108

There are memes common to whole Stack Exchange. But after spending some time in The DMZ it becomes evident that Information Security has it's own memes (e.g. rory).

I therefore propose that this space be used to document the memes endemic to Information Security's culture.

One meme per answer please.

6
  • 21
    Hahahaha - I am a meme at last! Next step - try to take over the world!
    – Rory Alsop Mod
    Commented Aug 6, 2012 at 12:31
  • 6
    There are a bunch here from the DMZ, which is a tiny subset of sec.se. I'd love to see some memes identified in the general culture of questions and comments.
    – nealmcb
    Commented Aug 7, 2012 at 14:57
  • @nealmcb I agree - but other than dissing certain users (which I dont recommend), allowing Thomas and DW to answer everything (which is pointless), and anything about passwords (which is boring already), what else do we have?
    – AviD Mod
    Commented Aug 8, 2012 at 10:04
  • 4
    @AviD Add Polynomial to the "answer everthing" list.
    – user10211
    Commented Aug 8, 2012 at 13:17
  • @AviD Well, there's also the TL;DR competition between Big Bear and I. I think he currently holds the lead, though Polynomial seems to be coming in also.
    – Iszi
    Commented Aug 9, 2012 at 20:37

20 Answers 20

104

Meme: Don't roll your own. (AKA: The first rule of cryptography.)

Originator: Unknown. One of the most infamous uses on IT Security is by D.W., here. This meme is also related to / a synonym of "Don't be a Dave!"

Cultural Height: TBD

Background: Everyone seems to want to write their own ciphers, or create their own security mechanisms. Unfortunately, this usually doesn't end well. As such, the phrase "don't roll your own" has become a frequent staple of IT Security advice, as well as on other boards (e.g. Crypto SE) and across the entire information security community.

"Anyone can invent an encryption algorithm they themselves can't break; it's much harder to invent one that no one else can break" - Bruce Schneier

One does not simply write their own cipher.

5
  • 7
    Just say No! See my profile for details.
    – this.josh
    Commented Aug 30, 2012 at 5:43
  • 3
    Just realized: BAD (Being A Dave) and GOOD (Great; Obviously Outranks Dave). Commented Aug 16, 2016 at 4:26
  • @this.josh is the "(not dead)" on your profile a canary? it doesn't seem to relate to the rest of the text.
    – NH.
    Commented Mar 1, 2018 at 23:34
  • @NH. It's not a canary, it's a parrot, and It's pining for The Fjords.
    – this.josh
    Commented Mar 6, 2018 at 5:54
  • @this.josh I meant something similar to this kind of canary, but for whether you are alive :)
    – NH.
    Commented Mar 6, 2018 at 16:17
65

Meme: Law #x of Security. (Or Law #x of Security Administration)

Originator: Scott Culp (Microsoft TechNet Contributor)

Background: In November of 2000, Scott Culp published two articles on Microsoft TechNet regarding what he saw to be "Immutable Laws" of Security and Security Administration. Since then, these guidelines have generally held to be true and are occasionally referred to when someone is blatantly oblivious, deliberately ignorant, or just in violation of them.

10 Immutable Laws of Security

Law #1: If a bad guy can persuade you to run his program on your computer, it's not your computer anymore
Law #2: If a bad guy can alter the operating system on your computer, it's not your computer anymore
Law #3: If a bad guy has unrestricted physical access to your computer, it's not your computer anymore
Law #4: If you allow a bad guy to upload programs to your website, it's not your website any more
Law #5: Weak passwords trump strong security
Law #6: A computer is only as secure as the administrator is trustworthy
Law #7: Encrypted data is only as secure as the decryption key
Law #8: An out of date virus scanner is only marginally better than no virus scanner at all
Law #9: Absolute anonymity isn't practical, in real life or on the Web
Law #10: Technology is not a panacea

