Newark Nottinghamshire Vacation of Dreams

Author: David Morrisonbr
Source: ezinearticles.combr
br
Security is only ever as strong as its weakest link, and the majority of the time, an organisations users become the weakest point. No matter how much money is invested in security, installing firewalls, intrusion prevention systems, complex remote access systems, security guards, physical access passes or a myriad of other solutions that combine to form strong layered security, if users are not educated in the basic principles of security, it is all pointless.

One of the greatest risks to an organisation is the possibility that one of its users could be manipulated or deceived into performing some action or disclosing confidential information to someone outside the business. Information Security terminology defines this manipulation as social engineering. While the term social engineering is a fairly new term, this type of attack is as old as the human race itself. Two of the most famous social engineering attacks are those of the story of the wooden horse of Troy from Homers The Odyssey, and dating even further back to the start of the Bible with Adam and Eve and the Devils manipulation of Eve to persuade her to take a bite from the apple in the Garden of Eden.

In the story of the wooden horse of Troy, after the Greeks had failed to overthrow Troy, they built a giant wooden horse which they left outside the city. Leaving one soldier behind, the Greeks left the outskirts of Troy to return home. When captured, the soldier told the people of Troy the Greeks had left the wooden horse as an offering to the Gods to ensure safe travel. He also disclosed they had created the horse too large for it to be moved within Troy as bad luck would befall the Greeks if this came to pass. Little did the people of Troy know that hidden inside the horse were a number of Greek soldiers. Of course the people of Troy could not resist moving the horse inside the gates to inflict ill-luck on the Greeks. In this text book example of social engineering, the soldier had manipulated the people of Troy into performing the action of moving the horse, with the Greeks inside, inside the city walls, something the Greeks had not been able to do themselves. That night the Greeks slipped out of the horse, killed the guards and opened the city gates to allow the rest of the Greek army in to defeat Troy.

While not IT related, the story of Troy is a perfect example of strong security defeated via the weakest link, something people do not necessarily even see as security related. Troy had withstood the attacks of the Greeks for over a decade. They had guards and soldiers, strong impenetrable walls and food to sustain them for countless years. It was only via the weakest link in their security model, their residents, that the Greeks were able to succeed.

In the present day, IT and physical related social engineering attacks are aimed at users in an attempt to reach a number of specific outcomes. The most common objectives are:

• Gaining access to restricted data;
• Gaining access to restricted areas;
• Monetary gain and profit; and
• Identity theft

The first two in the list, gaining access to restricted data and areas, are most commonly aimed at gaining unauthorised access to an organisation. Identity theft is generally aimed at individuals, whereas monetary gain targets both areas. While initiation and execution of these attacks follow different methods and paths, they all follow the same principle: manipulate the user without them knowing.

While an organisation may have implemented strong layered security, in a lot of environments, all that is required to access the network from anywhere in the world is knowing how to connect to the organisations remote access system, along with a valid username and password. In the past, this required the phone number of the organisations remote access modem, but with the common place use of sophisticated Virtual Private Network (VPN) devices in most organisations, all that is required is an IP address or a URL. There are countless methods for acquiring organisational information such as modem numbers, VPN access information or usernames and possible passwords. Wardialing, the act of dialing consecutive numbers in an area looking for modems, was common place when modems were the chief method of remote access. Trashing is the act of going through an individuals or organisations trash looking for information such as account details for users and sometimes finding corresponding passwords. Google hacking is the act of using the Google search engine to extract as much usable information about a user or organisation as possible. And finally, the organisations Help Desk. If an attacker has the names of legitimate users within the organisation, including other information that may help to establish credibility, it is not difficult to impersonate a user and request an action such as a password reset or request information such as the VPN access details or modem number. A successful attack such as this would enable an attacker to access the organisations network from anywhere in the world. Depending on the access rights of the user they are impersonating, this could lead to vast compromises of critical systems.

Access to IT systems and the data contained within these system is not the only goal of social engineers. Most medium to large organisations have now implemented some form of physical access token to allow access to buildings, offices and restricted areas. These come in various forms, be they magnetic swipe cards, HID, RFID or just simple identification badges validated by other users or security guards. Social engineers have dozens of methods for bypassing these systems without the need to even touch the technology. By targeting the users of these systems, there is no need. Social engineering is a low tech solution for a high tech problem. All that is required is that the attacker fits in to the environment, that he or she looks like she belongs in the organisation or is there performing a valid task. Tailgating, the act of following close behind an individual, is a common method to bypass physical access controls. This method allows the attacker to follow another person through a restricted door after they have provided the required authentication. Impersonation, the act of pretending to be someone else, is extremely effective. How often have you seen tradesmen, cleaners or other individuals within your organisation? How often have you actually looked at their pass or asked to verify who they are? Have you ever held a door open for them while they wheeled in their trolley, tools or carried a cumbersome box? These are all common methods of the skilled social engineer.

Organisations are not the only prey of the social engineer. The vast amounts of SPAM and Phishing attacks everyone receives in their email is just another form of social engineering. Phishing attacks, the act of attempting to gain sensitive information by masquerading as a trusted individual, is a perfect example. The only differences between the attacks described above and Phishing are the targets and the methods. Phishing tends to aim at individuals on a personal level, rather than aimed at an individual in an attempt to compromise an organisation. Also, while the above methods are manual attacks, Phishing is generally automated and aimed at hundreds, thousands or even millions of users. This method provides the attacker with a much higher success rate and correspondingly, considerably more profit.

The only defence against social engineering is education. Organisations should implement a security awareness program that becomes a requirement when new staff begin, including annual refresher courses for established staff. Security awareness is an integral part of an organisations overall security implementation, and as such, is a mandatory requirement in the Payment Card Industry Data Security Standards (PCI:DSS), section 12.6. Security awareness and training is also specified in section 5.2.2 of the ISO 27001 security standards. While security awareness training should include such areas as password policies and acceptable use, the following areas specific to social engineering should be discussed:

1. Always wear identification badges.

Identification badges should be worn and visible at all times by all staff, contractors and visitors. These should be easily identifiable and to all staff. Visitor IDs should be returned at the end of their visit and disposed of properly.

2. Question unknown people

If staff see someone within their area that they do not recognise, or someone trying to tailgate, question them. Ask to see their ID or who they are visiting and escort them to that staff member.

3. Remove or turn around identification badges when outside the office

Staff who wear identification in full view when outside the office are providing more than enough information for an attacker to start a social engineering attack. While some passes only display a photo, most have valuable information to a social engineer. Common information displayed on corporate ID passes include their full name, company and even the department the user belongs to within that company. When leaving the premises, remove the badge and place it in your pocket or handbag, or at the very least, turn the badge around so no information is visible.

4. Never write down passwords

Passwords should never be written down, period. Choose passwords that can be easily remembered without the need to write it down. Users commonly write down passwords and stick them to monitors, under keyboards, on their cubicle walls or place them in their desk drawer. A social engineer, contractor, visitor, cleaner or even other staff can easily see these when walking by a desk or by taking a few seconds to look for them. Paper, especially post-it notes that easily stick to other items, are commonly thrown out in the trash accidentally. This allows easy access for social engineers performing trashing attacks.

