Self Defense Blog

You’re at the airport waiting for your flight. With time to kill, you’re thinking of connecting your laptop to the airport’s Wi-Fi to check your office e-mail…do some personal banking…or shop for a gift for your spouse.

But first, consider this: odds are there’s a hacker nearby, with his own laptop, attempting to “eavesdrop” on your computer to obtain personal data that will provide access to your money or even to your company’s sensitive information.

Here’s something else to consider: there are 68,000 Wi-Fi “hot spots” in the U.S. (see the graphic below for the top Wi-Fi countries), at airports, coffee shops, hotels, bookstores, schools, and other locations where hundreds or thousands of people pass through every day. While many of these hot spots have secure networks, some do not, according to Supervisory Special Agent Donna Peterson of our Cyber Division. And connecting to an unsecure network can leave you vulnerable to attacks from hackers.

How do hackers grab your personal data out of thin air? Agent Peterson said one of the most common types of attack is this: a bogus but legitimate-looking Wi-Fi network with a strong signal is strategically set up in a known hot spot…and the hacker waits for nearby laptops to connect to it. At that point, your computer—and all your sensitive information, including user ID, passwords, credit card numbers, etc.—basically belongs to the hacker. The intruder can mine your computer for valuable data, direct you to phony webpages that look like ones you frequent, and record your every keystroke.

“Another thing to remember,” said Agent Peterson, “is that the connection between your laptop and the attacker’s laptop runs both ways: while he’s taking info from you, you may be unknowingly downloading viruses, worms, and other malware from him.”

Businesses that offer free or ad-hoc Wi-Fi often don’t know their networks have been breached. Individual victims usually don’t realize they’ve been targeted either until it’s too late. That’s why, according to Agent Peterson, there aren’t reliable stats on the number of these breaches, although the FBI does periodically receive reports on them. It’s also very tough to trace a hack that originates on an open, unsecure network.

Agent Peterson explained that the criminal aspect comes into play once data taken by the hacker is used to commit a crime. If the hacker, armed with your personal or corporate information or access codes, tries to break into a secured network—whether it’s a case of intrusion, identity theft, bank fraud, theft of intellectual property, or any other type of crime—then law enforcement gets involved.

What can you do to protect yourself? Agent’s Peterson’s best advice is, don’t connect to an unknown Wi-Fi network. But if you have to, there are some precautions you can take to decrease the threat:

Make sure your laptop security is up to date, with current versions of your operating system, web browser, firewalls, and antivirus and anti-spyware software.
Don’t conduct financial transactions or use applications like e-mail and instant messaging.
Change the default setting on your laptop so you have to manually select the Wi-Fi network you’re connecting to.
Turn off your laptop’s Wi-Fi capabilities when you’re not using them.

Criminals targeting the elderly are increasingly located outside the United States.

A Canadian couple is arrested for allegedly bilking victims across the U.S. by selling bogus credit card protection plans over the phone.

A Maryland financial planning/estate lawyer pleads guilty to defrauding his own clients.

A California man is convicted of stealing nearly $5 million from residents of a retirement home through an investment scheme.

What’s the common thread here? All of the victims were elderly, and many lost their life savings.

Why are the elderly such an attractive target for con artists?

Many seniors have a “nest egg.”
They’re less likely to report a fraud because they don’t know where to go or they’re too embarrassed to talk about it.
If they do report the crime, it’s sometimes hard for them to remember exact details.
Many of the products/services being hawked by con artists appeal to individuals of a certain age—i.e., anti-aging and other health care products, health care services, and investments related to retirement savings.

The threat to seniors is growing…and changing. Baby boomers (born between 1946 and 1964) are now the largest segment of our population—about 78 million people. That means that the number of senior citizens is rising. Many younger boomers also have considerable computer skills, so criminals are modifying their targeting techniques—using not only traditional telephone calls and mass mailings but also online scams like phishing and e-mail spamming.

Another trend: Criminals targeting the elderly are increasingly located outside the U.S., making it difficult for American law enforcement to track them down.

The scams. Some common ones to look out for:

Identity theft (accomplished through “dumpster diving,” phishing, address changes, old-fashioned theft);

Health insurance frauds (medical equipment, “rolling lab” schemes, Medicare fraud, counterfeit prescription drugs);

Home repair schemes;

Foreign lottery/sweepstakes fraud;

Advance fee/credit card frauds;

Investment fraud; and

Charity schemes.

Recovery schemes are also worth mentioning because they’re especially cold-hearted: they target previous victims by convincing them that their money has been recovered by law enforcement or government officials but that they must pay a fee to get it back.

A few basic tips to avoid being victimized:

Shred credit card receipts and old bank statements;
Close unused credit card or bank accounts;
Don’t give out personal information via the phone, mail, or Internet unless you initiated the contact;
Never respond to an offer you don’t understand;
Talk over investments with a trusted friend, family member, or financial advisor;
Require all plans and purchases to be in writing; and
Don’t pay in advance for services.
Who to call. If you’re a senior citizen who has been victimized by fraud, start by calling your local or state law enforcement agency.

The FBI doesn’t handle isolated individual cases: we get involved only when there are huge dollar losses or if there’s evidence of an international crime ring at work. But you can report fraud online to us through our Internet Crime Complaint Center, which is run in concert with the National White Collar Crime Center, and we’ll refer it to the proper authorities.

See our common frauds webpage for seniors for more details on the scams and prevention tips.

What is the primary purpose of a defense spray product?

To take away the desire and/or ability for a subject to resist an officer’s compliance commands or to allow a civilian to flee from an attacker.

Since (most) all defense spray products eventually work the most desirable and successful product should be the one that will work the fastest—and do so most consistently and effectively.

FOX LABS International’s Premium Defense Spray line-up is unequaled, with virtually immediate incapacitation of subjects exposed to them. On-contact effectiveness documented by police officers under actual arrest circumstances range from instantaneous slamming shut of the eyes to total incapacitation in an incredible three (3) seconds on subjects ranging from belligerent to drunk and drugged to psychotic.*

http://www.guardian-self-defense.com/foxpepperspray.htm

*No defense spray product, and not even a fire arm, is 100% effective in all circumstances. Users should use extreme caution and observe reactions of the subjects who are sprayed to make sure that they are indeed affected by the product.

