Dateline: Canada — A routine test of airport security turned into a Marx Brothers routine after security officers mistakenly sent a passenger home with a suitcase full of TNT. The TNT was supposed to be planted in the bags of a Montreal security agent. Instead, it somehow ended up stuffed into the luggage of an unsuspecting overseas passenger who arrived at Pierre Elliot Trudeau International Airport last Friday. The unnamed passenger went to a friend’s house where he found the explosives concealed in a jam jar and placed inside his suitcase. The man immediately called Quebec provincial police. The TNT, which officials say had no detonator attached, was meant as part of a weekly test for bomb-sniffing dogs at the airport. Ironically, the dogs failed to detect the explosives. The passenger and his baggage were able to pass though airport security unchecked. “Our investigation is going to reveal exactly what happened,” airport security spokesman Pierre Goupil told TV network TVA.
Penetration Testing Using Social Engineering
All names, places, titles, and work related information have been changed for the sake of security and privacy. The following article is NOT a textbook for stealing/shoplifting. The following article IS a resource for all security personnel to use as a means of training and defense against social engineering.
I decided to work a short day today so I only had time to make my attempts on two stores. I met the District Loss Prevention Supervisor (Charles) at 7a.m. in Middleville and asked him a few questions before I got started. He told me that he and a few of his plain clothed security guys had done this in the past and one of them held the record in the district for getting out the door without getting stopped with a $400 DVD player. I assumed that it must have been a while since that happened if the price was that high. What I said to him next really peaked his interest.
Isreal: “Man, I’m about to walk out that door with $4000 worth of merchandise and I’ll stop and talk to a cashier on the way out.”
His eyes almost fell out of his head, but the look quickly turned to one of disbelief.
Charles: “OK Isreal, lets try and be a bit more serious about this. I REALLY want to know if my people are doing their jobs.”
After trying to get him to place a friendly wager on my prediction, and failing, I headed for the doors. I was wearing a black collared polo shirt and khaki pants. I didn’t want to look completely like a bum, but at the same time, thought a shirt and tie would be too much of an advantage for me. I was in the center of middle-class America and wanted to blend in.
I decided I would start off by taking a quick walk around the store just to get a feel for the place, and to see how many employees were on the salesfloor. It seemed like everywhere I turned, a different employee was asking me if I needed any help so I figured I had better make my move quick and get out the door since the plan I had in mind required me to do so.
I walked into the back “employees only” area of the store behind a group (3) of people who looked like they were just arriving to work. I followed one of the girls as she was taking off her jacket so I could take a look at the coat rack. I was hoping to find an employee’s work vest hanging around and I wasn’t disappointed. I know that most overnighters could care less about taking them home to wash and there were plenty to choose from. I quickly checked through them for a name badge, but wasn’t quite as lucky as I was hoping to be so I took the cleanest one I could find and headed for the warehouse.
As I walked down the back hallway, I took quick glances in every room looking for an emply one. I didn’t find any so I asked an employee where the breakroom was and headed in that direction. I was trying to find some paperwork that I could carry into the warehouse to use as ‘official company documents’. I hit the jackpot when I opened the breakroom door when I noticed that the store had a seperate room for smokers as well, so I decided that I had worked hard enough so far and I deserved a break. After a refreshing dose of a nicotine inhaler I was back on the job. A quick survey of the non-smoking break room turned up a printout of employees who were scheduled to work that day. I knew that Charles wouldn’t be happy to know that it was left lying around for anyone to pick up so it was going to serve a dual purpose.
I folded up my paperwork and headed for the store’s warehouse. I entered the warehouse like I owned the place and walked around until I found the bins that held the backstock for the Electronics Department. I took a quick count of the computers and got the attention of one of the stockmen. His name-badge said James.
Isreal: “James, you got an empty cart anywhere back here? I’ve gotta take 5 computers over to the store in Vernstown.” I patted the ‘official’ paperwork in my vest pocket so he could see.
James: “I don’t have any empty carts right now, but I’ll grab an empty pallet and a jack.”
James walked off to get what I needed and I started taking computers down from the bins. When he returned, he helped me set them on the pallet and asked me if I needed any help putting them in my truck. I thought about it for a second but decided that I didn’t want to get this specific kid in trouble and told him that I could handle it myself and I’d bring the pallet and jack back in a few minutes.
On my way to the front door, I had to take the long way around so I could avoid electronics. As I was walking past the Jewelry Department I noticed an employee heading straight for me. When he headed me off, I read his name badge: Fred ‘Assistant Manager’. I stopped the pallet and waited to see what he was going to say.
