Security Musings

Security Musings

Information Security Travel Guide

Stephen Northcutt, an Information Security Researcher, United Airlines 1k, Writer and Instructor, documents the struggles of the travel and hospitality industries as we all face continually increasing energy costs. He and his peers share their travel experiences and give you quick tips and short reviews of the companies they do business with as they travel. If you came across this article because of a Google search, what you want is probably here, just use find with your browser (CTRL - F), it is easier than reading from top to bottom; however, you may get some useful tips if you stick around and read. Each major cluster of trips is documented in a separate file.

Other Related Articles in Information Security Travel Guide


Information Security Travel Guide Edition 9, Kauai to Frederick MD, Phoenix AZ, and back to Kauai


By Stephen Northcutt
Version 1.4

Information Security Travel Guide Edition 9


[Tuesday, March 31, 2009] A taste of stories on roaming charges


More Verizon fun - quoting in cents, billing in dollars?

A reader sent me this:
Speaking of Verizon and international roaming charges, if you haven't seen http://verizonmath.blogspot.com/2006/12/verizon-doesnt-know-dollars-from-cents.html. It's... educational. It boils down to Verizon quoting in cents and billing in dollars. I couldn't listen to the whole recording, though, as I wanted to smash my head against the wall in sympathy. :-\\

AT&T taking a page out of Verizon's playbook

Craig Bowser pointed us to another example of the dangers of wireless roaming near borders: http://consumerist.com/5159329/att-charges-2778893-to-watch-a-bears-game-on-your-laptop

[Monday, March 30, 2009] Back in Kauai, waiting for Conficker, reviewing my cell phone bill


I am home, the sun came out today! Kathy and I took a walk along the beach before the afternoon rains, and we are having dinner tonight with Rudy and Shanda from Two Frogs Hugging.

Public Safety Announcement Verizon EVDO cards

I was reviewing my cell phone bill and there was a $199.00 roaming charge for Mexico. Only problem, I have not been to Mexico. I called Verizon and they graciously agreed to remove it from my bill, but warned me it was only this once. I was in San Diego in the Gaslamp district, it looks like that is about 20 miles from the Mexican border when I look at the map, but Verizon said that sometimes the Mexican signal is stronger and the modem connects to the strongest signal. They said the issue is even worse between the US and Canadian border. Bottom line, if you want to avoid several hundred dollars in roaming fees, it is probably best to remove your modem from your system when not using it (bummer for the folks with built in modems); make sure the network you connect to is National Access; and, probably kill the VZACCESS application when not working. If anyone else has a near-border data roaming story you are willing to share, drop me a note, stephen@sans.edu.

Thanks to David Ofsevit for his input:
This is the kind of thing about wireless companies that drives me nuts. If Verizon's broadband card can't decide what signal to connect to, and select their own even if it isn't the strongest, why should the customer have to be the one to figure that out and (if they don't realize it) pay for it? What are we paying them for, if not to properly automate the system (and, by the way, protect it)?
First thing I do when I travel over any border is turn off data roaming on my iPhone. Second thing, as you do, is disconnect the broadband card.


[Sunday, March 29, 2009] The Phoenix conference is complete


Jump complete. I will not lie, I am one tired puppy. I did something I never do: I turned on the TV last night and just vegged. Had a decent pizza with Kate and Barrington at Old Chicago, a deep dish pizza chain famous for a large beer selection. Speaking of a large beer selection, I ate at my first Buffalo Wild Wings; it is really for the younger set, a sports bar atmosphere, but my BWLD stock has actually gone up in this crazy market. Set my alarms early this morning, earlier than necessary, but wanted to get to the airport and through security. This is a large airport, they call it the Sky Harbor. The United section has a Red Carpet Lounge with a business section, which is small but very serviceable. There was a shoe shine stand just past security manned by a pretty girl with the shortest skirt and longest legs imaginable. All the security folks are standing around "not looking" - an easy dozen cops and TSA folks. If a terrorist happens to attack right there, he is out of luck. Did I get my shoes shined, you ask? No, I am out of clean clothes after two weeks on the road and black shoe polish will mess up white socks, but thank you for asking.

Phoenix
is an interesting American city. The natural looking vegetation along the highways is actually planted and depends on drip irrigation to survive. If you get outside of the city, you find you most certainly are in a desert. I personally would not want to be here June - September, the heat is oppressive, though there are things to do in the summer. The Hilton Mesa East is an OK hotel, but it is an aging property. The floor plan looks like it started life as an Embassy Suites. There is a golf course at property. March is peak season, there is a lot of baseball activity. For one thing that increases the cost of rental cars. My cab driver suggested the Marriott Suites in Old Town might be a good alternative as a hotel. There is a lot to do around Scottsdale.