1. SAFEST: FOX LABS only uses the highest quality ingredients. Their “Five Point Three” formula uses an organic OC (pepper) that is so highly refined (purified) that it is a “clear red liquid.” Compare this FOX formula to defense spray formulas from other manufacturers (by spraying into a clear glass or jar) and you will see that these other formulas appear as a dirty-looking, orange, and opaque liquid.

“Five Point Three” is so clear that you can see right through it! This means that it atomizes from the canister better and works faster than other formulas. Additionally, because the OC is so pure, FOX LABS is able to make a formula consisting of only 2% OC! Plus, because of the unique formulation of ingredients one does not need to use as much (FOX) spray to bring most subjects under compliance. Lower percentage of OC and less formula sprayed on subjects means faster decontamination and therefore reduced liability concerns, because the longer a person remains contaminated, the greater the opportunity for a health related problem to surface.

Furthermore, all FOX formulas are non-flammable.

2. HOTTEST (MOST INTENSE): This means most intense overall. No one is using a purer OC (pepper) to start with than FOX LABS INTERNATIONAL. This means that no matter what is claimed by others, the bottom line is the purity of ingredients makes FOX superior in terms of intensity. This is because OC is comprised of four things: 1) Capsaicinoids (heat & sugars)), 2) Oil (that carries the capsaicinoids), 3) Color, and 4)) Junk (all of the miscellaneous matter that embodies the OC resin). Think about how crude oil is made into gasoline…you get kerosene, then you get regular gas and finally after more refinement, Premium gas. The main difference between this process and the refinement of the OC used for FOX Premium Defense Sprays is that when you refine (purify) the petroleum you also need to add things to get the end results mentioned in the preceding sentence. The refinement process (purification) of the OC used in FOX “Five Point Three” only takes things “away” or “out” of the resin. This means that the “junk,” “color,” “sugars,” and even some of the “oil” is actually removed from the resin leaving virtually nothing but “HEAT!” That is why it is plain to see (remember you can actually see the quality of Fox formulas by comparing it to others in a clear glass container) that FOX “Five Point Three” is some incredibly hot stuff, but still safest.

3. FASTEST-ACTING: No figures are available to show how many times a person’s eyes slam shut instantly when the FOX formula gets in them, but most officers that use the products, or have been personally exposed to them, attest to the fact that even in extreme cases of resistance no other brand slams the eyes shut faster than FOX Five Point Three.” Furthermore, in addition to the incredibly pure OC (described above in #2), the carrier used in FOX products removes the layer of oil (lipids) that is always on the surface of our skin and opens the pores, so when the “HEAT” of the purified OC hits it creates immediate pain to the skin in addition to the (temporary) blinding effects on the eyes. As a matter-of-fact, in FOX OC Instructor classes it is taught that if the officer doesn’t see the subject who is sprayed with FOX “Five Point Three” visibly affected by the product within an astounding three (3) seconds, that they should prepare to spray again or escalate in force. In comparison tests done by various police academies using every major brand of defense spray, nothing was faster-acting on more subjects than FOX brand premium defense sprays.

4. MOST EFFECTIVE: This refers to not only how fast the subject is shutdown with the defense spray, but also how incapacitated they actually become. In many instances officers find that after using their FOX product that they only have to threaten to discharge a FOX Premium Defense Spray for the subject to give-up, quit resisting or comply with the officer’s commands. And this applies to subjects who have never been personally sprayed, but who have “heard” about the effects of the FOX brand.

5. MOST RELIABLE & CONSISTANT: FOX recommends that their Premium Defense Sprays be replaced two-years from date of purchase. This isn’t because the products will cease working after that period of time, but because the chance of failure increases. Atoms are always in flux—always moving—because of this something called diffusion takes place. The atoms that comprise the propellants are smaller than those of the gaskets, and over a period of time they will slowly, but surely, escape. That is why there comes a time with any aerosol spray when you depress the button and all you get is a funny sound and a spray pattern that goes only a few inches. By warranting the products for two years, FOX LABS INTERNATIONAL greatly reduces the chances of this happening to their products. The results from this policy are evident in quotes from police agencies like this one: “Have had zero failures in five years of use. 100% effective, 100% immediate stop and drop. Officer injuries have declined considerable since Fox put into use. Officers report Fox effective against subjects already sprayed with other brands and still resisting. ” Lt. J.W. Ohio. Or how about this one taken from an actual police report: “…While chasing him on foot I was unable to grab him. At that time I deployed by pepper gas and discharged it in the area of the rear of his head from about ten feet away. The pepper gas struck the subject in the rear of the head and shoulder area. The subject then immediately fell to the ground and was handcuffed and placed under arrest.” Officer T.H., Georgia. The agency that documented this incident, which by-the-way is the only report we have ever heard of where someone was taken down from behind with an aerosol defense spray, switched their entire department to FOX “Five Point Three” a couple of weeks later (up until that time they had been using BodyGuard brand).

IN CONCLUSION

Fox Labs’ products are legendary for overall superiority in their categories. They have been proven to be unsurpassed for their safety, intensity, virtually instant on-contact effectiveness and reliability. Their customers represent a complete range of law enforcement and peacekeeping agencies which include the state police/highway patrols, county sheriff’s offices, city police departments, correctional facilities and jails, and federal agents from Department of Defense Police, Probation & Parole and Military Police. Simply stated, the more you know about defense spray products, the more you will be relying on FOX LABS International, too!

http://www.guardian-self-defense.com/foxpepperspray.htm

What are officers saying about Fox Labs’ defense sprays?

