Security is all about layers of protection. The more layers that are
put in place the more secure you and your family will be. For example,
if you lock your doors that is one layer, but not enough. A home security system which includes an alarm, security cameras and even signage are all additional layers of protection.
An axiom of the security professional is to “predict and prevent”.
This means by having the foresight to visualize the possibilities of
crime happening, how and why, will help that professional to prevent
such a crime by putting the security layers in place.
Much of the security philosophy described here is meant to be
proactive and deter or prevent a criminal from being successful. With
that in mind, with the exception of high quality security cameras,
security doesn’t often lend itself to catching the bad-guy after they
have been successful in committing a crime.
Generally we leave the task of apprehending “evil doers” up to law
enforcement officials who have a litany
For social networking sites, security is not a top priority. Most do
not protect your data with the same vigilance you could expect from your
bank, for example. Nor do social media require strong passwords. And if
you use the same passwords for more critical sites, like webmail or
online banking, having your social networking account compromised can
make those other accounts vulnerable as well.
Last year, 32 million passwords were posted online after a data
breach at RockYou, a company that creates applications for social
networking sites. The breach revealed the weakness of most people’s
social networking passwords.
“All the major sites–Facebook, MySpace, Twitter, LinkedIn–have the same
minimum password length of six characters. And password complexity
checks are few and far between. Facebook and LinkedIn have no complexity
checks. For MySpace, some complexity checking is enabled; however,
users can enter a password of ‘123456.’ Twitter has a basic
There have been thousands of privacy related news reports over the past year depicting social networks,
Google, marketers and advertisers as evil privacy violators who are
slowly sucking dry whatever privacy we have left. Facebook has been
raked over the coals by advocates and watchdogs who say their tactics
violate their own policies. In response, numerous lawsuits have been
filed and government agencies have put the pressure on everyone involved
to come up with a serious solution.
It is evident that without some type of government oversight that the
“self policing” done by all those who stand to gain financially by
selling our data will continue to spin out of control to the point where
privacy will be something of the past.
My stance as a security professional has always been on the “privacy
is dead, get over it” side of the fence. I’ve always been of the belief
that the data out there is as a result of the public’s own doing and if
they don’t want the world to know their private
“Wikileak” is turning into a verb. This is when sensitive
information in office document files such as Microsoft Word, Excel,
Textpad, or PDF files can be easily copied, transferred, sold and
leaked, all without the owning organization’s knowledge.
It is easier than ever for sensitive information stored in electronic
documents to be copied and publicly released without the owner’s
knowledge or consent, thanks to WikiLeaks, an international activist organization that publishes documents that have either leaked or been provided by anonymous sources.
Politics aside, releasing confidential intelligence to enemy
combatants puts lives at risk. Geoff Morrell, press secretary for the
Pentagon, has condemned
“the unauthorized disclosure of classified information,” which he says
“could make our troops even more vulnerable to attack in the future.”
Document breaches of any nature have consequences. Data breaches,
espionage, and the misuse of confidential or sensitive data are a
There’s dumb criminals and then there is this kid.
A family was away from their home and had someone take care of some
items around the house. Apparently the caretaker was doing some work on
the exterior of the home and opened some shutters around a window and
saw someone inside who wasn’t supposed to be there.
As soon as he realized it wasn’t a family member he called the
police. And somehow the burglar was able to get out of the home and flee
before law enforcement arrived.
When they entered the home to secure it they found a backpack,
discarded food wrappers, a bag of pot, and soda cans. There was an open
window adjacent to all the stuff where they determined that’s where he
may have entered and exited.
So what does an 18 year old spend a lot of time doing (other than
breaking into homes) he spends time on MySpace. And this kid logged onto
the family’s home PC to his MySpace page. When he realized he was seen
in the home he fled, forgetting to LOG OUT!!!!!!!!!
When the police
First thing I tell my seminar attendees is “The chances of anything
bad ever happening to you is very slim. So don’t worry about. However
you should still put these systems in place.”
