RFIDs Part 2

IBM holds several Patents for various types of RFID readers.  The primary purpose behind them is to be strategically placed within malls, street corners, and in major stores.  These readers will be able to either read the RFID as it passes by and another type of RFID which is a 96 digit RFID which is to be weaved into the fabric.  Although, a person may own several different pieces of the same type of clothing, each will have its own unique 96 digit RFID.  If paid with credit card or some other identifying account, it will all eventually be equated back to you the purchaser.  Your Driver’s License number, Credit Card Account number, Bank Account number, Social Security Number, and the 96 digit barcoded RFID will eventually lead back to you as the purchaser.  Through a hierarchichal matrix all of your information will eventuall become known by the system. (McIntyre, 2003)

Consider this, all of your accounts are tied together by a fine thread teather to your Social Security Number.  Each purchase you will make will be tied to your savings club card, credit card account, your bank account, or perhaps the RFID chip that is implanted in your body (similar to the EZ Pass System Electronic Account.)  The purchase made will equate the RFID identifier code in the merchandise which will be tied to you via the cloud, your method of purchase, and your Social Security Number.  The IBM RFID is tied to the merchandise via the IBM Mainframe computer and via the cloud through which it maintains contact with the RFIDs and those companies that purchased the technology.

There are some who believe, and research has shown, that this new technology will one day be implanted into the brain, implanted during pregnancy as a matter of standard procedure, or perhaps something to be injected similar to nanobotic technology.  (Lynch, n.d.;  Waters, 2008)  Not very unsimilar to the asigning of a Social Security Number prior to leaving the Hospital, or the documentation of a Live Birth.

Based upon the documentation submitted by VeriChip Corporation (Form S-1 Registration Statement, reference page 5 – Appendix A) to the Security and Exchange Commission, the plan is to treat newborn infants, the elderly, and those not of sound mind (who will be implanted) will be treated and managed no differently than inventory in a warehouse. (SEC, n.d.)  Those people not of sound mind will be treated as wards of the State, no one will have to be sought for permission for the implanting of the RFID chip other than the signature of a Judge.  This is being actively accomplished within the United Kingdom.  You will also note, that no differently than an On-Star Commercial the RFID implanting of unsound persons and RFID Tracking of children will be advertised as a safety issue and concern.  What makes this so sad is the fact that there will be so many people who will gladly give up the care of their family for piece of mind.  The meaning of family has come to such a hideous state of affairs.  There was a point in time in this country and throughout Europe (our ancestry) who cared for their family until death, but now you can let someone else do it for you and you can keep tabs on them by use of some Google Application or by watching a remote camera via another Google Application by way of one’s Smart Phone, given enough time.  A company is actively setting up shop in retirement homes to watch over your parents and they will report to you when behavioral changes ocurr and you are able to check in, from time to time, on your parent(s) via video camera feed.  Now you are able to check in on mother without having to actuall visit her.  Beware of what you wish for, you may just get your wish – but what will happen to you if in the same cirsumstances?

In order to eat, or feed our families, will we need to be scanned and in this way have the funds removed from an account in our, what seems to be our destiny, cashless society?

If the purpose of government is to secure and protect the rights of her citizens as stated by Thomas Jefferson in the Declaration of Independence, then why does our government at every junction of troubles enact laws that not only limit our rights but remove them from us, thereby violating the Constitutional mandates?

SEE ALSO: Part 1, Part 3, Part 4

References

Lynch, Z. (n.d.). NEUROTECHNOLOGY AND SOCIETY (2010-2060). Neurotechnology and            Nanotechnology. Chicago: Lifeboat Foundation.

McIntyre, K. A. (2003). SPYCHIPS – How RFID will compromise privacy, security, freedom.            Retrieved 10 26, 2010, from www.spychips.com:          http://www.spychips.com/verichip/verichip-photos-instructions.html

Securities and Exchange Commission. (n.d.). U.S. Securities and Exchange Commission.      Retrieved 10 26, 2010, from www.sec.gov: http://www.sec.gov/Archives/edgar/data/1347022/000119312507024937/ds1a.htm

Walter J. Burien, J. (2007, June 30). d36_1183309449. Retrieved Sept 14, 2010, from         liveleak.com/: http://www.liveleak.com/

Waters, B. (2008). Extending Human Life: To What End? In Philosophy and Medicine. The             Bioethics of Regenerative Medicine/Philosophy and Medicine , 102 (Extending Human    Life:     To What End? In Philosophy and Medicine), 135.