IMMEDIATE STOPPING POWER
“We had a paranoid schizophrenic large male off his medication go crazy in a hair salon full of people. He was barricaded in a bathroom and screaming about the devil. One spray in the face and it was immediately effective. We waited for about 2-3 seconds and I gave him commands to prone out and put his hands behind his back. He must have thought the devil spit in his eyes. He did everything we asked. It was great! We made some more believers’ in your product today. Thanks!” Lt. DN, Wisconsin

INTENSE PAIN AND HEAT FELT IMMEDIATELY
“In contrast to the other OC products I have been exposed to in the past where I was comfortable for a few seconds while being led to water, your product created intense pain and heat immediately. I was surprised at the intensity and manner in which my air passages and ability to open my eyes were impacted.” Asst. Director JER, Georgia

STOPS DOG DEAD IN ITS TRACKS
“This dog (part Rottweiler) came charging at me, so I gave it a one second burst of the pepper spray. The pepper hit the dog in the chest from about 8 feet away. The dog stopped DEAD IN ITS TRACKS. I think the skid marks are still in the grass!” Sgt. RFB, Louisiana

HIT IN THE ‘BACK OF THE HEAD’ AND TAKEN DOWN IMMEDIAETLY
“While chasing him on foot I was unable to grab him. At that time I deployed my pepper gas and discharged it in the area of the rear of his head from about ten feet away. The pepper gas struck the subject in the rear of the head and shoulder area. The subject then immediately fell to the ground and was handcuffed and placed under arrest.” Officer TH, Georgia

BETTER THAN OTHER PRODUCTS
“We just switched from MSI (Mace) brand OC to the Fox Labs foam. It was very impressive! Some of the officers that were sprayed were sprayed with the MSI foam a year ago, and were willing to get sprayed again. After being sprayed this year with Fox Labs foam, they stated that they would never get sprayed again!” Ptlmn. BSD, Pennsylvania

“After conducting a series of tests (actually spraying the defensive tactics instructors with both products) and discussing these tests with them, it was felt that the Fox acted much faster on the skin than the BodyGuard and the burning on the skin was much worse. The pain on the skin was bad enough to incapacitate most subjects. As soon as the Fox got to the eyes they were instantly incapacitated. The burning on the skin of the BodyGuard LE was secondary. The BodyGuard LE was very good, but the Fox was much better.” Lt. MM, Indiana

ZERO FAILURES IN FIVE YEARS OF USE
“Have had zero failures in five years of use. 100% effective, 100% immediate stop and drop. Officer injuries have declined considerable since Fox put into use. Officers report Fox effective against subjects already sprayed w/other brands and still resisting.” Lt. JW, Ohio

http://www.guardian-self-defense.com/foxpepperspray.htm

James Van Bokkelen is about to be robbed. A wealthy software entrepreneur, Van Bokkelen will be the latest victim of some punk with a laptop. But this won’t be an email scam or bank account hack. A skinny 23-year-old named Jonathan Westhues plans to use a cheap, homemade USB device to swipe the office key out of Van Bokkelen’s back pocket.

“I just need to bump into James and get my hand within a few inches of him,” Westhues says. We’re shivering in the early spring air outside the offices of Sandstorm, the Internet security company Van Bokkelen runs north of Boston. As Van Bokkelen approaches from the parking lot, Westhues brushes past him. A coil of copper wire flashes briefly in Westhues’ palm, then disappears.

Van Bokkelen enters the building, and Westhues returns to me. “Let’s see if I’ve got his keys,” he says, meaning the signal from Van Bokkelen’s smartcard badge. The card contains an RFID sensor chip, which emits a short burst of radio waves when activated by the reader next to Sandstorm’s door. If the signal translates into an authorized ID number, the door unlocks.

The coil in Westhues’ hand is the antenna for the wallet-sized device he calls a cloner, which is currently shoved up his sleeve. The cloner can elicit, record, and mimic signals from smartcard RFID chips. Westhues takes out the device and, using a USB cable, connects it to his laptop and downloads the data from Van Bokkelen’s card for processing. Then, satisfied that he has retrieved the code, Westhues switches the cloner from Record mode to Emit. We head to the locked door.

“Want me to let you in?” Westhues asks. I nod.

He waves the cloner’s antenna in front of a black box attached to the wall. The single red LED blinks green. The lock clicks. We walk in and find Van Bokkelen waiting.

“See? I just broke into your office!” Westhues says gleefully. “It’s so simple.” Van Bokkelen, who arranged the robbery “just to see how it works,” stares at the antenna in Westhues’ hand. He knows that Westhues could have performed his wireless pickpocket maneuver and then returned with the cloner after hours. Westhues could have walked off with tens of thousands of dollars’ worth of computer equipment - and possibly source code worth even more. Van Bokkelen mutters, “I always thought this might be a lousy security system.”

RFID chips are everywhere - companies and labs use them as access keys, Prius owners use them to start their cars, and retail giants like Wal-Mart have deployed them as inventory tracking devices. Drug manufacturers like Pfizer rely on chips to track pharmaceuticals. The tags are also about to get a lot more personal: Next-gen US passports and credit cards will contain RFIDs, and the medical industry is exploring the use of implantable chips to manage patients. According to the RFID market analysis firm IDTechEx, the push for digital inventory tracking and personal ID systems will expand the current annual market for RFIDs from $2.7 billion to as much as $26 billion by 2016.

RFID technology dates back to World War II, when the British put radio transponders in Allied aircraft to help early radar system crews detect good guys from bad guys. The first chips were developed in research labs in the 1960s, and by the next decade the US government was using tags to electronically authorize trucks coming into Los Alamos National Laboratory and other secure facilities. Commercialized chips became widely available in the ’80s, and RFID tags were being used to track difficult-to-manage property like farm animals and railroad cars. But over the last few years, the market for RFIDs has exploded, driven by advances in computer databases and declining chip prices. Now dozens of companies, from Motorola to Philips to Texas Instruments, manufacture the chips.

The tags work by broadcasting a few bits of information to specialized electronic readers. Most commercial RFID chips are passive emitters, which means they have no onboard battery: They send a signal only when a reader powers them with a squirt of electrons. Once juiced, these chips broadcast their signal indiscriminately within a certain range, usually a few inches to a few feet. Active emitter chips with internal power can send signals hundreds of feet; these are used in the automatic toll-paying devices (with names like FasTrak and E-ZPass) that sit on car dashboards, pinging tollgates as autos whiz through.

