[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

USSN Link 044-03 (October 31, 2003)



Title: USSN Link 044-03 (October 31, 2003)


If this e-mail does not show up in its correct formatting, please point your browser to this address:
http://www.usscn.org/content/contentCT.asp?P=122

Thank you,

USSN Staff


DISCLAIMER

THE INFORMATION CONTAINED IN THIS REPORT HAS BEEN ASSEMBLED FROM A VARIETY OF SOURCES AND IS PROVIDED FOR INFORMATIONAL PURPOSES ONLY. INFORMATION CONTAINED IN THIS REPORT IS PROVIDED AS RECEIVED AND DOES NOT CONSTITUTE AN ENDORSEMENT BY THE US SECURITY NETWORK, ANY MEMBER COMPANY, OR PARTICIPATING PUBLIC AGENCIES.

INFORMATION MAY BE REPEATED, AS IT IS EXTRACTED EXACTLY AS PRESENTED BY THE ORIGINAL SOURCE



"Homeland Security Money Doesn't Match Terror Threat"

Large U.S. cities such as New York City and Los Angeles are complaining that they are not receiving nearly enough funding from the Homeland Security Department to meet their security needs, while small towns in remote areas across the country are receiving funding beyond their wildest expectations. For example, the town of Zanesville, Ohio (population 26,000) is part of the mostly agricultural Muskingum County, which has a population of only 85,000. With its security funding, the small Zanesville fire department has been able to purchase a $13,500 thermal imager for locating people in heavy smoke, a $1,300 monitor for testing oxygen and carbon monoxide levels, a thermal heat gun, a test kit for nerve agents, several air packs, and several chemical suits. Zanesville and the surrounding area lacks the sort of critical infrastructure, such as nuclear power plants or chemical plants, that experts say terrorists are likely to target. Muskingum County, which received an $87,500 grant in 2002, received $312,000 for 2003, while Grand Forks, N.D., got more than $1.5 million in funding for 2003, and Outagamie County, Wis., received over $500,000 in funding. Homeland Security Department Secretary Tom Ridge has called upon Congress to allocate more of the yearly security funding to areas considered to be a high-threat target of terrorist attacks. Los Angeles has received less than $70 million for homeland security efforts, even though the city and surrounding county has a population of 9 million people. New York City, considered the top target for any terrorist attack, has received $200 million, but city officials claim to need $900 million just for preparedness efforts.

www.usatoday.com

xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx


"DHS Wants Wireless Tech for Responders"

The Homeland Security Department is interested in developing technology to enable thousands of state, local, and federal agencies to communicate with each other during an emergency. The Safecom program is collaborating with federal communications and public safety offices in researching wireless communications networks to enable communication between more than 44,000 agencies in a national crisis. Concerns about the interoperability of public safety communications networks peaked following Sept. 11 because agencies responding to the attacks lost contact with one another. Safecom is an arm of Homeland Security's Science and Technology Directorate. The program's objective is to provide improved communication between public safety agencies charged with arriving first on the scene of an emergency.

www.fcw.com

xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx


"E-Vote Software Leaked Online"

Software code used in Sequoia Voting Systems' AVC Edge touch-screen kiosk has been made available on the Internet, according to an anonymous tipster who found the program on a IT contractor's public FTP server. Jaguar Computer Systems' own Web site pointed users to the public portion of its FTP server, saying many commonly used files were there; Jaguar provides election support services to a California county, where Sequoia AVC Edge machines were used in 2000 and last month's recall vote. The Sequoia code was already in binary form and is not as easy to decipher as the Diebold source code discovered earlier this year on an unprotected FTP server. Johns Hopkins researcher Avi Rubin, who wrote a controversial report on the Diebold system's insecurity, says the Sequoia code would reveal perhaps 60 percent of what was in the actual source code. Sequoia touts its proprietary operating system, which it says lends more security than Diebold's Windows-based system; however, inspection of the software shows Sequoia uses WinEDS (Election Database System for Windows) running on top of Windows systems, and that it also uses an unpatched version of MDAC 2.1 (Microsoft Data Access Components), which has been subsequently updated to version 2.8 because of vulnerabilities with the previous iterations. Stanford Research Institute lead computer scientist Peter Neumann says MDAC is off-the-shelf software and not included in certification and testing, and could provide sanctuary for a Trojan horse planted by an election official or company employee. Electronic Frontier Foundation attorney Cindy Cohn blasts both Diebold and Sequoia for their insistence on keeping source code secret. Instead, she says the software should be made open so that the outside community can point out vulnerabilities and help make it more secure.

