+++*

Symbolic Forest

A homage to loading screens.

Blog : Posts tagged with ‘security’

Flying

In which travel is a bad idea

Well, I’m glad I’m not going anywhere today. Not just in a plane, but anywhere that might involve driving past an airport, because no doubt the traffic around them will be awful too.

Today demonstrates the horror of 24-hour news. I’m just as bad as everyone else, refreshing the BBC News site every five minutes to get the latest on the Terror Alert. The news reports, meanwhile, are filled with hyperbolic phrases such as “mass murder on an unimaginable scale”.* No it isn’t. People have imagined it. To quote The Princess Bride, “I do not think you know what that word means.”

The government seems to be stuck between a rock and a hard place, when it comes to statements. “We have arrested everyone involved, apart from the ones we haven’t”. “This is nothing to do with race, but we’re talking to Community Leaders about it.” How do you become a Community Leader, anyway? Are there elections?

No doubt bottled liquids will be confiscated on planes for the next few months, before everything goes back to normal, and the next terrorist attack comes along with something completely different. The ones that get through are never the ones you expect, after all.

* To be fair to the media, it was a police spokesman who came up with that exact phrase.

Security (redux)

In which we would like to hack

Via Boing Boing, I’ve discovered a Wired article on RFID hacking, and how it can be used practically for breaking and entering. I can virtually see your eyes glazing over already: but, see, this is important to me at least. The security technologies described in the article are suspiciously like the ones which have recently been installed in the office at great expense.

Now, it is possible that our security consultant has installed the extra-secure encrypted systems described in the article, that are much harder to break into. Given that I’ve had to work with him, though, I’d be surprised if he even realised the difference between the two. I really must show this to Big Dave, and see if we can get our hands on the RFID-reading kit described, if only because it will really irritate Security Man.

Security (part two)

In which a contractor doesn’t do the job properly

So, as I explained yesterday, the security contractor at the office has saddled us with three “incompatible” security systems, two of which probably are compatible after all, it’s just that he doesn’t know how to get them to work together. We complained to the office manager about it. “Well, if that’s what the contractor said, that’s what’s going to happen.”

The next day, our boss comes through to visit. “What’s this about us needing three different tags for the alarms?”

We told him what we’d been told.

“It’s a bloody stupid idea. I thought they were all going to work together.” Yes, so did we. “I don’t want to have to carry three tags on my keyring.” And he wanders off, grumbling about it.

The following day, we notice the Managing Director stalking about in our part of the building, looking at the security gadgets and making “hmmm…” noises. The office manager is following him around, trying to explain how wonderful these expensive systems we’ve commissioned are.

“…you’ll have one tag for these doors, one tag for the outside doors and gates, one tag for…”

“Why do we need three different tags for everything? Why can’t we just have one?”

“The contractor says that they won’t…”

“Well, I thought we were just going to have one tag that would do everything. I don’t want…”

I tuned out, but it was clear the way the conversation was going. What makes me sigh isn’t that we always prefer contractors who have worked for us before, even when their track record is hardly promising.* It’s that the management should have spotted this coming. The contractor did give the office manager a nice thick specifications document – did the manager bother to read it at all? Didn’t he bother to ask questions about the vague parts?

* This isn’t the first time the security contractor has fitted something and then not set it up properly, because although he’s agreed to fit the system we wanted he’s not willing to learn how to configure it.

Security

Or, a story of incompatibility

As part of all the building work that’s been going on at the office, we’ve been getting the security systems upgraded. A new alarm system, new motorised front gates,* and new electronic locks on most of the internal doors. All to be worked by RFID tags, kept on our keyrings and carried round all the time.

Now, being logical and sensible, we assumed that the company had specified either a single system, or compatible systems, so that we could use one single tag to unlock everything. Therefore we were pleased to spot, as the contractor** started to install the hardware, that all the sensors we could see came from the same manufacturer. Very sensible.

We each get a tag the other week, and start using it to open and shut the front gates. Three days ago, the contractor pops his head round the door to say he’ll be issuing us with the rest of the tags, the ones for the indoor locks, soon.

“The rest of the tags? We’ve already got one.”

Apparently, we need separate ones for the outdoor locks, the indoor locks, and the alarm system itself. Because “the systems are from different manufacturers.”

“But they’re not from the same manufacturers! We’ve seen them, and they’re identical! If you hold an outdoor tag up to an indoor sensor, it recognises it!”

“No it doesn’t.”

I held my “outdoor tag” up to the newly-installed sensor by the office door. It bleeped, and flashed a little green light at me.

“Well, I can try to set it up so that that tag unlocks this door,” the contractor said. “But it won’t work.”

(to be continued, otherwise this post would get a bit long)

* This is a Good Thing, because guess who’s job it is to unlock and open the old front gates every morning.

** Our usual security contractor, a friendly chap, who is very anal about making sure his cabling is put in and terminated neatly, but isn’t very good at setting up the security systems themselves properly.

Viruses, and other geekery

In which we still have no satellite internet, and encounter a virus

Quite a few people, recently, have come to this site looking for information on Aramiska, the European satellite ISP which apparently collapsed last week. Sadly, there doesn’t seem to be any information, anywhere. The company promised to release a statement on January 30th; it never appeared. Their disappearance is still a mystery.

Moving on, this email came in to one of our work addresses yesterday:

I noticed whilst browsing your site that there were problems with some of your links, when I tried again with Internet Explorer the problems were not there so I assume that they were caused by me using the Mozilla browser.

Very nice and helpful, you might think.* However, if you read on, you might get a little more suspicious…

I have enclosed a screen capture of the problem so your team can get it fixed if you deem it an issue.

Hah. If you’re not suspicious yet, you probably shouldn’t be allowed near the internet. If you look a little closer, the attachment is a .scr file – which could, I suppose, look like “screenshot” to the non-technical. If you try to open it,** then: congratulations, you have a virus, one known as W32/Brepibot. It’s a “backdoor”, a tool that then enables hackers to connect into your computer and harness it for their own nefarious purposes. Well done.

* As our work website was designed by an apparently-clueless PR chap with no previous knowledge of website design at all, it is also entirely believable.

** and you’re using a Windows computer, and don’t have up-to-date virus protection