Wednesday, November 19, 2008
Free Vulnerability Assessment Software
The Department of Energy Lawrence Berkeley National Laboratory (LBNL) offers resources for the emergency Services Sector (ESS), including one of interest to emergency managers and personnel tasked to reduce the likelihood of chemical, biological, and radiological (CBR) attacks against buildings and mitigate the severity of such attacks against their occupants. The information emergency personnel and building managers need to determine key vulnerabilities and implement mitigation strategies for buildings often is targeted to technical consultants and design professionals. LBNL has developed the Building Vulnerability Assessment and Mitigation Program (BVAMP), a free software tool to improve emergency preparedness, plan shelter-in-place responses, restrict access to building systems and information, and develop building system control protocols for use during a deliberate CBR release. The BVAMP tool is a series of yes/no questions about four aspects of a building's vulnerability—emergency response plan, building access, heating, ventilating, and air conditioning (HVAC) systems, and HVAC controls—appropriate for small- to medium-sized releases such as those that would be expected from a terrorist attack. After the questions in each section are answered, BVAMP assembles an advice report. Included with the BVAMP tool are a building vulnerability assessment walk-through questionnaire and a list of the questions used in the tool itself. Article found on the IAFC Homeland Protection & Security Weekly Newsletter Analyst Note: To examine the BVAMP tool, go to http://securebuildings.lbl.gov/BVAMP.html and select "Buildings" under VulnerabilityAssessment.
Friday, October 24, 2008
"2A Today for The USA"
"2A Today for The USA" - JPFO Video (23 minutes)
A great video on the 2nd Amendment
http://www.jpfo.org/filegen-a-m/2a-today-download.htm
This website offers numerous options for viewing or downloading this free video.
A great video on the 2nd Amendment
http://www.jpfo.org/filegen-a-m/2a-today-download.htm
This website offers numerous options for viewing or downloading this free video.
Bird Flu Preparedness eCourse
Bird Flu Preparedness eCourse Certification Program Opens to Public -- Bird Flu Manual Online, the world's foremost online reference and resource mine designed specifically to help businesses prepare for a pandemic outbreak of Bird Flu, has recently made freely available to the public their Pandemic Preparedness eCourse Certification Program.
>> http://www.prweb.com/releases/2008/10/prweb1492844.htm <<
>> http://www.birdflu-manual.com/ <<
>> http://www.prweb.com/releases/2008/10/prweb1492844.htm <<
>> http://www.birdflu-manual.com/ <<
Tuesday, October 21, 2008
Disaster Preparedness
FREE ON-LINE TRAINING
IS-22 Are You Ready? An In-depth Guide to Citizen Preparedness
http://training.fema.gov/EMIWeb/IS/is22.aspThe "Are You Ready? An In-Depth Guide to Citizen Preparedness" has been designed to help the citizens of this nation learn how to protect themselves and their families against all types of hazards. It can be used as a reference source or as a step-by-step manual. The focus of the content is on how to develop, practice, and maintain emergency plans that reflect what must be done before, during, and after a disaster to protect people and their property. Also included is information on how to assemble a disaster supplies kit that contains the food, water, and other supplies in sufficient quantity for individuals and their families to survive.
IS-55 Household Hazardous Materials - A Guide for Citizens
http://training.fema.gov/EMIWeb/IS/is55.aspThis course was designed for the general public. The course will introduce you to household hazardous materials and things you can do to protect yourself and your family from injury or death. In the 1st unit, you will learn about basic chemical and physical properties, the ways chemicals enter your body, and the effects chemicals have on your body. In the 2nd and 3rd units, you will learn about cleaning products, lead, mercury, gasoline, compressed gases, carbon monoxide, medical supplies, chlorine, pesticides, and much more. In the last two units, you will cover labels, personal protective equipment, proper disposal methods, preventive measures to take before natural disasters, and less toxic alternatives. Dangers from chemical products depend greatly on the individuals using them. Chemicals are safe to use when people read the directions and use them correctly. This course is available on-line as an interactive web-based course. It will take 1 to 3 hours to complete all the units and take the final exam. There are several interactive activities throughout the course. These activities are optional and not content based, however, you are encouraged to view them, as they will reinforce content learned.
IS-394.A Protecting Your Home or Small Business From Disaster
http://training.fema.gov/EMIWeb/IS/IS394A.aspThe purpose of this course is to provide a foundation of knowledge that will enable participants to: Describe different types of natural disastersDescribe hazards that pose a risk to their home or small businessExplain how protective measures can reduce or eliminate long-term risks to their home and personal property from hazards and their effectsExplain how protective measures for small businesses secure people, business property, and building structures and prevent business loss from a natural disaster.
