Humor

A Serious (Not!) Intervention

Hey, tomorrow’s Halloween, our annual celebration of all things dark and evil. This video, produced by security firm Comodo is hilarious, yet hides a rather dark truth–quite in the spirit of our creepy holiday.

The video pays homage to the popular A&E Television series “Intervention,” which portrays people whose lives are on a downward spiral, and the redemption of the people who care about them. In this case “Laptop” is infected with malware, and the experts step in.

“We make the point any way we can,” said Melih Abdulhayoglu, CEO of Comodo. “This parody is funny. We hope its humorous approach grabs viewers’ attention and convinces them to install antivirus and firewall software.”

In “Intervention: Laptop (The Banned Episode!),” Laptop is a personal computer struggling with an addiction to malware and viruses. Her loved ones are desperate for help, and have reached out to the Intervention team. Can an intervention set Laptop down the right path, or will she shut down for good? Watch and find out.

Happy Halloween, everybody!

Security Maxims of a Different Breed

Search for “computer security maxims” on any of the top three search engines (Google, Yahoo, Bing) and my articles mostly dominate the results. So I was quite surprised that Security Now Episode #215, entitled “Security Maxims,” gave no mention whatsoever of my contributions to this subject over the past three years. Guess I’ll have to take that up with Steve and Leo. To be fair about it, though, the maxims that Steve talked about in the episode, composed by Roger G. Johnston, Ph.D., CPP of Argonne National Laboratory, Nuclear Engineering Division, are related to “…physical security and nuclear safeguards.” However, according to Johnston, “They probably also have considerable applicability to cyber security.” Many of them are also amusing.

Take this one for instance:

So We’re In Agreement Maxim: If you’re happy with your security, so are the bad guys.

Or this one:

Schneier’s Maxim #1 (Don’t Wet Your Pants Maxim): The more excited people are about a given security technology, the less they understand (1) that technology and (2) their own security problems.
Comment: From security guru Bruce Schneier.

How about this?

Byrne’s Law: In any electrical circuit, appliances and wiring will burn out to protect the fuses.

In all, there are more than 60 maxims listed. You can download a PDF of “Security Maxims” if you want to see more. I highly recommend you read them. You may learn something new. Like I did.

Now, I’m out of here. Have to go fire off an email to Steve and Leo…

Comments? Let me know what you think.

Twitter Hit with DDoS Attack

On Thursday morning, I decided to check my Twitter account and was greeted by a “Network Timeout” error. I tried several more times and finally gave up, thinking I’d just try later. I thought nothing more about it until I heard the news item on a local radio station that Twitter had been DDoS’d. This was confirmed at http://status.twitter.com:

Ongoing denial-of-service attack

We are defending against a denial-of-service attack, and will update status again shortly.

Update: the site is back up, but we are continuing to defend against and recover from this attack.

Update (9:46a): As we recover, users will experience some longer load times and slowness. This includes timeouts to API clients. We’re working to get back to 100% as quickly as we can.

Update (4:14p): Site latency has continued to improve, however some web requests continue to fail. This means that some people may be unable to post or follow from the website.

As of late yesterday morning communication with the API and SMS was still down.

As usual, there always seems to be some humor in these situations. Here’s a comment by John Pescatore of SANS Institute from the SANS News Bites:

[Editor's Note (Pescatore): Wow, 2 hours without tweets! That's like a
car drive to the shore without anyone in the back seat saying "Are we
there yet? I see a rock. Is that a seagull? I like saltwater taffy.
Shaquille Oneal is really tall. Are we there yet?" the entire trip.]

Video: I Go Chop Your Dollar

This video is a good example of how not all the effects of crime are bad. After all, if we didn’t have Nigerian 419 scammers, we wouldn’t have a song about the infamous Nigerian 419 scams that haunt email inboxes these days. Lyrics are a little hard to pick out, but the chorus repeats enough that you’ll eventually get it. It’s a catchy tune. Perfect to lighten things up after a serious month of fighting security threats.

Enjoy!