I typed SANS Phoenix into search.twitter.com and saw a hotel prospect tweet. That is interesting, one more way social media and business are converging, I guess the idea is to come sell us stuff.

On the Computer Security front, the Private Investigators in North Carolina are still trying to get sole control of digital forensics. Here is the proposed legislation: "(5a) Digital forensics examiner. - Any person who, on a contractual basis, engages in the practice of conducting examinations of digitally stored data to recover, image, analyze, or examine the data by using specialized software 1 to determine responsibility or reconstruct usage of the data." Now they do have exceptions for incident response and networks, but still I worry. GIAC has been unable to get a submission into ANSI for the GCFA, I hope Mr. Frisk understands the stakes.


[Sunday March 22, 2009] Daytime, the jump into conference mode


I used Google Maps to bring up Mesa drug stores. I first went for Community Drug store on W Southern, never found it, next started for the one north of the hotel, but remembered it was prescription only, so I changed directions and headed south. That is quite a hike to Alma and Guadalupe. Everything here is so spread out. Bottom line it took me three hours to replace my mess kit, but got my exercise for the day. Don't normally have back problems, but at Fort Detrick, I had to teach the first few days sitting down which is not like me at all. Every night I did my stretches and also got a massage up in Frederick from Jennifer Eden. She is in the Yellow pages or if you find yourself in Frederick her email is jeden AT pipeline.com. She is one of the better therapists I have enjoyed. The reason I mention this now is that an eight mile hike tightened my back, I think I can just stretch and I will be fine, but it surely got me thinking about finding a way to fly Jennifer down here *grin*. On a serious note, if A) She is not at her beach house in North Caroling and B) we can string together enough appointments to make it worth her while like 3 or 4, I think she would be willing to bring her table to Baltimore at SANSFIRE. So if you are going to be at SANSFIRE and want to experience what I believe is one of the better practicing therapists, let me know, I will try to put something together.

Ate lunch today at Chevy's, a local Mexican chain. Needless to say, I am going to eat some Mexican food while I am in Arizona. I had the fresh fish fajitas, very nice and lots of extras and the price was reasonable.

The Jump. Once conference starts we go into blur mode. You are typically scheduled day and night. From what I have seen about the distance to restaurants, after I use up the closest ones, I am going to focus on carry out. So you probably will not hear much from me until I get back to a stopping point.


[Sunday, March 22, 2009] 12:30 A.M. Phoenix AZ


Despite the fact that Flight 953 was late, the crew was good and we had awesome flying weather - the seatbelt sign only came on once in-flight. The attendants were attentive, which is appreciated. My bags actually came out first, so the 1K Priority sticker can work. I just do not know why it didn't the other couple hundred flights; I guess random chance is the more likely answer. I went out of the airport and there were only two cabs and two limos, each on different sides of a parking stand. An official sounding lady sat between them and said she would explain the difference in rates. A limo guy came up and said, "I will give you the same rate as a cab". I asked the lady if that was true, she said yes. So, I hopped in the limo, good choice, both cabs were now taken. I ended up paying $70.00 with tip. According to the Hilton web site, it would be about $30 in a cab, now I know. It isn't that much money, but listen up Phoenix AZ, if you cheat the tourists, you will end up getting hurt. We will blog it, we will tell our friends, and that convention will be held somewhere else. Don't do it, it is not worth it.

I got to the hotel (Hilton Mesa East) late, because my flight was late. Jay, checked me in. There was no reservation for me. I took out my red notebook where all my travel information was stored. Jay found a room for me, it meant not having a King size bed, but when on travel I just do not care. Two queens is fine, I will put the bags on one. So then I went out hiking to find something to eat. Most things were closed, I did have a chance of a Denny's and gas station food, turned both of them down. Bad decision, I probably walked five miles and ended up eating nuts, apples and two cheese sticks Kathy had put in my backpack back when we were in Orlando. Thanks, Kathy.

Since I was in Dulles Red Carpet Lounge for six hours, I made the mistake of taking my toiletries ziplock bag out of my carry-on bag to brush teeth and didn't repack. Sigh. I will be looking for a drug store tomorrow. Need to wash clothes in the hotel room before going to sleep, the air is so dry here, need the moisture. Probably better start turning in.

My bad Haircuttery Haircut

I wanted to look sharp in Phoenix and there was a Haircuttery in the Frederick Shopping Center. Since I do not have a regular stylist in Frederick, I gave it a try Friday March 20. D I S A S T E R. The lady was rude, she wanted me in and out in five minutes. She literally butchered my hair. I woke up Saturday morning and the top of my head sloped at a 45 degree angle from left to right ( I actually have a normal head, honest). I called the Haircuttery and spoke with the assistant manager Kathy, she said come by. She told me she would do what she could. She tried, it is better, but nothing close to right. To say the least, I will not be looking my best in Phoenix. I need to ponder the lesson I learned here for a while, if you travel you cannot have your regular stylist, so what do you do on the road?