REFERENCES TO DOWNLOAD
American Red Cross (Bay Area) - Disaster Preparedness Videohttp://www.redcrossbayarea.org/preparedness/stream.htm
Disaster can strike quickly, anytime day or night—and often without warning. It can separate you from your loved ones, force you to evacuate, or confine you to your home. With a disaster plan, supplies, and safety training, you will be ready to take care of yourself and your family. The American Red Cross Bay Area Chapter, in conjunction with the Alameda Fire Department, and Alameda Power and Telecom, produced this 19-minute video about disaster preparedness. Watch it and learn the American Red Cross' three basic steps to disaster preparedness: Make a Plan, Get a Kit, and Be Informed & Get Trained. (Can be downloaded as a QuickTime Video 54.9MB)
Delaware Citizen Corps has produced a five part video series on disaster preparedness for the State of Delaware.http://www.delawarecitizencorps.org/videos
Mountain House http://www.mountainhouse.com/emg_info.cfm
Oak Ridge National Laboratory - Chemical Stockpile Emergency Preparedness Programhttp://emc.ornl.gov/CSEPPweb/CSEPPTraining.html
Seattle Disaster Preparedness Training Videohttp://www.iriseducation.org/disasterprep/
Washington Military Department - Emergency Resource Guide
http://www.doh.wa.gov/phepr/handbook.htm
http://www.doh.wa.gov/phepr/handbook/hbk_pdf/EmerRes08.pdf
IS-22 Are You Ready? An In-depth Guide to Citizen Preparedness
http://training.fema.gov/EMIWeb/IS/is22.aspThe "Are You Ready? An In-Depth Guide to Citizen Preparedness" has been designed to help the citizens of this nation learn how to protect themselves and their families against all types of hazards. It can be used as a reference source or as a step-by-step manual. The focus of the content is on how to develop, practice, and maintain emergency plans that reflect what must be done before, during, and after a disaster to protect people and their property. Also included is information on how to assemble a disaster supplies kit that contains the food, water, and other supplies in sufficient quantity for individuals and their families to survive.
IS-55 Household Hazardous Materials - A Guide for Citizens
http://training.fema.gov/EMIWeb/IS/is55.aspThis course was designed for the general public. The course will introduce you to household hazardous materials and things you can do to protect yourself and your family from injury or death. In the 1st unit, you will learn about basic chemical and physical properties, the ways chemicals enter your body, and the effects chemicals have on your body. In the 2nd and 3rd units, you will learn about cleaning products, lead, mercury, gasoline, compressed gases, carbon monoxide, medical supplies, chlorine, pesticides, and much more. In the last two units, you will cover labels, personal protective equipment, proper disposal methods, preventive measures to take before natural disasters, and less toxic alternatives. Dangers from chemical products depend greatly on the individuals using them. Chemicals are safe to use when people read the directions and use them correctly. This course is available on-line as an interactive web-based course. It will take 1 to 3 hours to complete all the units and take the final exam. There are several interactive activities throughout the course. These activities are optional and not content based, however, you are encouraged to view them, as they will reinforce content learned.
IS-394.A Protecting Your Home or Small Business From Disaster
http://training.fema.gov/EMIWeb/IS/IS394A.aspThe purpose of this course is to provide a foundation of knowledge that will enable participants to: Describe different types of natural disastersDescribe hazards that pose a risk to their home or small businessExplain how protective measures can reduce or eliminate long-term risks to their home and personal property from hazards and their effectsExplain how protective measures for small businesses secure people, business property, and building structures and prevent business loss from a natural disaster.
