jump to navigation

UPDATE “Just Say No!”- to Facebook Login Request for Employment March 23, 2012

Posted by Chris Mark in Industry News, InfoSec & Privacy.
Tags: , , , , ,
add a comment

UPDATE: Kudos to Facebook for weighing in on this subject.  Facebook says that not only is the practice wrong, but it is a violation of Facebook’s terms of service.  Echoing what I (and others) have said, logging into someone’s FB page could expose the employer to a lawsuit.  “(W)e don’t think it’s right the thing to do,” she said. “But it also may cause problems for the employers that they are not anticipating. For example, if an employer sees on Facebook that someone is a member of a protected group (e.g. over a certain age, etc.) that employer may open themselves up to claims of discrimination if they don’t hire that person.”

I find myself posting on this subject occasionally because a neighbor, friend or other person will inform me that during an interview or application they were asked to provide their Facebook or other ‘social media’ login.  This topic seems to arise again, and again and was again highlighted on msnbc.com.  So, for those who are asking or saying: “Chris, if you have nothing to worry about, then why do you care?”  Valid question.  Let me answer.  First, if you are looking for a job, as a responsible professional person you should take care to not post inflammatory, racist, hateful or other items on your social media.  If you are a proud member of a hate group, you may want to keep that info private.   Pictures of you doing drugs, or being arrested in New Orleans is also probably a bad idea.  (more…)

Risk 102- Lose “A” Match but Win “THE” Game March 23, 2012

Posted by Chris Mark in Risk & Risk Management, weapons and tactics.
Tags: , , , , , , , ,
add a comment

Risk management is about decisions.  Given certain information, people then make decisions that they hope will minimize the risk of a particular outcome.  This post is about risk and decisions.

Years ago I was a young Marine attending the USMC’s Amphibious Reconnaissance School (ARS).  Upon successfully passing the school I would be conferred with the coveted Military Occupational Specialty (MOS) of 0321- Reconnaissance Marine.  Recon Marines operate in very small teams conducting various reconnaissance missions to provide intelligence to the commander. The last phase of ARS training is known as “patrolling phase”.  This is where all the students put their skills to use and run back to back patrols for a week while begin graded by the instructors.

During one of the final patrols we came upon a road known in military speak as a “linear danger area” and were considering a “two man bump” and other techniques to safely cross the danger area.  After having not slept for the better part of a week my mind was a bit foggy.  I asked the instructor: “SSGT, if we apply these techniques can we be confident that we will cross safely?”  He looked at me and said: “Mark, you can do everything by the book and exactly right and still get your entire team killed.  All you can do is make tactically sound decisions and hope for some luck.”  Certainly without meaning to do so, this Marine Staff Sergeant articulated the idea of risk and risk management as well as any academic. (more…)

France’s PATROIT Act? – “Visit Website; Go to Jail” March 23, 2012

Posted by Chris Mark in Industry News, Laws and Leglslation, terrorism.
Tags: , , , , , , , ,
add a comment

In the aftermath of the murder of 7 people in France by a self-proclaimed Al Qaeda militant, France’s president Nicolas Sarkozy has proposed a sweeping law that would jail those who visit extremist websites.  “Anyone who regularly consults Internet sites which promote terror or hatred or violence will be sentenced to prison,” he told a campaign rally in Strasbourg, in eastern France. “What is possible for pedophiles should be possible for trainee terrorists and their supporters, too” 

The murders of 7 people in Toulouse were horrific.  Among those killed were a Rabbi and several children at a Jewish school.  The murderer, 23 year old Mohamad Merah, was killed by French police after a standoff.  (more…)

“Failed State of Security”- Published by IDGA March 21, 2012

Posted by Chris Mark in InfoSec & Privacy, Laws and Leglslation, Risk & Risk Management.
Tags: , , , , , , ,
add a comment

The Institute for Defense and Government Advancement (IDGA) has published the whitepaper “Failed State of Security”; A Rational Analysis of Deterrence Theory & Its Effect on Cybercrime. Check it out!

Abstract  “In reviewing the literature on criminology and information security it appears that, while they share many common themes, there is a disconnect between the criminological theory and its application in information security.  Information security, as a field, is focused on the protection of information assets.  Criminology is focused on the prevention of criminal behavior.  As most information security practitioners will likely attest, there is little overlap between the two fields and there has been little research or focus on the use of crime theories on the prevention of cybercrimes.   This paper attempts to bridge the gap between the fields and highlight the deficiencies in the current approach of compelling victims to prevent cybercrime as opposed to deterring the criminals from committing cybercrimes.” 

Colombian Troops Kill Dozens of FARC Guerillas March 21, 2012

Posted by Chris Mark in terrorism, weapons and tactics.
Tags: , , , , , , ,
add a comment

According to a story on CNN, Colombian government forces have killed dozens of leftist guerrillas in the past two days. Various operations throughout Colombia killed an estimated 39 members of the Revolutionary Armed Forces of Colombia (FARC).   FARC has been at war with the Colombian government since the 1960’s and by 2005 had kidnapped an estimated 2,500 people.  In the first half of 2011 FARC had kidnapped 108 people.

While self labeled as a “leftist” guerrilla group, many organizations have labled FARC as a terrorist organization or ‘narco terrorist’ organization. (more…)