Fred: “Hey um, (he was looking for my name badge)…”
I looked at my vest and put on a surprised look as I started looking for my lost badge. “I’m Isreal, I must have left my badge in Vernstown”
Fred: “Vernstown? What are you doing here?” He looked at the pallet I was pulling. “Are we TR‘ing those to your store?”
I patted the paperwork in my pocket again “Yeah, the ladies in the back got me the paperwork. I’m gonna load these up and head out”
He glanced at my folded up paperwork “Good, you need me to help you with that?” I could tell that he wasn’t sincere. No manager likes to do manual labor.
Isreal: “Nah, I got it. Thanks anyway.” I started to move with the pallet again so he could have an excuse to walk away… He used it.
On my way out, I saw Charles talking to the ladies at the Customer Service desk. He didn’t see me so I kept moving. I stopped long enough to say something about the “crappy weather” to a kid standing by a register and took the pallet and my merchandise out the front doors. I waited outside for about 30 seconds before I realized that Charles never did see me leave so I took out my cell phone and called the store.
Happy Girl: “Hi, thank you for calling Flop-Mart this is Happy Girl how may I direct your call?”
Isreal: “Charles XXXXXX please”
((“Do a little dance, make a little love, get down tonight… get down tonight”)) I like that song. Sometimes I wish I could stay on hold longer just to hear a song I haven’t heard in a while, but this time I wasn’t on hold very long. Charles answered and I told him that I was outside. He laughed and said he’d be right out. His laugh sounded more like a victory cheer and I was really going to enjoy raining on his parade. I hopped up, sat on one of the computers, and waited to see his expression.
I don’t think I have ever seen a person’s face turn red as quickly as his did. He was OBVIOUSLY angry so I decided it wouldn’t be a good idea to gloat about my victory and I settled for telling him exactly how I did it. As I did, I wrote down the prices of the computers and gave him my total take.
$698 x 3 = $2094
$749 x 2 = $1498
Grand Total $3592
CRAP!! I didn’t reach my $4000 guarantee. Oh well, it was close enough for me, and it was MORE than enough for Charles. I followed him back inside with my loot and he yelled at a passing person to take it to the warehouse. I took off the vest, set it on the pallet and followed Charles to the manager’s office.
I would love to tell you about the ass chewing he gave the store’s management team, but he made me leave the room after I told them what I had done. ‘Assistant Manager’ Fred looked like he was going to puke when I got to his part of the story. I went to the smokers break room and waited for 45 minutes until Charles came and told me we were heading to Vernstown.
Originaly posted on lineman.net
The second installment can be found here
This was a short entry that I wrote describing my most loathed of times during school. finals
But twice a year comes the special time of college life that we call "finals." Finals is something that every student will have to deal with during their undergrad experience; two weeks at the end of each semester devoted solely to learning everything you should have in the previous 14 weeks. These two weeks of tormenting are (for me at least) carefully balanced between trying to figure out what I need to know for a certain test and trying to jam all the necessary data into my mind. It doesn't matter at all that I probably won't remember any more than one fifth of what I study. Most of it leaving my frontal lobe about five minutes after I walk out of whatever room my test is in. The way I see it, that's all part of the game. Knowledge that an individual can throw out at a moments notice has a certain appeal, but I think that college is definitely about much more than that. Learning how to learn is infinitely more important than being able to quote Kant, find the derivative of a fourth degree equation, or rattle off the atomic weight of Cobalt. These things don't matter in the real world. Sure they may help; definitely for some people more than others. I certainly wouldn't trust a surgeon who had an encyclopedia opened up next to me in the operating room; asking the nurse, "do you think they mean the Appendix in the back of the book, or the one inside his body?"
My favorite place to spend my time during finals has been the study rooms in the basement of Eggers Hall. Walking down the stairs into the basement, I enter the study lounge, a big room with two long tables and four small rooms on each side of the lounge. Each one of these study rooms consists of a single table, suitable for two people to sit around and cram. I never shared, though. That would defeat the whole purpose of going down there. I went there to lock myself off from the rest of humanity, to try to muster up every conscience conscious thought that I might be able to squeeze out of my mind before whatever deadline I had. The nice thing about the study room is that you can close the door to almost completely cut yourself off from the rest of the world. Once that door is closed behind you, time becomes a mute point. There is no clock to tell you if it's time for dinner, no window to tell you if the sun is coming back up yet, and no music coming through the wall from your neighbor's apartment. When you close yourself in, time can be both your best friend and worst enemy, and everyone down there knows it. There is an interesting subculture of those who live in the basement of Eggers during finals. You see people at their most vulnerable, knowing that you are both here doing the same thing and that the time spent down here could easily be the difference between passing and failing. It is this known, but always unspoken, vulnerability that brings people closer together. It's almost as though people come together to pull through a crisis situation.