10 Immutable Laws of Security Administration

Law #1: Nobody believes anything bad can happen to them, until it does
Law #2: Security only works if the secure way also happens to be the easy way
Law #3: If you don't keep up with security fixes, your network won't be yours for long
Law #4: It doesn't do much good to install security fixes on a computer that was never secured to begin with
Law #5: Eternal vigilance is the price of security
Law #6: There really is someone out there trying to guess your passwords
Law #7: The most secure network is a well-administered one
Law #8: The difficulty of defending a network is directly proportional to its complexity
Law #9: Security isn't about risk avoidance; it's about risk management
Law #10: Technology is not a panacea

6
  • 1
    Law number 5 of the 10 immutable laws of security is not worded correctly. Law #5: Weak authentication trumps strong security. Explanation: Passwords are not the only form of authentication. Poor implementation of authentication (weak passwords plus biometrics with a high false positive rate) exemplify what I am saying. We NEED to take the focus off a password only scheme for authentication.
    – Everett
    Commented Nov 18, 2014 at 15:54
  • 1
    Further law #6 should be rewritten, A computer is only as secure as the LOGS are trustworthy. Explanation: if your administrator has the ability to circumvent the logs you violated separation of duties.
    – Everett
    Commented Nov 18, 2014 at 15:56
  • @Everett Update to #5 is not a bad idea, though one could justify that in biometrics a matching [biometric of choice] is your "password" and if more than one person matches you then there's a problem with your password. Law #6 is still applicable as-is, though. Logs are only good for after-the-fact reporting. Even if your logs are 100% trustworthy, if your admin isn't then all your logs are doing is letting you know when he's pwned you - not (directly) keeping him from it.
    – Iszi
    Commented Nov 18, 2014 at 17:25
  • 2
    In any case, these aren't laws of our own writing. Head over to TechNet and look up the original author if you'd like to see some changes.
    – Iszi
    Commented Nov 18, 2014 at 17:26
  • Thanks for pointing it out. I agree with the logs, I guess I just expect that if someone knows they are being watched (logged) they aren't gong to do something....
    – Everett
    Commented Nov 18, 2014 at 19:43
  • @Everett The knowledge that logging is in place may dissuade some malevolent actors. But it also might just be something else for them to disable and/or clean up when they're done. And system administrators tend to have the ability to do just that.
    – Iszi
    Commented Mar 17, 2016 at 21:22
61

Meme: Don't be a Dave!

Originator: @Polynomial, @LucasKauffman, others

Cultural Height: December 2012

Background: One of our most popular questions of all time, with over 17 thousand views in the space of 3 weeks, had as its subject poor old Dave:

My developer, let's call him 'Dave', insists on using a home-brew script for hashing passwords. See Dave's proposal below...

Dave got a bit of flack for this approach, which is a wonderful target for old hands at security, and the ensuing discussions have led to questions like these being called out as 'Dave' questions, eg:

Lucas Kauffman: We've got a dave

There's also Dave's false maxim, which states:

If I add more crypto things, it will be more secure.

1
  • 22
    I recommend, and endorse, use of the phrase, "It's all Daved up." Alternatively one may replace "Daved" with "Jonesed" since that is the most likely surname of "Dave".
    – Scott Pack
    Commented Jan 11, 2013 at 13:33
53

Meme: Nuke it from orbit.

Originator: Aliens

Cultural Height: TBD

Background: When a machine is infected, the only way to be sure that it's clean is to "nuke it from orbit", i.e. wipe the system to the fullest extent possible, or entirely replace the hardware. This has become the default advice for most questions related to malware infections, but it also applies to guaranteed secure destruction of hard disks.

Vasquez: All right, we've got seven canisters of CN-20, I say we roll them in there and nerve gas the whole f**kin' nest.
Hicks: It's worth a try, but we don't even know if it's gonna affect them.
Hudson: Look, man, let's just bug out and call it even, okay? What're we talking about this for!?
Ripley: I say we take off and nuke the entire site from orbit...
Ripley: It's the only way to be sure.

It's the only way to be sure.

