Search

Subscribe

Enter your email address below to subscribe to our privacy and security newsletter.



Name:
Email:

Menu

• Home
• Business/Corporate
• Computer Security
• Digital Signatures
• Encryption
• Firewalls
• Intrusion Detection
• Just Plain Silly
• Personal Security
• Privacy
• Residential Security
• Security Blogs
• Security Consultants
• Spam/Anti-Spam
• ssl
• Training
• Uncategorized
• Viruses
• Wireless Security

Cyveillance Revisited

By Ian Scott

A few years back, I wrote the article, “Who Is Cyveillance And Why Should You Care?” and it’s been a fairly popular post here at Security & Privacy.  Some weeks ago, I received an email about the article from a “Ray M.”  Ray writes,

“Regarding:

http://secpriv.com/who-is-cyveillance-and-why-should-you-care

I will try and keep this as professional as possible. This organization is a major player in the anti-fraud and anti-crime industries. I work in this industry and have personally met the people of this organization. To get to the point, your assessment is inaccurate, but I commend you for the effort.”

I have not had time to remark on Ray’s email, but thought I would do so today.

First, thank you Ray for the email. I don’t mind getting emails from folk who disagree with me.  I also don’t have problems with organizations that are involved in anti-fraud and anti-crime. What I do have an issue with are the methods that Cyveillance has been known to use.

My hard drive on my server is my personal property. My bandwidth is something I pay for. Cyveillance has decided that it wants to search my hard drive and ignore the robots.txt file, and therefore uses bandwidth I am paying for and the resources of my computer equipment that I have paid for. If someone believes there is something fraudulent or criminal, they can get a search warrant instead of using these surreptitious and sneaky methods which invade my privacy.

Topics: Privacy |

Secure Your Wireless Network With The Best You Can

By Ian Scott

Barry Ardolf of Blaine, Minneapolis apparently used his neighbour’s wireless network to send threatening emails to VP Joe Biden, making them appear as if they were originating from the neighbour’s computer and network. Ardolf has been charged with one count of threats to the president and successors to the presidency and one count of aggravated identity theft, according to this report in The Register.

Just goes to show you the risks you take if you don’t secure your network. There is no mention in the article whether the neighbour’s had secured their wireless network with WPA2 and somehow Ardolf was able to get around it – but a completely insecure network would make such occurrences much easier to hackers. Could you imagine the Secret Service showing up at your door to investigate a threatening email that apparently originated at your house?

Topics: Wireless Security |

Police Prep Exam – 100%

By Ian Scott

Yesterday, I pointed out that the Province of Ontario will now be requiring security guards to undergo a training course and write a test before they are issued with a Security Guard License.  I didn’t check extensively, but did try to find out what the test might entail. In my search, I discovered a company that offers online exam prep courses for law enforcement candidates.

They had a sample test that is apparently aimed at Ontario security guards trying to pass the test that they must take in order to get their license. I decided to try it out. The questions were fairly basic although one was a bit odd as far as the wording of the multiple choice answers. The question was:

” Which of the following is required to justify the Use of Force under the Criminal Code of Canada?”

You must be acting on reasonable grounds.

You must be a police officer, or person employed in private security.

You are authorized to use whatever force you feel is appropriate.

All of the above.

The last three answer choices are totally wrong, but the first one is only partially correct.  Section 25 of the Criminal Code places other restrictions on the use of force while requiring reasonable grounds for the action. At the same time, one must use no more force than is necessary.

As well, a security guard in Canada cannot just simply arrest someone on “reasonable grounds.” Reasonable grounds is defined as

A set of circumstances, which would satisfy an ordinary, cautious and prudent person, that there is reason to believe an offence has been committed. The belief must go beyond mere suspicion.

A security guard must find someone in the act of committing an offence and arrest them then, or after a “fresh pursuit.” In other words, if the perpetrator runs and the security guard loses sight of him for more than a fleeting moment, fresh pursuit no longer applies. The security guard is not allowed to arrest the perpetrator two hours later after losing sight of him during the pursuit.

Here’s a screen shot of my test results. There were 12 questions that needed to be answered within 10 minutes. It was pretty basic stuff, and I don’t have any idea if it is similar to the test those applying for a Security Guard license in Ontario must pass.

 

 

 

 

Topics: Training |

Who Are The Security Guards At the G8/G20 Summit?

By Ian Scott

A few days ago, I wrote about the fact that the security firm that has been hired by the Federal Government, Contemporary Security Canada, has no security license to operate in Ontario.  Since then, I’ve seen nothing in the news about any progress in the license process that Contemporary Security needs to go through.  There are only 14 days left before the G8 Summit begins.

Assuming that the Province of Ontario is able to fast track the license process and Contemporary Security will be allowed to operate in Ontario, who will actually be providing the ground level security services?

In Ontario, any individual that holds a Security Guard license, issued by the Province, could be eligible to be hired and provide security guard services.  The minimum requirements for a Security Guard license are:

• Be 18 years of age or older
• Be eligible to work in Canada, and
• Have no convictions for a prescribed offence for which you have not been granted a pardon.

Presently, there are no tests or courses that security guards in Ontario must pass in order to apply for and receive a Security Guard license, but those who’s licenses expire after July 16, 2010 must pass a Ministry of Community Safety and Correctional Services test. Those who have licenses that expire before July 16th will not have to pass the test until 2011.

