Friday, April 29, 2016

Shouldn't Conficker Be Dead By Now?

from here

Of course Conficker isn't dead yet. Old viruses never die, as the saying goes. Shame about those nuclear power plants that haven't applied patches in 8 years, though.

Don't Use Volumizing Conditioner On Your Ghillie Suit

found on Chuck's Fun Page 2

One easy way to make your stealthy sniper outfit not so stealthy is to make it so big it stands out.

Thursday, April 28, 2016

My Privacy & Security Get Along Just Fine, Thanks

from here

Some people will tell you that privacy and security are at odds with one another, but that's not the case. Whenever privacy vs. security comes up it's actually your interests vs. the interests of the state or some other authority. It's just framed as privacy vs. security to make you more likely to accept a bad compromise.

Your Children Are In Safe Hands ... When They Aren't Here

found on Memebase

Some might say that this is just to keep the kids from going through the door, but any kid dumb enough not to figure this out is likely short enough that simply mounting the door knob high on the door would have had the same effect.

Wednesday, April 27, 2016

I Can Has Undetectable Malware?

from here

Inspired by a tweet by Mikko Hypponen suggesting this actually happened with a recent targeted attack.

It's certainly something that does happen, and the more sophisticated attackers long ago figured out they needed to use a service that doesn't send their test samples to their adversaries. Always nice when attackers fail to think things through, though.

New Punishment For Cybercrime

tweeted by Bob Rudis

Thanks to Bob Rudis for tweeting this image of Bart Simpson carrying out a punishment. Unfortunately I think if that sort of punishment actually worked he would have stopped long before he got to stealing data from PoS terminals, however I think there would be a visceral thrill if we could actually sentence real cyber criminals to this sort of punishment and watch them labour over it.

Tuesday, April 26, 2016

Sometimes It Pays To Be Average

from here

Yes, there really is a dating site that caters exclusively to attractive people, and yes, they really did suffer a data breach in which over a million users' details were leaked.

I can only imagine what kind of spam, scam, and stalker emails those users (pre-selected for their attractiveness) will receive after this.

No Connections For You

found on the Fail Blog

Well, that WiFi name certainly succeeded in preventing one unwanted connection.

Monday, April 25, 2016

You Were Expecting To Buy Safe Malware?

from here

It's amazing to me that the malware as a service business model even exists. There have been multiple examples over the years where the software was either intentionally backdoored or had vulnerabilities that allowed others to compromise it. I guess the criminals who buy malware instead of making their own are just too trusting.

Try Not To Goat It On

found on Gunaxin

I've seen goats being walked as though they were dogs, but I really can't see goats being as good at protecting property as dogs. If nothing else, I think they have the wrong sort of mouth for menacing/attacking an incoming threat.

Friday, April 22, 2016

Just Enter Your Username And Pawsword

from here (source image)

You know socially engineering a cat probably involves some kind of moving red dot.

Maternal Panic, Not Kernel Panic

found on The Meta Picture

Something seems a little bit off about this scareware. Can you spot what it is?

Thursday, April 21, 2016

I'm Tellin' All Y'all It's Cyberwar!

from here

Apparently less is more when it comes to cyberwar. It sounds backwards, but if you want to stay under the radar you have to attack as few systems as possible.

In Math We Trust

found on Zero Day Clothing

I think this design is really well done, and guess what - it's just the tip of the iceberg at Zero Day Clothing.

This one in particular, though, I really want on a t-shirt. I'll have to add it to my wish list.

Wednesday, April 20, 2016

When It Gets The Munchies It Can Have Computer Chips

from here and here

Today seemed like the perfect day to celebrate this really old virus. Can you 'Name That Virus'?

Well That Bit Is Fit

found on Memebase

Tell me again how fitness tracker privacy doesn't matter.

Also, I'm pretty sure some people pad their numbers using this exact method.

Tuesday, April 19, 2016

You Want Me To Disable My Ad Blocker?

from here

If some site tells you you need to disable your ad blocker, you go ahead and tell them this because it's the truth.

Doggie Deterrent Win

found on iFunny

Hey, if it works, it works. At the very least it'll make that tiny little dog look a bit bigger and more menacing.

Monday, April 18, 2016

Cops Hate This One Weird Phone Case

from here (source image)

If you're looking to get yourself arrested or shot, this is the phone case for you (and I only made the title a tiny bit more click-baity than the original article).

Dual Core: All The Things



What better way to start off the week than with some music about hacking?

Friday, April 15, 2016

On Second Thought I Don't Need To Go That Badly

from here (source image)

Privacy gradually vanishes when people just blindly go through the motions and don't ask questions or raise concerns. When something someone is planning doesn't seem right, challenge them on it.

Did Somebody Made A Withdrawal Or A Deposit?

found on Gunaxin

Three pieces of tape are totally inadequate to protect the internals of an ATM. Someone might have made off with the contents, but if they did, why bother taping it up? Perhaps a more likely explanation is that someone planted something foreign inside in order to steal banking details and gain a lot more money than can be found in a single ATM.

Thursday, April 14, 2016

My Momma Didn't Raise No Fool

from here

True story, I get plenty of spam at the feedback address here and every single one has an attachment. Not only that, all the attachments are capable of housing malware and most come with ploys to trick me into opening them (like saying there's something wrong with my bank account). You would think the bad guys would steer clear of a SECURITY website but no, apparently that would make too much sense.