5
  • c.f. "fry clean" from Rainbow's End Commented Mar 21, 2016 at 22:06
  • 4
    This has escaped from Information Security and can now be found on Worldbuilding too!
    – wizzwizz4
    Commented Oct 8, 2016 at 13:52
  • "The only way" is mostly but not entirely correct anyway - eg if you are able to compare the whole filesystem content with a known uncompromised version without involving OS facilities of the compromised system. Commented Jun 14, 2018 at 7:46
  • 4
    @rackandboneman If I have a known uncompromised version of the entire filesystem at my disposal, I would not bother with comparison - I would just nuke the old filesystem content from orbit and replace it with the uncompromised version afterwards.
    – j_kubik
    Commented Jun 15, 2018 at 11:02
  • Unless there are intentional but benevolent and wanted changes in the compromised version too... Commented Jun 15, 2018 at 17:36
48

Meme: Sec.SE

Originator: Rory Alsop

Cultural Height: practically the official site name since July 2011

Background:

<offtopic> does anyone else think our shortened site name sounds kinda cool, or is it just me...

(hint say out loud SEC.SE)

1
  • 37
    Ok, I just got that now... :/ Commented Jan 4, 2013 at 21:10
47

Meme: Security Monkeys

Synonyms: Chimpanzees, Chimps

Originator: @ThomasPornin, @TomLeek (for Security Monkeys), @TomWijsman, @CharlesDarwin (for Monkeys)

Date of conception: March-April 2013

Cultural height: TBD

Purpose: TBD (see below)

Background: Thomas' answer to a question What technical reasons are there to have low maximum password lengths? presents a scenario in which original reasoning behind a security feature is lost, yet blindly maintained for no apparent reason by security monkeys not daring to change it.

conditioned reflex training

Needless to say, this answer received hundreds of up-votes within days, and appears to indicate what level of understanding popular answers should cater the most, if fast reputation gaining is desirable. This purpose of the meme was later reinforced by using security monkeys of chimpanzees by @ThomasPornin (and others) in IT Security's DMZ (chat room):

Iszi: You guys are making me jealous. My highest-voted answer here is barely over 30.

Thomas: @Iszi You need more chimpanzees. Works wonders. (http://chat.stackexchange.com/transcript/message/8780124#8780124)

...

Rory Alsop: 221! Wow!

TildalWave: yeah... I was complaining yesterday twice... when it had ~ 15 up votes I called it a rep train... then at 100 I was shocked... now, I'm gobsmacked

Thomas Pornin: @TildalWave It is at 269 now, still growing. It got +206 yesterday alone. By comparison, the CRIME answer got at most +94 in 24 hours. Thus, chimpanzees trump science. (http://chat.stackexchange.com/transcript/message/8762864#8762864)

...

Rory Alsop: Wow, that application crash question is rep-training rapidly

Antony Vennard: @RoryAlsop Get your monkeys in quickly! (http://chat.stackexchange.com/transcript/message/8792774#8792774)

At the time of writing, the answer is at 451 up-votes.

Instead of conclusion:

Thus, it is still not decided whether this meme serves in a self-reflective way, mocking our very own aspirations to help the less savvy of the IT security world, their beyond belief generous support for such answers, or if it's meant to represent the ludicrous notions on security as presented and inquiring about by the latter.

enter image description here

Status: In process of determination.

2
44

Meme: Canonical Time Zone

Originator: Unknown

Cultural Height: Early 2011

Background: American hubris on the part of our East cost users resulted in blanket declarations that EDT/EST (UTC-4/5) would be considered the de facto timezone of The DMZ. This was brought upon by inconsistent time of day greetings such as this exchange on January 24th, 2011.

Iszi: Mornin' all!
Iszi: Howdy @RoryAlsop @packs @nealmcb
packs: @Iszi G'Morning sunshine
Rory Alsop: afternoon all

And also ambiguously generic greetings such as this one:

Morning +/-12 hours

@this.josh recommended use of this politically correct greeting:

Happy diurnal isomorphism

@Polynomial points out that "diurnal isomorphism" is much more fun if you misspell it as "diurinal isomorphism".

Although we have one US moderator, the majority of the Security Stack Exchange moderators are based quite far east of the US (UK, Germany and Israel), therefore delight in declaring other timezones arbitrarily and randomly when entering the DMZ.