RFIDs Part 1

Radio Frequency Identification (RFID) is an ever present danger to the privacy of the individual.  Years ago I heard an interview with a Dr. Katherine Albrecht who just so happens to be a Privacy Advocate and is the co-author of the book SPYCHIPS.  After hearing the interview, my interest was piqued and ordered the book, which was written in 2006.  Even today, as technology has taken over a greater portion of our lives the information between the covers of that book still resonate within my mind.  The technology is a good technology, provided it is used for its original target…product management; however, that is not where it left off.  RFID technology (and variants) are used in various ways within our daily lives and, unfortunately, are becoming more entangled within our lives without our knowledge – either due to ignorance or lack of care on our parts.

RFID tags are being used in Passports, Enhanced Drivers Licenses, EZ Pass, Euros/Dollars to prevent counterfeiting, Credit Cards, animals, and people.  Another variation of the RFID is those commonly used club cards for our purchases.  An interesting video to bring the point home is the Big Brother Pizza Shop Youtube Video (http://www.youtube.com/watch?v=-zh9fibMaEk), which is a depiction of a fictitious pizza shop of the future where Big Brother infringes your privacy while ordering a pizza.  It is both funny and concerning at the same time.  There are many YouTube videos which will show you the uses of RFID chips and implanting.  Many of which have religious implications – it is not my position to make this into a religious argument, or debate, but the information is quite valid.  (https://www.youtube.com/watch?v=O0z9J5E9lto, https://www.youtube.com/watch?v=-P9xs2yyv8Q, https://www.youtube.com/watch?v=HC_hPlH_Fb0, https://www.youtube.com/watch?v=mr0ozY2HWdM ).  During Hurricane Katrina they used RFID tags in the cadavers which were left to float so they could be identified at a later time after the living were taken care of.  We know what kind of fiasco that wound up turning into.

One thing that many people do not seem to understand is that the effective reading range of these chips is 30-60 feet.  They are purportedly going to make our lives much more safe and convenient; however, what is the price of that convenience?  What about your privacy?  Many people I have spoken to usually and nonchalantly say, “Well, if you don’t have anything to hide…”  My position is, it is not about hiding anything and it is about my right to privacy!  I do not have to prove a thing to anyone.

Consider, and I hate to use the reference, the conspiracy theorist side of it:  If all your personal information (financial, medical, legal, etc.) and biometric data (fingerprints, retina scan, voice print, etc.) are installed on this RFID chip; and let us go a little further to say there is a dirty cop who needs to close a case – is it that far of a stretch to say that your data could be accessed via the cloud or primary server from the Department of Homeland Security and be planted at the scene?  Many cases throughout the United States have toppled because of planted evidence.  (Please note that while I do live in the real world and believe that there are some bad officers, just like the rest of us mortal beings they are not all bad – I believe the good outweigh the bad.)

You think that is very farfetched?  Consider what Comcast is experimenting with, the use of digital cable boxes which have cameras that view the room, determine who is near, and then place a listing of shows that you, or some other person, have a history of watching.  With that digital box you already have a two way connection to the source.  How much longer until the box automatically starts feeding a stream of live video to the NSA, FBI, DHS, or your local Police or Sheriff’s office?  Sometimes those people deemed to be conspiracy theorists just have a differing view than you or I; unfortunately, they just happen to be the ones that are playing the Devil’s Advocate.

Now you must consider historical facts, such as: The branding of property (chattel, cattle, and slaves), the Nazi branding of the Jews during the 1920s and 1940s, and some would even go as far to say that we in the US have been marked by the use of the Social Security Numbers assigned to everyone who applied for one.  Think about this statement made by Colin Powel made (as the Secretary of State on 6/17/2001) “Finding the Russian scientists may be a problem
being that Russia does not have a Social Security System, as here in America, that allows us to MONITOR, TRACK DOWN and CAPTURE an American citizen.”
  There are a number of references to this on-line if you search.  It was an interview between Colin Powell and Tony Snow on June 17, 2001 in reference to some missing Russian Scientists.

Now, think about the REAL ID ACT OF 2005, which was a mandate by the Federal Government to use these RFID chipsets in your state driver’s licenses.  It was to expire at the end of 2008, but lucky for us that the government was looking out for us by volunteering each state to extend their invitation to accept or opt-in to the program.  When they saw that the states were pitching a fit over this, they (your representatives in the District of Criminals) slipped this mandate into a DHS Appropriations bill.  HMMMMMM!

Consider the ramifications of such a society which violates our basic American Principle!  What will be next?