[Saturday March 21, 2009] Mission Complete in Fort Detrick, at Dulles Airport


I liked my class at the Army base, they had a professional attitude and hopefully they learned some security. The drive up Highway 15 was nice, I like driving through farmland and maybe Kathy and I can go antiquing up this way sometime. There is one strange area just south of Point of Rocks, there are these huge houses, at least ten thousand square feet, no landscaping. Very weird, I think I finally understand what a MacMansion is. Frederick Maryland is a nice area, the traffic is not so bad, the downtown area has a lot of character and interesting restaurants including several Cara gave me a recco for, reminds me of the fan in Richmond. The area seems wholesome, please do not get me wrong, I am sure they have their prostitutes, tattoo parlors, motorcycle gangs, and people that walk their dogs without picking up the poop, but none of that sort of stuff is obvious.

I ate most of my meals at Frederick Shopping Center, it was so easy, there is a back way out that connects to Taney which drops you right at the hotel. There is a Bonefish Grill, a nice fish chain, went there a couple times, a Chinese Buffet, China Wok, with peel and eat shrimp, a very nice salmon, and the usual, for under eight dollars. Chris Crowley and I ate at Caballo Viejo, very interesting spin on Latin American fast food. They offer an interesting sandwich on a white cornbread about the size of an English muffin called an Arepas. The Book Nook Cafe was also a fun experience. Lunches were also fun, we ordered in for the first two class days, then my point of contact, Sandy Wentz took a small group to some of the local barbecue including my first Famous Daves chain. I had wanted to try one for a long time, I have heard about the sauces and it was excellent and the portions were generous.

Now the bad news, I am stuck at Dulles and my plane is estimated to be running an hour late. The good news is that I bought a years subscription to the Red Carpet Club with miles, and have had three five -six hour layovers in just the last 30 days. I pour a jug of hot tea and things are fine. I figured something was up when I walked into Dulles and people were sleeping on the floor.


[Sunday, March 15, 2009] In position in Frederick Maryland


Both flights were totally full and not everyone got on the second one. I started March 14 on United 66 Lihue to Los Angeles. I managed to get first class, but I think I did it with money. It was very odd, as soon as I saw a bill for $438.00 on the check-in screen I hit decline, but it went through anyway. Crazy, I have so many miles, why can't I use them to upgrade? I will look into this more but we ran into heavy traffic so even though I left early, I didn't want to dawdle around at the check in counter. The crew for flight 66 set a new low for just how bad a United crew can be. They didn't even fill people's water up with the meal in first class, I was literally wishing I had not upgrade, at least in economy plus, you pay for what you get, and they want your money so they are happy to give you what you ask for. Flight 44 from Los Angeles was much better. It was a redeye and they brought water the entire time. We had a rough start, the flight was oversold and if I heard the announcement correctly some of those people were not going to be able to fly on Sunday either. Ouch!

It has been rainy and misty all day, but not too cold. Did not sleep all that well on the plane, there was one ready cleaned room at the Hampton Hotel and Suites and they let me have it, I don't think it is a larger room, a suite, but I do not care, I only need room for me on the bed, my laptop and my suitcase and we have that covered.. Thank you Hampton for the early room, the tub does not seal, but everything else seems to work! The Hampton also serves breakfast, so I had some eggs and fruit and went to bed and closed my eyes. It was fitful sleep, I was resistant to going down at first and then entered increasing waves of dream state. Even though I could have slept longer, about two-twenty P.M. I decided to get up, I needed to get the lay of the land, so I headed out to get some fruit and low fat milk. While I was out, I decided to eat, gave Mama Lucia's in Frederick a try. Apparently this is a local chain, but I was not impressed with either the food or the service, I had the Vitello Chesapeake, from the menu description this is loosely modeled after Saltimboca, but uses crab meat instead. The pasta and sauce tasted vaguely like library paste and there was no indication of crabmeat. I will say the portion was generous, if it tasted good, it could have easily served for two meals and a snack. The house salad was generous and the bread service was excellent, they toast the bread and hit it with a tomato garlic sauce then serve olive oil with Parmesan cheese and probably more garlic as a spread. It really was excellent. I do not think I will ever try a cream sauce here again, but might be willing to try pizza or a red sauce pasta.

I drove from the hotel to Fort Detrick to make sure I understand the route. Oddly, it seems you take one path to get there, another to get back to the hotel, but whatever it takes. I did see a Bonefish Grill, so will try to get a meal there during the week.

