That’s the question the Consumerist asked readers today, with a story about a Florida grand-dad whose gardener is supposedly fleecing him for over $10k / month, allegedly to help an ailing friend:

Shaun says his 80+-year old grandfather, Steve, is being scammed out of over $10,000 a month. It seems Steve recently hired a female gardener who introduced him to a “wealthy friend,” and now he’s loaning them money to pay for groceries, cable, home upkeep, and, get this, bodyguards to protect her from an ex-husband and son who to want to kill her. When the family tries to intervene, Steve says the family is trying to put him in a nursing home and steal his money. Shaun is at a loss. How can he help his grandfather, who doesn’t want to be helped?

Another question that might be relevant in the IT Security community is, are the elderly more prone to these scams, and if so why? In the tech world it’s widely assumed that the older generation just has a harder time learning and grasping how to use technology so may not understand what is risky and what isn’t.

But perhaps there’s a deeper problem, either with some form of dementia and paranoia in the older years, or just a purer vulnerability associated with being alienated from the new, cutting edge and modern world as we age, or some kind of unwillingness to be suspicious because of the need to have caring people around you?

The idea is simple — find SQL Injection vulnerabilities in high-traffic, trusted websites where the site’s content is dynamically fetched from a database (i.e. just about any content-rich site). Then use an automated tool to prepend or append malicious content to that content in the database. When the unsuspecting user visits the page to read an article, they will be treated to a barrage of <script> or other tags fetching content from sites in .ru, .cn, or who knows where else.

The guidance you give to mom and dad, “don’t visit sketchy looking sites in other countries,” is no longer good enough. If BusinessWeek can be compromised, it’s a given that USA Today, CNN, the New York Times, and other establishments are being targeted as well.

For this and similar examples, NoScript would have thwarted the attack because it wouldn’t permit the .js file to be loaded from an off-domain location. But what happens when the attackers start injecting the entire .js payload into the database instead of just a <script> tag? Now the malicious code is coming from the trusted domain, and if I’ve configured NoScript to allow scripts from businessweek.com, I’m out of luck. In fact, I have no idea why the attackers aren’t using this tactic already. Any ideas?

Recently I spent one week at a customer in a hotel where the staff obviously was hosting nightly parties down at my end of the hall- from about 2:00am - 5:30am each (yes- every) night I was there. The hotel I’m in tonight has no elevator. Yeah. @#$! That’s what I said. Twice in the past 10 days or so, I’ve been in really nice resort-hotels, so I’ve had the whole spectrum this month and last.

For me, sometimes it’s the little things… I really like it when hotels have conditioner, instead of just shampoo. I like space- so a nice work area is important to me. Of course a big soft bed and plenty-o-pillows is a key ingredient. A whirlpool or jetted tub (in the room) is icing on the cake. Exercise rooms are good, although half the time I’m too tired when traveling or have work to do (I know- excuses, excuses ;). Convenience is also a biggie- I had a run in Las Vegas where *every* room I had felt like it was a 10-minute walk just to the elevators. When I’m on-site for a customer, I also love the hotels with the do-it-yourself breakfast- I can go when I want and grab something before heading out for the day. I love the little lighted makeup mirrors… and of course a full-length for checking out the wardrobe. Plugs! I love lots of plugs. I like hotels that secure the outer doors early and require a key for access to various parts of the building.

Sometimes it’s the bigger things… Hotels with outside-facing doors make me paranoid, and obviously those in neighborhoods where your rims may disappear is not good either. I hate hotels that MAKE me valet park my car. It’s my car, my keys, I park it and I keep the keys- that’s my rule. (My Dad taught me a little trick of telling the valet boys that it’s a company car and against corporate policy for valet- it works!)

Traveling techies sometimes have unique needs or requests, and many of the ‘good list’ is universal for all traveler types.

So, those are some items from my little list… What about you- what do YOU look for in a good hotel?