5. Help Desk staff should always validate users fully before disclosing any information

When talking to users on the telephone, any request to disclose or modify information should require Help Desk to fully validate the user on the other end. Validation questions should always include some form of non-wallet question. A non-wallet question is something about a user that cannot be discovered from reading the contents of their wallet. If questions like, DOB, address or drivers license number are used, a social engineer that has stolen a wallet or been through a users trash will have easily obtained this information. Non-wallet questions should be something that the user knows and is not easily found out via trashing, Googling or simple social engineering of the user to obtain the information.

6. Shred all documents

All documents with any form of sensitive information should be shredded or placed in secure disposal bins that are shredded by a trusted third-party company. No documents with any confidential data should ever be thrown in the trash or recycling bins.

7. Do not open email attachments or visit URLs from unknown people or from suspicious looking emails.

Users should be educated in basic phishing attacks and how they can identify a phishing attack versus a real email from a valid source.

A few examples include:

• Banks and other financial institutions will never send emails asking for your credentials or to log in to your account by using a link in the email.
• If a suspicious looking email is sent requesting you to visit a URL to a company you know, do not click on the link. Instead, open your web browser and manually type the known URL for the company and visit the site that way.
• Never open an attachment sent by someone you do not know.
• Be wary of executable type attachments, for example, .exe, .com, .scr, sent by friends unless you are expecting this type of document. They may not realise that they are sending you a malicious file.

If a security awareness program is developed and implemented, the chances of successful social engineering attacks become far less likely. If an organisations users are no longer the weakest link, attacks against the company become a lot harder. Not only does security awareness help protect an organisation, it also helps defend users in their personal lives. Understanding common attacks and how to recognise and defend against them will help users protect themselves against attacks such as phishing, aimed at stealing their bank account or other personal details.

br
br
pDavid Morrison is a security consultant with Sense of Security. Sense of Security is the premier provider of a target=_new href=http://www.senseofsecurity.com rel=nofollowIT Security and Risk Management Solutions/a in Australia, and is the trusted provider to many of Australias leading organisations./pbr
br

Author: George Dennisbr
Source: downloadbr
br
Companies willingly or unknowingly give away 10 times more confidential information than could ever be hacked from a network or stolen from a file cabinet. Employees, from golfing CEOs to helpful admins, cost their companies millions in lost business and fizzled strategies every day because trained business intelligence collectors and analysts take the bits gathered not only from employees, but suppliers, regulators, customers, the media, and even total strangers, and assemble them into accurate hypotheses about a companys future actions. Then they can decide how neutralize each possible initiative.
Fortunately, the most practical and cost effective solutions to curb leakage of confidential information is essentially free, simply by implementing an awareness raising campaign and some information protection policies. No new hardware, software or headcount. Being proactive about safeguarding your sensitive information and understanding how competitive intelligence specialists operate, can save your company a ton of money and grief. Here are 10 vulnerabilities and solutions to get you started.
Know what your secrets really are. This is absolutely Number One. Most companies dont know what information they can or should protect, or for how long. Even senior officers at most firms wont often agree on what their companys secrets are. As a result, employees at all levels make their own decisions on the fly about what information they can share with acquaintances, at the trade show or on the Net. This makes a company vulnerable to an intelligence attack by rivals who interview as many of their targets employees as possible to get the whole story.
Sensitive information is not limited to formulas and customer lists. The formula for Coca-Cola is one of the most closely guarded trade secrets, yet who would buy Freds Cola? But travel itineraries, for example, are almost bragged about. The extraction an exploitation works something like this: While waiting behind The Lunch Companys sales person in the registration line at a trade show, The Shark Companys intelligence collector simply starts complaining about business travel and his hectic schedule after the show. This elicits a macho one-upsmanship of Lunchs post-show itinerary. That evening Sharks collector sends a Flash-Urgent email warning his field staff in those cities of Lunchs planned visit. Theres plenty of time for the Shark team to give their customers fresh objections to the Lunchs product. Two weeks later, Lunchs sales person has no recollection of the conversation, but also cant figure out why all his customers got so difficult.
Solution: Management has to determine exactly what the companys secrets are, and to safeguard them by insuring every employee is either aware the information is confidential, or has no knowledge of it. Guidelines and training sessions sensitize employees to all the opportunities there are for leaking information.
Compartment information. This means implementing a need to know policy for your companys future plans and major projects. An engineering team member at Gillette was prosecuted a few years ago for delivering the complete plans for the Mach III razor to American Home Products prior to the razors launch. American Home didnt bite on the offer and cooperated with Gillette on a sting operation. A nice piece of corporate responsibility, but why did an engineer have access to marketing plans in the first place?
Solution: Compartmenting information can be difficult to implement in todays open door and open cubicle workplace, and remote workers make the situation worse. Nevertheless, employees can be made to understand that need-to-know has nothing to do being trustworthy and everything to do with limiting the number of people possessing the companys complete plan. The fewer targets, the less likely one will be found and possibly exploited by a rivals intelligence workers.
Track requests for information. Competition drives companies to be generous with information without much regard as to who is asking for it. As a result sensitive information may be too easily released. Few companies catalog information requests beyond calling them sales leads and passing them along.
For example, once a high tech software company began tracking domain names of website visitors they learned the domains of the top seven most frequent visitors were all owned by one of their largest competitors. Yet they anonymously visited the web site up to 400 times in the 24 hours after every new press release looking for the slightest snippet of useful information.
Solution: Analyzing inquiries for information, including print, electronic and interpersonal, reveals patterns that signal which competitor watches your every move, and what subjects are of interest. Inquiry analysis also provides an early warning of new competitors sizing up your company. Having a central point for information requests and a hot line for the real strange ones sensitizes employees that the company is an information target. Done correctly, vigilance has no impact on the flow of information to genuine prospects.
See your Web site as the competition does. Is your Web content too revealing? A wireless company offered enough information through white papers on their site and a shopping cart for other documents sufficient for a competitor on the other side of the world to copy its latest technology. In another example, entering a wildcard with a spreadsheet extension, *.xls, in the Search window of a home page caused a number of sensitive spreadsheets with past performance and future marketing budgets to fall out.
Solution: Forming a red team of employees with customer and competitor experience to review new Website material is very worthwhile. Projecting how competitors might interpret the new content can be a real product saver at no additional cost and very little investment in time. And never distribute internal information through your Website no matter how protected you think it may be. It isnt.
Monitor blogs, chats and resume sites. No one can fault an employee for seeking greater opportunities by putting their resume on an employment site, or enhancing their professional reputation with discussions or publications on the internet. But a great deal can be learned from an over-detailed resume. Just the fact that lots of resumes from your company pop up on an employment sites can indicate employee insecurities within your company, attracting the interest of you rivals intelligence officer. Compulsive chattering by employees on blogs may or may not leak confidential information, but more importantly such activity flags your employee as a willing talker who can be steered by an intelligence interviewer to confidential subjects.
Solution: Again, a high awareness projected throughout the company that every employee is an information target, and that the companys success and their personal stock holdings can be seriously impacted with too much exposure.
Make employees feel genuinely valued. Hundreds of interviews with people convicted of leaking or selling government or commercial secrets reveal one motivation they all have in common. It was not money, revenge, or ideology that drove them to leak information, but feeling their work and loyalty was unappreciated.
Solution: Simple expressions of recognition make a powerful tool for reinforcing loyalty, and emphasizing the importance of adhering to information protection rules. After all, no one wants a company that values them to be hurt by competitors.
Follow the money, and then hide it. There are lots of leaks in your supply chain. A competitor doesnt have to know how many widgets you make if the company supplying items like the cardboard boxes or training CDs brags to a prospect about how much he sells to you.
Solution: Every link in your supply chain must agree that transactions with you are confidential and your company cannot be given as a reference. Other cloaking techniques can include patenting five things that dont work for every one that does; creating shell companies to buy land parcels or other large, divisible purchases; or using an intermediary to file public documents such as environmental forms on behalf of the true company.
Everyone signs the non-disclosure. Too often managers sign non-disclosure agreements with customers, contractors or vendors but few people below management level are aware of what the agreement covers or that it even exists. An employee who is unaware of an NDA or what it protects can reveal a great deal to a trained interviewer and it will be very difficult to prove either party guilty of wrongdoing. This is doubly problematic considering todays heavy use of outsourcing. Todays contractor could work for tomorrows competitor. An engineering firm once hired temporary engineers to complete a new product on time. The temp firm got their engineers from another firm owned by the archrival of the original client. The new product line was dead on the drawing board.
Solution: Joint ventures should be started with bulletproof non-disclosures, due diligence and security briefings for all the employees involved. A control function should recover shared documents, disks, software, presentations, samples, or prototypes at the conclusion of the project. Again, not much investment in cash, just some changes in culture.
Over reliance on technology. Wireless networks at coffee shops are not the place to do business regardless of what type of encryption or password protection your files have. Wireless hot spots are designed to be as open and simple as possible, and there are plenty of tools available to sniff out your login. Actually wireless anything is risky. Perhaps you have booked a major sales meeting at an offsite location with all the multimedia bells and whistles. Unbeknownst to you, a competitor is sitting in her room at the hotel, sipping coffee in her bunny slippers, listening to your entire conference because the presenters at the closed meeting are using wireless microphones. Signal can carry 100 to 300 yards. Illegal? Absolutely. Done every day? Absolutely.
Solution: Again, awareness. The decision to use anything wireless needs to be balanced for convenience, leakage potential, and the value of information being sent over the connection. Also, keep camera phones and keychain hard drives out of sensitive areas. And unless you encrypt them, smart access cards and RFID chips are a really dumb idea. They can be downloaded with equipment available on Ebay, and a simple brush by in a crowd. You want the world at your doorstep but not in your laboratory.
Innocence. Everyone wants to believe the world is a nice place. And like most nice places the world has bad neighborhoods. Territory and ideology were long ago replaced by market share as the top interest of nation-states. A country that cant compete for markets has little influence on the world stage, and a country that cant support a healthy population with food, and infrastructure is very vulnerable to internal strife. Since the end of the Cold War thousands of government trained intelligence officers switched their focus from political success to the economic success of their countries. If your products involve high tech, construction, health care, natural resources, biotech, utilities of all kinds or food production, to name a few, they are national interests. You are on their radar.
Solution: Getting tired of hearing this? Awareness. There is a whole set of precautions that should be taken by business people traveling abroad where local companies often work hand in glove with their state intelligence services for the national good. From pulling hard drives out of your laptop left in a hotel, to being just a little skeptical of new best friends, at the fancy embassy cocktail party, the biggest information leaks start and stop with people, not hardware or software.
This is material is extracted from the training programs of George Dennis Associates, a competitive intelligence training, consulting and services firm. Our work focus on training, intelligence organization development, trade show intelligence, Win/Loss Reviews, Psychological and management style profiling of opposition or customer executives and full competitor analyses. Please visit us at http://www.geodennisassociates.com for more information.br
br
br
br