Are you a helicopter parent? An “alarmist”? Or Chicken Little: The
sky is falling, the sky is falling! I heard somewhere along the line
that 90% of what we worry about never happens. It might be even closer
to 99%. But there is still that one percent that concerns.
Deciding what to worry about may be a conscious or unconscious (or sub-conscious) decision.
Often what we worry about comes from what we see and are fed in the media. It is well known that the nightly news is built on the premise “If it bleeds it leads”. Blood and guts is what sells airtime and newspapers.
These worries when confronted are often dumbed down by statisticians,
researchers, some security professionals, social psychologists and are
called “baseless paranoid fears”. Books written in this regard
are designed to give perspective. My
According to the figures released by the FBI, the estimated number of violent crimes in the Nation declined in 2009 for the third consecutive year. Property crimes
also declined in 2009, marking the seventh straight year that the
collective estimates for these offenses dropped below the previous
What has always bugged me about these reports is the sense of relief
some get, but in reality how little crime actually declines. Generally
it’s anywhere from 5 percent to 6 percent for either category. So maybe
there were 22,000 murders gone down from 25,000 murders. That’s still
lots of grieving families.
Much of the decline in crime can be attributed to better police work
and support from various federal agencies. Over the years law
enforcement has gone from whistles and Billy clubs to sophisticated
programs based on community involvement coupled with innovation and
In addition to better police work I believe the public has a higher
degree of security
Teaching kids internet safety and security is an evolving and complex
issue. The goal is to achieve a level of trust with your kids while
providing a long enough leash to foster growth and responsibility.
Google’s Family Safety Center is a new site compiling the best of
resources for advice, guidance, direction and action items to provide
parents with the necessary tools to help kids navigate the wild wild
“Google Family Safety Center
works alongside many organizations in the US to promote action and
awareness around Internet safety. They offer resources and advice on
cyber bullying, child protection and online education both for parents
A few of the resources include:
ConnectSafely is the leading
interactive resource on the Web for parents, teens, educators – everyone
engaged and interested in youth safety on the fixed and mobile social
Web. In addition to safety tips, advice, and youth-tech news,
ConnectSafely provides a discussion forum for all
When a virus recruits an infected PC into a botnet, a criminal hacker is able to remotely access all the data on that computer.
Robot networks, or botnets, have a varied history. A bot, which
doesn’t necessarily have to be malicious or harmful, is essentially a
program designed to connect to a server and execute a command or series
As reported by aMcAfee study,
networks of bots, otherwise known as drones or zombies, are often used
to commit cybercrime. This can include “stealing trade secrets,
inserting malware into source code files, disrupting access or service,
compromising data integrity, and stealing employee identity information.
The results to a business can be disastrous and lead to the loss of
revenue, regulatory compliance, customer confidence, reputation, and
even of the business itself. For government organizations, the concerns
are even more far reaching.”
In the second quarter of 2010,more than two million PCs
were recruited into botnets in the United
Thanksgiving is coming quickly and it is one of the most traveled
times of the year. Burglars know this. There are unfortunately many
unsavory characters that are anticipating you are heading to a
Thanksgiving Day football game or going to grandmas house and some of
you might be helping the homeless at a soup kitchen.
To ensure an uninterrupted feasting of the fowl and a safe return home, I suggest you consider the following:
Here are a few tips to help protect the safety of your home while you are gone:
If you are traveling by car make sure it’s running properly,
check belts and tires and oil. Have a good spare and carry an emergency
kit.If you are heading overnight pack your car in your garage or late at night under the cover of darkness.Use timers on indoor and outdoor lights.Let a trusted neighbor and the police know you are traveling.Unplug garage door openers.Have a neighbor park their car in your driveway.If grass is still growing where you live and if you’re gone for a bit have a
Today’s kids don’t even know what it’s like to not be connected to
the Internet. But being technology savvy doesn’t mean they are safe and
Since the Internet as we know it was born in the early 1990s, it has
become an integral part of our and our kids’ lives. Online shopping,
social media, mobile web, and computers in the classroom are as normal
to them as riding a Huffy bicycle was to me. For these kids’ parents,
the online world often feels too fast and too complicated. Nevertheless,
it is essential that parents educate themselves on safe, secure online
practices in order to set a positive example and provide guidance for
their children as they navigate the web.
