this post was submitted on 31 Aug 2023

1607 points (99.1% liked)

Comic Strips

16110 readers

2410 users here now

Comic Strips is a community for those who love comic stories.

The rules are simple:

The post can be a single image, an image gallery, or a link to a specific comic hosted on another site (the author's website, for instance).
The comic must be a complete story.
If it is an external link, it must be to a specific story, not to the root of the site.
You may post comics from others or your own.
If you are posting a comic of your own, a maximum of one per week is allowed (I know, your comics are great, but this rule helps avoid spam).
The comic can be in any language, but if it's not in English, OP must include an English translation in the post's 'body' field (note: you don't need to select a specific language when posting a comic).
Politeness.
Adult content is not allowed. This community aims to be fun for people of all ages.

Web of links

!linuxmemes@lemmy.world: "I use Arch btw"
!memes@lemmy.world: memes (you don't say!)

founded 2 years ago

MODERATORS

lawrence@lemmy.world

1607

Hacking skills (startrek.website)

submitted 2 years ago by The_Picard_Maneuver@startrek.website to c/comicstrips@lemmy.world

87 comments fedilink hide all child comments

top 50 comments

sorted by: hot top controversial new old

[–] Kolanaki@yiffit.net 130 points 2 years ago* (last edited 2 years ago) (4 children)

A lot of hacking is actually social engineering. It's not hard to get a tech-illiterate person to give up their password, and that's the softest target for an attack.

[–] yokonzo@lemmy.world 57 points 2 years ago (1 children)

I prefer the old “drop a usb in the parking lot”

[–] The_Picard_Maneuver@startrek.website 41 points 2 years ago (5 children)

Be sure to put a label on it that says "secrets!"

[–] teft@startrek.website 39 points 2 years ago (2 children)

Nowadays you'd probably be more likely to get a hit by putting an "Anime titties" label on the drive

[–] Viking_Hippie@lemmy.world 39 points 2 years ago

Why would you drop a drive full of world news?

[–] DragonTypeWyvern@literature.cafe 7 points 2 years ago

I'm interested.

[–] billiam0202@lemmy.world 9 points 2 years ago

Pick Me Up.

[–] xantoxis@lemmy.world 8 points 2 years ago

Just put the CEO's name on it and a very recent date. They'll be dying to know what secret information the CEO was carrying around.

[–] dandroid@dandroid.app 8 points 2 years ago (4 children)

I prefer a label that says, "Warning: USB stick contains scary virus. Do not plug into a computer"

load more comments (4 replies)

load more comments (1 replies)

[–] igorlogius@lemmy.world 24 points 2 years ago* (last edited 2 years ago) (1 children)

the softest target

Managment making notes

All employes must be buff.
Fitness trainings for everyone are now mandatory!
Problem solved.

load more comments (1 replies)

[–] UnculturedSwine@lemmy.world 22 points 2 years ago (3 children)

Or even jaded tech savvy people. I work in IT and there have been a number of times that I have witnessed or heard about people who know better causing an incident because they're burnt out or irate.

[–] Sharkwellington@lemmy.one 36 points 2 years ago (1 children)

"Wait a second...I don't give a shit about this company."

[–] illi@lemm.ee 17 points 2 years ago

This seems like there is an idea for a joke or a comic here somewhere...

[–] hellishharlot@programming.dev 9 points 2 years ago

Happy employees are less likely to be socially engineered? Wow shocker

load more comments (1 replies)

[–] CurlyMoustache@lemmy.world 12 points 2 years ago (5 children)

That's a good point! I like the way you think! What is your password?

[–] Frozengyro@lemmy.world 18 points 2 years ago* (last edited 2 years ago) (2 children)

It's *******, what's yours?

Edit: that's cool, Lemmy blocks it out!

[–] rmuk@feddit.uk 10 points 2 years ago

Ah, cool, let me try:

iWantToSuckFrozengyro'sToes69

load more comments (1 replies)

[–] son_named_bort@lemmy.world 16 points 2 years ago (1 children)

hunter2

load more comments (1 replies)

load more comments (3 replies)

[–] EmoDuck@sh.itjust.works 95 points 2 years ago (2 children)

Hacker voice: "I'm in"

Looks at overly complicated industry software he's never even heard of before

"I'm out"

[–] psycho_driver@lemmy.world 42 points 2 years ago (1 children)

"Looks like these guys have already been hit with ransomware."

[–] dubyakay@lemmy.ca 30 points 2 years ago

So SAP.

[–] Anticorp@lemmy.ml 13 points 2 years ago (1 children)

Wait, I have an idea! Yes, just as I thought, I can overlay their proprietary operating system with this fancy looking graphical interface that resembles nothing and gain full control of their system. I'm back in!

[–] Ignisnex@lemmy.world 12 points 2 years ago (1 children)

That sounds like Grafana with extra steps.