Author: Lance Winslowbr
Source: articleage.combr
br
The TSA seems to have completely missed the ball at our airports. This is not to say that the Federal Government is completely and utterly incompetent, for that is a whole other debate possibly spanning a thousand agencies? It is also not an immediate call for privatization, as we have already seen the abuses in private police forces and prisons. Local Police Forces have consistently violated our right to free travel under the auspice of homeland security. Some conspiracy theorists claim the clauses in the Patriot Act II are merely a foreshadowing of events to come. These conspiracy theorists go as far as to say that current or near future leadership will use the next large terrorist act to declare Marshall Law and remove the remainder of our rights after they themselves cause the act. Of course such scenarios are more science fiction fantasy than any actual current trend, which are above and beyond the stories of Orson Wells. Yet as we stroll thru our nations airports waiting to board our aircraft one could wonder by the treatment a world where such activities were the norm everywhere you went.
Critics of the thinkers in leadership in Homeland Security say that at first sight it looks like a well-controlled security force to protect us from terrorism, however it does not solve the real issues. These critics sight for instance in the 911 event, the well planned attack the hijackers had studied the system and flown those same airlines, destinations, aircraft and been thru those same terminals testing and observing the system many times. Over and over again as if in the movie Ground Hog Day. Todays security at our airports cannot prevent that type of attack. Because any team wishing to exploit the system could easily do so, by simply watching for holes and understanding the security systems monitoring their actions. The more they go thru the various terminals targeted to be used they would become routine and comfortable, even relaxed to the point that their body language, displacement and demeanor would be virtually undetectable. It would be a bogus notion to believe that all this security is going to prevent another type of attack. It is a complete falsehood to put faith in the current system, which has been put in place. When you fly do you feel safer with all the security or do you feel intimidated and nervous that there must be a real threat or risk for this much control? Hmmm?
At best the new airport security systems are making some feel safer. However the system hastily put in place originally after the 911 event did nothing but destroy the airline and travel industry. Now that airline travel is back up to the same numbers as pre-911, the security is impeding citizens in their right to travel. The airport security harasses, hassles and belittles customers and travelers. While allowing thousands of trips per day of Muslim taxicab, shuttle and bus drivers to enter the airport terminals, many of these folks are resentful and hateful of Christians and America in general. They come from countries such as Syria, Iran, Egypt, Sri Lanka, Indonesia, Malaysia, Iraq, Pakistan. Many of them, and yes, I have witnessed this on many occasions, sit in coffee shops and complain about America while badmouthing our 90% Christian society, labeling us as hypocrites. One I listened too, complained about Christians coming into Las Vegas area and then asking to be driven to a local strip club in his taxicab. He said they were hypocrites, yet would not take responsibility for getting paid and making a living driving them there, further stating they tip good. As hundreds of taxicab drivers line up in the staging areas prior to go into the terminals, often near the departure ends of the runways, shouldnt we be concerned? In doing this they are able to study the vantage points and places where shoulder launched surface to air missiles could be launched. They also have complete knowledge of airport procedures and talk with airport security and behind fence personal. They eat at the same Dennys Restaurants as mechanics, baggage handlers, refuelers, ground personal and food vendors. It takes a lot to run an airport and airports must hire as many able bodied people as they can to complete these tasks. Unfortunately any future attack will be carried out and assisted by those on the inside.
I know former Wal-Mart Security guards who now work at the TSA. At our airports we harass elderly in wheelchairs. I remember one lady who had a Jewish star around her neck and was in a wheel chair being completely searched? Gee Whiz, isnt that who we are suppose to be watching over? Do you believe that the PCness of all this is a little bit hypocritical seeing as we are now watching our freedoms circumvented and fed a hook, line and sinker story of Fear in the form mass media hysteria, intimidating laws and freedom reductions? Hmmm?
Every time we jump to conclusion without thinking of the ramifications we assist the International Terrorists by destroying our freedoms or another industry costing us our hard fought liberty and hundreds of thousands of jobs. A positive job report now, makes little difference considering the hardships we caused American Families, our team, in the last many years. That damage has already been done. Airlines are back up to speed and the travel industry is now recovered, but the negative travel industry sector rotation was caused by our team, not some wannabe cave dweller residing underground in Afghanistan; that is just silly, we need to wake up. I am hearing on the street that there are actually people who believe that Bin Laden Jr. is working for us right now, actually on the payroll, keeping the fear factor going? Obviously such conspiracy theorist see some sort of trend here even if that notion is probably about the most far fetched thing one could imagine. Never the less those who watch freedom closely are not buying into any of this reasoning for curtailing of personal constitutional rights. In doing so they are constantly citing the quote: He who is willing to give up Liberty for temporary Security, deserves neither security nor liberty.
Even though many of these conspiracy theorists cannot even name the historical author of that quote, they are quick to point out the fact. Have you thought about that quote recently or read it somewhere? Perhaps watched it said on TV or read it in the Washington Post, NY Times or some academia report lately?
We have set up massive security systems at our airports, but are we really any safer than before 911. The answer is probably a little, some say a lot, but all would agree we are hardly protected from another International Attack. In our country we have the right to travel, which is guaranteed in the Constitution. If we are not going to respect that set of principles and that great plan, why dont we just rip it up now? In essence we have allowed ourselves to supercede our own Constitution based on fear from International Terrorists who live in caves and continue to willingly give up more of our rights? Hmmm?
You could have all the security you want but a team which plans well in advance with no information leak will have already infiltrated your airport workforce and/or security and thus your safety net to protect travelers is to no avail. We know no greater power in our current realm than an ideal, when that ideal is bound by a religious ideal even more so. Our foes in this case have that advantage and they are using it quite well.
So why all the airport security, is it to prevent an attack or is it really for the government security forces who are losing face, so they keep control and attempt to show they are doing something? Well, are they? And before you answer that; the 9-11 report showed a me that what is going on now is a Public Relations campaign, albeit a bad one. Anytime you disrespect good Americans and use some BS excuse we are doing this for your safety, they will see thru it. Having been to every city in this nation over 10,000 people and had conversations with 1,000s of Americans, I can tell you, we are not fooling anyone, people and some might debate this just are not as stupid as you think. From the time you enter an airport facility you are confronted with rude, obnoxious and power trip law enforcement; professionals who are told and actually believe that they are protecting us from terrorists. Actually without realizing it or not and giving them the benefit of the no higher than 104 IQ, they more resemble those International Terrorists who attacked us than the nearly one million passengers who travel each day at our largest international airports. Where as some may say they are impressed with the security and that there have been no attacks on our country thanks to security, I would say; What about all those millions of Americans who lost their jobs after 9-11 due to our political correctness in tightening up perceived risks in our homeland and destroying the flows of our civilization? Yes, indeed, what about those innocent people with 2.2 kids, white picket fence perusing their American Dreams? Can you deny this statement?
Has the Airport Security efforts of the TSA really prevented any International Terrorist attacks? Richard Reed the shoe bomber was stopped by citizens, he boarded the aircraft without scrutiny of authorities. For all we know there are security authorities who are doubling as members of sleeper cells. As a matter of fact as you study the history of Spies and infiltrators this is not only a tactic, it is a recommendation. So then, we do have security personal in our TSA who are really international terrorists, with perfect records just like the 18 hijackers of 9-11 with not even a traffic ticket amongst them. Think about it.
Are we actually preventing the next attack by airliner or preparing our populations to live like prisoners with the illusion that they are somehow free? Is this the best America can do? Are you satisfied with what you see? Do you feel safe? Do you care? Are you finding yourself having conspiracy theory thoughts? Are you feeling more stressed these days due to the mass media hysteria? Are you willing to stand up and talk about this or are you afraid to rock the boat? Do you rely on your government to save you from the International Terrorist Threat? Do you believe a threat really exists at all?
Here is one for you conspiracy theorists out there, are you finding no one is listening anymore to your critical warnings? Are you feeding into the mass media hysteria on the TV and actually causing more chaos and controversy to an already problematic situation? Do you conspiracy theorists wonder why no one is listening to you and why you are being targeted as anti-establishment?
Lance Winslow – Online Think Tank forum board. If you have innovative thoughts and unique perspectives, come think with Lance; www.WorldThinkTank.net/wttbbs/br
br
br
br

