Thursday, December 29, 2011

AST-0037863_The_In_Security_State_of_SCADA_Software_Systems.pdf (application/pdf Object)

AST-0037863_The_In_Security_State_of_SCADA_Software_Systems.pdf (application/pdf Object)

This is a real vulnerability to our power, water, waste, and transportation grids. SCADA systems, are integral to the operation of many of our infrastructure operations. The SCADA system is the program that operates these systems, it controls many subroutines, some of which are PLC's or programmable logic controllers. These are very simple command processors, that control key valves, gates, temperature controls. They also can be input devices taking reading from limit switches, and thermostats, to tell the SCADA system what the state of object is. The controls are so simple that a few lines of code will completely change the readings or operations of a PLC, giving the SCADA false information. Like is a gate really closed in a prison, or water plant, is a valve really closed to a waste water containment vessel. It can even turn on all the traffic lights to green on a critical intersection.

In a hospital, many operations are controlled by SCADA type systems, as are elevators in highrises, or the fire suppression systems in a school, there are to many to mention. If hackers, or worse terrorists attack these systems, it could be devastating to US infrastructure. In many cases, we may not even be aware of the attack, for days, even weeks. It will be blamed on maintiance workers, or bad mechanical gear. By the time it is figured out that the software is cycling a gear on and off to the point of failure, many will have changed out motors and valves to solve the issue.

The programmer does not even have to be that good, just changing the code in some way, can cause problems that would be hard to diagnose. In fact a small change could cause such intermittent problems that it could be a long time before someone would even think to look at the software.

A big part of the security for these systems will be in providing good physical security, that will detect anytime the PLC's are accessed. This means the software experts will need to work hand in hand with physical security experts to insure the integrity of the systems. The normal separation of physical and software security will not provide the protection needed.

New surveillance towers at U.S.-Mexican border should spot a human at 7.5 miles | Government Security News

New surveillance towers at U.S.-Mexican border should spot a human at 7.5 miles | Government Security News

Israel uses this type of surveillance, to monitor the Gaza strip. They also have a 300 foot radar, that gives them even more in depth info. Using this to track movement up to the border, allows for rapid positioning of a response force.

This distance also handles many of the Maquiladoras, so that activities can be monitored, and the appropriate authorities notified of suspect activities. It will also allow for tracking of Maquiladora manager's to and from the border check points. Suspect activity can be radioed to the managers to allow them time to avoid dangerous situations.

The technology is pretty much off the shelf, and can be installed it ether a fixed or mobile platform. Israel has them situated on most of their guard towers, and on a whole fleet of jeeps and trucks. With the reach they have, people doing suspect activities can be tracked often to their staging points, or even homes in some cases. This also would work over the lake, where a lot of activity is, and boats can be tracked to the shore on both sides.

Using the surveillance system, drones can be directed to track people even further into Mexico, with video for recognizing people and vehicles used.

This actually can be a huge success, in clamping down border incursions, making the actual legal crossings choke points. With proper surveillance, suspect activity can lead to pinpointing suspect vehicles, for even more success and speed at the crossings.

Friday, December 23, 2011

Kevin's Security Scrapbook: Workers Warned to Keep Smartphones Safe at Christmas Parties

Workers Warned to Keep Smartphones Safe at Christmas Parties

It is not just an espionage issue, there are a lot of emotions going on during this season. So stalkers or stalking type actions are also an issue. Many of the Smart Phones have tracking capabilities, easily turned on, and many of the simple spy programs just use these to show locations. Some allow others to hear conversations, or at minimum know what numbers are being called.

When you get some quiet time, just try and see what is turned on. Look for the GPS to be active, unless your are using GPS it should be turned off. Check your Bluetooth app's, if it is turned on, it often can be hijacked to send info to another phone even spoofed to send the conversations to another phone, thinking it is dealing with a Bluetooth head set. Smart phones are not the only target, virtually any phone that has Bluetooth capability can be attacked. On a plane the other day, I found 8 phones sending Bluetooth data, out that I could exploit.