1
  • 18
    I heartily endorse this event or product.
    – this.josh
    Commented Aug 30, 2012 at 5:28
35

Rory

As you've already mentioned, Rory has become a bit of a meme within the IT Security StackExchange community. Usage of this meme often takes the form of word substitution a-la "smurf".

Usage Examples:

Jeff Ferland: It's a quite a rory of a problem, really

Ninefingers: At a guess, he feels a little Rory.

AviD: For the rory of it.

Polynomial: s/\b.+/Rory/

Of course, as tends to happen with such things, this would often get over used - sometimes to the point of making "rory'd" or "rory-fied" statements utterly incomprehensible.

(Ab)usage Examples:

Iszi Rory or Isznti: Well, rory you - you, rorying Rory.

Ninefingers: Hello Rories, would this Rory be more on Rory here?

AviD: Can you rories please rory down. You're rorying the rority of my rory room.

Further development of this meme led to an interesting time, when the chat room's topic was changed to really nothing but .

Scott Pack: room topic changed to The DMZ: The first Rory costs you a Rory.... [rory] [rory] [rory] [rory]

Later, some users decided to have even more fun with this and actually change their usernames for a time:

Former Rorys:

Iszi Rory or Isznti
Rory Pack
Roraz was originally Raz

Origins:

This meme came about primarily due to the seemingly abnormal dominance of the name "Rory" within the IT Security - particularly, the IT Security StackExchange - community. For a long time, and perhaps still to this day, the "original" Rorys were the only individuals in The DMZ who were known to share the same Given Name (or First Name) in real life. Since then, the IT Security StackExchange has seen a few other Rorys. Most Rorys are from Scotland or another part of the U.K., while another is from Ireland and a couple are unspecified.

Original Rorys:

Rory McCune (Scotland)
Rory Alsop (Scotland)

Other Rorys:

Rory Harvey (U.K.)
Rory (Ireland)
Rory (Unspecified)
Rory O'Kane (Unspecified)

Watch this page for more Rorys

Interesting Facts:

  • The "Original Rorys" have worked together, at the same company, at least twice in the past.

Rory Alsop: 5 or 6 years ago when Rory and I worked for the same employer, everyone just referred to me as Rory 1 (as I was there first) and he was Rory 2. With the new gig, he grabbed Rory 1 first...so I went all Asimov and my sig is Rory 0.

  • Rory Alsop has been a Moderator on StackExchange, both as a Pro Tem and one of our first elected moderators. He's also been among the most active contributors (and chatters) in our community, and a regular contributor and maintainer of the IT Security StackExchange Blog

  • But, Rory McCune got here first.

Rory Alsop: no - Rory (1) introduced me to this site

enter image description here

Of the 7 speakers presenting at the Securi-Tay conference in January 2013, 3 are Rories. (Additionally, 4 of the 7 are Security.SE contributors!)

@AndreyBotalov found this thread about Doctor Who's Rory Williams when googling for "All the Rorys": http://forums.digitalspy.co.uk/showthread.php?t=1507326

There is evidence of Rory powers:

enter image description here

And Rories crop up in questions on other Stack Exchange sites, such as this one:

Why does Rory not use his handgun after he discovers he has it?

A proposal was also made by Lucas Kauffman to create a Rory Stackexchange site. Sadly an anti-Rory faction closed it down.

And to top it all off, even Douglas Adams wrote about the Rory Award in the Hitchiker's Guide to the Galaxy Books - it was stolen from the most destructive party of all time, because the award is a part of the Wikkit Key, along with Marvin's Leg, the Infinite Improbability Drive, the Ashes and the Argabuthon Sceptre of Justice...(Link is NSFW! - the US version is acceptable at work, as long as you aren't Belgian)

0
33

Meme: Bears

Originator: @ThomasPornin, @ScottPack, @AviD

Cultural Height: July 2011

Background: Our highest rep user, cryptographer Thomas Pornin created a couple of distinct accounts with bear avatars.

enter image description hereenter image description here

Being a rather prominent and respected member of the community, this has earned him some nicknames:

  • "The Bear" usually refers to @ThomasPornin himself, but is also often used specifically in reference to his primary account.
  • "Big Bear" is usually used to refer to the actual @ThomasPornin account, distinct from...
  • "Little Bear" which is used to refer to the @TomLeek persona.