Author: Nikki Sacobr
Source: downloadbr
br
Encrypt, secure, prohibit or pay the price!

Thats what Congress and state legislators should tell Ernst Young, Veterans Affairs and other companies and agencies that play fast and loose with our personal data.

In the last several days, major news networks and countless online news sources reported two more incidents of lost or stolen laptops containing personal data of millions of individuals. The first theft involved a laptop stolen from a Veterans Affairs employee. Follow-up reports on that theft go from bad to worse, indicating 2.2 million active-duty personnel are now at risk for identity theft. The lost data in this case includes Social Security numbers.

The second incident involved a laptop stolen from an Ernst Young employee. That laptop contained the personal data, including credit card information, of approximately 243,000 customers of Hotels.Com who had booked rooms between 2002 and 2004. In a way, this second incident is more egregious because losing laptops is reportedly commonplace for Ernst Young.
Nokia staff jacked by Ernst Young laptop loss (30 March 2006)
40,000 BP workers exposed in Ernst Young laptop loss (23 March 2006)
Lost Ernst Young laptop exposes IBM staff (15 March 2006)
Readers amazed by Ernst Youngs laptop giveaway (4 March 2006)
Ernst Young loses four more laptops (26 February 2006)
Ernst Young fails to disclose high-profile data loss (25 February 2006)
According to The Register, a British technology news site, password protection was the only security available on some of the laptops lost by Ernst Young during a prior incident, which any avid computer user knows can be easily compromised. What about the laptops more recently lost by Ernst Young employees? Was the data contained in those laptops encrypted? Are there any company policies limiting the extent of personal data that may leave the office where presumably network security standards and firewall protection are in place? Are there any company rules prohibiting employees from leaving laptops unattended (though you would think common sense would be enough)? Or better still, are there rules prohibiting the transfer of personal data to employee laptops? I expect there arent. If any such measures were in place, Ernst Youngs public relations people would have plastered that all over the media to reassure clients and the public in an attempt to save the firms corporate derriere.

Ernst Young and the VA are not the only entities that have lost laptops with personal data, and most of these entities have developed a typical response straight from the Corporate Playbook. Ernst Young has agreed to offer Hotel.Com customers a years free credit monitoring. Thats no compensation for someone who will have to spend potentially years clearing up a resulting bad credit history. Anyone whos been in the tenuous position of having to prove they do not owe a debt they do not owe will tell you that. If Ernst Young created a task force to help consumers clear identity theft issues, then maybe that could be considered compensatory. If they offered to pay legal fees for anyone having to clear resulting bad credit histories, or pay state fines for prosecution of identity thieves, that might be considered compensatory. If they committed to and implemented a program to encrypt and secure the data and, in particular, prohibited downloading of personal data to portable computers in the first place, that would be considered the best move of all.