For protection, RFID signals can be encrypted. The chips that will go into US passports, for example, will likely be coded to make it difficult for unauthorized readers to retrieve their onboard information (which will include a person’s name, age, nationality, and photo). But most commercial RFID tags don’t include security, which is expensive: A typical passive RFID chip costs about a quarter, whereas one with encryption capabilities runs about $5. It’s just not cost-effective for your average office building to invest in secure chips.

This leaves most RFIDs vulnerable to cloning or - if the chip has a writable memory area, as many do - data tampering. Chips that track product shipments or expensive equipment, for example, often contain pricing and item information. These writable areas can be locked, but often they aren’t, because the companies using RFIDs don’t know how the chips work or because the data fields need to be updated frequently. Either way, these chips are open to hacking.

“The world of RFID is like the Internet in its early stages,” says Ari Juels, research manager at the high tech security firm RSA Labs. “Nobody thought about building security features into the Internet in advance, and now we’re paying for it in viruses and other attacks. We’re likely to see the same thing with RFIDs.”

David Molnar is a soft-spoken computer science graduate student who studies commercial uses for RFIDs at UC Berkeley. I meet him in a quiet branch of the Oakland Public Library, which, like many modern libraries, tracks most of its inventory with RFID tags glued inside the covers of its books. These tags, made by Libramation, contain several writable memory “pages” that store the books’ barcodes and loan status.

Brushing a thatch of dark hair out of his eyes, Molnar explains that about a year ago he discovered he could destroy the data on the books’ passive-emitting RFID tags by wandering the aisles with an off-the-shelf RFID reader-writer and his laptop. “I would never actually do something like that, of course,” Molnar reassures me in a furtive whisper, as a nonbookish security guard watches us.

Our RFID-enabled checkout is indeed quite convenient. As we leave the library, we stop at a desk equipped with a monitor and arrange our selections, one at a time, face up on a metal plate. The titles instantly appear onscreen. We borrow four books in less than a minute without bothering the librarian, who is busy helping some kids with their homework.

Molnar takes the books to his office, where he uses a commercially available reader about the size and heft of a box of Altoids to scan the data from their RFID tags. The reader feeds the data to his computer, which is running software that Molnar ordered from RFID-maker Tagsys. As he waves the reader over a book’s spine, ID numbers pop up on his monitor.

“I can definitely overwrite these tags,” Molnar says. He finds an empty page in the RFID’s memory and types “AB.” When he scans the book again, we see the barcode with the letters “AB” next to it. (Molnar hastily erases the “AB,” saying that he despises library vandalism.) He fumes at the Oakland library’s failure to lock the writable area. “I could erase the barcodes and then lock the tags. The library would have to replace them all.”

Frank Mussche, Libramation’s president, acknowledges that the library’s tags were left unlocked. “That’s the recommended implementation of our tags,” he says. “It makes it easier for libraries to change the data.”

For the Oakland Public Library, vulnerability is just one more problem in a buggy system. “This was mostly a pilot program, and it was implemented poorly,” says administrative librarian Jerry Garzon. “We’ve decided to move ahead without Libramation and RFIDs.”

But hundreds of libraries have deployed the tags. According to Mussche, Libramation has sold 5 million RFID tags in a “convenient” unlocked state.

While it may be hard to imagine why someone other than a determined vandal would take the trouble to change library tags, there are other instances where the small hassle could be worth big bucks. Take the Future Store. Located in Rheinberg, Germany, the Future Store is the world’s preeminent test bed of RFID-based retail shopping. All the items in this high tech supermarket have RFID price tags, which allow the store and individual product manufacturers - Gillette, Kraft, Procter & Gamble - to gather instant feedback on what’s being bought. Meanwhile, shoppers can check out with a single flash of a reader. In July 2004, Wired hailed the store as the “supermarket of the future.” A few months later, German security expert Lukas Grunwald hacked the chips.

Grunwald cowrote a program called RFDump, which let him access and alter price chips using a PDA (with an RFID reader) and a PC card antenna. With the store’s permission, he and his colleagues strolled the aisles, downloading information from hundreds of sensors. They then showed how easily they could upload one chip’s data onto another. “I could download the price of a cheap wine into RFDump,” Grunwald says, “then cut and paste it onto the tag of an expensive bottle.” The price-switching stunt drew media attention, but the Future Store still didn’t lock its price tags. “What we do in the Future Store is purely a test,” says the Future Store spokesperson Albrecht von Truchsess. “We don’t expect that retailers will use RFID like this at the product level for at least 10 or 15 years.” By then, Truchsess thinks, security will be worked out.

Today, Grunwald continues to pull even more-elaborate pranks with chips from the Future Store. “I was at a hotel that used smartcards, so I copied one and put the data into my computer,” Grunwald says. “Then I used RFDump to upload the room key card data to the price chip on a box of cream cheese from the Future Store. And I opened my hotel room with the cream cheese!”

Aside from pranks, vandalism, and thievery, Grunwald has recently discovered another use for RFID chips: espionage. He programmed RFDump with the ability to place cookies on RFID tags the same way Web sites put cookies on browsers to track returning customers. With this, a stalker could, say, place a cookie on his target’s E-ZPass, then return to it a few days later to see which toll plazas the car had crossed (and when). Private citizens and the government could likewise place cookies on library books to monitor who’s checking them out.

In 1997, ExxonMobil equipped thousands of service stations with SpeedPass, which lets customers wave a small RFID device attached to a key chain in front of a pump to pay for gas. Seven years later, three graduate students - Steve Bono, Matthew Green, and Adam Stubblefield - ripped off a station in Baltimore. Using a laptop and a simple RFID broadcasting device, they tricked the system into letting them fill up for free.

The theft was concocted by Avi Rubin’s computer science lab at Johns Hopkins University. Rubin’s lab is best known for having found massive, hackable flaws in the code running on Diebold’s widely adopted electronic voting machines in 2004. Working with RSA Labs manager Juels, the group figured out how to crack the RFID chip in ExxonMobil’s SpeedPass.