With his rapid rep gain, the bear icon appeared regularly, so a winged bear with lasers was proposed as a site logo when we graduated.

@Jin new design - bears, with wings, and lasers as per @AviD's request?

@ScottPack then introduced us to the ServerFault Paddington Bear Choppertar, so the theme grew. Later the bear theme came to include references from the LGBT community in the form of these gentlemen:

enter image description here

On September 22 2013, the Big Bear reached 100k rep - so it has been proposed that this date should be celebrated as Bear Day each year... to which Thomas answered in his usual sincere manner:

The Bear approves of your oath of fealty. You may keep on chanting the glory of your ursine overlords.

At about the same time, Little bear topped 40k - giving him a total rep about the same as the total rep for the next 4 members!

2
24

Meme: It depends

Originator: Anyone with an InfoSec job

Cultural Height: It depends

Background: The most common answer on the Security StackExchange, owing to an imprecise formulation of questions. Most users not versed in the arcanes of information security fail to understand the importance of a threat model in assessing the security benefit or risk associated with a piece of technology. More often than not, questions such as "How secure is XXX?" or "Can I trust XXX?" or "What are the security implications of XXX?" can only be answered with variations of "It depends".

Meme: Morpheus from Matrix stating "What if I told you... It depends?"

1
  • 1
    Why is this meme specific to security? lol
    – jpmc26
    Commented Mar 24, 2016 at 21:05
23

Meme: Tinfoil Hattery

Originator: Some say @Rook invented tinfoil hattery, but that's just a coverup. It was really invented by the Illuminati, in an attempt to make us all look crazy.

Cultural Height: TBD

Background: Tinfoil hattery is a term used to describe any behaviour that is paranoid beyond normal levels, which describes pretty much everyone on here. Some take it further than others. Infamous examples within Sec.SE include Rook and Andrew Smith.

They're listening to my thoughts!

0
23

Meme: Security is Hard™

Originator: Unknown. More recently proliferated by James Arlen on the Liquid Matrix Security Podcast.

Cultural height: Late 2012

Background: Security is Hard™ has been used by a lot of people, to (often condescendingly) remark on the apparent difficulty many people have with security. Its use ranges from genuine cases of difficult security, where work is actually required, to cases where a vendor / manager is lazy, unwilling to fund basic security, or just flat-out incompetent.

lynks: I'm just trying to balance the gains against the huge amount of work it takes to keep a whitelist that everyone is happy with.

Terry Chia: @lynks I'll personally agree that whitelisting outbound traffic is a major pain.

Polynomial: oh yeah, I'll agree it's a pain.

Polynomial: but Security is Hard™

Polynomial: or, as James Arlen says, "Security is haaaaaaaaaaaaaaaaarrrd."


“The industry standard is that most SSNs are not encrypted,” Haley said in response to a question from a reporter. “A lot of banks don’t encrypt, a lot of those agencies that you think might encrypt Social Security Numbers actually don’t, because it is very complicated. It is cumbersome and there’s a lot of numbers involved with it.”

Security is haaaaaaaard!

22

Meme: @Iszi's Gender

Originator: @Iszi, @ScottPack, @GrahamLee

Cultural Height: Most of 2011

Background: Originally, @Graham made a snarky comment to @Iszi, and @Scott over-analyzed and ran downhill with it. @Iszi's protests of malehood notwithstanding.

Graham Lee: @Iszi Just doin' my job, ma'am ;)
packs: @GrahamLee Hm. I always assumed Iszi was male, though in retrospect all statements could be gender neutral. This should be interesting to see (his|her) reaction.
Iszi: @packs Funny. Real funny.
Graham Lee: I keeed
Iszi: I suppose these days "wife" is a gender-neutral term, in respect to identifying the speaker. I know I've mentioned the XYL once or twice here.

From there, it just continued to hang around, like a cloud of gender-confusion hanging over @Iszi's gravatar, such as this assortment of comments:

Probably around the same time my gender came into question.