It take normally less than 5 seconds to steal your whole contact list, as well as calendar data from any Bluetooth enabled phone. Keeping it turned off is the best bet, but if you are using a headset, then limiting the Bluetooth, to only one active Bluetooth, contact is also a help. The bad news there is that Bluetooth data is not encrypted, so everything you are communicating to your head set, as well as the communications of the person you are talking to, are open to being spied on by anyone that buys some very simple applications. Think of your Bluetooth as more a party line for those around you, in some instances they could if they wanted join in the conversation.

Happy holidays, and remember that Bluetooth keyboard for your tablet, you just got for Christmas is also capable of leaking info, like all your passwords, as you type them into the tablet to log on to your financial account or the credit card data you just used to buy that on line accessory you just had to have. I have over this Christmas season, heard two people giving credit card info over Bluetooth headsets, that just got garbled into my conversation as they passed.

Monday, November 21, 2011

SCADA Attacks, are very similar to the Stuxnet attack, basic yet effective

SCADA Attacks, are very similar to the Stuxnet attack, basic yet effective

This attack like the Stuxnet attack, went after some very simple code, that is used to control valves, security gates, and other peripheral devices. Normally a SCADA control program is a fairly sophisticated deal, but when it hands off simple routines like controlling valves, the use of a PLC or programmable logic controller is used. The code for PLC operations is fairly simple, it only handles very small tasks. To insert a bogus code into a PLC is not all that hard, PLC's are designed to be programmed in the field, as such no compiler or at least a sophisticated compiler is needed. This makes them great targets, as one recent article pointed out correctly that most Prison's use SCADA systems, which use PLC's to control doors and gates at the Prison, meaning that it would be possible to program them to open if attacked. Now this would be a more sophisticated attack than a normal Stuxnet would attempt. In fact most of the sophistication of the Stuxnet was in getting the code to the PLC.

Remember PLC's have simple short codes, so getting it to do simple actions like keep opening and closing a valve or door, is pretty easy, to open a door at a predetermined time is really going to have to attack the main SCADA program, a much harder task, not impossible, but harder that attacking the PLC's.

Most SCADA systems should be off line from the internet, and as such it would take an attack like the one used against the Iran nuclear facility. In that case it was introduced via a USB flash device. That takes physical access to the system, or spoofing someone else to have access. If the attack was on part of a SCADA system that was hooked up to the internet,  a big no no usually. Then it is a matter of loose or no passwords to protect the system, which would have at least make it harder for the bad guys to attack the system.

Maintenance contracts for SCADA systems, often require internet access, but these contracts should be reviewed for security purposes. If possible internet hookups should be only physically connected during a time when the maintenance vendor needs access. Often security guards are trained to manually make the connection, and then physically disconnect it when the vendor is done. IT departments make a very big issue of the fact that they can put security controls in place that can stop anything. The bad news is that it is harder and harder to stop everything.


Borderland Beat: New Routes for Mexico's Black Market Arms

Borderland Beat: New Routes for Mexico's Black Market Arms

I am definitely not a big supporter of our Attorney General Holder, I am how ever not a believer that he has had anything to do with our US Agents death. His crime if there is one, is the same as the Agent that was just sent to jail for two years, he lied and tried to cover up his knowledge of the Fast and Furious program, as such he should I think suffer the same fate, or at least have the sentence against the agent, vacated in some way.

But to the point, as bad as some think Fast and Furious was, the truth is that the vast predominance of arms come from other than the US or at least not directly from the US. In the article 60%, of the weapons recovered are from thefts of Mexico Government military storage. So the speeches of the President of Mexico over the US providing the weapons used by the Cartels is not factually true. The article point to new routes, yet in the article it talks of this weapons traffic from South America, and internal thefts have been happening for years. To make a training video on weapons and training Sheriff's departments all over the US, I have had to study weapons transfers and where they are made. For instance an AK 47, good weapon of choice for Cartel members, cost roughly 5 times as much coming from the US, as it does from South American countries, that have been provided these weapons by Russia, China, and other countries for years. There are stock piles of these weapons all over South America, some countries even have been licensed to make the weapon.