# # #

Image via Wikipedia

So it is quite an exciting Fathers Day weekend here at the Shimel house.  On Friday my oldest son Landon, 8, had braces put on his top teeth. I know that 8 is early for braces, but evidently today they do this as a "Phase 1", so that hopefully he won't need them as long later on.  Seeing my little boy come out of the room with braces was quite a sight.  Unlike the trauma that kids had about braces when I was younger, he thought it was awesome.  The picture to the left are not his braces.  Landon's are black and gold, Steeler braces. In 6 weeks they will change them to Yankee blue and white.  Braces have certainly come a long way since I was a kid.  But my son Landon has come a long way too.  Looking at him with his braces and talking to the office staff I realized that the little, fuzzy red headed baby we brought home from the hospital almost 9 years ago now has grown into quite a boy. Where is the little toddler that I would toss a sponge ball to underhand and tell him to use two hands to catch? Could this kid with the catchers mitt catching everything I throw at him and firing it back to me be that baby? 

Saturday is a day filled with both boys. I am taking Landon and Bradley to breakfast and than off to Baseball City to practice our hitting and pitching. Then Bradley has a birthday party he is invited to and Landon and I will go swimming.

Sunday Landon has a travel baseball team game at 10am.  Landon was selected for the team because of the great season he had in Little League and is now in tournaments for the next few weeks. Than we are all going to visit my Uncle and Aunt for Fathers Day at the house near the water with a pool.

I could not think of a better way to spend my Fathers Day weekend. My mother-in-law always used to say that she was the richest woman in the world because of the treasure that were her children.  When I was younger I laughed but would have taken the cash.  As I have grown older and have had a chance to watch my boys grow up and have come to understand what it truly is to be a Father, I know that she was right.  There is nothing like the love of a child and watching, helping and sharing in their adventure that is life.

To all of you celebrating Fathers Day this year whether as a Dad with your own kids or with your own Dad, congratulations and savor every minute of it. Happy Fathers Day!

Image via Wikipedia

So it is quite an exciting Fathers Day weekend here at the Shimel house.  On Friday my oldest son Landon, 8 had braces put on his top teeth. I know that 8 is early for braces, but evidently today they do this as a "Phase 1", so that hopefully he won't need them as long later on.  Seeing my little boy come out of the room with braces was quite a sight.  Unlike the trauma that kids had about braces when I was younger, he thought it was awesome.  The picture to the left are not his braces.  Landon's are black and gold, Steeler braces. In 6 weeks they will change them to Yankee blue and white.  Braces have certainly come a long way since I was a kid.  But my son Landon has come a long way too.  Looking at him with his braces and talking to the office staff I realized that the little, fuzzy red headed baby we brought home from the hospital almost 9 years ago now has grown into quite a boy. Where is the little toddler that I would toss a sponge ball to underhand and tell him to use two hands to catch? Could this kid with the catchers mitt catching everything I throw at him and firing it back to me be that baby? 

Saturday is a day filled with both boys. I am taking Landon and Bradley to breakfast and than off to Baseball City to practice our hitting and pitching. Then Bradley has a birthday party he is invited to and Landon and I will go swimming.

Sunday Landon has a travel baseball team game at 10am.  Landon was selected for the team because of the great season he had in Little League and is now in tournaments for the next few weeks. Than we are all going to visit my Uncle and Aunt for Fathers Day at the house near the water with a pool.

I could not think of a better way to spend my Fathers Day weekend. My mother-in-law always used to say that she was the richest woman in the world because of the treasure that were her children.  When I was younger I laughed but would have taken the cash.  As I have grown older and have had a chance to watch my boys grow up and have come to understand what it truly is to be a Father, I know that she was right.  There is nothing like the love of a child and watching, helping and sharing in their adventure that is life.

To all of you celebrating Fathers Day this year whether as a Dad with your own kids or with your own Dad, congratulations and savior every minute of it. Happy Fathers Day!

Sometimes I’m the queen of analogies (likely a trait I inherited from my Dad). Quite often my analogies are pretty silly, but they almost always get the point across.