Employees of the auditing companies dont seem to care what happens to your personal data. The Register reported that, in one case, employees left laptops in an unattended conference room while they went off to lunch. You can just see how that might happen. Theyre in Miami at yet another conference. The conference is at a downtown hotel theyve been to a couple times. Theyre familiar with the hotel and the area so already they feel some sense of false security. Someones been talking for hours about converting more sales, pushing certain investments, or their companys new data recovery center that will help clients feel more secure. Anyway, the speaker stops to take a breath and everyone realizes its a good time to break for lunch. Theyre coming back to the room so, hey, why lug around those heavy laptops? Arent they coming back to the room for the second half of the conference? Do they even ask if the conference room will be locked during lunch? Of course not. Theyre company laptops. Whats a few lost laptops to a big corporation like Ernst Young.

Maybe these irresponsible employees need a little incentive to show better judgment. Suspending reality for just a moment, wouldnt it be interesting if, any time one of these employees acted that irresponsibly, his or her Social Security number were posted on StupidIrresponsibleJerks.Com? That way they could sweat it out with the rest of us who have personal data floating out there and possibly in the wrong hands. While were at it, lets also expose the personal data of policymakers at these auditing companies who are too shortsighted to better secure your data and the companys reputation. Let them sweat it out too. At a minimum, how about if these employees immediately lost their jobs, were required to be individually named in negligence lawsuits filed by victims of identity theft, or at a minimum SIMPLY HAD TO PAY FOR THE LOST LAPTOPS? I bet wed see a decrease in stolen laptops then. Seriously people, some of these employees were so careless you can almost imagine them extending their arms and presenting the laptop to Joe Thief. Here, take it. Id give you my Windows password too, but you wont need it. I didnt bother to log off before going to lunch – check out my Paris Hilton screen saver.

Most of these companies who have lost laptops with sensitive data try to pacify the public by saying the thieves are just after the hardware. Sure. Thats like telling a home burglary victim the burglar just wants your jewelry box. Hes not really interested in the $50,000 tear-drop diamond earrings you had inside. Bull. When a thief steals, every part of the stolen item has value. Everything. Even a computer illiterate thief knows there will be programs on a laptop and, if he knows whats loaded, he can better evaluate the asking price when he fences it.

Ernst Youngs web site praises the companys network security measures in their section titled Security and Technology Solutions. These measures may well be admirable. However, too often individuals, companies, and the public in general are so focused on stuff going over the Internet that they forget about stuff sitting in hard drives. A truly secure network focuses on data stream (information being transferred) and on data storage (information waiting to be used). In my dreams, my personal data is properly stored in a secure location, in a building with armed guards, vicious dogs, and an unfriendly receptionist. Well, I can hope. I can also hope that some of that data might also be encrypted. I realize my personal data with one institution may be stored in more than one location; for example, Building A (their main offices) and Building B (a branch office or, better still, a data recovery center). But, not in my wildest imagining would I expect that any business storing my personal data would allow it to be downloaded and stored on a laptop that an employee can take home where he does his online shopping. I know I also dont expect that the laptop with my personal data is being left unattended in a hotel conference room, a bar counter or someones car. I dont care how many financial or online banking agreements I sign. Im never consenting to anyone downloading my personal information to a laptop. No one consents to the mishandling of their personal data.

I have yet to read any banking or credit agreement that expressly states the information will be downloaded to a laptop or in any way made available to anyone outside the secured network of the financial institution. There is a vague all-encompassing comment about information sharing, but the appearance given by these institutions is that the information will be handled and shared in a secure method over an encrypted Internet connection. Everything they say about their security has to do with their firewalled and encrypted data streams. To me that means that anyone working from home and needing access to my personal data is doing that using one of the many encrypted remote access programs that are out there: for example, Windows Remote Desktop or GoToMyPC or some other Citrix product. These programs are by no means impenetrable, but they are simply a better option, utterly available and far more secure. Thats just not the case with data downloaded to laptops without encryption or adequate password protected (though passwords are simply not enough). Over the years, I have used a number of remote access programs to log into my office and work on client files. Ive even used a laptop to work downstairs on files stored on my main computer in an upstairs bedroom. The remote desktop creates a window that shows me the programs and data files on the main workstation or network server that is hosting my connection and contains what I need to see. I am NEVER required to download any data to the laptop to work remotely on it. Thats the whole point of the remote access software.

By compelling employees to log in, do the work and immediately exit the remote access program, Ernst Young, the VA and any other entity that stores personal data minimizes the window of opportunity for your personal data to fall into the wrong hands while remaining behind an encrypted and presumably firewalled connection during the entire time that your personal data may need to be accessed. During remote access sessions, the company retains control of your information and there is oversight of the employees use of your information. Best of all, if your personal data is not needed during that particular remote access session, it never even becomes part of the encrypted data stream traveling over the Internet. This would expose even fewer people from the threat of identity theft. Think about it. Can any Ernst Young employee work on the data of 243,000 Hotel.Com customers during one remote access session? Can one VA employee work on the accounts of 2.2 million active-duty personnel during one online remote access session? And yet, both these individuals collectively had the personal data of nearly 2.5 million people stored on their laptops and immediately available to anyone using their laptops. Why?

There ought to be a law, right? Oh, absolutely. Congress should immediately implement its own measures, including possibly levying fines against any entity that acts irresponsibly with your personal data, and should impose broader guidelines regarding access to your personal data. In 1996 Congress enacted the Health Insurance Portability and Accountability Act (HIPAA) regulating the use of and access to personal health information and related identifying personal data, like medical record numbers and Social Security numbers contained in patient medical records. Though HIPAA caused a lot of headaches in the medical and legal communities, it validated concerns over privacy. HIPAA was still a step in the right direction even if, like most legislation, it needs to evolve to better reflect the legislative intent. Similar, legislation needs to be considered with respect to the personal data maintained by businesses and financial institutions. A person shouldnt have to get sick to protect his or her personal data, though the apparent lack of security is sure to make you sick.

Although HIPAA addressed privacy concerns, the issue of protecting personal data isnt a question of privacy; its a question of security. Protecting personal data could easily fall within the purview of Homeland Security. Personal data needs to remain secure because the casual criminal is not the only one making use of it. Whether its to raise fear or awareness, consistently our government tells us about the manner in which terrorists make use of other peoples personal data to create phoney IDs, buy cell phones, or book plane tickets. Its not a leap of logic to suggest that protecting personal data thwarts terrorist activity. A bold politician might even say failure to do so is a breach of national security. But thats going a bit too far, dont you think? Certainly, though, its conceivable that personal data has the potential of falling into the hands of someone desiring more than just an overpriced pair of shoes, hair extensions or HDTV.

Other measures offer consumers far more protection than weve been seeing. There are currently legislative initiatives in certain states that would allow their residents to place a security freeze on their credit files prohibiting any new credit or loan application to go through without the consumers authorized PIN number. The freeze would allow consumers to lock their credit and temporarily unlock it when they know they will be applying for a loan or need to make some other type of major purchase. For more on security freezes, read the June 8, 2006, Home Watch article on WomensWebWatch.Com. A link to that site is provided in the authors bio below.

