Calling Any and All High-Tech Criminals

[Al Colombo]

I would like to chat via e-mail or phone with any high-tech criminal
who has, or knows how to successfully substitute a biometric credential
for the proper one stored on a smart card for physical or logical
access to a variety of concerns, such as ATMs, computer networks, and
hard assets. No bloody need to reveal your identity (of course) as I
do not have any interest in compromising your identity.

My e-mail to use for this project is [email protected] and my cell
number can be obtained from my web site at http://www.tpromo.com if you
look on a bit.

Kind Regards,

Al Colombo, trade journalist

 

[Frank Olson]

I would like to chat via e-mail or phone with any high-tech criminal
who has, or knows how to successfully substitute a biometric credential
for the proper one stored on a smart card for physical or logical
access to a variety of concerns, such as ATMs, computer networks, and
hard assets. No bloody need to reveal your identity (of course) as I
do not have any interest in compromising your identity.

My e-mail to use for this project is [email protected] and my cell
number can be obtained from my web site at http://www.tpromo.com if you
look on a bit.

You figure there are "high-tech criminal types" lurking in *this* Group??
Other than Robert, I don't know of anyone that's "high-tech" *and* an ex-con
here... )

 

[Al Colombo]

Perhaps Robert is more able than most believe he is .

 

[Nomen Nescio]

Why don't you call Dennis Kozlowski? He won't be doing much for at least
eight years or so...

 

[Al Colombo]

Yea, but when he gets out he'll be the one laughing

 

[Allan Waghalter]

Dennis is going to spend his time writing new ADT ethics class manuals....

 

[Robert L Bass]

Perhaps Robert is more able than most believe he is .

Perhaps you might someday write one article where you didn't need help from
the IB.

 

[Al Colombo]

Not sure I follow you, Robert. Please explain.

Thanks,

Al

 

[Okitoki]

I would like to give you antoher piece of information.

Security specialist still consider that entering passwords through a
keypad is still the best method for high end security. Yes... I too
have heard of "glitches" in the biometric access control. All systems
must have "tolerances" to allow users to enter certain regions using
biometric systems. For example: what happens if I have a litle scratch
from the cat on my finger of which I have programmed the biometric
system? All biometric device manufacturers would mention of a
"tolerance" and that the system will also accept the scratch.

But for password entry systems the code is locked in our head. Unless a
technology is developed to read our brains, a high tech criminal cannot
get a hold of the password unless we tell them. I know of many ATM's
(Automated Teller Machines) in Europe that have remotely been fitted
with a device on the entry of the card reader, supported with a CCTV
system looking directly at the keypad. Once a user comes along and
enters his/her card the small card reading device picks up the card
number. Then it is backed by the CCTV system and wala... You have a new
credit card number that you can add to your database.

As a warning please check the region where you place your card. Make
sure that the entry is not covered by another device. Make sure that
the CCTV system does not see your keypad directly.

As long as you you keep your access codes in your head there is very
little chance that your code could be hacked. I've seen heaps of
Hollywood junk where look for the oil residue of finger prints on the
keypad. They are able to "compile" certain numbers or characters from
the pressed buttons. Remember to give a different password for each
user and change the code every now and then. This posibility would be
overcome this easily. We have an access control keypad on our front
door that only functions during office hours. If a high tech criminal
tries to look for residues on the keypad he/she would see that every
button has been pressed. Not forgetting that the system gives off an
alarm to CS if a wrong code has been entered more than 2 times.

To prevent high tech criminals from entering your premises you must
keep in mind that you cannot prevent an entry with electronic security
equipment. All security equipment is used just to warn staff on site.
If you wish to prevent unwanted entry you must setup physical
structures outside of the premises. Barbed wire fences, walls, proper
locks, etc.

I could go on for hours but the main point is to prevent (not just
warn) an unwanted guests before they even approach your fancy biometric
readers.

Good-luck.

 

[Frank Olson]

I would like to give you antoher piece of information.

Security specialist still consider that entering passwords through a
keypad is still the best method for high end security. Yes... I too
have heard of "glitches" in the biometric access control. All systems
must have "tolerances" to allow users to enter certain regions using
biometric systems. For example: what happens if I have a litle scratch
from the cat on my finger of which I have programmed the biometric
system? All biometric device manufacturers would mention of a
"tolerance" and that the system will also accept the scratch.