A gender/orientation identity crisis? Yeah, me neither. Though I was a theatre major for a while, that should give me some perspective.

Whichever gender @Iszi may or may not be is still, in my mind, an open question until I see (him|her) in a bar.

First you accuse me of being a different gender. Now I play with sock puppets?

Great... now I'm a scapegoat of questionable gender.

I don't mind. I'm already "a scapegoat of questionable gender" here. May as well add S&M to that.

One's choice of under garments is not necessarily indicative of one's gender.

Eventually, @Iszi had no choice but to meet with @Scott in person, and allow him in-person authentication - a gender-CAPTCHA, if you will. Results were first announced via Twitter:

At a bar with a male claiming to be @IsraelZulu. Gender confirmed to an acceptable margin of error.

Results were later shared broadly within the sec.se community via chat.

No, @ScottPack has "verified my gender to within an acceptable margin of error" as male.

And thus the mystery was put to rest.

I'm not female.  @ScottPack had me tested.

2
  • 19
    What is "an acceptable margin of error"? ;)
    – user10211
    Commented Aug 7, 2012 at 10:42
  • 1
    @TerryChia ah, see - you have to go back and read that whole conversation. :)
    – AviD Mod
    Commented Aug 7, 2012 at 11:20
18

Meme: They can see your dick pics.

Originator: John Oliver (Last Week Tonight, on HBO)

Cultural Height: 2015-2016

Background: In June of 2013, documents stolen from the NSA by Edward Snowden were released to the public. These documents revealed to the layman extensive government surveillance systems which previously were assumed to not actually exist. (Conspiracy theorists have long warned of such systems. While the rest of the general public likely assumed government agencies were capable of designing and employing them, they perhaps equally assumed this had not actually been done or was not being done indiscriminately.)

In April of 2015, laws which enabled the use of these systems were nearly due to be renewed. However, public interest in the topic had largely waned at this point. In an informal survey, John Oliver - host of Last Week Tonight, a news satire show airing on HBO - found that nobody could even properly recall who Edward Snowden was.

In order to re-ignite the discussion, and inspire the public to action, it was necessary to find an aspect of the government surveillance programs which the layman could intimately relate to. So, in the same survey, respondents were asked how they would feel if the government had obtained access to pictures of their genitalia - i.e.: "dick pics". Of course, the situation was found to be generally undesirable by all.

To bring this into relevance with the discussion of government surveillance, John Oliver traveled to Russia for an interview with Edward Snowden. During the interview, he shared his survey results with Snowden. Then, Oliver proceeded to ask Snowden about the various government surveillance programs which had been brought to light by his leaks. Regarding each, Oliver asked "Can they see my dick?".

The full segment is available on YouTube, courtesy of HBO. (Link jumps to the portion where "dick pics" are brought into scope.)

This is a fantastic example of how matters of information security can be brought into focus and made relevant to an otherwise ignorant or unconcerned audience. In this case, it was for the general public. However, information security professionals often face similar challenges when having conversations with members of management - especially at higher levels, and with C-level executives.

So, when addressing the level of exposure posed by a certain risk, it may help to ask (or answer) the question: "Can they see the dick pics?"

Examples:

http://chat.stackexchange.com/transcript/message/28329001#28329001

Iszi
@Matthew Which, in a way, is more or less the point of my answer. Any question of the form "what can a bad guy do if he has X running on my computer" is essentially "my computer is pwned and needs to be killed with fire".

Ohnana
@Iszi just go with the john oliver answer: "he can see your dick pics"

http://chat.stackexchange.com/transcript/message/28329092#28329092

Iszi
@Ohnana Yes, indeed. In fact, we should do this to all the 10 Laws of Security: s/it's not your computer anymore/he can see your dick pics/

13

Meme: Eat everything

Originator: @AviD

Cultural Height: August 2011

Background: Following on from Wildebeest and other discussions, topic #1 in the DMZ became not security, but food, and just what we could or had eaten. Some delicious examples:

while giraffe is in principle kosher, thats one animal that I dont think I could ever bring myself to eat

a local cafe mistranslated something.... I insisted that the waitress bring me extra sealion in my sandwich, but she refused.

