If you are a Mac user and you haven’t heard of Objective-See, you should have. Objective-See is a company founded by former NSA guy† Patrick Wardle that provides some excellent security tools for macOS. Objective-See’s “Do Not Disturb” application is a very cool physical security tool for Mac users that alerts you if your Mac’s lid is opened. Continue reading “Do Not Disturb From Objective-See”
Chances are good that most – if not all – of us leave our computers unattended somewhere, sometime. For me this is at home. Though I generally abide by best practices and shut down before leaving my computer, occasionally I don’t. I can be caught close my MacBook’s lid and heading out the door to run an errand, walk the dog, whatever. I do have some peace of mind that no one is messing with my computer, however. This is because of an app called Blink.
After hearing my recent interview with Aaron on the In the Rabbit Hole Urban Survival Podcast a couple weeks ago, I realized that I’ve yet to talk about vehicle privacy and security. For those of us in North America, vehicles are a way of life. Vehicles present some unique privacy and security challenges. In this post I’m going to talk about a few things you can do to improve vehicle privacy and security. Most requires some minor behavioral modification. Continue reading “Vehicle Privacy and Security”
Quick announcement: I was recently interviewed for the In the Rabbit Hole Urban Survival Podcast. This time Aaron and I talked about physical security. We had time to delve pretty deeply into some good topics including general security considerations, deadbolts, padlocks, and safes (a lot of stuff about safes). If you’re interested check it out at https://www.intherabbithole.com/e179/. If you like it, feel free to let Aaron know. Continue reading “ITRH Interview on Physical Security”
In my last post I recommended some specific locks. This week’s post will cover improving the security of existing locks, or the Grade 1 hardware I recommended. The goal is to create a “Grade 1+” lock, by adding some additional security measures. Enhancing deadbolt security very achievable with just a little spare time, access to a locksmith, and some basic hand tools. Continue reading “Enhancing Deadbolt Security”
Several weeks I ago I wrote a post about Mechnical Lock Threat Models, detailing categories of locks, and the users who should have them. In this post I am looking specifically at deadbolt selection, and offering some recommendations based on my mechanical lock threat models. Continue reading “Threat Model-Based Deadbolt Selection”
I travel a lot, and I stay in a lot of hotels. For the last five years I have averaged somewhere 150-200 nights a year in hotels. This year (so far) has seen me in hotels in at least 32 different cities including Boston, Charleston, Knoxville, Las Vegas, New York, Phoenix, Salt Lake City, San Diego, Tampa, Vancouver, and a host of military towns. This gives me a lot of opportunities to see and think about the security of hotels and hotel rooms. Hotels generally try to put on a face of security with signs reading, “For our guests’ safety this door is locked between the hours of __ and __”. I have found this, in reality, to be so much security theater. Hotel staff are trained in hospitality, not security. And no matter how secure a hotel attempts to be, there are inherent flaws that are hard to overcome. Let’s look at some examples of hotel room insecurity and what you can do to mitigate them. Continue reading “Hotel Room Insecurity”
Physical security is an inherent part of information security. If an attacker can achieve physical access to your devices, you are already behind the power curve. Maintaining physical control of your devices is maybe the most important step you can take to protect your data-at-rest. However, there are some occasions when maintaining physical control is not possible or practical. One of these occasions is during hotel stays. Hotel rooms – and even their safes – are incredibly insecure (I’ll talk more about this in an upcoming post). They are usually the best alternative to lugging your laptop around to dinner, out of drinks, or for a day at a local attraction. Rather than leave my laptop (and other stuff) totally undefended, I use a video surveillance app called Sighthound to keep an eye on things when I’m away. Continue reading “Sighthound Video Surveillance App”
Today I will cover some padlocks that I use and personally recommend. Padlock selection should occur based on the threats they are likely to face. There are two basic threat models I use when selecting padlocks. The first is low-to-medium security applications. These locks will be robust enough against forced entry and offer some light protection against picking and other surreptitious defeat. The other is high security. The cost of a high security lock is justified in several instances: if surreptitious entry is a legitimate concern. They are also preferred for unattended containers. This might be your luggage†, your gym locker, or a shed on a vacation property.
Since beginning the Lock Safari series of articles I have been asked by several of you about physical security books. Today’s post will quickly cover the four most useful volumes in my library that pertain to physical security. Some of these books are quite costly; I am not suggesting you need them all. For this reason I have broken them down into categories. Exactly half of these books deal with defeating lock through lock picking or other methodology. I believe an understanding of these techniques is crucial to understanding how to counter them. This doesn’t mean you need to be a master locksmith or expert lock picker – you don’t. But if you understand the principles of how these exploits work, you can better understand how to protect your home.