But for password entry systems the code is locked in our head. Unless a
technology is developed to read our brains, a high tech criminal cannot
get a hold of the password unless we tell them. I know of many ATM's
(Automated Teller Machines) in Europe that have remotely been fitted
with a device on the entry of the card reader, supported with a CCTV
system looking directly at the keypad. Once a user comes along and
enters his/her card the small card reading device picks up the card
number. Then it is backed by the CCTV system and wala... You have a new
credit card number that you can add to your database.

As a warning please check the region where you place your card. Make
sure that the entry is not covered by another device. Make sure that
the CCTV system does not see your keypad directly.

As long as you you keep your access codes in your head there is very
little chance that your code could be hacked. I've seen heaps of
Hollywood junk where look for the oil residue of finger prints on the
keypad. They are able to "compile" certain numbers or characters from
the pressed buttons. Remember to give a different password for each
user and change the code every now and then. This posibility would be
overcome this easily. We have an access control keypad on our front
door that only functions during office hours. If a high tech criminal
tries to look for residues on the keypad he/she would see that every
button has been pressed. Not forgetting that the system gives off an
alarm to CS if a wrong code has been entered more than 2 times.

To prevent high tech criminals from entering your premises you must
keep in mind that you cannot prevent an entry with electronic security
equipment. All security equipment is used just to warn staff on site.
If you wish to prevent unwanted entry you must setup physical
structures outside of the premises. Barbed wire fences, walls, proper
locks, etc.

I could go on for hours but the main point is to prevent (not just
warn) an unwanted guests before they even approach your fancy biometric
readers.

Good-luck.

A combination of the two technologies you mentioned would work better IMO.
Fingerprint reader coupled with a six digit access code. The touch-pad by
Hirsh where the numbers switch locations after every use so someone standing
behind/beside you can't observe the code is even better. I had one woman
complain that she had to look at her cell keypad every time she wanted to go
to the staff room so she could remember the number sequence to punch in.

 

[Okitoki]

Frank your totally correct... Mixing two technologies is always the
better.

But I wouldn't go around and mix a six digit access code system with
biometrics. Instead use a simpler system such as proximity. I know from
experience that the longer it takes for someone to access a region, the
more vulnerable the system is to be by-passed (like placing a fire
extinguisher in front of the door so it doesn't close!!). It would take
on average a 3-5 seconds for you to punch in the right code. it would
take another 5-10 seconds for using the biometric system. If we
consider the maximum times (generally this is true for more
non-technology lovers) it would take a good 15 secs to access a region.
What happens next. They go along and try to by-pass the system. Even if
the access controller has a buzzer, in the end they would go and cut
the buzzer out, damaging the unit and finally crashing the system just
because they used a scissor!!

Developing security solutions requires patience and good preperation.
You must always keep in mind that if the company has not used or is not
used to using high tech equipment, the system should be planned to be
expandible, but the initial integration should be very simple. If you
go around to get big bucks from an installation with lots of stuff that
won't be used... This is not good for reference. Because approximatly 2
- 3 weeks later when you go back to the site you will see that the
system is not working or is not being used.

Anyway as I said... I could go on like this for days... So I better
shut up...

Good luck all!

 

[Robert L Bass]

Perhaps Robert is more able than most believe he is .

I'd suggest you take a course in journalistic integrity if I
thought you could fill out the application without assistance
from the newsgroup.
--

Regards,
Robert L Bass

Bass Burglar Alarms
The Online DIY Store
http://www.BassBurglarAlarms.com

 

[Al Colombo]

Robert, I have no idea what you are talking about, but you are about
the only person on the planet who has ever called my journalistic
integrity into question. I think you misunderstood the intent of the
comment I made last September. It was not meant in a negative way. If
that's not it, then why would you say something like that in a public
forum?