So I was trying to work out an analogy to explain how we can use logs, events and searching and why these are advantageous. I was in the shower and it hit me! And… here it is.  FYI- If you’re a techie, just stop reading now… (I warned you).

The analogy. Imagine a house… actually, imagine your house. Let’s say that your house is like a network. The house and all the major appliance and structures of the house are like infrastructure devices- switches and servers, for example. Of course, the people living in your house are users. In addition you have ‘gateways’ from your house to the outside world, in the form of doors, windows, vents, etc. These house gateways are like our WAN devices- firewalls, IDS/IPS and other gateway appliances.

Let’s say you live in the house with your spouse and family. You’re going to be the wife for now, so imagine you, your husband, three kids and a dog (only because that amuses me). Each of your house users have a key to get in.

Your major appliances- the TVs, refrigerator, oven, the family computers and alarm system are all creating logs when anything happens and they’re all giving their logs to the toaster. (The toaster is greatly under appreciated so I’m giving him a big role here- yes- your toaster is the Syslog server). The doors, windows and other ‘portals’ to the outside are also creating events and logging each time they’re opened, closed, locked or broken and, they too, are sending their info to the toaster.

Here’s where life in your house gets interesting. Let’s figure out what’s normal… it’s probably normal for your husband to come home, do some work on the computer while you cook, and then everyone watch TV. The kids are doing their homework, playing on the computer and probably rummaging around the fridge for an after-school snack. You see your syslogging toaster shows you…  

• the src= Refrigerator was opened multiple times in a short period of time between 3:43pm and 4:16pm by multiple users
• the src= Kids Computer was logged off the Internet at 4:30 by user: Kid2
• the src= Front Door was opened at 5:20pm by user: Husband
• the src= Oven was turned on Bake at 350 at 5:32pm by user: You
• the src= LivingRoom TV was turned on at 5:56pm by user: Husband
• the src= LivingRoom TV channel was modified multiple times in a short period of time between 5:56pm and 6:02pm (your husband was probably looking for the ball game)

These are all things you expect to see. So, what’s not normal? Some things your toaster may tell you that would be out of the ordinary…

• the src= Refrigerator was opened at 02:40am by user: Kid1
  What does this mean? Someone’s late-night snacking, no big deal.
• the src= Kids Computer was logged onto the Internet at 02:45am by user: Kid1
  Uh-oh, Kid1 is gallivanting on the Internet in the middle of the night un-chaperoned. Might need to check that out.
• the src= Front Door was attempted to be opened unsuccessfully 14 times in a short period of time beginning at 10:15am by user: UNKNOWN. The toaster logged the key code attempts tried by user UNKNOWN.
  Kids were at school, you were at work- someone’s trying to break in.
• the src= Front Door was opened the next day at 1:20pm by user: ROOT
  You were still not home- someone just broke into your house.

Maybe we want to be alerted when these things are happening, or have happened. With some log search and correlation tools, in conjunction with your toaster syslog, we can get immediate alerts when something unexpected is happening. We could tell the log search to keep talking to the toaster and immediately send us a text message if the toaster sees the front door or any windows being accessed between 09:00am and 3:00pm on any weekday, by any user. If the toaster saw something happening, we would know immediately and could take appropriate actions- maybe call the police to notify them of a break-in.

Now, back to the network. Now that you have an idea of how we can use logs and events in the house to identify what’s going on and spot abnormal activity, we can port that over to our network. Go back and again think of the house and its appliances as resources on the network. We can see when someone- inside or outside- is trying to or has successfully accessed something and we can alert, take action, or keep logs and reports for future use and accounting.

Replaying events. If you’re using a super-nifty tool, you may be able to replay specific events back in a visual format- almost like a video into the network. Let’s take our Kid1’s midnight snacking. If we replayed all the events that contained user= Kid1 from time 10:00pm (bedtime) to 07:00am (gettin’ up time) we could see Kid1 go from the bedroom down to the kitchen, opening the fridge, watching TV for a bit before going back to the room and surfing the Internet for an hour. We could actually ‘watch’ these events happening with a re-constructed timeline. A great example (and my favourite toy) to do this is Splunk’s Replay application.