Hacking the tag, which is made by Texas Instruments, is not as simple as breaking into Van Bokkelen’s Sandstorm offices with a cloner. The radio signals in these chips, dubbed DST tags, are protected by an encryption cipher that only the chip and the reader can decode. Unfortunately, says Juels, “Texas Instruments used an untested cipher.” The Johns Hopkins lab found that the code could be broken with what security geeks call a “brute-force attack,” in which a special computer known as a cracker is used to try thousands of password combinations per second until it hits on the right one. Using a home-brewed cracker that cost a few hundred dollars, Juels and the Johns Hopkins team successfully performed a brute-force attack on TI’s cipher in only 30 minutes. Compare that to the hundreds of years experts estimate it would take for today’s computers to break the publicly available encryption tool SHA-1, which is used to secure credit card transactions on the Internet.

ExxonMobil isn’t the only company that uses the Texas Instruments tags. The chips are also commonly used in vehicle security systems. If the reader in the car doesn’t detect the chip embedded in the rubbery end of the key handle, the engine won’t turn over. But disable the chip and the car can be hot-wired like any other.

Bill Allen, director of strategic alliances at Texas Instruments RFID Systems, says he met with the Johns Hopkins team and he isn’t worried. “This research was purely academic,” Allen says. Nevertheless, he adds, the chips the Johns Hopkins lab tested have already been phased out and replaced with ones that use 128-bit keys, along with stronger public encryption tools, such as SHA-1 and Triple DES.

Juels is now looking into the security of the new US passports, the first of which were issued to diplomats this March. Frank Moss, deputy assistant secretary of state for passport services, claims they are virtually hack-proof. “We’ve added to the cover an anti-skimming device that prevents anyone from reading the chip unless the passport is open,” he says. Data on the chip is encrypted and can’t be unlocked without a key printed in machine-readable text on the passport itself.

But Juels still sees problems. While he hasn’t been able to work with an actual passport yet, he has studied the government’s proposals carefully. “We believe the new US passport is probably vulnerable to a brute-force attack,” he says. “The encryption keys in them will depend on passport numbers and birth dates. Because these have a certain degree of structure and guessability, we estimate that the effective key length is at most 52 bits. A special key-cracking machine could probably break a passport key of this length in 10 minutes.”

I’m lying facedown on an examination table at UCLA Medical Center, my right arm extended at 90 degrees. Allan Pantuck, a young surgeon wearing running shoes with his lab coat, is inspecting an anesthetized area on the back of my upper arm. He holds up something that looks like a toy gun with a fat silver needle instead of a barrel.

I’ve decided to personally test-drive what is undoubtedly the most controversial use of RFIDs today - an implantable tag. VeriChip, the only company making FDA-approved tags, boasts on its Web site that “this ‘always there’ identification can’t be lost, stolen, or duplicated.” It sells the chips to hospitals as implantable medical ID tags and is starting to promote them as secure-access keys.

Pantuck pierces my skin with the gun, delivering a microchip and antenna combo the size of a grain of long rice. For the rest of my life, a small region on my right arm will emit binary signals that can be converted into a 16-digit number. When Pantuck scans my arm with the VeriChip reader - it looks sort of like the wand clerks use to read barcodes in checkout lines - I hear a quiet beep, and its tiny red LED display shows my ID number.

Three weeks later, I meet the smartcard-intercepting Westhues at a greasy spoon a few blocks from the MIT campus. He’s sitting in the corner with a half-finished plate of onion rings, his long blond hair hanging in his face as he hunches over the cloner attached to his computer.

Because the VeriChip uses a frequency close to that of many smartcards, Westhues is pretty sure the cloner will work on my tag. Westhues waves his antenna over my arm and gets some weird readings. Then he presses it lightly against my skin, the way a digital-age pickpocket could in an elevator full of people. He stares at the green waveforms that appear on his computer screen. “Yes, that looks like we got a good reading,” he says.

After a few seconds of fiddling, Westhues switches the cloner to Emit and aims its antenna at the reader. Beep! My ID number pops up on its screen. So much for implantable IDs being immune to theft. The whole process took 10 minutes. “If you extended the range of this cloner by boosting its power, you could strap it to your leg, and somebody passing the VeriChip reader over your arm would pick up the ID,” Westhues says. “They’d never know they hadn’t read it from your arm.” Using a clone of my tag, as it were, Westhues could access anything the chip was linked to, such as my office door or my medical records.

John Proctor, VeriChip’s director of communications, dismisses this problem. “VeriChip is an excellent security system, but it shouldn’t be used as a stand-alone,” he says. His recommendation: Have someone also check paper IDs.

But isn’t the point of an implantable chip that authentication is automatic? “People should know what level of security they’re getting when they inject something into their arm,” he says with a half smile.

They should - but they don’t. A few weeks after Westhues clones my chip, Cincinnati-based surveillance company CityWatcher announces a plan to implant employees with VeriChips. Sean Darks, the company’s CEO, touts the chips as “just like a key card.” Indeed.
Contributing editor Annalee Newitz (annalee@techsploitation.com) wrote about spyware in issue 13.12.

What Are Raves?

“Raves” are high energy, all-night dances that feature hard pounding techno-music and flashing laser lights. Raves are found in most metropolitan areas and, increasingly, in rural areas throughout the country. The parties are held in permanent dance clubs, abandoned warehouses, open fields, or empty buildings.

Raves are frequently advertised as “alcohol free” parties with hired security personnel. Internet sites often advertise these events as “safe” and “drug free.” However, they are dangerously over crowded parties where your child can be exposed to rampant drug use and a high-crime environment. Numerous overdoses are documented at these events.

Raves are one of the most popular venues where club drugs are distributed. Club drugs include MDMA (more commonly known as “Ecstasy”), GHB and Rohypnol (also known as the “date rape” drugs), Ketamine, Methamphetamine (also known as “Meth”), and LSD.

Because some club drugs are colorless, odorless, and tasteless, they can be added without detection to beverages by individuals who want to intoxicate or sedate others in order to commit sexual assaults.

Rave promoters capitalize on the effects of club drugs. Bottled water and sports drinks are sold at Raves, often at inflated prices, to manage hyperthermia and dehydration. Also found are pacifiers to prevent involuntary teeth clenching, menthol nasal inhalers, surgical masks, chemical lights, and neon glow sticks to increase sensory perception and enhance the Rave experience.