Is There A No-Tears Alternative?

found on Imgur

The layers of an onion are definitely not what they're talking about when they say you need a multi-layered approach to security. However, so long as your DVD drive is plugged up with onion, I suppose you can't stick any infected media in there. In that case, lima beans for the USB port.

Wednesday, April 13, 2016

Not So 'Secret' Compartment

from here (source image)

I'm not sure why anyone would consider this a secret compartment. Shouldn't secret things be, you know, hidden, or at least not stand out colourfully? Even without the arrow or the latching mechanism, wouldn't you assume the coloured plastic piece could be separated from the grey portion?

Longer Passwords Make Stronger Passwords

found on the Boston University website

I don't know about you but
Longer Passwords Make Stronger Passwords
seems like a pretty good catch phrase to me, even beyond the Keep Calm meme above, and good catch phrases (especially ones that also provide good advice) bear repeating.

Tuesday, April 12, 2016

How Many Anti's Are There Now?

from here

If you've been paying attention to the malware domain long enough, you know this pattern all too well. A new threat emerges that existing defenses aren't handling all that well and everyone and their grandmother tries to differentiate themselves by releasing a standalone tool for just that sort of thing, only to have it later absorbed into anti-malware and internet security suites (where it belonged all along). Spyware was an early example, and ransomware is bound to be the latest (if it hasn't started already).

There's No Such Thing As JUST Metadata

found on Dump A Day

Thanks to Ben Taylor for making this joke and whoever it was that added the relevant graphic. As funny as the pun is, though, it's also an excellent example of why metadata isn't as innocuous as it sounds. If it's enough to have you targeted for death by the American military, it's not JUST metadata.

Monday, April 11, 2016

Automated Backups, You Have Failed Me For The Last Time

from here

So, ummm, yeah, my data has seen better days. Oops.

Learn from my mistake, people. If you don't know how recent your important backups are, they aren't recent enough.

Anyways, I don't think I've ever done a Crying Dawson meme before.

Yeah, I'm Sure It's Faces The NSA Is Looking At

found on eBaum's World

I don't know who decided to put this photo with caption but it sort of suggest a strong alternative to the facial recognition explanation - namely that it gives them an unprecedented peepshow.

Oh well, spies will be spies.

Friday, April 8, 2016

HackingTeam Are Whitehats? Inconceivable!

from here (source tweet)

The originating tweet is a reference to news about Hacking Team. I'm starting to wonder if the hacker community has jumped the shark when malware writers who sell their wares to oppressive government regimes are considered "whitehat". Have we forgotten that in the old-school cowboy movies, where the whitehat/blackhat concept came from, the good guys wore the white hats and the bad guys wore the black hats?

A Clean Browser History Is A Sign Of A Dirty Mind

found on Izismile

I actually think this sounds like a good idea. One problem, though - who's browser history do we use as the standard for normal? I don't want any of what you sickos are into finding it's way into my browser history.

Thursday, April 7, 2016

That's One Way To Protect Against Road Rash

found on Reddit

It probably does a good job of preventing the street from chewing up your flesh when you crash, but I don't think I'd want a samurai sword strapped to me while I'm tumbling across the pavement.

Probably Whispers Password While Entering It Too

from here

They say the easiest way to save face is to keep the lower half shut, so it's probably in your best interest to not broadcast what you're doing online for everyone around you to hear.

Wednesday, April 6, 2016

As If The Alternatives Are Any Easier

from here

Just as you'd probably watch what you'd say around impressionable children so that they don't pick up swear words from you and then use them unwisely, if you're an InfoSec expert you should probably watch what you say where impressionable normals can hear/see so that they don't pick up ideas that they don't know how to use wisely.

I'd Be Lyin' If I Said This Wouldn't Work

found on Gunaxin

Truthfully, if I were a robber and I saw this in someone's yard, I'd find a different house to rob. That is a damn good deterrent.

Tuesday, April 5, 2016

It's Called An 0-Day But You've Probably Never Heard Of It

from here
Could we call hackers "technologically advanced hipsters"? With a culture that covets errors nobody's ever seen before, it seems like an apt description.

No Exceptions!

found on Memebase

The problem with making exceptions to policies is that there are always going to be people or situations putting pressure on you to treat them as exceptional when they shouldn't be and the more you cave in the worse it gets.

Monday, April 4, 2016

Keeping The Skies Safe One Slice At A Time

from here

It's not exactly the most well respected career choice, but maybe if we kept in mind where those mall cops of the sky are coming from we could avoid some of the negative interactions people tend to have with them.

Watch Your Step, Ladies

found on Meme Collection

Part of me wonders how she's going to extricate herself from this situation. Another part of me wonders why the sign wasn't someplace people could read it before stepping on a reflective surface.

I've actually encountered a similar effect in the men's washrooms at the Metro Toronto Convention Center while attending the SecTor conference (saw more than I bargained for while sitting in a stall). It just goes to show how even the most innocuous seeming things can sometimes be invasive to your privacy. You really have to keep your wits about you.

Friday, April 1, 2016

More Like Just "Forget Protection"

from here
Set and forget means that it involves the user as little as possible, and you might think that's a good thing, but that means it's up to your computer alone to outwit intelligent opponents, and guess what, your computer just isn't that smart.

How Secure Is Your Vehicle?



Have you ever locked your keys in your vehicle? Did you ever try to retrieve them this way? Are you ever going to trust your valuables are safe inside your locked vehicle again? My guess is you won't.