Another weapon of choice for the Cartels, is the Uzi sub machine gun, once again way to expensive in the US, in fact US gangs use Tec 9s and such, that are cheap knock offs, that fire the same caliber cartridges and bullets. In fact the Tec 9 can fire a normal 9mm, which tends to make Uzi's jam. In fact the high end folks in the US moved off Uzi's with the open bolt problem years ago, in favor of H&K MP 5s, and in most case have even moved on from them to newer weapons. But the Uzi is still a big player in the Cartels, and they can get them also from many places in South America. In fact when Israel was training South American Police in the 80's thru till today, they often pushed the Uzi as the weapon of choice. Thefts from the South American countries, are probably the main source of Uzi's for the Cartels.

So if in some way we can stop all weapons from going to the Mexico from the US, it will hardly make a dent in the Cartel's capabilities of procuring weapons. Holder may be guilty of many things, but of the death of our US Agent? Bad people are the cause of the Agents death, and we should be after them, a focus on the Cartels, and their inroads to the US should be our first priority.


Friday, November 4, 2011

U.S. Report Blasts China, Russia for Cybercrime | Product Design and Development

U.S. Report Blasts China, Russia for Cybercrime | Product Design and Development

The key point here is, it will be hard if not impossible to stop. China is also correct that they are a target as well, mainly from within. With a Government that often picks winners and losers, China has a lot of people inside that fight to get what has been stolen from the US and others, so they can get to market with it.

Russia it would seem is still using info to steal actual funds, more than ideas for new products. But everyone is doing it, sometimes by just allowing it to happen, by hackers in their countries and then monitoring their finds. It is not going to get better any time soon, and for those that are still in love with VPN's, they are but another fence hackers have to jump over. Like in most intelligence groups, they tend to focus on things being encrypted and that are on VPN's. It is sort of a sign post that important stuff is here, so focus on this.

Now this does not mean that they beat them all the time, it does mean we need to look for a weak link here, something we can exploit. Which is what normally happens.

The other part is to remember the attack plan of Intel agencies,is to get 10% of information from each attack, and just keep attacking till you get enough of the picture to work with. So if China allows their hackers loose, then just waits for bits and pieces of the info they want to flow by, they are very happy. Now tell a Russian mob boss you have only gotten 10% of the info they want, you could be in a bit of trouble, but Governments do not have to work that way.

No country is clean in this arena, and very few companies are totally clean. It is sort of like when intel types would capture faxes over telephone lines, print them out, and rumple them a bit and claim they got them from looking at your garbage. In fact emails with PDF's that have the letter head and signatures on them, it is quite simple to make the same claim, and even change the wording in the PDF, so it is more incriminating and printing that out. I am not sure courts can ever trust documents presented as evidence anymore.

With fully 90% of all voice communications going digital at some point of the communications path, taping telephone lines is pretty old school. It still happens, but I would look for some cyber criminal, being the go to guy in this case as well.

So Cybercrime is here to stay, and is growing, it covers everything from espionage to terrorist attacks. Extortion is becoming a big part of cyber crime, which is breathing life into some old and new mafia types. The new moves to virtual and cloud computing, have not helped, but you have to look at risk vs reward in going forward with IT plans, and many experts will tell you virtual and cloud, will not really make it any easier to attack, maybe harder to detect an attack, maybe.

Rich Roth

Tuesday, November 1, 2011

CDC Vital Signs - Prescription Painkiller Overdoses in the US

CDC Vital Signs - Prescription Painkiller Overdoses in the US

Deaths from prescription painkillers* have reached epidemic levels in the past decade. The number of overdose deaths is now greater than those of deaths from heroin and cocaine combined.

Security practitioners need to be aware of both the signs of these problems, as well as emergency medicine for keeping clients alive. There is more and more accreditation and licensing requirements added to the Security profession every year, body guards are one of the most controlled. As such, they are supposed to be trained to handle their clients problems, which more and more include addiction issues. I think the court battle of the M. Jackson doctor, may well involve a security person next time. The initial designation of the security personal around Jackson as Security Guards gave them an out, that perhaps a body guard is not going to get.

I have been brought into addiction issues in the past, and luckily for me, they addiction was a known problem in each case, even the client knew they had a problem. Most where just getting out of a formal recovery program. In many cases, even if the world may believe the person you are protecting is having an addiction issue, and may I mention, I have only worked with business executives to date not entertainment types, at least not the entertainers themselves, they may not know or want to know they may have a problem. Still, knowing warning signs and how to use basic medical devices like air ventilators and defibrillators is becoming as needed as your Red Cross first aid certificates.