www.wired.com

xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx


"One-Call Report Set for Identity Theft"

The Financial Services Roundtable announced the creation of a one-call system that would allow identity theft victims to alert their banks and credit card companies with one phone call. The Identity Theft Assistance Center, which would receive calls from banks, would then contact all other creditors of the identity theft victim. The center will also provide victims with affidavits for law enforcement officials, credit card companies, financial institutions, and credit bureaus. Banks and other businesses could also run names through a database to determine whether the applicant's credit report has been flagged as a victim of identity theft. Lawmakers are also preparing legislation that would make it easier for consumers to request flags on their credit reports, to pass information between credit bureaus, and the receive a free credit report annually.

www.philly.com 

xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx


"Holistic Paths to Security"

While technology is a valuable security tool, companies with the most successful security procedures will have a holistic approach to security that focuses more on people than it does on technology. Companies can come closer to achieving a more comprehensive security approach by adopting International Standards Organization (ISO) 17799 standards. ISO 17799 provides a framework for protecting critical infrastructure and valuable information, and although it does not provide companies with specific security solutions, it offers guidance in addressing security issues. According to the standards, the most important security measure at any company is to create and implement a strong security policy. A holistic approach to security that forces a company to develop a security culture will enable companies to cut costs while improving their overall security.

www.scmagazine.com 

xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx


Merger of immigration, customs agents causes friction

In early May, when the new Bureau of Immigration and Customs Enforcement began to take shape in Washington, John Chakwin hit the road in his 1991 Oldsmobile to bring the bureau to life in Atlanta. ICE, as the Homeland Security Department agency is known, is an amalgam of federal law enforcement personnel from four different agencies. To bring them together in Atlanta, Chakwin, ICE's interim special agent in charge for the region, needed new office space in a secure location. So for two months this spring, Chakwin spent his weekends driving around the Atlanta metropolitan area, searching for an acceptable building. "I drove all over this city trying to find a good space for my guys, and I think we finally got one," he says. Cloning determined managers such as Chakwin might be one way to tackle the ICE reorganization, which many Homeland Security officials regard as the most complicated merger inside the department. It is a true merger?jobs and missions are changing?that could resolve decades-old weaknesses in the U.S. immigration system and prevent terrorists from exploiting American financial systems. But if ICE has potential, it also faces mammoth challenges. Eight months after it was established, ICE is hobbled by angry agents, an unclear mission and endless administrative woes. The challenges start with personnel. "They've got at least four separate cultures to unite," says Asa Hutchinson, who oversees ICE as undersecretary for border and transportation security. In investigations alone, ICE inherited 3,500 agents from the old Customs Service, 2,050 agents from the now defunct Immigration and Naturalization Service, and 900 officers from the Federal Protective Service, which shifted from the General Services Administration. The agency has its own fleet of fixed-wing aircraft, a corps of intelligence analysts, and almost 3,000 detention and removal personnel to hold and deport illegal immigrants. In October, ICE snared another police unit, absorbing the Federal Air Marshals program from the Transportation Security Administration.

www.govexec.com

xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx


"Airports Abandon Facial Recognition"

Two facial recognition systems that were tested over three months at Boston's Logan Airport returned too many false positives, tests released by the American Civil Liberties Union (ACLU). The ACLU report follows the release of similar results of facial recognition technology tests at airports in Texas and California, and follows an announcement by the Tampa Police Department that it was ending its use of facial recognition technology. The companies that produced technology tested during the Logan Airport study, Viisage and Identix, say the studies were not conducted under the correct light and background conditions, and they maintain that facial recognition technology is still a valuable security tool. The Face Recognition Vendor Tests, conducted at the National Institute for Standards and Technology, reveal that the accuracy of facial recognition systems is largely dependant on being able to control the illumination around the devices. Although the U.S.A. Patriot Act and other federal laws require certain biometric identifiers to be used on some people's passports and identification cards, privacy rights group the Electronic Privacy Information Center and the ACLU have expressed privacy concerns about facial recognition technology.

www.scmagazine.com

xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx


"Accounts Deceivable: How to Detect and Prevent Fraud"