I Go Chop Your Dollar

Cheers!
Kenny

Lighten up! Computer Humor of all Sorts

June is almost over and none to soon. I’m not one for wishing the time to fly, but in this case, I’m glad it did: It has been a very stressful month. Security can be a tough gig. So, it’s time to lighten up a bit with some geeky computer humor I found at http://www.gdargaud.net/Humor/QuotesComp…

Users /nm./: collective term for those who use computers. Users are divided into three types: novice, intermediate and expert.
Novice Users: people who are afraid that simply pressing a key might break their computer.
Intermediate Users: people who don’t know how to fix their computer after they’ve just pressed a key that broke it.
Expert Users: people who break other people’s computers.
— From the Jargon File.

Login: yes
Password: i dont have one
password is incorrect

Login: yes
Password: incorrect

“Morons. These people who live in my apartment complex are connected to my wireless. They must think they’re super-cool hackers by breaking into my completely unsecured network. Unfortunately, the connection works both ways. Long story short, they now have loads of horse porn on their computer.”    — Mootar from bash.org.

Helpdesk: Double click on “My Computer”
User: I can’t see your computer.
Helpdesk: No, double click on “My Computer” on your computer.
User: Huh?
Helpdesk: There is an icon on your computer labeled “My Computer”. Double click on it.
User: What’s your computer doing on mine?

I’ll leave you with this one (I’ve actually pulled off a similar prank with backups):

“Whenever my Boss pisses me off, I secretly change the password to his e-mail account.
When he can’t log on, he’ll piss and moan for 5 minutes, cursing the computer. Then he’ll come groveling to me for my help. Once he’s groveled enough, I re-enter the right password from my office, go to his and watch him look like a dummy while I log-on easily.
I just love it. Heh, heh, heh.”

Here’s to a great rest of the summer!

Lighten Up! We All Need a Good Laugh

I don’t know about you, but I sometimes get a little queasy when I’m thoroughly overloaded dealing with security and other user issues. So, while this post is completely off-topic, it’s certainly therapeutic; laughter, after all, is the best medicine. (Yes, I know. This has been floating around for a long time.)

What if Dr. Seuss wrote technical manuals? Here’s what you’d get:

Here’s an easy game to play.
Here’s an easy thing to say:
If a packet hits a pocket on a socket on a port,
And the bus is interrupted as a very last resort,
And the address of the memory makes your floppy disk abort,
Then the socket packet pocket has an error to report!
If your cursor finds a menu item followed by a dash,
And the double-clicking icon puts your window in the trash,
And your data is corrupted ’cause the index doesn’t hash,
Then your situation’s hopeless, and your system’s gonna crash!
You can’t say this? What a shame sir!
We’ll find you Another game sir.
If the label on the cable on the table at your house,
Says the network is connected to the button on your mouse,
But your packets want to tunnel on another protocol,
That’s repeatedly rejected by the printer down the hall,
And your screen is all distorted by the side effects of gauss
So your icons in the window are as wavy as a souse,
Then you may as well reboot and go out with a bang,
‘Cause as sure as I’m a poet, the sucker’s gonna hang!
When the copy of your floppy’s getting sloppy on the disk,
And the microcode instructions cause unnecessary RISC,
Then you have to flash your memory and you’ll want to RAM your ROM.
Quickly turn off the computer and be sure to tell your mom!

Enjoy!

On the Lighter Side of Security

Security’s a serious subject sometimes causing us to get a bit too deep in concern over the potential and real threats we face. So, today I’m going to lighten it up with a bit of humor. In the sixties and seventies, it was common to see this sign posted in mainframe computer rooms:

ACHTUNG!

Alle touristen und non-technischen lookenpeepers! Das machine is nicht fur fingerpoken und mittengrabben. Is easy schnappen der springenwerk, blowenfusen und poppencorken mit spitzen sparken. Das machine is diggen by experten only. Is nicht fur gerwerken by das dummkopfen. Das rubbernecken sightseeren keepen das cottenpicken hands in das pockets. Relaxen und watchen das blinkenlights.

I was amused to find that there’s now an Internet version:

Das Internet is nicht fuer gefingerclickend und giffengrabben. Ist easy droppenpacket der Routers und overloaden der Backbone mit der spammen und der me-tooen. Ist nicht fuer gewerken bei die Dummkopfen. Die mausklicken Sightseeren keepen das Bandwidth-spewen Hands in die Pockets muss; relaxen und watchen das cursorblinken.

When I get a round tuit, I’m going to do a security version.