Ernst Young is not a small operation. It is a successful business with, I imagine, an exceptional track record and the ability to provide solid services or it would not be retained by so many reputable businesses. However, the best company can show poor judgment and in this case it has. To be fair, I surmise that, like all companies, Ernst Young has careless employees and most certainly careful ones. The company as a whole may be undeserving of the resulting bad reputation its getting. On the other hand, it has not shown its done enough to curb the loss of personal data. Frankly, even the most careful employee can be overwhelmed during a crime, or overly fatigued, and become dispossessed of his or her laptop. There is little compelling reason for those laptops to contain personal data. Every entity that handles personal data needs to implement a zero-download policy and issue essentially dumb terminals to their employees (laptops just for remote access).

Too many times, these institutions forego implementing some security measures because, they argue, no measure is 100% foolproof. They claim it would not be cost-effective for them to implement measures that can be breached. Well, every one of them has already implemented security measures which are not impenetrable. Most of these places already use encrypted Internet security connections for their data streams because failure to do so in this day and age is unthinkable, right? Ive even heard that some of these places lock their doors at night so someone cant walk in and steal the CEOs favorite coffee cup. Adopting a company policy prohibiting the download of personal data to laptops is as expensive as sending around a memo about the upcoming company picnic. There is no need to download the data. Workers can still remote access the encrypted data using adequate alphanumeric passwords through a secure Internet connection behind firewalls on both sides, on the host computer and remote desktop. No, its not 100% foolproof. Thats true. My front door can be broken down, but I still lock it at night. Allowing downloads of sensitive data to laptops is the same as leaving the front door wide open.br
br
br
br

Author: Anne-Marie Flemingbr
Source: articleage.combr
br
Protecting Critical Infrastructure through Biometrics

Biometric Security Identification Helps to Control Access to
Key Assets, Structures, Borders and Ports.

By: Ann-Marie Fleming January 2006

Biometrics, an authentication technology that measures unique
human characteristics as a way to confirm an individuals
identity, has been around for some time now; however since 9/11
this industry has received significant attention as a valuable
addition to homeland security solutions. Biometric technology
encompasses a range of identification measures such as
fingerprints, palm readers, facial recognition, and retina scans
as they work to minimize security risks in the protection of
critical infrastructure and the screening of access through
borders and ports.

Infrastructure Risk:

The main vulnerabilities of our critical infrastructures are
the widespread use of inadequate personal identification systems
and the pronounced absence of appropriate low-cost equipment for
the detection of dangerous substances, describes Dore Perler,
CEO of Sense Holdings Inc. (OTCBB: SEHO), a developer of
next-generation biometric and integrated explosive detection
technologies. While very cost-effective metal detectors
currently exist, there are no equivalent cost-effective
technologies for the detection of explosives, chemical or
biological agents. Sense believes that biometric systems
presently offer the most robust solution to personal
identification uncertainties and Micro Electro-Mechanical
Sensors (MEMS) will to do the same for the detection of
dangerous substances, explains Perler.

Restricting control rooms, protecting critical supplies of
sensitive information and vulnerable personnel creates a need
for the deployment of not only effective access technology, but
also systems that can operate in a non-obtrusive manner to
become a part of daily activity. Genex Technologies, a
subsidiary of Technest Holdings (OTCBB: TCNH), a provider of
advanced remote sensor systems, chemical detectors, intelligent
surveillance and advanced 3D imaging technology solutions, sees
an advantage to the development of biometric systems such as
facial recognition that do not require an active effort on the
part of the entrant as is the case with fingerprint systems,
iris scanners, and palm readers. Robert Tarini, Chairman and CEO
of Technest Holdings explains, The face is a much more public
identifier, and there is already a wide precedent for its use on
drivers licenses, passports, and other media. The challenge for
main stream adaptation of the technology to occur is for the
statistical accuracy of facial recognition to improve to the
point where it is 95%-97% accurate; presently the technology is
less than 90% accurate in many applications.

Border and Port Security: Securing critical infrastructure is a
by-product of effective border and port screening measures, a
key area within homeland security that is heavily aided by
biometrics. Through securing our nations access points by more
effectively screening entrants, potential risks to valuable
assets and infrastructure within the country are more protected.
Brian Ruttenbur, Equity Analyst, Morgan Keegan Co. Inc.
describes, The type of biometrics getting the biggest boost at
his time is fingerprint identification. We are seeing that
finger is the standard; however we anticipate the most
percentage growth over the next year to surround facial
recognition technology, because facial biometrics is the ICAO
Standard that will be used on every travel document. Finger has
received the initial boost, and face over time will grow faster
percentage wise as we are dealing with a smaller base.

Motorolas (NYSE: MOT) Robert L. Horton, Director Strategic
Product Marketing, Biometrics Business Unit explains, Homeland
security, including securing the nations borders, is a critical
issue. Many countries have entry-exit policies and procedures
that make it easy for individuals posing a national security
threat to enter and leave the country undetected. Today,
democratic nations are faced with a radically new strategic
challenge: how to identify, out of the many millions of foreign
nationals who seek entry each year, those few who may be threats
to our national security? The key word is identify. We cannot
stop the terrorists unless we know who they are – and can
identify them in time to get the right information to the right
people. Balancing these conflicting goals of economics and
security demands a screening process that nets the bad guys
while letting legitimate visitors through with minimal delay and
inconvenience. This is where biometric technology comes in.

Most border security processes identify travelers by what they
have (travel documents such as passports and visas) and what
they know (asking travelers questions). The travel document also
establishes a travelers eligibility to enter the country.
Biometrics on the other hand, focuses more on who the person is
- characteristics that can more securely bind a persons
identity to a travel document. Such documents are more reliable,
cannot be forgotten and are less easily lost, stolen or
guessed, concludes Horton.

The focus on biometric authentication by the Department of
Homeland Security has led to continued growth in this arena.
The United States Government continues to push the use of
biometrics for border and port security, and this has been a
very good thing for the biometrics industry, states Ruttenbur.
As described by Robert Tarini, one of Homeland Securitys key
challenges entails accurate facial recognition for the
monitoring of critical watchlists. With thousands of people
walking through critical borders, ports and main transportation
hubs, to date there has not been a successful facial recognition
solution to check for face matches against known terrorists due
to problems associated with the comparison of surveillance
photos to watchlist databases using traditional 2D systems.
Complicating this process is the fact that most public areas
have diverse lighting conditions and difficult camera angles.
Genexs SureMatch 3D Suite for WatchList is a solution created
to address the critical public need for security in open areas
working to convert watchlist databases from limited 2D photos
into dynamic 3D face models, states Tarini.

Addressing Vulnerabilities:

Sense is utilizing biometrics to address the need for accurate
personal identification systems and integrated detection devices
for harmful substances. We are currently marketing eight
different well-developed and mature biometric identification
solutions geared to specific market needs. We are also working
with Oak Ridge National Laboratory, a part of the US Department
of Energy, in the final development of our proprietary MEMS
handheld explosives detector. Our MEMS technology offers
unprecedented sensitivity at very low cost and is fully
protected by 11 US Patents. We are planning to have a handheld
demonstrator unit completed by the first quarter of 2006.

