

Tuesday, November 17, 2015

Might As Well Scrutinize The Air They Breathed

from here (source article and image)

In this day and age you can't not use encryption, and I don't mean you shouldn't, I mean you can't avoid it because it's all over the place. If you bank online, if you use virtually any email provider, if you log into Facebook or Google, etc. They all use encryption, and they do it because it makes us all safer. Taking away all of our safety in order to go after terrorists is essentially throwing out the baby with the bathwater.

Private Browsing Reporting For Duty

found on memes.com

No, not those kinds of privates. Though perhaps the privates of those kinds of privates. Who knows? I don't judge. If you want to look at privates' privates in private, you do you.

Monday, November 16, 2015

You Want A Car As Smart As Your Phone?

from here

The essence of a smart device is that it is a device that has had some sort of computer added to it so that it can make decisions based on available data in order to behave more intelligently. Every one of those decisions can be gamed by an intelligent adversary.

Play Dead Or Be Dead

found on ChristopherKeelty.com

It's always best to keep your distance from wildly unpredictable animals like the police, but when that's not an option it's probably best to just play dead.

(Thanks to Christopher Keelty for creating this potentially life-saving comic and by all means check out his other work)

Friday, November 13, 2015

Some Folks Are More Interested In Spare Change Detection

from here

You'd think with all the advancements in cloud-based security products that someone would have figured out how to make integrity checkers easier to manage by now.

Ready Or Not, Here I Come

found on the meta picture

If a hiding spot doesn't work, "try harder" is not the solution. Once a hiding spot has been figured out, it turns into one of the first places your adversary will look. You need to find a different spot.

Thursday, November 12, 2015

I'd Want To Keep That On The Down-Low Too

from here (source image)

Private in the sense of anonymizing the data, much like companies do with user data to protect their users' privacy.

Opening Up A Can Of Whoop Ass

found on postmemes

Sometimes a funny picture is just a funny picture, but other times there's a story behind it and this time the story is about Buck the coyote stomping donkey who, after apparently stomping this coyote to the point it couldn't fight back, picked the coyote up by the neck and started whipping it around (presumably to finish it off, assuming it wasn't already dead). Apparently donkeys (not just Buck) are good at defending other farm animals from predators.

Wednesday, November 11, 2015

Anyone Remember Where We Parked The Car?

from here (source image)

This is why there's no such thing as perfect camouflage - if it gets too good it becomes useless.

That's One Way To Keep Passwords Alive

found on izismile

Do you really expect children (whether they're trapped inside adult bodies or otherwise) to use tokens or biometrics? No, of course you don't. For that, at least, passwords will be with us for a long time (even if our more emotionally mature partners are not).

Tuesday, November 10, 2015

Eau D'Oh!

from here (source image)

Have you ever noticed how it's always a device for smuggling alcohol and never one for smuggling, say, nachos or pizza? Why is that?

Maybe the people who make this iFlask will branch out eventually and help us sneak fried chicken or hoagies into venues.

I Wonder If This Would Work With Cybercriminals

found on funnyjunk

It would be great if we could get this to work against all our adversaries, but I'm not sure it would always work. In cybercrime, for example, there's an awful lot of collaboration which may impede getting the criminals to see each other as competition.

Monday, November 9, 2015

You Have The Right To Remain Stationary

from here (source image)

Because handcuffs, which all use a standardized key that you can buy online or have 3d printed, is 'harder' open than a combination lock.

As Accurate As A Fortune Cookie

tweeted by Dave Marcus
Thanks to Dave Marcus for tweeting this meme about misattributing all sophisticated attacks to China.

Friday, November 6, 2015

If You Can't Explain It To A Six Year Old, You Don't Really Understand It Yourself

from here

It seems to me that experts these days may have a lot of knowledge, but the don't necessarily have a lot of understanding.

What's Wrong With This Picture?

found on izismile

Apparently Kylie Jenner doesn't understand how the brim of a baseball cap can protect her eyes from the sun.

Thursday, November 5, 2015

Spare Some Cycles?

from here (source image)

It occurs to me that if mining cryptocurrencies was an actual viable way to make money then 'legitimate' companies wouldn't need to hide miners in their other software.

Fido Assumes The Position

found on phuntube

A dog's owner is their master, a voice of authority they follow obediently. At least that's how it's supposed to work in an ideal world. When that voice of authority is subject to an even higher authority (like the police) it kind of makes sense that a dog would follow their owner's lead.

Wednesday, November 4, 2015

Who Picked This Location?

from here (source image)

I suspect this was installed by someone who didn't understand how keys work (hard to believe anyone could be that stupid, I know). It's kind of hard to bend keys without breaking them, though I suspect lock picks (especially ad hoc ones) are much easier to bend, so besides making it hard to lock this door it also creates an incentive to learn the skills necessary to bypass locks. Somehow I doubt this was what the people responsible were aiming for.

A Different Kind Of Camouflage

found on reddit

Finally, camouflage that isn't just blobs of green and brown colouring. I could definitely see this being mistaken for a truck from a distance. Especially if they did a better job of covering up some of those extra wheels.

Tuesday, November 3, 2015

Okay, Okay, We Get The Point

from here (source image)

Apparently this is called "Spike Away", though "Grope Shield" might be a more descriptive name. I won't lie, it kinda makes me sad that something like this is even needed, but my hat is off to the creator of this apparent shindogu.

Putting The 'Serve' Back Into Protect And Serve

from here (source images one and two)

Now if only we could put the 'Protect' back in there as well, everything would be great.

Monday, November 2, 2015

Way To Go, Mom!

from here

True story, this actually happened last Friday. Unfortunately this wasn't before she gave them remote access to her system with TeamViewer (so I still have to rebuild the system). Still, the fact that she didn't give them administrative access and scared them away this way when they asked if there was anyone else who could give them the access they were looking for is a victory and I'll take it.

Aww, How Swe... Wait A Minute

found on distractify


I would say that's a clever way to hide your booze but people are bound to start thinking there's something wrong with you if you're kissing your baby too much, you lush.