Inside the Twisted Mind of the Security Professional. (http://www.wired.com/politics/security/commentary/securitymatters/2008/03/securitymatters_0320)

True. This is why hiring security systems designers is so damn difficult. You can teach the technical knowledge, but you can't rewire someone's brain to think like a psycho who constantly is looking for ways to exploit vulnerability- that has to be innate.

That was an interesting article, thanks for linking to it.

When I conduct a security assessment, I typically interview groups of employees within the organization I am conducting the assessment for. One of the questions I always ask employees is, "If you became disgruntled, and really wanted to harm this organization, what would you do?" The answers are interesting and sometimes very informative. However, there are some people who stumble with this question - they are so honest themselves that they can't even hypothesize about ways in which an illegal act could be committed.

I was once referred to by a client as a "professional pessimist". I guess this was a compliment....:)

My friends tell me I'm paranoid. I tell them "people pay me good money to be paranoid for them".

Heh, I was gonna post that, but I see someone beat me to it. :)

A friend of mine blogged this in response:

I often find it fascinating that the world works so well only because so many people follow the unwritten rules... like... people in uniforms or with badges can be trusted, you pay for stuff before you leave, you fight fair, etc. Security personnel do their job well because they see how these rules are mostly meaningless to the few out there who are the criminals... and even they only break one or two at a time. Usually.

But the real interesting thing is to be able to break *some* of the unwritten rules without doing anything unethical or immoral... Changing a dialog with a police officer from a confrontation to a discussion between equals, for instance, breaks the officer's expected dynamics, and in my experience, if done right, can make the interaction, whatever the reason for it, much more friendly. Recently I had one such interaction because I didn't know my license had been suspended. The officer was apologetic while arresting me, and even let me leave the bulkier items in my pockets and my wallet in my car so processing me would go smoother. Had I had some sort of contraband, I could have EASILY tossed it in the car along with my wallet. Because I was treating the interaction as a normal part of his job rather than a confrontation, the officer never searched those items. (No, I didn't have anything illegal on me... but the point is I could have.) Hell, he didn't even properly pat me down till we were at the police station. Why not? Because I made myself seem like NOT a threat. And I wasn't a threat. But I have a security mindset. I *could* have been a threat.

Many credit/debit cards have an RFID chip these days. It might be "PayPass" or a Mobil key fob or whatever (yes, even EZ-pass and the new passports). Did you know someone can clone these in seconds using about $8 worth of electronics? Have you ever taken account of the security cameras in any given place? Did you catch them all? Which ones are fake? Are they monitored? I can see lots of cameras in places like stores where theft or robbery are common. This is a good idea. But on busy street corners? All up and down Rt. 3? What becomes of the footage? Who can see it?

In a supposedly secure location, the door might have massive locks, but are the hinges exposed? Is a window open? I've seen a fence on a military installation with all kinds of security - cameras, barbed wire, etc... where you can see it. But on the far side of the runway, the fence becomes 3 feet tall and no further measures of security. In places the fence isn't even there. (I was teaching a land navigation refresher for national guardsmen at the time, so I had the engineering map of the base...) I pointed these holes out to a Secret Service agent in charge of security for a visit by the then VP and he was more surprised I found them than that they were there. He almost had a cow when I showed him the map I got from base engineering free for the asking... and 5 minutes wait while they printed me a copy. (In deference to the USSS, the agent pointed out to me that those areas would be covered by multiple sniper positions for the VP's visit. At least the Secret Service knows their ****.) On a different base I've seen AH-1 Cobras protected by.... their location. Literally nothing but a field between the public and the helicopters. No keys needed. No locks. An unscrupulous person could (if they knew how) walk up and fly one away. I was so shocked, I opened the door to one and looked inside. (This tarmac is currently blurred out on Google Earth... go figure.)

Security mindset. Kind of like a criminal mind set, but with a different purpose in mind.

-Iarwain (http://iarwain.livejournal.com/)


I have many friends who refuse to go shopping with me because I can't turn it off. :o Anyone else here habitually pick the seat in the restaurant that has a back to a wall and can see all the entrances/windows? Regularly backs into parking spaces? Automatically knows the location of every CCTV camera with line of sight to you? Routinely double-checks doors & windows to make sure they're secure, even if they aren't yours? Upon entering a new place, locates the emergency exits and calculates the best paths to take to them? Has the non-emergency direct lines for all local police departments programmed into your phone?