There are on line classes for CBT (cognitive behavioral therapy) that may help you deal with the issues more effectively, not as a therapist, but as an observer and aid to the situation. AA & NA have open sessions where you can attended and see how that process works as well, all can lead to a more effective support of the client or their family.

In the past it seemed all we had to do was insure our clients knew illegal drugs where being used at some event to keep the security in the clear, now days with prescription drugs being so much a part of the problem, added to alcohol issues, Security needs to step up its game a bit. As I have dealt with on other blog entries, Contracts in these situations can be tricky.


Thursday, October 27, 2011

Darpa Recruits Puzzle People for Ultimate Dumpster Dive | Danger Room |

Darpa Recruits Puzzle People for Ultimate Dumpster Dive | Danger Room |

Very good read, DARPA has used great minds in the past, for many challenges, that is what the US is great at. It is like the enigma code being broken in WWII, people thought up the solution and computers kept it going. DARPA is making use of both ends of the technology spectrum, the brains of people, and power of computers. A young lady figured out a way to track how a corporation's communications tree really functions. She used data available to any corporate IT person to determine how to fine tune the communications in a corporation. Some whiz kid at the CIA saw it and scooped her up, her methodology is a key part of tracking down terrorist cells, by their communications tree. It is now used for tracking white collar crime as well as the drug Cartels in Mexico.

Using the great brain of this young lady, and seeing where it could be used in other situations, has really made a dent in terrorism and crime. More and more Universities are looking at other ways to use this type of link analysis. Flash mob's will probably be a great use, tracking social communications is a breeze for this type of analysis. Once a trend is discovered, you just make a template and look for similar activity. It worked for terrorist cells, and even insider trading, now on to flash mobs.

DARPA finds ways to stay just outside the box enough to use great ideas, even foster them along. Just when I think they have gone too deep into, the we know it all mindset again, they supprise me with great ideas like this.

I was honored to be invited to a number of their conferences over the years. Each time you could see ideas from big firms, little firms and even unknown one person teams, bringing us closer to a safer world. Many of the technology advances the world sees in aviation security like explosive detection came out of the DARPA programs.

Wednesday, October 26, 2011

Nephew of Mexican cartel kingpin busted in Texas - Houston Chronicle

Nephew of Mexican cartel kingpin busted in Texas - Houston Chronicle

This is becoming more and more common. It is leading to more and more violence on the US side of the border, as rival's like the Zeta's come over here to settle scores. When this person was picked up, he admitted the Zeta's are looking for him.

As things heat up in Mexico for these Cartel leaders, they used to head for their hometowns to hide in plain sight, with the towns helping, Calderon has made this more and more difficult as his harder to corrupt Federal teams raid these towns more and more. For a while like former Colombian Cartel leaders they would head to prisons, where they had police protection, but could still operate their business.

Now they are buying up small developments in the US, and making virtual armed compounds, where they can run Cartel operations in relative safety. As some developers had a hard time selling homes in plots they had developed, Cartel's started buying some of them up. Compounds of as many as 15 houses, designed to be gated communities, are now becoming private sanctuary for Cartel operations.

They spend money, help with dwindling tax base's in many smaller cities, all which makes the community leaders to put their heads in the sand, and ignore the growing problem. Restaurants and Bars are seeing higher numbers, which also makes them push to keep any bad press down, to protect business.

What everyone needs to do, is look at Mexican border towns like Reynosa, where they also had a booming business up tic in the late 90's early 2000's, and are now ghost towns, as people hide from the violence.

The city fathers on the US border towns, are saying it can not happen here, yet, restaurant and bar owners are already getting partnership offers from people they do not want to do business with. Many are selling and moving further North, to cut their losses, that they see coming. A recent shooting in a Tx border town happen on a major roadway, the police knew the victim was associated with Cartel leaders on the Mexico side, something they offered up that same night to the reporters on the scene. They it turned out also knew that as recently as a few hours before a rival cartel leader on the Mexico side had been killed. Yet still refused to make the leap that this was the payback hit on the US side.

While teaching a course on security in Colorado this weekend, I found students, all veterans returning home from Iraq and Afghanistan, a couple that used to live on the border, saying they are not going home, their families are telling them it is getting to violent. Kid's in Jr High Schools are being recruited by Cartels associated with US street gangs, and yet folks are saying there is not a problem on the US side.