SEE ALSO:  RFID Part 2, RFID Part 3, RFID Part 4

References

Albrecht, C. (2008, 03 18). Comcast Cameras to Start Watching You? Retrieved 01 27, 2012, from GIGAOM: http://gigaom.com/video/comcast-cameras-to-start-watching-you/

channel, z. (approximately 2008). The Big Brother Pizza Shop . Retrieved 01 25, 2012, from YouTube: https://www.youtube.com/watch?v=-zh9fibMaEk

Katherine Albrecht, E. &. (© 2003-2007). index.html. Retrieved 01 25, 2012, from SPYCHIPS.COM: http://www.spychips.com/

Katherine Albrecht, E. (© 1999-2004). Retrieved 01 25, 2012, from C.A.S.P.I.A.N.: http://www.nocards.org/

Reed Exhibitions. (2011, 09 15). Significant growth ahead for mobile biometric security market. Retrieved 01 27, 2012, from infosecurity.com: http://www.infosecurity-us.com/view/20771/significant-growth-ahead-for-mobile-biometric-security-market/

Internetworking Part 3

In the previous Internetworking episode (Part 2) we were primarily discussing the different topologies used within the context of computer networking. My teachers, instructors and professors all told me time and again to keep it simple. Well the difference between the topology used within a home, business, or the world is its scale. Obviously the scale on a global enterprise will be much larger and gander in nature. Just a few words of wisdom from one who has, time and again, made things out to be more difficult than they really were! Now, back to business…

A basic network can, in-fact, be just two computers. However, that would be it, but if you connect those two computers up to a hub there can be other computers connected up for a larger scale of communications. But as it was mentioned in a prior part, anything sent to the hub will be broadcasted to all other nodes connected to that hub. That is why a switch is preferred as it is a smart hub and can learn who is connected to it and direct data out specific ports. Another problem with a hub is that you are forced to share your bandwidth with all other hosts that are connected to it, which can really cramp your style as far as sending out data from all devices at any given time.

You can take a very large network and segment it in to much smaller more efficient and functional networks by using devices such as routers, switches, or bridges. Each device connected to the switch is on a separate collision domain; however, the switch itself is all one broadcast domain. With the figure (<- to the left) you can see that there is one broadcast domain with three separate collision domains. Notice that one of the collision domains was extended with a hub, which must share the bandwidth between two host devices. There are times you may wish to do this, sometimes cost effectiveness outweighs network efficiency.

Just a note: Keep in mind that routers are in-fact switches; however, switches work at Layer 2 (the Data Link Layer) where routers work at Layer 3 (the Network Layer) – we will discuss the Layers at a later time.

Routers are used to connect networks together, create an internetwork, and provide connections to wide area networks (WANs). As mentioned, the router breaks up broadcast domains. As you can see (to the right ->) a router is connected to two separate switches creating two separate broadcast domains. The two switches are connected to two separate hosts, which created four separate collision domains.

Here are some common local area network (LAN) congestion:

  • Too many hosts in a broadcast domain
  • Broadcast storms
  • Multicasting
  • Low bandwidth
  • Adding hubs for connectivity

The two advantages of using routers in a network are:

  • They don’t forward broadcasts by default
  • They can filter the network traffic based upon layer 3 (Network layer) information (the IP addressing)

There are four functions the router performs:

  • Packet switching
  • Packet filtering
  • Internetwork communication
  • Path selection

The difference between a switch and a bridge is that the switch has more ports and more brain power. Switches, bridges, and hubs are used to extend certain functionality to the network. Each has a purpose, however, as technology grows and expands – older technology seems to fade away into the history books. There are many instructors who like the hubs for teaching and testing purposes, but are unable to find them. When they do find some and purchase them, they are not the Real McCoy. Hubs are especially useful for penetration testing by use of white hat hacking.

Until the next exciting adventure!

References:

http://www.learn44.com/cisco-internetworking-basics-definition-and-detailed-concepts

CCNA Cisco Certified Network Associate Study Guide, 6th Ed, Todd Lammle

Internetworking Part 2

Internetworking Part 2

In Internetworking Part 1 we spoke about the individual units (hubs, repeaters, switches, routers) and some definitions.  When dealing with a hub, or switch, the star topology seems to be what sticks out and says, HELLO!  Consider your home network… you have your input from your router to your switch or hub.  The switch, or hub, on its own will branch out to your computers, printers, scanners, or network storage.  Your biggest difference between the switches and hub right now is that switches learn the MAC addresses of input and output ports, this way when data comes in to the switch it will sent it out only the port listed in the table.  If the MAC address is not in the table then it will send the data out all ports except the port it received the data from.  Hubs on the other hand will send out the data on all ports, because it does not learn and can therefore cause you some problems.

Another topology that has been used in the networking field is the Ring topology.  The data travels around a ring of coax and is addressed to go to a particular destination, but with this topology it runs similar to that of a hub, in-that, all of the hardware connected to the ring will hear all of the traffic.  This can create some big collision problems.  But it is a very good and reliable method of data transfer and there are times when you may wish to use this.

The Bus topology is pretty much the same as the data is sent via a cable and is picked off of the bus line by the destination .

A great many other topologies are seen these days, such as the Extended Star, Hierarchical. Mesh, and Partial Mesh.  Each has its function and need in the Informational System Highway, so-to-say.  Each has a purpose an use.