Fortunately, safe and appropriate online behavior isn’t much
different than in the real world. The main distinction is that on the
Internet, it is necessary to be particularly sensitive regarding how and
with whom you communicate.
Parents who lack experience with the Internet, computers, or mobile
This is a little over the top and if this story was happening to one
person I may not even dare to discuss. But it seems to be happening to
hundreds, maybe thousands and possibly tens of thousands. And the fact
that kids today are posting anything and everything, it needs to be
Right now hundreds of cyber threat
victims are coming forward, arrests are being made and court dates are
set because criminal hackers in the form of weird men are breaking into
women’s email programs and social networking sites and scanning their
media for photos that show them as they were in their birthday suit.
The depraved men are then contacting these women alerting them to
their dirty deeds and giving them an opportunity to save face before the
photos are posted to Facebook by paying them off in money or more
This is serious stuff, now while you may not participate in stupid
activity like this someone you know and care for may. The Register reports
One victim, who was 17 at the
I feel like my head is going to explode.
The Colorado Supreme Courthas ruled “that using someone else’s Social Security number is not identity theft as long as you use your own name with it.”
The defendant in this particular case had admitted to using a false
Social Security number on an application for a car loan, and to find
employment. The court ruled that since he had used his real name, and
the Social Security number was only one of many pieces of identifying
information, he “did not assume a false or fictitious identity or
capacity,” and “did not hold himself out to be another person.” The
court found the defendant’s use of a false Social Security number
“irrelevant,” since the number was provided to fulfill “a lender
requirement, not a legal requirement.”
Justice Nathan Coats dissented, writing, “The defendant’s deliberate
misrepresentation of the single most unique and important piece of
identifying data for credit-transaction purposes” was “precisely the
kind of conduct meant
Living in the Northeast has its pros and cons. We have the four
seasons, great food, entertainment, sports, everything is at your
fingertips, and for me it’s where business gets done.
Drawbacks include lots of congestions, crime, traffic, bad attitudes
and nasty neighbors. Most people I know have a neighbor they are in some
kind of entanglement with. It’s everywhere. When houses are stacked on
top of each other people get territorial and stuff happens.
A New York Times article highlights
a few of these nasty scenarios that I’m talking about. One person from
the article was quoted saying “I’m not sure now, whether to worry more
about my neighbors or strangers.”
I hear you man. I HEAR YOU!
Installing video surveillance
outside your home can be a deterrent to a burglar or home invader.
Cameras are another layer of protection. But they can also catch a
person doing things they shouldn’t too.
My cameras caught one of my neighbors attacking another neighbor. The film was
Warning: This is about to get very graphic. The Boston Globe reports
“A woman hacked to death with a machete and knife in her home was alive
for all 32 slash and stab wounds that split open her skull, sliced
through bones and pierced organs, a medical examiner testified.”
Steven Spader, 17 years old at the time formed “Disciples of
Destruction” a gang, “pleaded not guilty to first-degree murder,
attempted murder, conspiracy to commit murder and burglary and witness
tampering. He was 17 when prosecutors say he plotted the home invasion
and rounded up the three other young men who accompanied him.”
“During the home invasion, Kimberly Cates, 42, was killed, and her daughter was severely injured.”
Prosecution asked the medical examiner if the mother was alive during
the attack and he said yes. Meaning she didn’t die upon being
bludgeoned, she bled to death.