Identix Inc. (NASDAQ: IDNX), a multi-biometric technology
company, maintains a broad range of offerings and services that
play into homeland security. The most well-known according to
Frances Zelazny, Director of Marketing, is in the live scan
space used to conduct background checks to basically establish a
trackable identity before you are letting them into your
facility. Identix has technology that is used to develop other
systems and applications for physical and large scale access
control. We also enable biometric id cards and facial
recognition systems that can be used to screen visitors against
any watchlists of people previously barred from access, states
Zelazny.

Motorola offers a wide product line of biometric technologies,
such as Automated Fingerprint Identification System (AFIS),
LiveScan, multi-modal biometric enrollment and matching to
address a wide range of security needs. Governments worldwide
use these Motorola products in a wide array of applications that
include passports, national ID cards, refugee and asylum
programs, criminal justice systems, and welfare fraud
prevention. Our ground-breaking use of 3D face combined with
face or finger fusion make Motorolas portfolio one of the most
accurate in the industry. This enhanced portfolio reinforces
Motorolas dedication to the biometrics market, illustrates our
expertise in fusing multiple biometrics, and shows how we can
integrate software with smart cards and secure documents,
describes Horton.

For entry points such as doors, guard stations, or checkpoints
Genex Technologies SureMatch 3D Suite for Access Control uses
the readily available feature data on the face to create a
highly secure matching template and compensates for altered
expressions and occlusions that typically plague other facial
recognition systems, according to Tarini.

Challenges still remain in the area of standardization, explains
Ruttenbur who states, Fingerprint identification currently has
the most standards and that is why it has generated the biggest
level of adoption, but when we are talking about
interoperability and standardization there is still work to do.
At this time the area of facial recognition represents the
biometric segment with the greatest need for consistent
standards.

A Biometric Future: The awareness of the need for effective
access control continues to grow according to Zelazny, who
states, In the last year there has been a surge in the demand
for fingerprinting services. Within the last 11 years we have
fingerprinted 3 million people with 600,000 in this year alone.
This increase is directly tied to the fact that more and more
people understand that granting someone a job such as a teacher,
bus driver, federal employees etc are going to require
background checks to establish trust and identity before you let
someone into your facility. Growth has also been seen in
biometric identification for passwords and visas, federal
credentials, registered travel programs, transportation worker
identification cards are all going to have biometrics
incorporated into them. This all plays into the growth of the
industry and clearly into what Identix offers.

While present day facial recognition is largely based on 2D
implementations Tarini is looking toward future implementations
utilizing 3D facial recognition algorithms, which will increase
the accuracy of the systems to allow for reliable mainstream
adoption. The extra dimensional data set from 3D technology
will bridge the performance gap and create significant market
penetration. Genex Technologies is well positioned to provide
all existent facial recognition products with significantly
improved and fully integrated/turn key 3D facial recognition
thru its SureMatch suite of 3D algorithms and software, states
Tarini.

Motorola recently announced that it is advancing its position as
a top-tier biometrics solutions provider by enhancing its
portfolio of identity management products. The new
comprehensive Motorola Biometrics Identity Management and
Security Solutions portfolio broadens Motorolas commitment to
help governments evolve to next generation ePassports and
National ID cards to help deliver safer travel worldwide. These
biometric solutions combine fingerprints with 3D and 2D facial
images identifying people by the sections of the face that are
less susceptible to alteration. This highly accurate multi-modal
biometric algorithm is designed to produce and verify travel
documents, national IDs, voter registration, and social benefits
and enables governments to more efficiently launch new secure
document programs via a single point of access, explains Horton.

Constant technical advances and higher production levels have
resulted in constantly improving biometric products at
significantly lower costs. We are beginning to see large-scale
deployments and this trend shows no sign of abatement for the
foreseeable future. The biometric industry has a clear and
bright future that will undoubtedly make a very positive and
significant difference to national security and commerce
throughout the world, explains Perler.

A longer term view sees a shift in this industry to an expanded
market beyond the government realm. Down the road, over the
next three to five years, there is going to be a huge migration
of biometric technology from the government to the commercial
sector, believes Ruttenbur.

Ann-Marie Fleming Ann-Marie Fleming completed her MBA in the
United States, where she attended Webster University. She also
holds an Honors B.A from the University of Toronto. She has over
fifteen years of experience within the financial industry to
include retail banking and brokerage, investment banking, and
mortgage brokerage within the United States and Canada, with a
firm background in corporate research. Disclaimer:
www.InvestorIdeas.com/About/Disclaimer.asp,
www.HomelandDefenseStocks.com/Companies/HomelandDefense/Disclaime
r.aspbr
br
br
br