Wednesday, October 12, 2011

Why Iran assassination plot doesn't add up for Iran experts -

Why Iran assassination plot doesn't add up for Iran experts -

There are a lot of problems with the story as it has been released so far. It does not seem to follow the security protocols normally used by Iran. On the other hand it has been reported in some circles that the little outspoken leader of Iran, came back from the UN with his wings clipped a bit. But even the time line does not track, for him to ok, this action.

It well could be that it is more of a lone wolf type of action by disgruntled used car salesman, but if so, telling a Zeta Cartel Killer, you are going to give him 1.5 million, and only have one hundred thousand is not the precursor to a long life.

Even the Zeta part of the plot does not track very well, they also like Iran, would have to know that the US would spank, if they did something like this. But one must remember that it was a DEA agent not a Zeta enforcer he was talking to.

It will be interesting to see how the story plays out, even if just a small player, it would still be kudos's to the FBI and DEA for taking the guy down. But DOJ and others may have to eat some crow, if it turns out Iran had no knowledge of the incident. I also think the GOP should be very wary of trying to make to much out of this as well.

Everyone needs to take a deep breath, before anymore action is taken. If it turns out Iran did have a hand in this, then there is time to send them a real message, like a drone down main street Tehran hitting the hotel now used as a terror central.

That would get some attention from the People of Iran, and show how vulnerable Iran really is to US weaponry.

Sunday, October 9, 2011 : Cartel connection reveals why La Familia targeted Austin : Cartel connection reveals why La Familia targeted Austin

As our Government leaders, mainly City Fathers of towns effected, keep down playing the drug violance, all over the US, but Texas, New Mexico, Arizona, and Southern California. the violence keeps growing. The more Cartel Gunman arrive and at first keep the violence between the Cartels, then leak to our youth and businesses, the harder it will be to stop it later.

We need to stop this encroachment now, Mexico first said it was just between Cartels years ago, then it was not in the tourist areas a year ago. Now it is attacking school teachers in tourist areas. We need to stop saying it is just a bar fight in border towns and look into the fact that known Cartel members are the ones involved in the bar fights. There are places in Austin, Houston, and Dallas where locals are no longer welcome in bars and restaurants. Even Georgia has this problem, we used to say it was just New York and LA Gangs causing the drug violence problems. More and more when you look into it, the Cartels are slowing taking control, and the violence is more pronounced.

We need to put a concerted effort into getting a handle on the problem. The DEA needs to step up the their game, the FBI and Intel agencies need to support the DEA and local police. Our youth are the first one's targeted by the Cartels, giving them jobs, where they can not find any other work, we need to work against this now.


Anwar al-Awlaki dead: what it means for US, Yemen -

Anwar al-Awlaki dead: what it means for US, Yemen -

Many keep asking what the death of Anwar al-Awlaki did for the war of terror.  Call his followers what you like, they were AQ lite, they are and to some extent where perhaps the terrorist's of the little man.  While Bin Laden, and the AQ traditionalists would plan these elaborate long term attacks, using large amounts of funds, well established and trained operatives, many want a be terrorists had been left out.  Many tried to get to Afghanistan to train, and gain the approval of Bin Laden's planners.  Many where turned back, if for no other reason than operational security, Bin Laden's people could not be sure who was a plant, and who was a real follower. 

On the other hand Anwar al-Awlaki, would just tell people to go out and attack, he actually was a religious leader in his own right,  something Bin Laden, could only partially claim.  He issued very broad fatwa's, to his followers, many who would only hear of or from him  on web sites.  His game plan also was something every want a be jehad-est, could accomplish.  His main order or fatwa was classic.

Use anything you have to mount jehad against the oppressors.   if all you have is a tape recorder, then tape gun fire and bombs going off, and play it in a movie theater or some other place where it will cause panic.  If all you have is a bb gun then use it, use anything available to you. 

The main AQ had as a part of their fatwa an instruction, that a plan could only proceed if it had a 75% chance of success.  This required a lot of planning and pre surveillance to accomplish this level of success.  Which also gave security types a longer and better chance of discovering the plans.  Awliki's AQ lite had no such requirement.  Hence, anyone could attack with very little planning or surveillance, making them harder to catch during the time up to the attack.  On the other side, these AQ lite terrorists had very little if any training in operational security, or even how to make bombs, or fire guns.  This made it easier for security types to infiltrate AQ lite.