[–] Anticorp@lemmy.ml 9 points 2 years ago (1 children)

I was thinking of the James Bond movies where they show hacking to be a guy wearing glasses looking for a glowing ball in a flashing GUI that he rotates around somehow by typing really fast.

load more comments (1 replies)

[–] twistedtxb@lemmy.ca 74 points 2 years ago* (last edited 2 years ago) (5 children)

We have these obligatory online seminars about web security /privacy at work.

Turns out that for some reason, with Privacy Badger enabled, they appear as "passed" instantly. I never saw a single second of these endless seminars.

I tried to tell the IT guy but he couldn't care less and I suspect he didn't even know what Privacy Badger actually is

[–] DragonTypeWyvern@literature.cafe 60 points 2 years ago

"Working as intended" - the dev who loves Privacy Badger.

[–] emergencyfood@sh.itjust.works 31 points 2 years ago

Or maybe he feels that these seminars are for people who don't use things like privacy badger.

[–] supercriticalcheese@feddit.it 14 points 2 years ago

It seems like you don't need Training then (:

load more comments (2 replies)

[–] joel_feila@lemmy.world 53 points 2 years ago (3 children)

Its like the only accurate part of hackers

load more comments (3 replies)

[–] saltnotsugar@lemm.ee 45 points 2 years ago (1 children)

(Opens DOS, frantically types)
“Heh. I was able to SSH right into their jpg with nothing but an Ethernet cable and router grease.”

[–] yokonzo@lemmy.world 29 points 2 years ago* (last edited 2 years ago)

router grease

I don’t think that’s what you think it is sir carefully hides tissues

[–] ArbitraryValue@sh.itjust.works 45 points 2 years ago (15 children)

We get fake phishing emails that are actually from IT and if we don't recognize and report them, we get a talking-to. It's a good way of keeping employees vigilant.

[–] cynar@lemmy.world 36 points 2 years ago (5 children)

A friend (who actually works in IT) apparently has a good system at his company. It actually automates turning real phishing attempts into internal tests. It effectively replaces links etc and sends it onwards. If the user actually clicks through, their account is immediately locked. It requires them to contact IT to unlock it again, often accompanied by additional training.

load more comments (5 replies)

[–] grysbok 32 points 2 years ago (3 children)

My last company did this. They'd also send out surveys and training from addresses I didn't recognize, so I'd report those, too, only to be told they were legit 😂

load more comments (3 replies)

[–] SMITHandWESSON@lemmy.world 11 points 2 years ago* (last edited 2 years ago) (4 children)

I send supervisor emails about stuff I'm not gonna do to my spam folder as well.....

"Did you get the email?"

"Nope, sorry, it looked a little suspicious so I didn't open and sent it to spam.."

load more comments (4 replies)

[–] HeyJoe@lemmy.world 6 points 2 years ago

We do as well, except we only concern ourselves with the people who click them.

load more comments (11 replies)

[–] Perfide@reddthat.com 35 points 2 years ago (1 children)

Nah, this isn't cool. Fuck the company, but this will fuck over the users more than anyone.

[–] WereCat@lemmy.world 37 points 2 years ago (1 children)

If company does not give a crap about employee then they don't about customer

[–] nogrub@lemmy.world 7 points 2 years ago

companies care about money everything else is means for the purpes

[–] kamen@lemmy.world 26 points 2 years ago (1 children)

"I wonder why they'd need my 2FA too, but oh, well... "

[–] AssPennies@lemmy.world 9 points 2 years ago (1 children)

You get a duo push! And you get a duo push! ...

load more comments (1 replies)

[–] aviationeast@lemmy.world 23 points 2 years ago (2 children)

I might care if they paid me a living wage.

[–] hoodatninja@kbin.social 33 points 2 years ago

I’m all for acting your wage, but I don’t want to make victims of anyone who is interacting with my company simply because I was feeling spiteful. The company will be fine, the tons of people who just had their information leaked are the ones who are truly inconvenienced and may face financial repercussions later on when their information is distributed. Just something to consider

load more comments (1 replies)

[–] teft@startrek.website 16 points 2 years ago (2 children)

A good portion of the movie Hackers was social engineering. That's how Mitnick got into a lot of systems as well. Why search for vulnerabilities in apps when people are much easier to manipulate.

[–] joel_feila@lemmy.world 9 points 2 years ago

HACK THE PLANET

load more comments (1 replies)

[–] azerial@lemmy.dbzer0.com 12 points 2 years ago (1 children)

I wonder if that's how my old job had 780 gb of source stolen though social engineering.

[–] xantoxis@lemmy.world 11 points 2 years ago (1 children)

780 gb of source code? Sounds a bit overengineered, I bet that was hard to audit for security flaws

[–] zalgotext@sh.itjust.works 7 points 2 years ago

If there's 780 gb of source code, I doubt anyone there has the wherewithall to do security audits

[–] CADmonkey@lemmy.world 7 points 2 years ago (1 children)

Pay people enough and this is less likely to happen.

load more comments (1 replies)

load more comments