Routinely reads SIW, LPInfo, Officer.com, etc., forums, just to keep up with what's going on? :rolleyes:

I have many friends who refuse to go shopping with me because I can't turn it off. Anyone else here habitually pick the seat in the restaurant that has a back to a wall and can see all the entrances/windows? Regularly backs into parking spaces? Automatically knows the location of every CCTV camera with line of sight to you? Routinely double-checks doors & windows to make sure they're secure, even if they aren't yours? Upon entering a new place, locates the emergency exits and calculates the best paths to take to them? Has the non-emergency direct lines for all local police departments programmed into your phone?


yes, yes, yes, yes, yes, and yes. My wife refuses to watch "heist" movies with me because I won't stop yelling "THAT'S NOT HOW IT'S DONE!!!".

I nearly had a stroke when I watched Mission Impossible.

I nearly had a stroke when I watched Mission Impossible.


For me it was Sneakers. Great film. I was so twitchy when it was done, you'd think I was having a mental. :D

Lets focus on the ants for a minute. I bought my son a mega ant farm when I lived in FL and was shocked that there were no ants included DOH!! just the mentioned card to send. A bit disappointed I sent in the card and got back a card that the state of Fl does not allow any insects to be imported into it. Although they suggested that I find an ant mound and relocate the queen and friends into the farm. What they don't understand is that I spent lots of bucks and time trying to rid my property of the dreadful little fire ants, so why would I want to bring them in my house to be sort of pets?? And secondly digging into a fire ant mound is akin to putting out a fire with gasoline.

For me it was Sneakers. Great film. I was so twitchy when it was done, you'd think I was having a mental. :D

The film makers actually used a professional security consultant, John Strauchs, as technical advisor on Sneakers. John founded a major security consulting firm (Systech in the Washingtom DC area) more than 20 years ago and prior to that he was with the CIA.

I wonder how much (or how little) of John's advice the director used.

The film makers actually used a professional security consultant, John Strauchs, as technical advisor on Sneakers. John founded a major security consulting firm (Systech in the Washingtom DC area) more than 20 years ago and prior to that he was with the CIA.

I wonder how much (or how little) of John's advice the director used.
A few years before I retired, 1991, Strauchs was a consultant to FAA on reduction of interference and so forth at established airports and mitigation for those to be built.
John did a study and submitted a report which FAA promptly buried. Ever notice how security screening and monitoring equipment works in some airports and not others or works swimming well in the dead of night when there is little or no traffic?
Back to your original question, John's advice probably whetted their appetite and they went wild. Remember the Movie "Good Morning Viet Nam?" Adrian Cronauer provided technical advice. The only thing Robin Williams and the others used was Adrian's opening line, "Good Morning Viet Nam." The rest was pure fiction.
Enjoy the day,
Bill

I have many friends who refuse to go shopping with me because I can't turn it off. :o Anyone else here habitually pick the seat in the restaurant that has a back to a wall and can see all the entrances/windows? Regularly backs into parking spaces? Automatically knows the location of every CCTV camera with line of sight to you? Routinely double-checks doors & windows to make sure they're secure, even if they aren't yours? Upon entering a new place, locates the emergency exits and calculates the best paths to take to them? Has the non-emergency direct lines for all local police departments programmed into your phone?

Routinely reads SIW, LPInfo, Officer.com, etc., forums, just to keep up with what's going on? :rolleyes:
[/LEFT]
[/RIGHT]

Yea...my mom makes fun of my dad and I if the family is at a restaurant. We both have to be able to see the door. My gf noted on a number of occasions that I must be paranoid because I always watch people and how they act. Won't go to the car if there is a large crowd in the general area at night. Change my path if I feel like I'm being followed. Some times, it turns out to be a legitimate course of action...

Routinely double-checks doors & windows to make sure they're secure, even if they aren't yours?

That could also be interpreted as a symptom of an obsessive compulsive disorder :p

FWIW I do check & recheck doors/windows & padlocks in such a manner (only pertaining to my site), the time you don't will be the time it's not secured appropriately ;)

For me it only becomes a problem when I'm out with close friends (who also - just happen - to work security). After all, we can't ALL sit in the chairs with our backs to the wall.

And yes, it makes my back crawl when I don't get those chairs and I'm not able to watch who's coming and going in restaurants.

Heh, I was gonna post that, but I see someone beat me to it. :)

A friend of mine blogged this in response:

I often find it fascinating that the world works so well only because so many people follow the unwritten rules... like... people in uniforms or with badges can be trusted, you pay for stuff before you leave, you fight fair, etc. Security personnel do their job well because they see how these rules are mostly meaningless to the few out there who are the criminals... and even they only break one or two at a time. Usually.

But the real interesting thing is to be able to break *some* of the unwritten rules without doing anything unethical or immoral... Changing a dialog with a police officer from a confrontation to a discussion between equals, for instance, breaks the officer's expected dynamics, and in my experience, if done right, can make the interaction, whatever the reason for it, much more friendly. Recently I had one such interaction because I didn't know my license had been suspended. The officer was apologetic while arresting me, and even let me leave the bulkier items in my pockets and my wallet in my car so processing me would go smoother. Had I had some sort of contraband, I could have EASILY tossed it in the car along with my wallet. Because I was treating the interaction as a normal part of his job rather than a confrontation, the officer never searched those items. (No, I didn't have anything illegal on me... but the point is I could have.) Hell, he didn't even properly pat me down till we were at the police station. Why not? Because I made myself seem like NOT a threat. And I wasn't a threat. But I have a security mindset. I *could* have been a threat.