Spader has a penchant for the “pen” too. He has sent letters to
fellow inmates which he calls “bedtime stories” describing the crimes
The following 15 activities, all of which are facilitated by Facebook
and other social networking websites, are causing lots of heartache and
1. Posting illegal activities.
In the little town where I grew up, 30 kids recently faced the wrath of
their parents, school officials, law enforcement, and the Boston media,
all because someone posted their party pictures, which depicted
underage drinking, on Facebook. It’s never okay to show illegal
2. Account hijacking.
Phishers imitate the Facebook email template, tricking victims into
believing they have received an official Facebook message. Once you
enter your login credentials, criminals can take over your account, pose
as you, and ask your friend for money. Always log into your Facebook
account manually, rather than going through a link in an email.
3. Facebook bullying.
It is so much easier to write something awful about someone than it is
to say it to them personally. Words hurt. Vicious words have led to
Home is where you look forward to towards the end of a vacation. Home
is where you rush to at the end of a work day. Home is where you’d
rather be when you are somewhere else. After all, as Dorothy said
tapping her ruby red slippers, “there’s no place like home”.
Our homes become a place of comfort unlike any other worldly
possession. It’s where all our stuff is, in all the places we put it, in
the order (or disorder) we create. It’s where our kids sleep, dog naps
and where we eat.
Most people take for granted the feeling of safety and security in
their home. They expect it as a given. Like a sense of entitlement.
I’ve always believed this is a mistake. Because when one takes
security for granted, they completely have their guard down. This means
they are vulnerable to any whacko who jiggles a doorknob looking for the
path of least resistance.
If a person’s home is invaded
or burglarized, they quickly lose that sense of security and never feel
the same way again. Some people even
It is obvious to many that Facebook has got the message and is becoming more responsible for their users security. For a few months now I have enjoyed a security feature they implemented that allows you to say in control of your logins.
Login notifications: This feature sends you an email or text telling you someone has just logged into your account.
To set up and enable notifications
1.go to “Account” upper right hand corner
2.in the drop down menu to “Account Settings”
3.in the main menu go to “Account Security”
4.click “Yes” next to “Would you like to receive notifications from new devices”
5.thesame can be done with text messages if you haveyour mobile
plugged into Facebook. But don’t have your mobile displayed on your
6.Log out then log back in and it will ask you to identify the computer.
One time passwords: This makes it safer
to use public computers in places like hotels, cafes or airports. If
you have any concerns about security of the computer you’re using while
Today’s criminal hackers are very different than those who hacked for
fun and fame a decade ago. Every week, I see stories about more
criminals in faraway lands, making millions from various scams, emptying
the bank accounts of small businesses or draining the financial
reserves of entire towns.
High-tech crimes can be committed by lone individuals, by small
groups, or by organized web mobs. These web mobs structurally resemble
the longtime operation of the Russian and Italian mafias, the Irish mob,
the Bandidos, and the Hells Angels.
The Anti-Phishing Working Group
has noted the success of Avalanche, a particularly large and successful
web mob with an emphasis on phishing: “Phishing has always been
attractive to criminals because it has low start-up costs and few
barriers to entry. But by mid-2009, phishing was dominated by one player
as never before—the ―Avalanche phishing operation. This criminal entity
is one of the most sophisticated and damaging on the Internet, and
Allen West, a Republican Congressional candidate, isspeaking out
after a mailing from the Florida Democratic Party releases his Social
Security number and his wife’s federal employee number. “It’s an attack
against me and I think it shows the weakness of the character of Ron
Klein and definitely the Florida Democratic party, to put a person’s
personal security and safety at risk,” said West, “And also affects my
family as well.”
The Florida Democratic Party responded by stating, “We apologize for
the oversight of not redacting this information from the public record
included in the mailer,” and by offering West two years of identity
theft monitoring, but West says he will not accept their money.
a judge has ruled it islegal to post Social Security numbers on
websites. Every city, state, and town has its own set of regulations
determining the collection and management of public records, including
birth, death, marriage, court, property, and business filings.