REFERENCES TO DOWNLOAD
American Red Cross (Bay Area) - Disaster Preparedness Videohttp://www.redcrossbayarea.org/preparedness/stream.htm
Disaster can strike quickly, anytime day or night—and often without warning. It can separate you from your loved ones, force you to evacuate, or confine you to your home. With a disaster plan, supplies, and safety training, you will be ready to take care of yourself and your family. The American Red Cross Bay Area Chapter, in conjunction with the Alameda Fire Department, and Alameda Power and Telecom, produced this 19-minute video about disaster preparedness. Watch it and learn the American Red Cross' three basic steps to disaster preparedness: Make a Plan, Get a Kit, and Be Informed & Get Trained. (Can be downloaded as a QuickTime Video 54.9MB)
Delaware Citizen Corps has produced a five part video series on disaster preparedness for the State of Delaware.http://www.delawarecitizencorps.org/videos
Mountain House http://www.mountainhouse.com/emg_info.cfm
Oak Ridge National Laboratory - Chemical Stockpile Emergency Preparedness Programhttp://emc.ornl.gov/CSEPPweb/CSEPPTraining.html
Seattle Disaster Preparedness Training Videohttp://www.iriseducation.org/disasterprep/
Washington Military Department - Emergency Resource Guide
http://www.doh.wa.gov/phepr/handbook.htm
http://www.doh.wa.gov/phepr/handbook/hbk_pdf/EmerRes08.pdf
Sunday, October 19, 2008
Free On-line Security Training
For those of us interested in disaster preparedness and developing a better security awareness, the following on-line courses are an excellent resource. Each of these courses is free and open to the public.
Prevention and Deterrence of Terrorist Acts (1.5 hours)
URL: http://www.ncbrt.lsu.edu/elearn
As the threat of terrorism has increased and evolved, the United States government has expanded its support for initiatives to prepare first preventers to prevent and deter terrorist incidents involving weapons of mass destruction, to include chemical agents, biological agents, radiological or nuclear materials, and explosives (CBRNE). This online training course provides the participant with an awareness for preventing and deterring potential acts of terrorism through vigilance, observation, and reporting suspicious indicators or terrorist acts. The U.S. Department of Homeland Security is supporting several major initiatives to prevent and/or deter terrorist incidents. This course is one of those initiatives and was developed in a collaborative effort by the National Domestic Preparedness Consortium.
Are You Ready? An In-depth Guide to Citizen Preparedness FEMA/EMI Course IS-22
URL: http://training.fema.gov/EMIWeb/IS/is22.asp
The "Are You Ready? An In-Depth Guide to Citizen Preparedness" has been designed to help the citizens of this nation learn how to protect themselves and their families against all types of hazards. It can be used as a reference source or as a step-by-step manual. The focus of the content is on how to develop, practice, and maintain emergency plans that reflect what must be done before, during, and after a disaster to protect people and their property. Also included is information on how to assemble a disaster supplies kit that contains the food, water, and other supplies in sufficient quantity for individuals and their families to survive.
Protecting Your Home or Small Business From Disaster - IS-394.A (2-hours)
URL: http://training.fema.gov/EMIWeb/IS/IS394A.asp
The primary audience for IS-394.A, like its predecessor, is small business owners, homeowners, and individual citizens. It is presented in a non-technical format and includes protective measures that can reduce the negative consequences of disasters on homes or small businesses.
• Lesson 1. Overview: Protecting Against Disasters
• Lesson 2. Protecting Against Water Damage
• Lesson 3. Protecting Against Wind Damage
• Lesson 4. Protecting Against Wildfires
• Lesson 5. Protecting Against Earthquake Damage
Information Security In The Workplace
URL: http://www.infragardawareness.com/index.php
Our free security awareness course will not only teach you how easy it is to help make your workplace more secure, it will also teach you the vital skills to protect yourself and your family from cybercrime and identity theft. The course is free to all individuals and small businesses. And when you have completed the course, you can also be amongst the first in the nation to earn your “Certificate In Information Security Awareness In the Workplace” – an invaluable addition to any resume that will be welcomed by security conscious employers.
Information Assurance Awareness – Shorts (1-hour, 45-minutes total)
URL: http://iase.disa.mil/eta/ia-awareness-shortsv2/INFOSEC_Shorts/launchPage.htm
Telework (15-minutes)
Insider Threat (15-minutes)
Wireless (15-minutes)
Passwords (20-minutes)
Peer to Peer (20-minutes)
Social Engineering (20-minutes)
Phishing Awareness (15-minutes)
URL: http://iase.disa.mil/eta/phishing/Phishing/launchPage.htm
Microsoft Office Basic Security (20 – 30 minutes)
URL: http://office.microsoft.com/training/training.aspx?AssetID=RC010425851033&ofcresset=1
Learn about security fundamentals in Microsoft Office programs and what you can do to help protect your computer and documents. Find out about digital signatures, some basic information about macros and viruses, and how to create strong passwords to help protect your documents.
