RE: [ISN] [TSCM-L] Security? Huh!

From: InfoSec News (isnat_private)
Date: Mon Feb 25 2002 - 23:10:43 PST

  • Next message: InfoSec News: "[ISN] Steve Gibson invents broken SYNcookies"

    Forwarded from: "Huggins, Michael" <mhhugginsat_private>
    Whenever I see something like this I always want to claim "BS", then I
    think well how non PC of me this security professional did his job so
    james bondish maybe uncle sam should hire him.
    Being retired military (22 years) I know that some of what he said
    could be true and perhaps with the clintonization that occurred it
    could actual of happened.  Nuff said imply what thy will.
    -----Original Message-----
    From: InfoSec News [mailto:isnat_private] 
    Sent: Monday, February 25, 2002 2:53 AM
    To: isnat_private
    Subject: [ISN] [TSCM-L] Security? Huh! 
    [I saw this on another list that I am on (and recommend) and I thought you
    all might be interested in reading this. -  WK]
    ---------- Forwarded message ----------
    Date: Sat, 16 Feb 2002 01:03:36 -0500
    From: Steve Uhrig <steveat_private>
    To: tscm-lat_private
    Subject: [TSCM-L] Security? Huh!
    This is something I posted to a Minox list when we got off on a security 
    tangent. LX = the model of Minox camera I carry always. 
    If anyone attempts to do penetration studies like this, make CERTAIN the
    person who hired you is instantly available by telephone, AND you carry the
    original of a dated and signed authorization specifically detailing why you
    are there and that you are authorized to do anything or possess anything in
    fulfillment of your contract. You do not want to spend a day in the local
    lockup while you wait for your lawyer to track down your client. I can
    promise you no one else will care nor will the system care in the slightest
    about contacting your client or taking care of medical needs or anything
    like that.
    I did a penetration study of a government facility within the last several
    days (no clues when or where).
    They knew it was going down on that day, but not by whom. I had not been in
    the building in months.
    They made a big show of checking my boot heels for the metal taps which of
    course tripped the metal detector, my largish belt buckle, X-rayed my
    aluminum cane, completely missed my black LX as I wrapped it in what looked
    like a well used handkerchief in their little wicker basket and none of them
    would lower themselves to inspect it. That LX could have been my Case pocket
    knife or, God forbid, a box cutter or nail file.
    ISN is currently hosted by
    To unsubscribe email majordomoat_private with 'unsubscribe isn' in the BODY
    of the mail.

    This archive was generated by hypermail 2b30 : Tue Feb 26 2002 - 02:38:00 PST