“Trusted” Vendor Update?

Posted in Shouldn't Be Vulnerable on September 27th, 2010 by Rodney

I like this (from XKCD: “Debian Main” is the title) …
Debian Package, with Locusts
I especially like the fact it works as artwork, in case I ever do a presentation on unauthenticated/untrustworthy package update mechanisms. It reminds me of Skype, when they try to unilaterally update my machine, or Apple, when it tries to claim Safari – the initial installer – is an “upgrade” to iTunes for the Shuffle.

Model Views from Model Cameras

Posted in Physical Security Infrastructure on September 20th, 2010 by Rodney

Here’s the fake camera I bought in the store the other day, when I found myself standing in line behind the other physical security installer dude 😉

It’s a “Bunker Hill Security” Item 95154 (warning: imitation camera, do not use for actual security monitoring purposes blah blah blah…) (800 number on documentation is Harbor Freight Tools’ order status line) camera.

It might be a fake but the package clearly documents it uses two 1.25 inch phillips head wood screws and has two 1/4 diameter holes with 5/32 slots. It doesn’t document that the two mounting holes are about 2 inches apart but this does indeed count as useful installer documentation, so this product, for what it claimed to do, gets a “doesn’t suck” rating on installation.

Remember that the next time I get grumpy whilst looking for a nut driver appropriate for YOUR IP video cameras…

Antivirus Evaluation – Trend Micro OfficeScan

Posted in Network Modeling, Physical Security Infrastructure on September 15th, 2010 by Rodney

Treend Micro OfficeScan. From the eval download. Looks reasonable for a small system-count closed environment i.e. a physical security infrastructure.

Doesn’t like to be run on an underpowered Windows XP system as the server. Can’t fault it for that, except it neither stopped me or winged at me when I tried.

Worse, it fails to detect certain kinds of malware we have samples of. Specifically, it can’t see “Trojan.Downloader.Bredolab.AZ”, which is what BitDefender’s onlnie web scan calls it. This is in a tgz of a mailbox that happens to be on the disk. Kaspersky also saw it. Two a/v packages saw it counts as a “fail” for trend micro, in my view.

So we’ll pass on this one for a recommendation, for now.

This was a live drive-by product review, of course. If/when we do a more organized search this solution may be a fit.jan

Shoulda splurged for the Kevlar equipment rack

Posted in Physical Security Infrastructure, Networking Faux Pas on September 10th, 2010 by Rodney

Speaking of server compromise, someone shot a server.

note article doesn’t say “…and had to bypass a locked door, and was seen on security cameras, and…”.   One wonders how the insurance claim will read.

I believe one gets to count this as “insider threat”.

Where all the cool kids shop

Posted in Physical Security Infrastructure on September 10th, 2010 by Rodney

I stopped in to Harbor Freight Tools today.  Cheap tools, camping gear you wouldn’t mind trashing if you went to the playa in August, and good solid mid/low quality Chinese-manufactured motorized tools are always available there.  And some oddball things.  Like fake security cameras.

I felt slightly guilty tossing a fake camera in my shopping cart but, hey, it’s 7 bucks.  I can use it as a prop at ASIS in Dallas or something.

I go to check out and there’s a fellow in line in front of me wearing a Bay Alarm uniform.  I *think* he was just buying batteries, but I still think it’s good to know that high-end security installers in my area show at places that sell fake security cameras.  I was wearing a Black Hat shirt, too.  Nothing at all sketchy about me buying fake security cameras…