Welcome!
If you have an account, please:
Log in

The Gift of Fear

The Gift of Fear
(See online!)

Ever had a "gut feeling". Have you ever felt irrationally afraid of a person or a place? What if you learned that fear is a protective mechanism and that paying attention to it could save your life or the lives of your loved ones?

This book is all about intuition (though they call it fear). He doesn't offer any apologies, no theology, or theories, just the simple fact that intuition, whatever it is, exists. And if you pay attention to it, you can prevent some bad, bad things.

My favorite example from the book (paraphrased):

Say you're waiting for the elevator and when the door opens, there's a single man inside. For no reason that you can identify, you feel suddenly very afraid to get in the elevator. "That's stupid", you say to yourself. "I have no reason to be afraid of this person. I'm just being irrational."

Which makes more sense? To get into a sound-proof metal box with a stranger who makes you feel fear, or to wait for the next elevator and risk offending said stranger?

Learn why fear is valuable to protect your personal safety and that of the ones you love.

Tags: , , ,

Protecting The Gift

Protecting the Gift
(See online!)

All parents face the same challenges when it comes to their children's safety: whom to trust, whom to distrust, what to believe, what to doubt, what to fear, and what not to fear. De Becker helps parents find some certainty about parents' highest-stakes questions:

  • How can I know a baby-sitter won't turn out to be someone who harms my child?
  • What should I ask child-care professionals when I interview them?
  • what's the best way to prepare my child for walking to school alone?
  • how can my child be safer at school?
  • How can I spot sexual predators?
  • What should I do if my child is lost in public?
  • How can I teach my child about risk without causing too much fear?
  • what must my teenage daughter know in order to be safe?
  • what must my teenage son know in order to be safe?
  • And finally, in the face of all these questions, how can I reduce the worrying?

What this book actually does is teach you how to listen to your intuition and stop living in denial. DeBecker found that many instances of child abuse by neighbors, babysitters, and dare care providers were preventable if the parents had just paid attention to the little signals.

For example what if the old man nextdoor starts giving your young daughter candy, but only if she'll kiss him on the cheek first. You say to yourself, "he's just lonely, it's harmless". But if you have to rationalize a behavior, that means you see something wrong! It's a real eye-opener and something I would highly recommend for all parents.

Tags: , , , ,

RFID – Radio Frequency IDentification

An RFID tag hidden under a label

An RFID tag is nothing more than a little chip attached to a paper-thin antenna. The chip's basic function is to store and transmit a small amount of information, usually just a unique identifier. What good is that? Well:

Pros

Though there hundreds of visionary and useful things you can do RFID, because they typically lack strong security controls there are serious risks that come with them too!

Cons

Don't underestimate how easy it would be to track and monitor people by the poorly-secured RFID tags they carry
(See online!)

Making RFID Safe

On the plus side again, RFID can help prevent infant abduction or hospital mixups.

RFID, like most technology, isn't something that can (or necessarily should) be stopped. Intstead, we need to harness and direct the technology to reduce the threat. To do this, we need to look at three risk aspects of RFID:

1. Poor authentication

One of the primary issues with RFID and the main thing that makes all the nightmare scenarios possible is that unsecured RFID broadcasts to anyone and everyone. For any implementation of RFID to be acceptable, the chips must be programmed only to speak to proper readers who authenticated themselves first.

For example, say you have a refrigerator that scans the food inside. When you put food inside, the fridge should program the food with a one-time code that makes it impossible for the chips in the packaging to respond to any other reader.

Think no one cares what the contents of your fridge are? Think again.

2. Poor (or no) encryption

Even after a chip authenticates a reader, if it sends the data out in the open, anyone else nearby (or not so nearby) can read it too. All communications between a chip and authenticated reader must be encrypted to prevent eavesdropping by others.

3. Use of Long-term RFID

Implantation is permanent. Passports are good for 10 years. Companies plan to replace UPC barcodes with RFID that will transmit ID codes for the life of the product (from creation to landfill and beyond).

Every RFID implementations will eventually be hacked by someone. All it takes is one person in the world to find a way to break the system and the security is no good anymore (like the millions and millions of pounds wasted with the UK passports). Secure implementations can slow it down or help, but the best defense is NO RFID.

I can't see implants ever making sense and you definitely want to be sure the products you wear and carry around can't be used to wirelessly communicate with the world around them.

Tags: , , ,

Out and About Defense

The best defense against non-credit ID Theft and a variety of other risks is to adopt a mindset of protection: Data Defense. Learn how to protect your information with simple and sometimes free countermeasures all based on a simple philosophy that the less people who have your information, the safer you are.

This page is part of my Goodbye Identity Theft course and is restricted to members.
Tags: , , , ,

Schneier Explains the Mind of Security Professionals

(Image used under: Creative Commons 4.0 [SRC])

Maybe now I can stop referring to myself as "paranoid" and just use the term "Security Professional" instead. In a Wired.com essay, Bruce Schneier writes how security professionals just think differently. While engineers try to figure out how to make things work, Security Professionals think about how to break them.

For example:

SmartWater is a liquid with a unique identifier linked to a particular owner. "The idea is for me to paint this stuff on my valuables as proof of ownership," I wrote when I first learned about the idea. "I think a better idea would be for me to paint it on your valuables, and then call the police."

And it's simply thinking in this way that would prevent a lot of bad products (like smart water) from ever being developed in the first place.

Tags: ,

If you want to learn more about my professional background, click here to learn more. Otherwise, let’s get started - how can I help?

Online learning
On-site learning
Read my blog