Blog (secmeme)

new meme: Here's what I do

2009-01-10T19:00:00.000-05:00

alrighty then, it's a new year, we need a new meme - except like past memes this is an old meme... this is basically the word of mouth advice meme...

obviously a website isn't word of mouth, but hey, stuff that travels by word of mouth has to start somewhere, why not here?

new(ish) meme: priceless

2008-09-10T23:34:00.002-04:00

you may have noticed that the previous two visual gags posted were based on the same original screenshot... when i asked graham cluley how he felt about making it into a lolthreat i hadn't yet thought up a caption (in fact, i thought perhaps graham would suggest one)... as i deliberated on what to put in the caption i realized that the caption i really wanted to add wasn't a LOL caption at all, but a priceless one (if you haven't seen pictures riffing on that old mastercard 'priceless' commercial then you must have been living under a rock for several years)... there was an awful lot to work with in the original image (and it was already sort of LOLish), you see, and i didn't really think i could do it justice with just a LOL caption...

i'm still not sure which is funnier though, so i posted them both... what do you think? im in da man's intarwebz or priceless defacement?

the state of things

2008-08-25T17:21:00.001-04:00

well, i've pretty much run out of both lolthreats and security idiot posts so i think it's time i moved both experiments into a new direction (a new phase of the experiment, if you will)...

since it's clear that i'm not going to be able to produce either of them at the one-a-weekday posting frequency i've been maintaining, i think it's time to think about making this a collaborative process... i would like to encourage others to submit their own for inclusion here - i think there are ample examples of each of them to go by but for the sake of clarity i'll break them both down...

both derive loosely from the joke meme where you hear a joke, you find it funny, you remember it and you retell it later on to a different set of people who in turn may find it funny, remember it and retell it to another set of people... as such, humour is a key property of the meme... without it there's no reason for people to want to keep it in their heads and no reward to passing it along like there would typically be with a joke...

the lolthreat in particular is a visual gag that prompts the viewer to laugh at the bad guys ("because you know you want to laugh at the bad guys") and their often ridiculous attempts at tricking people into taking some action or another... this can serve to demystify threats and attacks and heighten a meme-host's awareness of them... because of it's visual nature, the 'joke' can't be retold in the traditional sense so the replication of the meme happens by way of sharing a link to a particular instance (a staple of internet memes, though a technological barrier to classical memetic transmission)...

the security idiot meme, on the other hand, highlights the often ridiculous ways people or groups think about or practice security... this can serve to deter similar behaviours in those exposed to the meme (because no-one wants to be the but of a joke) and build social pressure against those who are already thinking/acting wrong... unlike lolthreats, the security idiot meme lends itself readily to traditional forms of joke retelling so that on top of sharing links to replicate the meme it can also be passed on by word of mouth without need for technology... this gives it an advantage in replication but also increases the potential for memetic drift as a result of replication/retelling errors and thus calls for a simple and reasonably brief format... also, unlike some other incarnations of this meme, this is not meant to be only for, by, or about security professionals... this is not a slight on security pros, or on the referenced incarnation, but simply a statement of intention that this be accessible to a broader range of people...

both have the potential to increase awareness of security concepts by virtue of having security issues in the underlying context, but they must always focus on the funny first because without that there is no replication of the meme... so if you'd like to participate in this experiment, head on over to the submissions page and go to it...

deep inspection cartoons

2008-07-05T14:44:00.001-04:00

i didn't realize that the deep inspection cartoon i posted before was going to be an ongoing thing when i originally posted it... i have no desire to steal david maynor's thunder so i won't continue republishing his work here but i still think they teach lessons while being funny at the same time so i still want to promote that content... republishing makes sense for a one-off or as an introduction; actually it makes sense for everything when it comes to memes, but not everyone likes their content to be copied so for serials like this i think i'm going to need a links section to point to other people's ongoing work where that work furthers (intentionally or not) some of the same goals this site does...

new meme: Security Idiot

2008-07-01T15:43:00.003-04:00

trying not to be a one trick pony here so it's time i introduced another possible meme...

this is another humour based meme but instead of showing screen shots it's pretty much entirely verbal, which makes it something that people can repeat to each other and in that sense at least makes it superior to LOLThreats (since replication of the meme is not technology dependent)...

i actually got the idea originally upon reading a blog post by michael farnum... i thought the concept of "you might need to think about security if" would make a great play on jeff foxworthy's shtick about "you might be a redneck if"...

i was never totally satisfied with "you might need to think about security", though - it was a little unwieldy and i tried to come up with some variant that fit better but i never did... thankfully anton chuvakin came up with something better (or i might have settled on "security redneck" which would have been bizarre) - "security idiot" rolls off the tongue much easier (though it does sound a bit like a green day song - 'don't wanna be a security idiot' - hmmm, i wonder)...

what do i mean by meme

2008-06-18T22:47:00.002-04:00

got some feedback from a friend today to the effect that i wasn't really being very clear about what i'm talking about when i say meme - that it sounded like i was trying to spread 'ideas'...

strange as it may sound, that kinda is what i'm talking about... ideas are a kind of information and memes are also a kind of information and good ideas tend to be memes - ideas that spread themselves, that are 'catchy' the way a good tune or jingle is catchy (because, after all, those are memes too - generally referred to as earworms)...

also the way the common cold is catchy... memes are sometimes referred to as viruses of the mind - they replicate from one host to another through mimicry/retelling/etc... i made an off-hand remark to that effect in my last post... the simplified description of the way memes propagate is: i see someone do something, then i do it, then other people see me doing it, then they do it, and so on and so forth...

i wasn't so sure how technical i should get regarding memes and memetics in general here and i'm still not sure... i don't want to over-think things or detract from the actual memes i'm trying to present... that said, this memetic lexicon is a pretty good starting point for those who want to know more, as is the wikipedia page on the meme...

new meme: LOLThreats

2008-06-15T18:48:00.003-04:00

when i first decided to try experimenting with memes for security purposes i started trying to think of possible memes i could use... being new to memes, the best i could manage was meme hacking; that is to take an existing meme and try to derive a new meme from it...

one of the most popular (or at least one of the most widely known) memes on the internet today is LOLCats and corny as it probably sounds i figured the best way to start this off was with a security derivative called LOLThreats that uses screen shots of emails/web pages/etc with captions pointing out how ridiculously obvious that they're bad...

i mean after all, if we enjoy laughing at animals doing silly things we would probably enjoy laughing at bad guys doing silly things too...

come on, tell the truth, you know you want to laugh at the bad guys....

why memes?

2008-06-15T18:45:00.000-04:00

the basic premise is this: if we're going to develop a culture of security (which many seem to agree we need) we have to look not just at security and how to communicate security concepts but also at the very nature of culture itself, how it develops and grows, and how to influence it...

as such, if we take the definition of a meme as being a replicating unit of cultural information then it would seem that one of the key pieces of developing a culture of security is memetic engineering...

about this site

2008-06-15T18:27:00.000-04:00

the point of this site is simple: my intention is to try and use memes to affect positive change from a security perspective...

i've tried making information available with my anti-virus reference library, i've even trying explaining/'teaching' on my anti-virus rants blog... the next step is to try to inject security awareness/knowledge into our cultural subconscious using memes as a delivery mechanism (ie. to use a spoonful of memetic sugar to help the security medicine go down)...

on this site i expect to primarily be experimenting with memes with a security context... i hope people find them appealing and/or enjoyable...