Cool down rooms are provided, usually at a cost, as a place to cool off due to increased body temperature of the drug user.

Don’t risk your child’s health and safety. Ask questions about where he or she is going and see it for yourself.

What Are Club Drugs?

1) Methylenedioxymethamphetamine (MDMA)

MDMA - DEA photoStreet names: Ecstasy, E, X, XTC, Adam, Clarity, Lover’s Speed

An amphetamine-based, hallucinogenic type drug that is taken orally, usually in a tablet or capsule form.
Effects:

* Lasts 3-6 hours.
* Enables dancers to dance for long periods of time.
* Increases the chances of dehydration, hyper tension, heart or kidney failure, and increased body temperature, which can lead to death.
* Long-term effects include confusion, depression, sleep problems, anxiety, paranoia, and loss of memory.

2) Gamma-hydoxybutyrate (GHB)

GHB - DEA photoStreet names: Grievous Bodily Harm, G, Liquid Ecstasy, Georgia Home Boy

A central nervous system depressant that is usually ingested in liquid, powder, tablet, and capsule forms.
Effects:

* May last up to 4 hours, depending on the dose used.
* Slows breathing and heart rates to dangerous levels.
* Also has sedative and euphoric effects that begin up to 10-20 minutes from ingestion.
* Use in connection with alcohol increases its potential for harm.
* Overdose can occur quickly-sometimes death occurs.

3) Methamphetamine

Methamphetamine - DEA photoStreet names: Speed, Ice, Chalk, Meth, Crystal, Crank, Fire, Glass

A central nervous system stimulant, often found in pill, capsule, or powder form, that can be snorted, injected, or smoked.
Effects:

* Displays signs of agitation, excited speech, lack of appetite, and increased physical activity.
* Often results in drastic weight loss, violence, psychotic behavior, paranoia, and sometimes damage to the heart or nervous system.

4) Ketamine

Ketamine - DEA photoStreet names: Special K, K, Vitamin K, Cat Valium

An injectable anesthetic used primarily by veterinarians, found either in liquid form or as a white powder that can be snorted or smoked, sometimes with marijuana.
Effects:

* Causes reactions similar to those of PCP, a hallucinatory drug.
* Results in impaired attention, learning, and memory function. In larger doses, it may cause delirium, amnesia, impaired motor function, high blood pressure, and depression.

5) Rohypnol

Rohypnol - DEA photoStreet names: Roofies, Rophies, Roche, Forget-me Pill

Tasteless and odorless sedative, easily soluble in carbonated beverages, with toxic effects that are aggravated by concurrent use of alcohol.
Effects:

* Can cause anterograde amnesia, which contributes to Rohypnol’s popularity as a “date rape” drug.
* Can cause decreased blood pressure, drowsiness, visual disturbances, dizziness, and confusion.

6) Lysergic Acid Diethylamide (LSD)

LSD - DEA photoStreet names: Acid, Boomers, Yellow Sunshines

Hallucinogen that causes distortions in sensory perception, usually taken orally either in tablet or capsule form. Often sold on blotter paper that has been saturated with the drug.
Effects:

* Are often unpredictable and may vary depending on dose, environment, and the user.
* Causes dilated pupils, higher body temperature, increased heart rate and blood pressure, sweating, dry mouth, and tremors.
* Can cause numbness, weakness, and nausea.
* Long-term effects may include persistent psychosis and hallucinogenic persisting perception disorder, commonly known as “flashbacks.”

Know the Signs
Effects of stimulant club drugs, such as MDMA and Methamphetamine:

* Increased heart rate
* Convulsions
* Extreme rise in body temperature
* Uncontrollable movements
* Insomnia
* Impaired speech
* Dehydration
* High blood pressure
* Grinding teeth

Effects of sedative/hallucinogenic club drugs, such as GHB, Ketamine, LSD, and Rohypnol:

* Slow breathing
* Decreased heart rate (Except LSD)
* Respiratory problems
* Intoxication
* Drowsiness
* Confusion
* Tremors
* Nausea

Effects common to all club drugs can include anxiety, panic, depression, euphoria, loss of memory, hallucinations, and psychotic behavior. Drugs, traces of drugs, and drug paraphernalia are direct evidence of drug abuse. Pacifiers, menthol inhalers, surgical masks, and other such items could also be considered indicators.

Where Do You Go for Help?

If you suspect your child is abusing drugs, monitor behavior carefully. Confirm with a trustworthy adult where your child is going and what he or she is doing. Enforce strict curfews. If you have evidence of club drug use, approach your child when he or she is sober, and if necessary, call on other family members and friends to support you in the confrontation.

Once the problem is confirmed, seek the help of professionals. If the person is under the influence of drugs and immediate intervention is necessary, consider medical assistance. Doctors, hospital substance programs, school counselors, the county mental health society, members of the clergy, organizations such as Narcotics Anonymous, and rape counseling centers stand ready and waiting to provide information and intervention assistance.

This informational article supplied by the FBI - Posted by Guardian Self Defense & Security Products LLC

For more information:

Office of Justice Programs
www.ojp.usdoj.gov

Office of Juvenile Justice and Delingquency Prevention
www.ojjdp.ncjrs.org
1-800-638-8736

Office for Victims of Crime
www.ojp.usdoj.gov/ovc
1-800-627-6872

Drug Enforcement Administration
www.dea.gov

Center for Substance Abuse Treatment (CSAT)
1-800-662-HELP

Community Anti-Drug Coalitions of America
www.CADCA.org

National Clearinghouse for Alcohol and Drug Information (NCADI)
1-800-729-6686
1-877-767-8432 (toll free, in Spanish)
301-468-6433 (fax)
E-mail: info@health.org
www.health.org

National Institute on Drug Abuse
www.clubdrugs.org

Office of National Drug Control Policy Clearinghouse
1-800-666-3332
www.whitehousedrugpolicy.gov

Substance Abuse Treatment Facility Locator
www.findtreatment.samhsa.gov

DON’T MAKE THE CALL
The New Phenomenon of ‘Swatting’
02/04/08 - Information provided by FBI RSS Feeds

Remember the “phone phreakers?” The term hit our national consciousness in the 1970s, when a magazine reported on a small group of techie troublemakers who were hacking into phone companies’ computers and making free long-distance calls.