National Institute of Health Information Security & Privacy Awareness Training
URL: http://irtsectraining.nih.gov/
• Computer Security Awareness Course (30-60 minutes)
• Securing Remote Computers (30-60 minutes)
• Privacy Awareness Course (30-60 minutes)
Prevention and Deterrence of Terrorist Acts (1.5 hours)
URL: http://www.ncbrt.lsu.edu/elearn
As the threat of terrorism has increased and evolved, the United States government has expanded its support for initiatives to prepare first preventers to prevent and deter terrorist incidents involving weapons of mass destruction, to include chemical agents, biological agents, radiological or nuclear materials, and explosives (CBRNE). This online training course provides the participant with an awareness for preventing and deterring potential acts of terrorism through vigilance, observation, and reporting suspicious indicators or terrorist acts. The U.S. Department of Homeland Security is supporting several major initiatives to prevent and/or deter terrorist incidents. This course is one of those initiatives and was developed in a collaborative effort by the National Domestic Preparedness Consortium.
Are You Ready? An In-depth Guide to Citizen Preparedness FEMA/EMI Course IS-22
URL: http://training.fema.gov/EMIWeb/IS/is22.asp
The "Are You Ready? An In-Depth Guide to Citizen Preparedness" has been designed to help the citizens of this nation learn how to protect themselves and their families against all types of hazards. It can be used as a reference source or as a step-by-step manual. The focus of the content is on how to develop, practice, and maintain emergency plans that reflect what must be done before, during, and after a disaster to protect people and their property. Also included is information on how to assemble a disaster supplies kit that contains the food, water, and other supplies in sufficient quantity for individuals and their families to survive.
Protecting Your Home or Small Business From Disaster - IS-394.A (2-hours)
URL: http://training.fema.gov/EMIWeb/IS/IS394A.asp
The primary audience for IS-394.A, like its predecessor, is small business owners, homeowners, and individual citizens. It is presented in a non-technical format and includes protective measures that can reduce the negative consequences of disasters on homes or small businesses.
• Lesson 1. Overview: Protecting Against Disasters
• Lesson 2. Protecting Against Water Damage
• Lesson 3. Protecting Against Wind Damage
• Lesson 4. Protecting Against Wildfires
• Lesson 5. Protecting Against Earthquake Damage
Information Security In The Workplace
URL: http://www.infragardawareness.com/index.php
Our free security awareness course will not only teach you how easy it is to help make your workplace more secure, it will also teach you the vital skills to protect yourself and your family from cybercrime and identity theft. The course is free to all individuals and small businesses. And when you have completed the course, you can also be amongst the first in the nation to earn your “Certificate In Information Security Awareness In the Workplace” – an invaluable addition to any resume that will be welcomed by security conscious employers.
Information Assurance Awareness – Shorts (1-hour, 45-minutes total)
URL: http://iase.disa.mil/eta/ia-awareness-shortsv2/INFOSEC_Shorts/launchPage.htm
Telework (15-minutes)
Insider Threat (15-minutes)
Wireless (15-minutes)
Passwords (20-minutes)
Peer to Peer (20-minutes)
Social Engineering (20-minutes)
Phishing Awareness (15-minutes)
URL: http://iase.disa.mil/eta/phishing/Phishing/launchPage.htm
Microsoft Office Basic Security (20 – 30 minutes)
URL: http://office.microsoft.com/training/training.aspx?AssetID=RC010425851033&ofcresset=1
Learn about security fundamentals in Microsoft Office programs and what you can do to help protect your computer and documents. Find out about digital signatures, some basic information about macros and viruses, and how to create strong passwords to help protect your documents.
National Institute of Health Information Security & Privacy Awareness Training
URL: http://irtsectraining.nih.gov/
• Computer Security Awareness Course (30-60 minutes)
• Securing Remote Computers (30-60 minutes)
• Privacy Awareness Course (30-60 minutes)
Saturday, October 18, 2008
Book Review: "Schneier of Security"
Schneier on Security -- by Bruce Schneier (Link to Amazon.Com)
Being a fan of Bruce Schneier's other books, I looked forward to his latest work "Schneier On Security", and certainly was not disappointed, although I found that I had read some sections of the book previously.
"Schneier On Security" consist of a compilation of articles published by Mr. Schneier from 2002 through the summer of 2008. If you regularly read Crypto-Gram and Wired Magazine you will be familiar with some sections of this book. Articles published in other magazines and newspapers, and reprinted in this book, I had not previously read and enjoyed the opportunity to read them now.
As with all of Mr. Schneier's writings, the articles in the book are thought provoking yet at the same time easy to read.
The book is divided into 12 chapters, followed by a large list of web-sites providing additional information and references.