But the trade off was in the favor of the AQ lite, virtually anyone could be a one man cell, like the  Ft Hood attack, actually both of them, the one that happen and the one that was stopped.    Each attacker, could almost cause as much fear as a real attacker from AQ of Bin Laden, so it seemed that they would be as effective in many ways as a "real terrorist". 

On the security side, if keep the money flowing into the homeland security, so on we go.  It is still to be seen if someone will be able to pick up the mantel of AQ lite, but for now it seems to have dampened the lone wolf attackers a bit.


Friday, September 30, 2011

Texas Border Residents Pawns In Border Security War Games | NewsTaco

Texas Border Residents Pawns In Border Security War Games | NewsTaco

I think the writer is correct on many of the stats and indeed facts, on violence down on the border. The writer is either as wrong misinformed as to the real facts and what they mean. The Generals are correct that a lot of incidents do not get reported, or are reported as non Cartel related, because the border cities do not want the bad rap, true reporting may cause. This head in the sand approach, is unfortunately what the border cities on the other side of the border did for years, and now look at what they have. When I walk over to Reynosa it is a ghost town, gun battles are almost a daily occurrence.

The Generals are also correct that it is moving over at an alarming rate. Talk to people on the border that deal with the issues. Small enclaves of safe houses are already here, for Cartel members that do not want to face the constant violence on the other side. But as the Cartel's come over so do the problems they have with other Cartel members. Already people in McAllen Texas do not go to specific restaurants or even parts of the City at night, for fear of getting in between feuding Cartel members. Not talked about as much, is the fact that some folks are just uncomfortable around Cartel members, who may go off for even the smallest perceived insult, and start fights, that if they look like they will lose, escalate to gun fire.

So like Reynosa and other Mexico side border towns, that saw an increase in business when the Cartels first showed up, border towns on the US side are seeing increases in home sales, bar and restaurant sales, all good things, but the negative side is slowly showing as well. Youth are being brought in as low level assets to Cartels, businesses are seeing extortion attempts rise, the newest being phone scams, that used to be a rare occurrence, are now becoming common place.

One anonymous restaurant owner has confided to friends that his new restaurant that he moved from Mexico, is getting many of the same customers, and the vague threats have started. Many fleeing Mexico, are bypassing the border towns all together, they see the signs, and do not want to deal with it. They consider Houston and Dallas better risks, even though both of those Cities are seeing Cartel problems as well.

Still City leaders with the either support or telling the Police to not report crimes as possible Cartel incidents. We have had gun fights between moving vehicles on a number of occasions. In the last moving vehicle shooting incident, the police report that yes the victims had known Cartel links, and yes there was an assassination on the other side of the border, with links to the victim. But will not make the jump to saying this is Cartel violence. Yes, incidents are just bar fights, yes incidents are domestic fights, the problem is they are people with a propensity for violence as Cartel members over here. A gun man killer on the other side of the border, just does not change his stripes because he came across the border. He just feels he in the meanest guy over here, and will not take any back talk from simple US citizens.

So yes the Generals took some liberties with numbers and statistics, but they are correct on the facts, the war is coming, and to many is already here.


Thursday, September 29, 2011

Michael Jackson's security guard, wooed by tabloids, finally speaks at trial -

Michael Jackson's security guard, wooed by tabloids, finally speaks at trial -

This security guard was in over his head, but certainly did his job the best he could.

One, he is listed as a security guard, not a body guard, as many have said he was. Two, he is obviously dedicated to his client. Unfortunately that is where the good part ends, but I will say the many body guards are in the same position as this guard. I think more and more body guards are going to have to be at least familiar with addiction, and as best they can be able to work with the client or sometimes the corporation or family that is paying them, to provide a further service to the client.

It is not often that this comes up, in fact only a few times in the past few years has the ability to deal with a client with addiction problems come up for me. In those cases the clients family or corporation has paid, usually thru a lawyer. There are classes that body guards can take that would help them deal with the issue, this is in addition to the combat or other 5 minuet type medical training every bodyguard should receive. It really was painful to hear that a portable defib was not there, let alone a blood pressure cuff.