That’s the basic gist of it all. There are some other detailed ‘things’ we can do with these technologies, and I may elaborate on those another time. We all have A.D.D. and this one is long enough already!

# # #

Forgive me for going totally off topic (hey its my blog I write what I want) but it is Sunday and not much news on security.  I wanted to write about an article I saw in the NY Times today called "Even the Insured Feel the Strain of Health Costs". The article details that with the hard economic times even people who have health insurance are being bitten by the ever rising costs of health care.  Rising premiums, covering less procedures and care and charging more for prescriptions and medical care combine to put the bite on everyone.  From my own experience here are 4 examples of how even with health insurance, medical care costs are taking a bite:

1. My wife had minor surgery in September.  It was ambulatory surgery where she went in the morning and went home that afternoon/evening.  Even though we have full PPO coverage and it was participating doctors, hospital, etc. my out-of-pocket costs after insurance were almost $3000! The surgeon received a whopping $472 from the insurance company for the operation and the hospital billed like 17k!  When I called the hospital they said they did not expect to get paid that much, but had to bill it so they could get as much as they could.  I than had to negotiate what I would pay out of pocket beyond that. I also had to pay the anesthesia, the prescriptions, etc.

2. Here at StillSecure we had to switch providers again this year because United Health Care wanted another 15 to 20% raise in premiums. In fact that is about normal for health insurance, way above the cost of living and inflation.  We pay a good chunk of our employees insurance premiums, but even so the 20% or so that we have the employee pick up gets bigger and bigger.  Plus the insurance company covers less and less.  This squeeze is frankly baffling. How can you pay more and get less.

3. I had a dental implant a few months back.  Though we pay for dental coverage, our insurance would cover a bridge or cap, but they don't consider implants necessary and would not cover any of it. I had to lay 2k out of pocket. On top of this the panoramic x-ray the oral surgeon took (which again was not covered, another 100 bucks) showed I had an impacted wisdom tooth with a cyst around it.  My dental insurance covered the wisdom tooth, but the cyst removal would be considered under my regular insurance and my dentist was not participating. In fact I could not find a participating oral surgeon in the area.  So I had to an extra $600 dollars out of pocket and of course my out-of-network deductible was $750, so I ate it again.

4. The orthodontist.  This one is perhaps the worst of all and really gets my goat.  My oldest son went for an orthodontic exam. The doctor told my wife that he would probably need braces when he gets older and that current best practices in orthodontics is to put braces on now in a phase 1 and than if necessary they put other braces on later when more of his adult teeth come in. Putting braces on now would lesson the severity of what he would need later.  OK, great lets do it, right?  Wrong!  Our insurance covers a one time payment of $1200. The dentist said if we use it now, the cost for phase 1 would be $3600.  That leaves a balance of $2400 that I have to pay.  However, if I do it without insurance he would charge me $2400 and than I could use the $1200 towards the phase 2 braces my son may need which could be up to 10k. So if we went through insurance the cost was $3600 with $2400 out of pocket or no insurance $2400 out of pocket.  What is wrong with that picture. Whether I have insurance or not, it still costs me $2400!  This is fundamentally what is wrong with our health care system.  The dentist is willing to accept $2400.  He should take the $1200 from my insurance and I should pay him another $1200.  Anything else is ludicrous and in my mind borders on criminal insurance fraud.

We need to restore sanity to the whole system. It is not just the 48 million people in this country that don't have insurance, it is also the costs of the people who do have insurance. Don't tell me that giving us greater limits to put in tax deferred health savings plan are the answer either.  Fundamentally we need the insurance companies to stop sucking the blood of the premium payers. We need the health industry to bill for what the do and what it is worth, not how to maximize what the insurance company pays and most of all we need to make sure that people can afford and receive decent health care!

BTW, if you want to read an excellent blog on this subject, Dr. Stanley Feld, Brad's dad writes a great blog on it.