Author: Samuel Loganbr
Source: downloadbr
br
Alvaro Uribes re-election has guaranteed him a spot in history. He is the first Colombian president to serve two consecutive terms. Winning in the first round of voting, Uribe received a strong mandate, selected by over 60 percent of those who voted. Colombians believe Uribe can deliver more security to Colombia, but it is not clear if in four years he can enact dramatic improvements in Colombias perennially worrisome security situation.
Notable security achievements from Uribes last term include bringing Colombias other revolutionary group, the National Liberation Army (ELN), to the negotiating table. Current talks underway in Cuba began last December and are in a third round, which indicates at the very least that there has been some progress.
More controversial, however, is the Justice and Peace law that created the legal framework around Colombias paramilitary disarmament process. In truth thousands of paramilitary soldiers have disarmed and entered into a demobilization and reintegration program, which looks good on paper but is lacking in practice, primarily due to funding issues.
As months dwindled to weeks before the Colombian presidential elections, an increase in attacks from Colombias primary revolutionary group, the Revolutionary Armed Forces of Colombia (FARC), picked up in areas that Uribe had targeted for increased security, namely the Putamayo, Narino, and Meta departments.
The FARCs strategy was to use an increase in attacks to prove to the Colombian voting public that Uribe had not brought more security to the country. While the FARC did not prevent Uribes re-election, they may have scared many Colombians from traveling to voting centers around the country.
The infamous paramilitary disarmament process, upon close scrutiny, was revealed by Colombian and international press as a hollow process whereby paramilitary chieftains were able to trade in some of their soldiers for protection, under Colombian law, from extradition to the US. Extraditions requests are ongoing, with the US maintaining pressure to extradite what the US Department of State identifies as Colombian narco-terrorists.
At the same time, paramilitary chieftains, especially in the northeastern departments and border areas with Venezuela, have strengthened their grip on the control of political systems at the municipal and departmental level. Paramilitary involvement in Colombian politics, especially the paramilitaries implied involvement in President Uribes political coalition indicates the disarmament process may have led to, more than anything else, the increased participation of paramilitary chieftains in Colombian politics.
And so with a questionable security record, President Uribe moves into his next term of office. Just two days after his election on 30 May, Uribe made an offer to explore peace with the FARC. It is quite clear that Uribe would benefit politically from engaging the FARC across the negotiating table rather than down the barrel of a gun. But is hard to see what the FARC could possibly win from such efforts. Nor is it clear that the FARC is in a talking mood.
Yet Uribes intentions may at least be honest. He recently met with Alvaro Leva, who is known in Colombia as one of the few politicians that actually corresponds regularly with the FARC leadership secretariat. It is highly likely the conversation focused on ways the Uribe administration could coerce the FARC into peace talks.
Meanwhile, the FARC has made public its disappointment with the ELN. For years, analysts have believed that the ELN and the FARC were working in concert to produce and export Colombian cocaine to the US market. The ELNs decision to begin peace talks with the Uribe administration put a strain on FARC-ELN relations.
The truce formally broke on 11 June when the FARC issued a statement that declared an official split between the FARC and the ELN. This announcement followed violence between the two groups in Colombias Arauca department on the border with Venezuela. Colombian authorities tabled the possibility that the two groups are battling over smuggling routes into Venezuela.
Since paramilitary chieftain Victor Mejia disarmed his group in Arauca, a security vacuum left in the countryside has been filled by the ELN, which has traditionally been strong in Arauca. Now, it is possible the FARC is seeking to move in on this territory, opening another smuggling route out of Colombia.
Alleged links between the FARC and Venezuelas National Guard further strengthen the belief that certain units within the FARC have begun to focus more on exporting cocaine through Venezuela.
Looking ahead, Uribe has three primary responsibilities.
First, he must work to go beyond statements and rhetoric and actually increase security in Colombias rural cities and towns. On 5 June, Uribe announced he would add 40,000 police officers to the payroll to boost security in rural areas. However, it is unclear if an increased police presence would deter the FARC or paramilitaries entrenched in their respective cities, towns, and encampments.
Second, Uribe must work to manage the Colombian economy vis-?-vis the countrys regional leadership role. A fresh free trade agreement with the US certainly helps, but Uribe must look beyond his relationship with Washington and focus on Colombias leadership role in a struggling Andean environment where trade and security issues have threatened to dissolve the Andean Community of Nations (CAN).
Finally, Alvaro Uribe must work to lift Colombians from poverty, marginalization, and misery. It is quite clear that focusing on a hard-handed, military strategy to protect Colombians is not the best solution. Of all the policy options available, one that integrates a prudent level of military and police force with pragmatic economic packages and simple job stimulation will put Uribe on a path to success.
As a historical president in Colombia and South America, Uribe has an opportunity to introduce creative policy options that make a departure from stagnated and failed policies such as fumigation and direct military confrontation. Uribe owes it to his constituency to give them better in this term than the last. What remains to be seen is if Uribe follows through on making Colombia truly a better place to live or presides over another four years of mediocre administration.
Sam Logan (http://www.samuellogan.com) is an investigative journalist who has reported on security, energy, politics, economics, organized crime, terrorism, and black markets in Latin America since 1999. He is currently completing his work on Nice Guys Die First, a forthcoming non-fiction narrative about organized crime in Brazil.br
br
br
br

Author: Anonymous
Source: free-articles

Point Roberts, WA December 11, 2003– Homelanddefensestocks.com, a global investment research portal for the Homeland Defense and Security Sector is pleased to provide an updated list of research and listed companies related to border security and protection. With $9 billion allocated for border protection and related activities, there are several companies poised to benefit from the budget. The site does not make recommendations, but offers a unique information portal to investors to research news, articles, and recent research.

On June 24, the House passed the fiscal 2004 Homeland Security Appropriations Act providing $29.4 billion for operations and activities of the Department of Homeland Security (DHS). $9 billion was allocated for border protection and related activities, an increase of $400 million from the previous year. This also includes $2 billion for the U.S. Coast Guard homeland security activities.

For more information on U.S. Customs and Border Protection visit the web site at www.cbp.gov

Homelanddefensestock.com includes a growing list of public companies in the sector. The following is a partial list of companies involved in border security technology and solutions:

Cubic Corp was recently added to the list of border security stocks with its smart card technology and systems integration expertise for the border security market. They also manufacture equipment used in customized military range instrumentation, training and applications systems, communications and surveillance systems, high frequency (HF) and very-high frequency/ultra-high frequency (VHF/UHF) surveillance receivers, transceivers and avionics systems.

L-3 Communications IMC division is the prime contractor on the U.S. Border Patrol Remote Video Surveillance system, and also provides the integration for the U.S. Navy’s Waterside Security System.

Landstar System, Inc is a provider of specialized transportation services to a broad range of customers throughout North America. Landstar Carrier Group and Landstar Express America are FAST certified. Free and Secure Trade (FAST) is a joint U.S.-Canadian program to improve security at the U.S.-Canadian border through data collection and sharing of information between U.S.

Drexler Technology is benefiting from the growth in border security with its products and systems featuring LaserCard optical memory cards and chip-ready Smart/Optical cards. Their optical memory cards are used for digital governance applications including immigration, border crossing visas, cargo manifests, motor vehicle registration and multi-biometric identification cards.

Featured Company:

Markland Technologies, Inc. (OTCBB: MRKL) announced yesterday, the awarding of a contract from Computer Sciences Corporation (CSC) to provide support services to ports of entry at San Ysidro and Otay Mesa, CA. The award was granted to Markland’s wholly owned subsidiary ERGO systems for a period starting December 8, 2003 until September 2004, with an option for extension. CSC is a key provider of software engineering services to Department of Homeland Security’s Bureau of Immigration and Customs Enforcement.

CSC has been providing services to INS under the Service Technology Alliance Resources (STARS) program since 1999. CSC was recently awarded an $88 million dollar contract under the Starlight program, which will replace the STARS program. CSC is tasked to maintain and enhance systems that process travelers crossing US borders under this new contract.

Markland’s ERGO subsidiary has been providing maintenance services for ports of entry under INS/DHS contracts since April of 2001. The services provided by ERGO will be an extension of the scope of services ERGO is currently providing to DHS, and ERGO will continue to provide services under their existing contracts with DHS as well.

About Homelanddefensestocks.com: The global investment portal features news, research, homeland security links, featured and exclusive articles and companies participating in security technology solutions. Areas include:

Airport Security, Biodefense, Biometrics, Defense, Internet Security, Integrated Security, Military, Border and Port Security. Homelanddefensestocks.com is a unique top ranked investor research portal on Yahoo and Google that provides original content as well as third party content.

For more information contact:

Dawn Van Zant / Trevor Ruehs

Toll free:
800-665-0411

Email:

dvanzant@investorideas.com or truehs@investorideas.com

Web Site:
www.InvestorIdeas.com

ECON Investor Relations Inc., (ECON Corporate Services) owner of the domain www.homelanddefensestocks.com, is a privately owned corporate communications company specializing in investor relations, media relations and research in public companies and industry sectors for the investment community. Nothing on the site should be construed as an offer or solicitation or recommendation to buy or sell any specific products or securities. Past performance does not guarantee future results. Although we attempt to research thoroughly, there are no guarantees in accuracy. We encourage all investors to use our research as a resource only, but to further their own research on all featured companies, industry research and articles featured. Our Investor Pick of the Month is not a solicitation, but should only be viewed as a suggestion. ECON is compensated by featured company Markland Technologies.

ECON currently also owns the domains www.naturalgasstocks.com,

www.renewableenergystocks.com, www.fuelcellcarnews.com.

Disclaimer: www.investorideas.com/About/Disclaimer.asp