Clients, with problems, may actually be receptive to a body guard with these qualifications as they leave a treatment center, but as many bodyguards know, this does not last long if the client is not ready to make a change. So even getting paid by a third or offset party, it is just prudent to get a upfront payment for services, as well as a signed contract. The contract does not have to be a long term thing, just something that will cover time and effort, if the gig goes south quickly. 15 days is what I felt covered my risk. My expenses were paid up front and as incurred.

The fact that you are security not a addiction counselor, is it appears a big plus, as corporations and or families are not big on press possibly seeing a addiction companion, but security does not have a bad connotation. In every case so far it was possible to find local lower cost security folks that had the qualities we needed to take over before the 15 days where up, although staying with the client 30 days or so is common, even with the local support. CBT or Cognitive Behavioral Therapy, is what I had taken to enhance my interviewing techniques, and that turned out to big plus in these situations. You are not qualified to be a therapist with these courses, although I have found a number of very good body guards who are licensed therapists. I am not sure that this type of work will come up that often, but it is always good to further your capabilites, to increase your value, and or special side abilities.

Hope this helps someone out there,


Monday, September 26, 2011

T.S.A. Sees No Terror Link in Arrest at Kennedy Airport -

T.S.A. Sees No Terror Link in Arrest at Kennedy Airport -

I am not sure what they stopped him for. Stun batons and stun guns are not illegal in the US, in most places, and if they are illegal in the country of arrival it is their problem. The pepper spray may be illegal, but not a federal law, it would have been a state law. Lastly, the Supreme Court was very specific on what was discoverable in this limited search at screening check points, even cash was not considered discoverable. It was only items that could hurt the traveling public. In no way was what was found in the checked bag, a potential harm to the traveling public, it was in the hold, not available to the passengers.


Wednesday, September 21, 2011

Audio Tapes Reveal More Details In 'Fast And Furious' Gunrunner Scandal | Fox News

Audio Tapes Reveal More Details In 'Fast And Furious' Gunrunner Scandal | Fox News

Lots of Blame to go around here, but the cover up is worse than the actions. The Cartels do not have a lot of problems getting weapons, this just made it easier for a while. I think the Mexican Gov, is also in denial on this, sitting back and acting shocked that it was going on. For the project to get off the ground it had to have Mexican Government approval. Most of the problems happened on that side of the border, when the weapons where lost track of.

ATF ran an operation that was on its face fundamentally sound, operationally in theory a tried and proven sting type of operation. The problem is that so many people are co-opted, I say this rather than corrupted, because so many folks are in such a grey area. They give small amounts of information to friends, at a lunch or social event. That is taken to others that are corrupted and given to the Cartels.

For example a mid level Cartel member was stopped on a main road from Monterrey to Reynosa, he had on him documents that had been transmitted from the US to Mexico that same day, on high level intelligence of the Cartels. This is the fatal flaw of the operation, and many working Agents from both the US side and the Mexico side, knew it was going to doom the operation, and some stated so, in fact very early on in some cases.

The cover up started, it started early, and it got nasty, and this is what has to stop. Yes weapons did go over, but weapons are still going over, mistakes have been made, and more will be made. We need to focus on what ever policies will help mitigate the problems, mainly, have someone check with the folks on the ground to make sure it will work. The CIA had and to some point still has similar problems, the higher ups develop a plan, and then get the folks on the ground to make a flawed operation work.

I still would not throw out the baby with the bath water, these types of stings are very workable in most situations, and should be used. Take a deep breath, learn what we can from mistakes and go forth. I would not change the world, it sounds harsh, but the Cartels will get the weapons from somewhere. They had them before the operation, and they are still getting them. Focus on forward movement.


Monday, September 19, 2011

Court Filing Details Shortcomings of 9/11 Airport Screeners -

Court Filing Details Shortcomings of 9/11 Airport Screeners -

The only folks it appears that thought the screeners where pretty good, are the hijackers that died. The inescapable fact that everyone seems to ignore, is that the screeners did nothing wrong, in fact they did find knives on at least one of the hijackers, and stopped others for more screening, on their own. Everything the hijackers carried on board the aircraft was legal at that time. In fact I carried a spyderco knife called a copilot, right up to the day of the hijackers taking over the plane's and it was bigger that most if not all the weapons carried on the plane. It was called a copilot because spyderco made it just the right size to allow on planes those days.