Ostrich...Pork

but penguin are fish, not meat - you cant make bacon from fish!

oh wait, if it's rolled in some dough and baked, its a "pig in a blanket". guess thats similar to toad in a hole.

3
  • Do you mean meta.security.stackexchange.com/a/883/5501 by Wildebeest? Commented Aug 6, 2012 at 21:17
  • 1
    @AndreyBotalov well that's when it came up in conversation. Then we started discussing dining options revolving around the horse-cow.
    – AviD Mod
    Commented Aug 6, 2012 at 21:19
  • 1
    And all other animals that could be considered Kosher...and then all animals, and possibly some plants that might look a bit like animals.
    – Rory Alsop Mod
    Commented Aug 10, 2012 at 9:57
13

Meme: S&M

Originator: Unknown

Cultural Height: Unknown - nearly as old as Sec.SE itself.

Background: Prior to being renamed to "Primarily Opinion-Based" (and, before that, "Not Constructive"), the close option that described questions which would likely receive answers "almost entirely based on opinions, rather than facts, references, or specific expertise" was called "Subjective and Argumentative". This was often casually referred to as "S&A".

One day, someone (deliberately or accidentally) mis-typed this as "S&M". "Sadism" and "Masochism" are culturally deviant fetishes which usually go hand-in-hand with one another and therefore are often referred to jointly as "S&M". (Sadism is the enjoyment of causing pain, while Masochism is the enjoyment of receiving pain.) Since "S&A" and "S&M" are both "culturally deviant" in their respective subjects, or (more likely) perhaps just because the typo itself is fairly amusing, the association stuck.

2
8

Meme: FAW (Frequently/Funny Attacking Wildebeest)

Originator: @RoryAlsop

Cultural Height: Early 2011

Background: Best explained by the originator, shortly after its inception:

FAW=FAQ. We just got chatting late on one evening after a basic spelling mistake, and it snowballed.

In other words, our fearless leafer made a silly typo, and we made fun of him mercilessly, and kinda ran with it. Just cuz, that's kinda what we do.

At some point, after interrogation, we were searching for a backronym, to explain the W in there. Thanks to our collective fixation with food, and specifically my particular kosher fetish and fascination with rare types of animal meat, we landed on Wildebeest. And the rest is really just a roryism.

Interesting aside: Wildebeest also continued on as a spam collection account

@AviD:

http://chat.stackexchange.com/transcript/151?m=617412#617412

8

Meme: pls

Originator: @Simon

Cultural Height: ongoing (from: Nov 14 '13 8:25 PM / to: present)

Note: The real start date is a bit vague, but the first mention of 'pls' alone by @Simon has been registered on November the 14 in 2013.

Background: 'pls' has been used extensively (in the DMZ chat room) by @Simon to cut off arguments, or disapprove of something, notably when being involved in it. This literaly turned into a game where members of the DMZ uselessly add mention to @Simon, to which he invariably replies 'pls' (short for please or as explained by @RoryMcCune : "it's an epithet denoting an impreciation indicating that the user is scornful of the statements from the person or persons to whom the epithet is directed" (see source).

Variation : Some variations have been seen like '@xxx pls', 'pls all' or even 'pls xxx' (xxx being one's name). Also sometimes mispelled ('slp', 'spl', 'lps' or 'lsp'). As introduced by @Mvy there is also the French version of it: 'svp'.

8

Meme: Euphemisms

Originator: unknown

Cultural height: ongoing (from: Oct 9 '12 8:21 PM)

Background: The topic in the DMZ is very often shifting away from information security to more casually interesting topics. As a consequence of this it is often not clear how to interpret specific messages, resulting in the question "is that an euphemism?" or phrases like "I hope this is not an euphemism"

Examples:

You have no idea. The show itself was the debut for our new confetti cannons - much more power and range, and much more mess! And the crowd was quite special

I hope "confetti cannons" is not a euphemism.


God damn it! I feel like slapping the Indian lady

Is that a euphemism?

You must log in to answer this question.

Not the answer you're looking for? Browse other questions tagged .