Of course the hot security news is the arrest of District of Columbia Yusuf Acar and another man for bribery. Since he was the acting chief security officer, DC has a real mess on its hands. Worse, there potentially could be links to President Obama's CIO pick, Vivek Kundra, at a time we desperately need leadership.


[March 13, 3009] Friday the 13th was not such a bad day


Mostly cold and rainy, winds out of the north, but the sun broke out about 3 P.M. I fly to the mainland tomorrow.

A walk along the Kealia Bikepath

The rain stopped, sun is shining, time to take a walk
Got my jacket, it has been north wind cold all day
Passing Kina's house, he is in his truck, weed whacker ready, off to work
There is the ocean, the horizon is undulating, winter swells
Waialeale waterfalls are going off, the mountain streams will be hard to cross
Kaumualii ramp parking lot full of jet ski trailers, I count eight
A pretty girl in a bikini is watching the waves, probably not local, the top and bottom match
Rachel is jogging home with her comfortable lope, why are all these people watching the ocean she asks
The wind has stopped, totally stopped, a blade of grass falls straight down
Young surfers stand silently in groups, either not good enough, or can't get hooked up with a jet ski
The Tiki carver is sitting on his porch watching the ocean, his Samoan coconuts seem to have enjoyed the rain
Tourist with a small camera trying to get the shot, that's not going to happen
Warming up with no wind, unzip the jacket
At the point a crowd has gathered, the cliff is high enough to see over the swells to watch the surfers
Ex surfers with beer bellies offer commentary to each other, their time for this has past
Tow in picks a nice wave, surfer races south ahead of the breaking wave, a one minute ride
Next tow in doesn't pick as well, foam everywhere, ride is bust
A third gets a decent, but short ride
Whale blowing to the north gets my attention, probably will not see many breaches, those are huge swells
Time to turn around, cooking fish and potatoes for dinner
The bushes just north of Otsuka's are full of the sound of baby chicks
The ocean facing window seats at Scotty's BBQ are full
Capoeira practice in the grass by the ocean, leg up, head down, wheeling in a circle
The intuitive healer is making breathing sounds with her hands, she has a paying client
Happy keiki at the day care don't care about the waves, they swing and run around the play set
Looks like a pipe is forming, will someone get to blow out of the barrel
Tongans are building a rock wall on the house one block back from the ocean
Looks like construction at Cynthia Bloom's rental, tools everywhere, but no people
Hot now taking the jacket off, still no wind
Jet Ski racing in to refuel, focused pit stop, no time to lose
Lihue starting to sock in with a light mist
Very dark clouds out Kilauea way, here comes the dumping rain
Home again and the north wind has started howling again
Wonderful walk, time to cook dinner


[March 12, 2009] Kauai countdown, two days and then fly


The winds are now out of the North, cold and rainy, if there is a spot of sunshine, I hope to dash out and ride my bike. Kathy is off to the HIM conference on Oahu, so I am a bachelor for a couple days. Going to buy more trees for the farm today.

Mr. Yoshiro Sekitori wrote and invited me to give some talks at the second Future Decisions in Japan in July. One of the talks he wants is Josh Wright's new talk on the impact of wireless on privacy. I will need to really come up to speed on bluetooth and wireless from a hands on perspective, but should be fun.

Mark Weatherford has started blogging. He used to be the commanding officer at the Fleet Information Warfare Center ( FIWC), took a high position in Colorado with their state information security team and is now chief information security officer (CISO) for California's Office of Information Security and Privacy Protection.

Elselvier Direct ( Syngress ) is offering some free e-booklets. They appear to be sample chapters, I read the one on triage, must be from a forensics book.


[March 11, 2009] Looking forward to Fort Detrick and SANS Phoenix


The winds have turned Kona, which sometimes makes me sneeze, but it is a beautiful day on Kauai.

Hottest news today is Senator Norm Coleman and his data breach. He has already been in the news for accepting gifts. According to news reports, he did not notify his donors that their information had been compromised, possibly the information was on his web site in the clear, more information is starting to be available. That is a violation of Minnesota law if true. Apparently, there were also issues relating to his campaign as to whether he actually won and it may have to be re-voted. Finally, there is an inscrutable article about violating FCC regs on a commercial. I wonder if he will make Google trends, Coleman certainly generates news!

In the mailbox I received the following: The Arrowhead Center at NMSU is sponsoring a National Security Technology Conference between 31 March-April 2 in Las Cruces. I believe that SANS would benefit from this knowledge. Could you consider posting this event on your homepage and within the Center/department or distribute to other groups that could benefit from attending this conference?

I spent most of the day working on study questions for my course. I hope that these can help the students as they prepare for their certification exams. I am going to ask GIAC to look at them and see if they can incorporate some of the concepts in their exams if it can be done with an ISO friendly manner.