So this rant on the screeners is way over blown. The hijackers, did not beat the screeners, they did not even try, they beat the system. Our aviation system was using a protocol that all flight crew where trained on. It basically said during a hijacking, all flight crew including the pilots had to follow all commands, including letting the hijackers take over the cockpit, although that had to worry the pilots a lot. So they beat the system, which is why the tactic would not work that way again. I sat with a large number of pilots a few days after the 9/11 incident, and we went thru the scenarios and no one would let that happen again.

If we want to blame anyone than blame the system, which by the way was developed over years, to counter the hijacking threats of the 60s, 70s, & 80s, and was working pretty well. Let the Hijackers take command, rarely if ever did they actually take control, but then let the FBI/FAA negotiate a landing site, and a release or rescue on the ground. Now it was true that hijackers in the past had talked about ramming the planes into a building, in fact a nuclear reactor was once a target. But the main threat was the take over and divert the plane to another location.

In fact the FAA had done a good enough job that hijacking had pretty much disappeared. The terrorists had moved on to bombs, in the belly of planes, the new threat the FAA was fighting. Which was why plans for screening belly bags had move forward.

One last issue, the FAA had determined that the training of the screeners was lacking, so they had a new curriculum in the works, most of which was used as the initial training for the TSA. Still the screeners had not fallen down on the job, and they did not know who Bin Ladin was, but 90% of the people in the world did not know, including many police and public safety people.

I met with a screener at Boston Logan, a week or so after 911, she was crying, and telling me passengers kept saying she killed all those people. For you out there that where screeners back then, thanks for all your good work, mistakes where made at times, but ask TSA mistakes still happen at times. You did not kill anyone.

Rich Roth

Sunday, September 18, 2011

webcamXP - Webcam and Network Camera Surveillance Software

People keep asking how to make a video surveillance system quickly and cheaply.

Here is a quick MacGyver method, that anyone can use. If you have an available web camera, then this is a no cost solution.

First here is a website you can go to and download a free software product for conducting and recording video surveillance. It is free of charge for ever it you are only doing one camera. I know it works I have used it for months, mainly to test IP and USB cameras.

The nice thing about this piece of software is that it works, and so far has worked on every camera both IP high end cameras, even pan tile and zoom, as well as cheap USB cameras. It has a irritating setup procedure, for the first time you use it, but most of the problems I had were because I was expecting it to be harder. But there are enough help points, that you will not have a problem. In fact with USB cameras, they came up so fast, I was still trying to figure out how to install them when it appeared on the screen.

webcamXP - Webcam and Network Camera Surveillance Software

Ok, now installed it on any old computer PC's are the only thing I have tried them on, but so far even old PC's I had in the attic, have worked.

Plug in a USB web camera, into an available USB port, I thought I had one laying around, I did not, so I made a quick trip to a local Comp USA store, but Wall Mart, even many drug stores have them. I paid $9.95 for one, and 19.95 for two more, just to see how well they worked. All worked immediately, the $9.95 USB camera worked but has a poorer picture than I really wanted. But it is good enough to cover a large room, all the way to the front door, and I could recognize people in the recording. The 2 $19.95 cameras, worked better than I could have ever expected. Both by the way had little LED lights on them, so for a range of about 20 feet, they had a useable picture in total outside darkness.

I recorded all cameras, for an hour each, and played them back with out a problem.

If you need to use more than one camera, the webcamXL has a few other options up to five cameras for 50 bucks, and unlimited cameras for 150 bucks. I have not tried either of the other products, but feel free, or at least with a small cost.

This system has a scheduling capability so you can set it up to work only when you want. It has frame count options so you can use a little or a lot of storage depending on what you have available.

If the thief steals your computer they will get the recording, but I used an old USB hard drive I had sitting around and hid the drive behind a wall, which should keep a thief off of it. They normally just unplug everything from the computer and take it.

I hope you find this helpful, I am sure others will have more info for you. But even with the drive to the store for the USB camera, I had this system up and running in less than an hour.