In the basement my biggest enemy was always boredom. Reading about the sociological aspects of Kenyan Running for 6 hours can pay a toll on even the most eager students... let alone me. During these boughts of boredom I would often wander around the rest of the building. Walking through an immense building, knowing that there may be at most 12 other people awake in the building at this time, you feel a certain freedom. I got to know several of the night janitors and often would walk around talking to them. I found a grad bay on the fourth floor of Maxwell that was always open, and always had the most precious of commodities available; coffee.
Eventually the time for finals comes to pass, and instead of looking on the building that was my home for the last 72 hours with a new sense of pride and comfort, all I can feel is disgust, knowing that the next time I come back here it will be for finals next semester.
This week I'm supposed to be creating a scene that reflects a moment in my life involving one of my major influences. I chose my mom. As most of you know, I'm a pretty hard core computer geek. When I trace my computer literate influences it all goes back to my mom. She's always been quite computer literate (especially for a woman) and I thought the other day about the first computer she got for me.
Phase 1: The old Texas Instruments
I must have been no more than 3 years old when she got my this bad-ass Texas Instruments computer. It was basically a really thick keyboard with a coax hookup that went to the TV. On the side was a slot that would accept cartriges containing programs. (Oohh, found it in the Computer Museum.) This thing ran at a whopping 3 Mhz! I think I have a universal remote with more BogoMips than that thing now.
I can still remember playing 'Face Maker', my favorite game at the time. It was basically a digital version of Mr. Potato Head. Simple stuff, but it must have looked wierd for other people; coming over to the house and I'm (@ 3 years old) hacking away on this keyboard with a mug of coffee and a bag of Dorito's. ;)
Phase 2: The PS2
The next step up on the ladder of computation came in about 1986-87 when mom got an IBM PS2 Model 50. If I can remember correctly, 12 Mhz, 1 MB RAM and a 20 MB hard drive. The stuff dreams are made of, you know. She had this home business that she started; editing dissertations for foreign PhD students. I still have nightmares about our dot-matrix printer spitting out 80 pages at a time. The real fun came when it was time for the final copy of a dissertation. She would pay me to sit at the printer and hand feed the nice paper, one sheet at a time, into the dot-matrix.
The PS2 was the real beginning of my love of computing. Somehow or another, I found out about this thing that they called BASIC. I remember getting a subscription to a magazine devoted entirely to BASIC programming. This being way before the days of the Internet (at least for schmoes like me) the magazine would have 20 pages or so dedicated to including source code to whatever the featured program of the month was. Mom, being the nurturing type that she is, would sit down and help me type in 20 pages of BASIC code. We would take turns reading code off to each other; "Okay mom, '130 GOTO 10; 140 PRINT HELLO, WORLD!'", I would bark out. Any time there was a program that I was interested in, it would take about 2 days for us to get it punched into the computer correctly.
Looking back at that now, I realize that she was pretty hip to help her 7 year old son hack the Gibson.
Years went by, and slowly I noticed a shift from me asking her how to do something to her asking me how to do something. It was kind of awkward for me to slowly become the mentor of my mentor; like it was almost rude for me to watch her do something and say, "No, Mom, there's a better way to do that."
I still have that computer in my apartment somewhere. I haven't been able to bring myself to throw it away. As far as I know it still boots up and works. I even found a network card for it... a 10Base-2 card that uses the MCA bus. Somehow I feel like it needs to be around, a part of history that I can always look back upon to remeber my roots. At the same time, it's kind of scary to see the pace of change. It's hard for me to see how things have actually changed without having a solid reference to compare; kind of like how I couldn't tell when our dogs were growing, but other people who only saw them once a month could readily see how big they were getting.
Phase 3: the BBS scene
I'll leave this for tomorrow... the fun stuff.
I finally got into the Comp. Sci. department (after only 4 years... wow) at SU and am determined to graduate in the next year, or two or three. To celebrate my acceptance to the program the University decided it was high time for me to have an advisor. Helping me on my path to academic enlightenment, Prof. Older advised to take writing 105. Part of writing 105 involves having a journal in which we keep thoughts about the process of writing and, more specifically, the writing we do for our class. My writing instructor, Christopher, was pretty cool with the idea of me using the blog as my journal so I have decided to set up a new category devoted specifically to my class. I figured it would be fun to keep this an open journal so I would encourage people to post to this; don't think of it just as my homework in HTML but more of a forum for criticizing (both positive and humorous) my work and my lifelong journey for that coveted B.S.
Note: B.S. in this context means Bachelor's of Science, not the other BS.