Today, there’s a new, much more serious twist on this old crime. It’s called “swatting,” and it involves calling 9-1-1 and faking an emergency that draws a response from law enforcement—usually a SWAT team.

Needless to say, these calls are dangerous to first responders and to the victims. The callers often tell tales of hostages about to be executed or bombs about to go off. The community is placed in danger as responders rush to the scene, taking them away from real emergencies. And the officers are placed in danger as unsuspecting residents may try to defend themselves.

Last year, for example, a 19-year-old Washington state man was charged by California authorities after pretending to be calling from the home of a married California couple, saying he had just shot and murdered someone. A local SWAT team arrived on the scene, and the husband, who had been asleep in his home with his wife and two young children, heard something and went outside to investigate—after first stopping in the kitchen to pick up a knife. What he found was a group of SWAT assault rifles aimed directly at him. Fortunately, the situation didn’t escalate, and no one was injured.

The schemes can also be fairly sophisticated. Consider the following case investigated by our Dallas office recently in concert with a range of partners:

* Five swatters in several states targeted people who were using online telephone party chat lines (or their family or friends).
* The swatters found personal details on the victims by accessing telecommunication company information stored on protected computers.
* Then, by manipulating computer and phone equipment, they called 9-1-1 operators around the country. By using “spoofing technology,” the swatters even made it look like the calls were actually coming from the victims!
* Between 2002 and 2006, the five swatters called 9-1-1 lines in more than 60 cities nationwide, impacting more than 100 victims, causing a disruption of services for telecommunications providers and emergency responders, and resulting in up to $250,000 in losses.
* “Swats” that the group committed included using bomb threats at sporting events, causing the events to be delayed; claiming that hotel visitors were armed and dangerous, causing an evacuation of the entire hotel; and making threats against public parks and officials.

Case work. The swatters were tracked down through the cooperative efforts of local, state, and federal agencies and the assistance of telecommunications providers and first responders. In all, the case involved more than 40 state and local jurisdictions in about a dozen states. All five subjects have pled guilty to various charges and are scheduled to be sentenced in 2008.

Why did they do it? Said Kevin Kolbye, Assistant Special Agent in Charge of our Dallas office: “Individuals did it for the bragging rights and ego, versus any monetary gain.” Basically, they did it because they could.

Law enforcement agencies at all levels are currently working with telecommunications providers around the country to help them address swatting activity.

You can help, too—if you believe you’ve been a victim of a “swat” please contact your local FBI office.

Guardian Self Defense & Security Products LLC
Your self defense superstore - Offering over 70 pepper spray and mace models,
stun guns, tasers, personal alarms and much more.

From Here in the U.S.
01/10/08
As terrorist groups go, it has quite a résumé:

Perfected the use of suicide bombers;
Invented the suicide belt;
Pioneered the use of women in suicide attacks;
Murdered some 4,000 people in the past two years alone; and
Assassinated two world leaders—the only terrorist organization to do so.
No, it’s not al Qaeda or Hezbollah or even HAMAS. The group is called the Liberation Tigers of Tamil Eelam (LTTE) or the Tamil Tigers for short.

Needless to say, the Tamil Tigers are among the most dangerous and deadly extremists in the world. For more than three decades, the group has launched a campaign of violence and bloodshed in Sri Lanka, the island republic off the southern coast of India.

Its ultimate goal: to seize control of the country from the Sinhalese ethnic majority and create an independent Tamil state. Along the way, it has launched suicide attacks, assassinated politicians (including a government minister this week and even the Sri Lankan President), taken hostages, and committed all of kinds of crimes to finance its operations. The resulting civil war has taken the lives of nearly 70,000 Sri Lankans on both sides of the conflict since 1983 alone.

Why should you care? Certainly because of the suffering and bloodshed that the Tamil Tigers have caused. And because its ruthless tactics have inspired terrorist networks worldwide, including al Qaeda in Iraq. But also because the group has placed operatives right here in our own backyard, discreetly raising money to fund its bloody terrorist campaign overseas, including purchases of weapons and explosives.

The U.S. government has designated the Tigers a foreign terrorist organization, so their activities here are illegal. And we’re determined to stop them, using the full range of our investigative and intelligence capabilities.

In April, for example, we struck an important blow when our Joint Terrorism Task Force in New York arrested the alleged U.S. director of the Tigers. The man supposedly held several fundraising events at a church and various public schools in Queens and in northern New Jersey in 2004. He is also accused of arranging high-level meetings between the group’s leaders and U.S. supporters.

We’ve also arrested another 11 Tamil Tiger-related suspects in the New York City region. And in Baltimore, following a multi-agency investigation, a pair of Indonesian men pled guilty and were sentenced recently for working with others to export surface to air missiles, state-of-the-art firearms, machine guns, and night vision goggles to the Tigers in Sri Lanka.

You can help by being careful with your donations. Like other terrorists, the Tigers have raised funds under a variety of cover organizations, often by posing as charities. A great deal of money, for example, was raised for the Tigers following the 2004 tsunami that devastated Sri Lanka and many other countries.

Talking on your cellphone while you drive can certainly lead to distraction and accidents — but having a cellphone in your car can be very useful in an emergency situation.

In almost any state, you may dial 911 for emergencies, but due to the high volume of calls that 911 operators receive, in some cases it might be better to use the phone numbers listed below, particularly to report highway-safety related “non-emergencies.” If you have difficulty reaching these numbers, you can always dial “0″ to request help.

Some states have special cellphone-only numbers such as *SP (star 77) for State Police or *HP (star 47) for Highway Patrol, to report highway/vehicle related problems. You should use the numbers, below, only to report vehicle breakdowns/problems, accidents, hazardous material spills, or other highway hazards/problems, as well as impaired or aggressive/reckless drivers and other criminal behavior.