Many credit/debit cards have an RFID chip these days. It might be "PayPass" or a Mobil key fob or whatever (yes, even EZ-pass and the new passports). Did you know someone can clone these in seconds using about $8 worth of electronics? Have you ever taken account of the security cameras in any given place? Did you catch them all? Which ones are fake? Are they monitored? I can see lots of cameras in places like stores where theft or robbery are common. This is a good idea. But on busy street corners? All up and down Rt. 3? What becomes of the footage? Who can see it?

In a supposedly secure location, the door might have massive locks, but are the hinges exposed? Is a window open? I've seen a fence on a military installation with all kinds of security - cameras, barbed wire, etc... where you can see it. But on the far side of the runway, the fence becomes 3 feet tall and no further measures of security. In places the fence isn't even there. (I was teaching a land navigation refresher for national guardsmen at the time, so I had the engineering map of the base...) I pointed these holes out to a Secret Service agent in charge of security for a visit by the then VP and he was more surprised I found them than that they were there. He almost had a cow when I showed him the map I got from base engineering free for the asking... and 5 minutes wait while they printed me a copy. (In deference to the USSS, the agent pointed out to me that those areas would be covered by multiple sniper positions for the VP's visit. At least the Secret Service knows their ****.) On a different base I've seen AH-1 Cobras protected by.... their location. Literally nothing but a field between the public and the helicopters. No keys needed. No locks. An unscrupulous person could (if they knew how) walk up and fly one away. I was so shocked, I opened the door to one and looked inside. (This tarmac is currently blurred out on Google Earth... go figure.)

Security mindset. Kind of like a criminal mind set, but with a different purpose in mind.

-Iarwain (http://iarwain.livejournal.com/)


I have many friends who refuse to go shopping with me because I can't turn it off. :o Anyone else here habitually pick the seat in the restaurant that has a back to a wall and can see all the entrances/windows? Regularly backs into parking spaces? Automatically knows the location of every CCTV camera with line of sight to you? Routinely double-checks doors & windows to make sure they're secure, even if they aren't yours? Upon entering a new place, locates the emergency exits and calculates the best paths to take to them? Has the non-emergency direct lines for all local police departments programmed into your phone?

Routinely reads SIW, LPInfo, Officer.com, etc., forums, just to keep up with what's going on? :rolleyes:



yup better than that lol...know by heart the localpd/ so numbers for several agencies including taxicab. sit back to door and face the door. piss people off w/ what if's, will tell a complete stranger online personalifo.bout them b/c they gave toomuch info, which led to being able to give them more info.(if they get pissed off i don't care,b/c i may have saved their life.I usually tell themit's due to my security,and other special training).Like jane doe who's 28 has a yahoo screenname of janedoe28,then the profile tells city,then whitepages gives their address,etc, etc. one lady had an ad for "wanted,free books,like to read,my husband works all nightshifts".

The film makers actually used a professional security consultant, John Strauchs, as technical advisor on Sneakers. John founded a major security consulting firm (Systech in the Washingtom DC area) more than 20 years ago and prior to that he was with the CIA.

I wonder how much (or how little) of John's advice the director used.

Neat! Didn't know that. I'm guessing... not much...


For me it only becomes a problem when I'm out with close friends (who also - just happen - to work security). After all, we can't ALL sit in the chairs with our backs to the wall.

And yes, it makes my back crawl when I don't get those chairs and I'm not able to watch who's coming and going in restaurants.

A familiar scenario, you describe. :rolleyes: Wonder why that is.

Glad you finally wandered in. :D

A familiar scenario, you describe. :rolleyes: Wonder why that is.

Uh, because you normally get to that chair first?

A familiar scenario, you describe. :rolleyes: Wonder why that is.

Uh, because you normally get to that chair first?


You just need to move faster, that's all. :D

I worked at a ghetto apartment complex doing security. Police did not respond much so I was the police more less. I was not armed but I did wear a vest because of some of the domestics I went into, meth heads going at it with steak knives LOL...!!!

I was only paranoid when I left to go home because sometimes, they would follow me to see where I lived. Now I am all for if someone comes into my house without identifying themselves, the get the barrel of an AR-15 stuck in their face and any sudden move will make this countryboy unload LOL.

So I think its good to be paranoid sometimes.

So I think its good to be paranoid sometimes.
Just because you're paranoid doesn't mean they aren't out to get you.