Small businesses, which focus primarily on product development and sales, are particularly vulnerable to the various types of fraud that can strike all companies, and they should take proactive steps to identify and prevent fraud. In addition to conducting thorough risk assessments and testing internal controls, small business owners can look out for the tell-tale signs of various types of fraud. Accounts receivable fraud, which involves diverting customer payments into fake accounts, for example, can be detected by keeping close watch for delays between payments made and payments credited. Inventory fraud, when employees steal inventory for resale purposes, is often detected when there are discrepancies between inventory counts and inventory records. With purchasing fraud, or when employees pay invoices to fraudulent companies, the use of photocopied invoices or invoices with other suspicious signs can point to fraudulent activity by an employees. Similarly, excessive refunds, allowances, or no-sale transactions may signal the occurrence of cash fraud by employees who are using company checks to withdraw funds for their own purposes.

www.washington.bcentral.com

xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx


"Cape Forum Spotlights Risk in Workplace"

The nonprofit group Cape Cod Chapter of Employers Against Domestic Violence (EADV) recently held its annual membership meeting, during which various speakers explained how domestic violence can spill into the workplace. The group, whose members consist of 20 area businesses and organizations, aims to help employers in Massachusetts form relationships with professionals who specialize in protecting against workplace violence and domestic violence. Barnstable Police Department domestic violence specialist Natalie Dupuis said that domestic violence abusers see the workplace as another place where they can freely access their victim. Courtney Cahill, president of the EADV board, said many companies do not realize that domestic violence is intimately connected with workplace violence. Massachusetts Lt. Gov. Kerry Healey advised companies to collaborate with groups like the EADV to create clearly defined policies on workplace behavior; these policies can help foster "a culture of security" in the workplace, Healey said. "There are a number of ways that the work environment can be made inhospitable and a difficult and violent place to be," said Healey, noting that domestic abusers can harass employees via email, the telephone, or anonymous notes. Cape & Islands District Attorney Michael O'Keefe said domestic violence causes employers to lose money in the form of lost productivity or poor performance by employees who are being harassed not only at home, but at work. Barnstable Police Department detective Jason Laber said many employees have deep-seated reservations about telling their employers that they are being abused at home.

www.capecodonline.com

xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx


"Risk Management's Role in Countering Global Terrorism"

Companies with international or global operations can use simple risk management techniques to identify, control, and evaluate the various terrorism risks they face. Although recent focus has been on terrorism risks in the Middle East, companies operating in Latin America face even greater risks, and figures show that business facilities overseas are even greater targets than government or military facilities. According to the U.S. Department of State, over 1,902 of the total 2,784 terrorist attacks made between 1996 and 2001 were made against businesses, and data shows that business targets are 21 times more likely to be attacked by terrorists than are government facilities. Figures also show that the rate at which business concerns have been attacked has grown by 68 percent in recent years, and that 87 percent of terrorist attacks against Americans in 2002 took place in Latin America. With these facts in mind, companies with operations or business overseas must take steps to identify the terrorism risks they face in Latin America. In addition to seeking the aid of local insurance agents, brokers, consultants, and risk managers, U.S. companies operating overseas should keep up-to-date on State Department travel warnings, conduct research on nations being visited, assess their needs for travel or kidnap and ransom coverage, take travel and luggage precautions, and avoid hazardous areas.

www.roughnotes.com/rnmag

xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx


"Voice Recognition, Smart Software Transform Police Cruiser"

Project 54 is a voice recognition program that was developed by University of New Hampshire engineers, and is now used in about 75 police cruisers throughout New Hampshire. The project began in 1999 when a UNH engineer accompanied a state police officer on patrols and discovered that officers need to do a variety of things in the cruiser while driving and pursuing a suspect. Project 54 outfits smart cruisers with a global positioning system, voice-recognition programs that help the officer communicate with stations without using the traditional computer or radio, and radio channel controls on the wheel instead of in the dash. Installing computers into squad cars was a significant improvement in how officers effectively transmitted and received vital information, but the device required officers to pull over in order to submit data or questions; now officers can announce information requests which are then transmitted within 8 seconds, displaying the results on the computer screen as well verbally relaying it to the officer. So far the only alternative the UNH design is a larger system developed by Visteon, called the TACNET system. TACNET involves installing two computers in the trunk of the cruiser, with the screen mounted on the dash; in order to further assist officers when pursuing vehicles, the system can display information on the windshield, enabling an officer to read it without taking their eyes off the road. The voice-recognition systems have garnered considerable praise from the law enforcement industry, which hopes the technology will further facilitate safe police operations.

www.sfgate.com

 


Please forward your feedback to JIMKING@xxxxxxxx or call at (404) 525-9991.

If you would like to subscribe to this publication please click here.


To opt out of future mailings, click here.