RE: [ISN] [TSCM-L] Security? Huh!

From: InfoSec News (isnat_private)
Date: Mon Feb 25 2002 - 23:10:43 PST

Next message: InfoSec News: "[ISN] Steve Gibson invents broken SYNcookies"

Previous message: InfoSec News: "[ISN] UK bill would "infringe scientists' freedom""
Maybe in reply to: InfoSec News: "[ISN] [TSCM-L] Security? Huh!"
Next in thread: InfoSec News: "RE: [ISN] [TSCM-L] Security? Huh!"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Forwarded from: "Huggins, Michael" <mhhugginsat_private>

Whenever I see something like this I always want to claim "BS", then I
think well how non PC of me this security professional did his job so
james bondish maybe uncle sam should hire him.

Being retired military (22 years) I know that some of what he said
could be true and perhaps with the clintonization that occurred it
could actual of happened.  Nuff said imply what thy will.


-----Original Message-----
From: InfoSec News [mailto:isnat_private] 
Sent: Monday, February 25, 2002 2:53 AM
To: isnat_private
Subject: [ISN] [TSCM-L] Security? Huh! 


[I saw this on another list that I am on (and recommend) and I thought you
all might be interested in reading this. -  WK]


---------- Forwarded message ----------
Date: Sat, 16 Feb 2002 01:03:36 -0500
From: Steve Uhrig <steveat_private>
To: tscm-lat_private
Subject: [TSCM-L] Security? Huh!

This is something I posted to a Minox list when we got off on a security 
tangent. LX = the model of Minox camera I carry always. 

If anyone attempts to do penetration studies like this, make CERTAIN the
person who hired you is instantly available by telephone, AND you carry the
original of a dated and signed authorization specifically detailing why you
are there and that you are authorized to do anything or possess anything in
fulfillment of your contract. You do not want to spend a day in the local
lockup while you wait for your lawyer to track down your client. I can
promise you no one else will care nor will the system care in the slightest
about contacting your client or taking care of medical needs or anything
like that.

====================

I did a penetration study of a government facility within the last several
days (no clues when or where).

They knew it was going down on that day, but not by whom. I had not been in
the building in months.

They made a big show of checking my boot heels for the metal taps which of
course tripped the metal detector, my largish belt buckle, X-rayed my
aluminum cane, completely missed my black LX as I wrapped it in what looked
like a well used handkerchief in their little wicker basket and none of them
would lower themselves to inspect it. That LX could have been my Case pocket
knife or, God forbid, a box cutter or nail file.

[...]



-
ISN is currently hosted by Attrition.org

To unsubscribe email majordomoat_private with 'unsubscribe isn' in the BODY
of the mail.

Next message: InfoSec News: "[ISN] Steve Gibson invents broken SYNcookies"
Previous message: InfoSec News: "[ISN] UK bill would "infringe scientists' freedom""
Maybe in reply to: InfoSec News: "[ISN] [TSCM-L] Security? Huh!"
Next in thread: InfoSec News: "RE: [ISN] [TSCM-L] Security? Huh!"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b30 : Tue Feb 26 2002 - 02:38:00 PST