The Ministry also requires that holders of a Security Guard license have a “clean criminal record.” This does not mean no criminal record; rather there are about 83 criminal offenses listed for which a conviction of will deny a license being issued. For example, if you have been convicted of Impaired Driving, you still could obtain a Security Guard license.  However, if you have been convicted of offenses like fraud, drug trafficking, sexual crimes, fraud, theft, murder, and others, you will not be granted a Security Guard license.

The cost of a Security Guard license in Ontario is $80.00 per year and the payment is made by the individual who wishes to have a license. It is the responsibility of the security company hiring the guard to ensure they hire only those with a license, but it is the responsibility of the individual guard to keep their license renewed each year.

So, Contemporary Security will be hiring the majority of the security guards that will be providing the security at the G8 and G20 summits from the pool of individuals in Ontario who presently have a Security Guard License. They will of course likely have their own hiring standards that will require more than just the holding of a license, but in Ontario up to now, there are no special requirements or skills for a person to become a security guard.

Correction Update – June11, 2010

In the above article, I wrote  “Presently, there are no tests or courses that security guards in Ontario must pass in order to apply for and receive a Security Guard license…”

This should be corrected. According to the Province of Ontario “Newsroom,”

• Starting April 15, 2010, require those applying to become security guards or private investigators who have not been issued a licence before this date to undergo a mandatory training program and pass a test before they can be licensed.
• Beginning July 16, 2010, require existing security guard or private investigator licence holders to pass the mandatory test prior to the expiry of their current licence in order to complete its renewal.

Topics: Business/Corporate, Training |

Google Offers Encrypted Search

By Ian Scott

Ever wonder if your ISP might be spying on you and intercepting your traffic? Well now you can put your paranoid self to rest as far as your ISP knowing what search terms you are searching on in Google.

Although your search terms might remain a secret between Google and you, technically speaking your ISP (and others) could still sniff out your browsing habits because the vast majority of web surfing is unencrypted and does not use an “SSL” connection. But you can hide what you are searching on, thanks to Google SSL Search (in Beta). If you visit https://google.com (note the ’s’ after the http), you will have an encrypted session between your browser and Google’s search page. Just like an e-commerce enabled website where you use a secure site to type in your credit card information and then submit it, the data is encrypted and almost impossible to decrypt.

So if you’re searching on some bizarre and weird search term like “kinky frog sex” and don’t want your ISP to know, you can encrypt those searches using Google SSL. The search results will be encrypted as well. However, unless the sites that you click on in the results page are also using SSL, your visits to those sites will not be encrypted.

There are a couple of other “features” of using Google SSL for search that involve the fact that “referrers” are turned off. When you do use Google SSL search, and click through to one of the sites on the results page, it will not show up in the website log files that you arrived there from Google. This could have advantages to you especially with websites that have used “SEO Poisoning” to get high rankings on search results for popular search terms, but in reality, the website goal is to infect your computer with malicious software. Most search engine spiders that visit websites go directly to the site, therefore there is no referrer. Malicious website owners will use this fact to try to trick the search engines by offering up different content to visits that have no referrer information. Then, when someone clicks to the website from Google or some other link on the Internet, the content can be switched to that of the malicious code.

However, this could also pose some problems for webmasters who are keenly interested in their website traffic and where it comes from. Not knowing how you arrived or what search terms you used to get there can be detrimental to some webmasters in their future planning and their own search engine optimization. When webmasters check their server logs and statistical information, your IP address will show up, and the webmaster will know that there was a visit, and can see what pages you visited, but will have no idea how you arrived at their site.

Google SSL could be an interesting experiment. It is slower to use Google SSL as using encrypted sessions is slower than non-encrypted. I’ve played around with it a bit and the slowness has not been that noticeable to me but to some, it could be.

More information on Google SSL is available at Google’s Search Help.

Topics: Computer Security, Privacy |

G8 Summit Security Firm Has No License

By Ian Scott

There is outrage over the past few days in Ontario’s security guard industry. Apparently, the firm that has been contracted to provide security for the upcoming G8 Summit in Huntsville, ON has not been licensed by the Ontario Provincial government.

In Ontario, all security firms and their security guards need to be licensed in order to operate. It usually takes about 8 months for a security firm to obtain a license from the Province. However, it seems that the Province of Ontario is trying to fast track the license requirements for Contemporary Security Canada to enable it to legally operate in the province during the G8 Summit taking place June 25-27, 2010.

There are a few points of contention regarding Contemporary Security’s position and contract for the Summit. Other Ontario security firms wonder why Contemporary Security was awarded the contract in the first place without an Ontario license. Second, there is the issue of fast tracking the license process. Why does it normally take up to 8 months, but in this case, just over a month?

Another issue that established Ontario security companies are concerned about is that Contemporary Security will be paying their security guards $20.00 to $24.00 an hour, which is about double the standard security guard rate. The company is presently recruiting through an office at Humber College, and established companies are concerned that Contemporary will entice guards away from them leaving them short handed and unable to fulfill their own contracts.

Topics: Business/Corporate |

« Previous Entries

© SecPriv.com | About/Disclaimer | Privacy Policy