Al

 

[Mr.Double-sided tape]

He's been a dick his whole life, Al. In 1999 when Bass started his
bullshit with me (Milford Alarm license fiasco) you suggested I ignore
it. In 1999 Bass considered you the greatest thing since sliced bread.
As the years passed, and as Bass' stories have been exposed as
bullshit, he has lashed out at everyone other than Campbell, and Rory.
Here we are 7 years later and the same shit is happening but with a new
target.
Now he's taking a shot not at your integrity, but at your assisting
veterans, and soon to be anything that may be hurtful to you.
The integrity part is par for the course because we've all been accused
of being underhanded, and incompetent. I'd swear the integrity slam is
a signature he has saved on his computer with a blank for the name.
Anything this leech has ever learned about you will now be used to fuel
his hate.
He's the sole reason people here don't OPENLY discuss their business,
post under their real names, or even shoot the shit about any business
contacts.
He's a cowardly child who spouts off from behind a keyboard yet would
be the first one to call the police if you broke a foot off in his ass.

While the group would be better if he left I personally hope he stays
here forever because his wacko posts are comical, but that's only
because I get to reply with vulgarity (my forte). Ah so I am selfish.
Take my advice........ pay the shitbag no mind. Just consider the
source.

BTW, email the link to your vet site please.

Thanks,

Tom Fowler

 

[Al Colombo]

I'm sure it's just a misunderstanding, Tom. I appreciate your concern.
How are you doing and what are you up to? Hope you are well.

Al

 

[Mark Leuck]

It'd be nice if you would quote Al

 

[Mr.Double-sided tape]

Other than being addicted to Ben & Jerry's Everything But the Ice Cream
(it's like candy coated crack), and being glued to the idiot box when
Most Haunted is on I am doing great Al thanks for asking.
I checked your website and I think it's great. If there's anything I
can do to help please let me know.
I'd post a link on my website but you'd have to walk me through it.
As for the misunderstanding, the only thing that happened is Basshole
realized he put his foot in his mouth bigtime so he's trying to
backtrack.
Hopefully he refrains from further flames involving you, and the
yeomanlike work you're doing.

Best of luck,

Tom

 

[Mr.Double-sided tape]

Geeeeeeez you're slow. It's the same old shit. Bass attacked Al's
integrity. Do you really need to see the quote or can you pretty much
figure it out for yourself being you've seen the same insults from Bass
involving about 7000 other people?
Where the hell is Doug L when I need him?

 

[Frank Olson]

Mr.Double-sided tape wrote:

He's a cowardly child who spouts off from behind a keyboard yet would
be the first one to call the police if you broke a foot off in his ass.

If it was my foot, I'd call the cops first. I'd want it back! On
second thought... Considering where it was "lodged", I think I'd settle
for a plastic one.

 

[Jim]

He's been a dick his whole life, Al. In 1999 when Bass started his
bullshit with me (Milford Alarm license fiasco) you suggested I ignore
it. In 1999 Bass considered you the greatest thing since sliced bread.
As the years passed, and as Bass' stories have been exposed as
bullshit, he has lashed out at everyone other than Campbell, and Rory.
Here we are 7 years later and the same shit is happening but with a new
target.
Now he's taking a shot not at your integrity, but at your assisting
veterans, and soon to be anything that may be hurtful to you.
The integrity part is par for the course because we've all been accused
of being underhanded, and incompetent. I'd swear the integrity slam is
a signature he has saved on his computer with a blank for the name.
Anything this leech has ever learned about you will now be used to fuel
his hate.
He's the sole reason people here don't OPENLY discuss their business,
post under their real names, or even shoot the shit about any business
contacts.
He's a cowardly child who spouts off from behind a keyboard yet would
be the first one to call the police if you broke a foot off in his ass.

While the group would be better if he left I personally hope he stays
here forever because his wacko posts are comical, but that's only
because I get to reply with vulgarity (my forte). Ah so I am selfish.
Take my advice........ pay the shitbag no mind. Just consider the
source.

BTW, email the link to your vet site please.

Thanks,

Tom Fowler

I doubt very much he would call the police.

With an ass that size, he wouldn't even know you were hopping behind
him on one leg. You'd have to send him an emergency telegram to let him
know your foot was stuck, before the next dump.

OHHHHHH the humanity!!!!!!!!!!!!