Use cellphones safely — be aware of laws which prohibit using cellphones while driving.

While we work to keep this list current, at any point in time, some of the listings (below) may be out of date. Before you travel, as part of your travel/itinerary planning, we’d urge you to check with the state public safety departments (or their websites) on your planned route for updated/current cellphone contact listings.

EXPANDED STATE-BY-STATE LISTINGS
Alabama Cellphone-only: *HP (star 47)
Alaska 911
Arizona 911
Arkansas 911 or Cellphone-only: *55 (star 55)
California 911
Colorado 911 or
Cellphone-only: *CSP (star 277) or
*DUI (star 384) —to report DUIs
Connecticut 911 or (800-443-6817)
Delaware 911
Florida 911 or 800-525-5555
or Cellphone-only: *FHP (star 347)
Georgia 911 or
Cellphone-only: *GSP (star 477)
Hawaii 911
Idaho 911 or
800-233-1212 or
Cellphone-only: *ISP (star 477)
Illinois 911 or
Cellphone-only: *999 (star 999)
Indiana 911
Iowa 911 or
800-555-HELP (800-555-4357)

Kansas
911 (Statewide) or
Cellphone-only:
*HP (star 47) for Salina, KS
*KTA (*482) —Kansas Turnpike and for Wichita, KS
Kentucky 911 or
800-222-5555
Louisiana 911
or Cellphone-only: *LHP (star 547)
Lake Ponchartrain Causeway: *27 (star 27 —cellphone-only) or 504-893-6250
Maine 911 or
Cellphone-only: *SP (star 77)
Maryland 911 or
Cellphone-only: #SP (pound 77)
Massachusetts Cellphones:
*MSP (star 677) —in the 413 areacode
*SP (star 77) —outside the 413 areacode
Michigan 911
Minnesota 911
Mississippi Cellphone only: *HP (star 47)
Missouri Cellphone-only: *55 (star 55) or
800-525-5555
Montana 911 (emergency only) or
800-525-5555 (non-emergency)
Nebraska 911 or
800-525-5555 or
Cellphone-only:*55 (star 55)
Nevada 911 or
Cellphone-only:*NHP (star 647)
New Hampshire 911 or
800-622-2394 or
Cellphone-only: *SP (star 77)
New Jersey 911 or
Cellphone-only: #77 (pound 77 —to report aggressive driving)
New Mexico 911 or 505-827-9301
New York 911
North Carolina Cellphone only: *HP (star 47)
or 800-662-7956
North Dakota 911
Ohio 911 or 800-525-5555 (OHP)
or 800-877-7PATROL (Ohio only, to report non-emergency safety concerns) or
800-GRAB-DUI (to report erratic driving)
Oklahoma Cellphone-only *55 (star 55)
Oregon 911
Pennsylvania 911 or
Cellphone-only: *11 (star 11) —on turnpikes
Rhode Island 911 or
Cellphone-only: *SP (star 77)
or 401-444-1069
South Carolina Cellphone only: *HP (star 47)
South Dakota 911
Tennessee Cellphone-only: *THP (star 847)
or 615-741-2060
Texas 911 or 800-525-5555 or
Cellphone-only: *DPS (star 377)
Utah 911 or
Cellphone-only: *11 (star 11)
Vermont 911 or
DWI Hotline: 800-GETADWI and
*DWI (star 394 —cellphone-only)
Virginia 911 or
Cellphone-only: #SP (pound 77)
U.S. Virgin Islands 911
Washington 911
West Virginia Cellphone-only: *SP (star 77)
Wisconsin 911
Wyoming Cellphone only: #HELP (pound 4357)
or 800-442-9090
When in doubt:
0 (zero) —Operator assistance
411 —local directory assistance
(area code) + 555-1212 —non-local directory assistance
MANY STATES 511 (for Road/Weather/Traffic Conditions)

511 —”America’s Traveler Information Telephone Number”, providing current road conditions & construction/closure information.

About half the states currently have working 511 systems statewide or in some cities/areas. Almost all states have received funding to set up 511 systems.

Click here to visit the U.S. Department of Transportation’s Federal Highway Administration (NHWA) “511″ webpage for a state-by-state map/listing of 511 systems.

Phone numbers for the map/chart (above) were acquired from various state law enforcement agency websites and other online government sources including the NHTSA’s Programs Across the United States That Aid Motorists in the Reporting of Impaired Drivers to Law Enforcement, Final Report, March 2007.

Information Provided by:

The Police Notebook, Copyright © 2007,
the Board of Regents of the University of Oklahoma.

Campus safety tips

While assault or rape by an attacker is never the victim’s fault, there are a few things students can keep in mind

While out on a date

The unfortunate statistic is that 90 percent of rapes occur between people who already knew each other and that approximately half of rapes happen on dates. This is commonly known as “date rape” or “acquaintance rape.”

While sexual assault and rape by an attacker is never the victim’s fault, there are a few things women can bear in mind:

More campus safety tips: While walking around campus

At dorm rooms

While in your car

Do you remember the “good ole’ days” when it was common place to leave your doors unlocked and windows wide open all day and night? Well, I’m actually not old enough to say I ever experienced those days. But in speaking with my father and grandfather’s those days did exist believe it or not!

My grandfather often tells me stories of the “good ole’ days” of course there was no television, no air conditioning, but more importantly almost no crime. Your neighbors were like family, the whole neighborhood like a large tight nit community. People watched out for each other. So what’s changed?

Why is it that our streets are so dangerous, our schools (for the most part) are no longer safe environments for our children. Let’s be honest, would you even consider going to sleep tonight with your doors unlocked or your windows open? Not me! How would you rate the safety of your local communities public school system?

Our society has changed, our values has changed…If you asked most kids today “What is most important to you?” Chances are the answers would be related to money and status.

What happened to our values? Remember God, family, job….in that order?

The reality is we live in a very dangerous world. Crime is all around us, drugs, murder, rape, home invasion, car jacking, muggings, child abductions… How do we change this? How do we get our streets back? The answer lies within our society and it starts in the home.

Think about that for a while.

Guardian Self Defense