The chapters are:
Introduction
1 - Terrorism and Security
2 - National Security Policy
3 - Airline Travel
4 - Privacy and Surveillance
5 - ID Cards and Security
6 - Election Security
7 - Security and Disasters
8 - Economics of Security
9 - Psychology of Security
10 - Business of Security
11 - Cybercrime and Cyberwar
12 - Computer and Information Security
References
Index
Each chapter consists of a few previously published articles related to the chapter topic.
Well written, thought provoking, and an opportunity to get several of Mr. Schneier's articles collected into a single volume.
+ + + + + + + + + + +
From the Inside Flap
You take off your shoes in the airport. You scan the supermarket's "preferred customer" card to get the sale price. You claw your way through tamper-resistant packaging for a couple of aspirin. You accept all these inconveniences in the name of security.
But are you any safer?
Bruce Schneier, arguably the world's foremost authority on computer security, has explored security issues ranging from protecting your password to illegal wiretapping.
This collection of Schneier's best op-ed pieces, columns, and blog posts goes beyond technology, offering his insight into everything from the risk of identity theft (vastly overrated) to the long-range security threat of unchecked presidential power and the surprisingly simple way to tamper-proof elections.
You'll discover:
- Why data mining will never protect us from terrorists
- How your stone-age brain affects what you fear and what security measures you accept
- Why computer security is fundamentally an economic problem
- Whether you can really trust a Trusted Traveler
- If sacrificing your privacy has made you more secure
- Why refusing driver's licenses to illegal immigrants actually reduces security
- The industry power struggle over controlling your computer
- Why we overestimate some risks and underestimate others
- Why national ID cards won't make us safer, only poorer
. . . and much more
This book will challenge your illusions of security at every level.
Think it's okay to give up your privacy if you're doing nothing wrong? What happens when "wrong" gets redefined? How much power over your personal life are you willing to concede to the person you least want to see as president? What's the acceptable trade-off between security and convenience?
In this ruthless, comprehensive, and thought-provoking analysis, Schneier shows us what we should be worrying about and how to get our national fingers off the panic button.
Friday, October 17, 2008
Omziff (Version 3.2)
Omziff v. 3.2 is a straightforward encryption utility that uses various cryptographic algorithms to encrypt and decrypt textual files. These algorithms include: Blowfish, Cast128, Gost, IDEA, Misty1, AES/Rijndael, and Twofish.
Omziff also generates random passwords, splits files, and does simple file shredding according to DOD Standards.
Omziff contains a decoy file generator; good for creating a directory full of useless files to obfuscate a hidden, sensitive file, and a cryptographically secure random number generator, which creates secure random numbers with irreproducible patterns.
It is freeware, comes in a standalone executable file with no dependencies and is completely USB compatible!
Wednesday, October 15, 2008
What Is Sub Rosa?
(sub rosa – confidentially; secretly; privately. from the Latin: sub rosa lit., under the rose, from the ancient use of the rose at meetings as a symbol of the sworn confidence of the participants.)
Sub rosa comes from the Latin, literally "under the rose," from the ancient association of the rose with confidentiality, the origin of which traces to a famous story in which Cupid gave Harpocrates, the god of silence, a rose to bribe him not to betray the confidence of Venus. Hence the ceilings of Roman banquet-rooms were decorated with roses to remind guests that what was spoken there was sub rosa.
In the case of this blog, Sub Rosa is the continuation of my old "Sub Rosa Newsletter". From time to time over the years I have published an e-mail newsletter wherein I offered summaries, analysis, insights, and commentaries on counterintelligence, security, investigations, and related issues. This blog replaces the newsletter and allows me to offer information as it becomes available. I invite everyone who read Sub Rosa in the past to now join us here on-line.
Sub rosa comes from the Latin, literally "under the rose," from the ancient association of the rose with confidentiality, the origin of which traces to a famous story in which Cupid gave Harpocrates, the god of silence, a rose to bribe him not to betray the confidence of Venus. Hence the ceilings of Roman banquet-rooms were decorated with roses to remind guests that what was spoken there was sub rosa.
In the case of this blog, Sub Rosa is the continuation of my old "Sub Rosa Newsletter". From time to time over the years I have published an e-mail newsletter wherein I offered summaries, analysis, insights, and commentaries on counterintelligence, security, investigations, and related issues. This blog replaces the newsletter and allows me to offer information as it becomes available. I invite everyone who read Sub Rosa in the past to now join us here on-line.
Subscribe to:
Posts (Atom)