[ISN] [TSCM-L] Security? Huh!

From: InfoSec News (isnat_private)
Date: Mon Feb 25 2002 - 00:52:53 PST

  • Next message: InfoSec News: "[ISN] 'Distributed' Web Projects Raise Security Issues"

    [I saw this on another list that I am on (and recommend) and I
    thought you all might be interested in reading this. -  WK]
    ---------- Forwarded message ----------
    Date: Sat, 16 Feb 2002 01:03:36 -0500
    From: Steve Uhrig <steveat_private>
    To: tscm-lat_private
    Subject: [TSCM-L] Security? Huh!
    This is something I posted to a Minox list when we got off on a security 
    tangent. LX = the model of Minox camera I carry always. 
    If anyone attempts to do penetration studies like this, make CERTAIN
    the person who hired you is instantly available by telephone, AND you
    carry the original of a dated and signed authorization specifically
    detailing why you are there and that you are authorized to do anything
    or possess anything in fulfillment of your contract. You do not want
    to spend a day in the local lockup while you wait for your lawyer to
    track down your client. I can promise you no one else will care nor
    will the system care in the slightest about contacting your client or
    taking care of medical needs or anything like that.
    I did a penetration study of a government facility within the last
    several days (no clues when or where).
    They knew it was going down on that day, but not by whom. I had not
    been in the building in months.
    They made a big show of checking my boot heels for the metal taps
    which of course tripped the metal detector, my largish belt buckle,
    X-rayed my aluminum cane, completely missed my black LX as I wrapped
    it in what looked like a well used handkerchief in their little wicker
    basket and none of them would lower themselves to inspect it. That LX
    could have been my Case pocket knife or, God forbid, a box cutter or
    nail file.
    I had an empty leather holster for a small revolver plainly visible on
    my belt. They didn't make a single comment on it. If I see an empty
    holster on someone, I damn well want to know where the weapon is (and
    in my opinion the safest place for it generally is in the holster). I
    was going to tell them I had left it in my truck to avoid problems and
    see if they would admit they had no security in the parking garage nor
    ID of particular cars. Neither did anyone think to question my carry
    permit, none of which are valid in DC.
    After passing these heavy layers of security without incident, I went
    into the men's room on the first floor and lowered down through the
    window some string I had previously wrapped around my upper forearm. I
    had a confederate outside the building tie a pistol-shaped TV remote
    control to the line and I pulled it back up into the men's room.  
    Previously I had placed a paper label on the remote saying 'this could
    have been a weapon'. I left it on the CSO's (Cognizant Security
    Officer's) desk.
    And I'm not even clever, neither was I slipping Fatimah a hundred
    bucks to conceal something for me.
    As an experiment, I did shaving cream several video cameras along my
    route, and in the hour or so I was in the building, no one bothered to
    inspect them. The shaving cream was very visible and the facility was
    in full swing. I dragged a trash can over and stood on it to shaving
    cream the one camera. Later in my after action report, the cameras
    merely had been written up to be checked the next day for proper
    operation by the technicians. I carried the can of shaving cream in my
    briefcase, and no one questioned that, which is suspicious considering
    I have a full beard.
    If I had really been trying to impress the place, I would have read
    the frequencies of their small area coverage (radio) repeater, and
    programmed a potent mobile radio in my van to jam coverage of their
    commo system. I am positive they had no backup, and the only frequency
    they had other than the repeater was talkaround on the repeater
    output, and in that building talkaround had no range. I also could
    have put out a decoy call of some sort and diverted the majority of
    security to the other end of the facility. I knew it would work and
    frankly it was not necessary to prove it.
    The door to the telephone closet was unlocked. I walked in and stole
    the SMDR report from the printer. I could, in seconds, have disabled
    all internal and external phone communications into and out of the
    facility.  With a bit more effort I could have jammed their cell
    It's all eyewash. Security is nonexistent. It's a bank vault door on a
    grass hut.
    Although I am not willing to do it as a pure experiment to prove a
    point, I am virtually certain I could arrange to gain access to a
    handgun inside the secured area of any public airport in the country.
    Federalizing security is a BIG mistake. Name one thing the government
    does properly and efficiently. There may be a few things where they
    are reasonably effective, like Secret Service dignitary protection,
    but certainly not efficient. Pay the contractors so they can afford to
    hire decent people, rework procurement so 250,000 hour a year
    contracts are not won and lost on a nickel an hour, mandate some
    training standards, equipment standards, and work out something like
    bonuses to the officers who have the minimum number of sick days in a
    quarter or a year, a substantial cash award to the shift with the
    lowest vehicle expenses. give the Captain on each shift a bunch of
    signed $50 checks he could hand out at his discretion to officers
    showing some pride in their appearance, attentiveness to their work
    and courtesy to visitors, etc. I could write a program like this on
    contract, we'd have reasonable security and it would be FAR cheaper
    than the federal government could pull it off.
    I could go on and on. But you don't want to hear it.
    Steve Uhrig, SWS Security, Maryland (USA)
    Mfrs of electronic surveillance equip
    mailto:Steveat_private  website http://www.swssec.com
    tel +1+410-879-4035, fax +1+410-836-1190
    "In God we trust, all others we monitor"
             TSCM-L Technical Security Mailing List
        "In a multitude of counselors there is strength"
         To subscribe to the TSCM-L mailing list visit:
     It is by caffeine alone I set my mind in motion.
     It is by the juice of Star Bucks that thoughts acquire speed,
     the hands acquire shaking, the shaking is a warning.
     It is by caffeine alone I set my mind in motion.
    =================================================== TSKS 
    ISN is currently hosted by Attrition.org
    To unsubscribe email majordomoat_private with 'unsubscribe isn' in the BODY
    of the mail.

    This archive was generated by hypermail 2b30 : Mon Feb 25 2002 - 03:59:03 PST