Everything with respect to the “Cloud”  and the internet is interconnected.  In this fashion, if a connection server should fail, there is always another way of routing your transmitted data, or request, to its destination target.  You could probably say that the “Cloud” or internet uses a full mesh networking connectivity.

The Mesh topology has a connection line from each node to the other nodes in the network.  Full Mesh has a connection from each node to all other nodes; on the other hand, the Partial Mesh topology only connects each node to the most important – or critical – nodes in the network.

This may be a little more understandable of the topologies available.  Much of this information is available on the internet at various sites.  Articles, blogs, etc with explanations in far more detail that mine.  However, these are just some of the basics, but are very necessary for your CCENT/CCNA  testing and understanding of networks in general.

In the next part we will discuss the interconnectivity between the switches, hosts, hubs, and routers; which is a little more in depth than this, the topology of the network.

Techie Tips

Did you know that more data breaches occur due to the improper or illegal use of USB drives within  a network?  How do you think that “bradass” obtained and uploaded the data he disseminated to wikileaks?  It is neither good nor bad, it just is what it is!  But most people do not pay much attention to the simplest of security techniques.  There are ways to shut down the accessibility of the usb ports either by changes in the registry , disabling devices via control panel, locking devices for your usb ports, or perhaps third party software.

People either don’t pay attention or just don’t care that their usb drives  can either carry and inject viruses into your system, or they can store and runoff with the keys to the kingdom (so-to-say) by stealing the information on your computer or network.  Although, it is easier to inject a virus to send all that data off to the cloud while you are unsuspecting the endeavor.

Being aware of what is available and what you can do is half of the battle…the other half is getting up off your backside and actually doing something about it.  In the business world you will/would be expected to do something about it -without fail and without question.  The internet is your stage and your resource, use it to your glory!

http://www.marketwatch.com/story/milton-security-group-the-usb-and-removable-media-security-crisis-2012-01-13

Internetworking Part 1

Here are some of the basics for Internetworking.  This will be, as you can tell, a multipart subject…don’t want to over do it!  This is where I begin the path to jump start my studies for the CCNA exam.  And for those of you who wish to either tag along, or add to the learning curve, you are welcome to jump on the bandwagon.

But for starters, let us get some definitions down and their associated symbols will be included, if available..

Repeater:  Is a device which takes a signal that has been degraded due to the length of cable and the cable’s resistive qualities.  The signal is cleaned up, amplified and sent on its continuing journey.

Hub:  There is pretty much only one difference between a repeater and a hub…a hub is in essence a repeater with multiple outputs.  Everything that enters from the input of the hub is sent to all outputs.

Bridge:  A device which connects two segments of a network together.  Its purpose is to send, filter, or flood any incoming data based upon certain parameters (MAC address of the incoming frame).

Switch:  Are not used to create an internetwork, but rather to make the network a bit more functional and efficient.  Responsible for multiple functions such as sending, filtering, or flooding data (frames); however, it uses the destination address of individual frames.  By default, switches break up collision domains and maintain a single broadcast domain.  In essence the switch is a multiple port smart bridge, meaning that it learns.

Router:  Create an internetwork and provide connections to other services.  Routers, by default, break up broadcast domains; thereby segmenting the network.

Broadcast Domains:  A group of devices receiving broadcast frames initiating from any device within the network group.  The broadcast is the data frame, or packet, which is transmitted to every node/host on the network segment.

Collision Domains: This is the area on the Ethernet where frames have collided and these collisions are detected.  The collision is the effect of two nodes/hosts attempting to transmit data at the same time and the collision is what causes the frame(s) to be lost in transit.  Collisions are created usually by repeaters and hubs.

In most interconnections you will probably consider this representation of your system.  Your computer (or host; A, B, C, D, E, or F) will connect through a switch, which adds to the functionality of your system within your business or home.  These switches connect to the internet, or the cloud, through a router.   Because of this inter-connectivity your host computers (A, B, & C) can talk to someone else (i.e., D, E, or F).  This is a simplistic way of how emails pas from one to another, of course keep in mind a great many steps are performed within “THE CLOUD” of the internet.  However, what you would probably see in your home would be something similar to this:

Your internet connection (or input) is at the ADSL Router which connects to your internal home wireless router.  Your primary computer which is connected to your wireless router with other computer(s) that are connected wirelessly, all of which are able to connect and transfer data to and from the internet – all without you ever knowing how.

It is all FM (Flipping Magic – I am trying to keep this as clean as possible!)  Consider the use of lights in your home or apartment…you simply flip a switch and on they go for your use and you did not need to study how the electricity or electronic parts work for it to happen.  Computers are all plug and play these days.  But at some point in time you just feel like learning something else, despite that promise never to go back to school.  hmmmmm!

I hope this was helpful, until the next exciting adventure!

Now to Internetworking Part 2, we will discuss – in general – networking topology.

Malware Part 3

Of all the assets that you possess, awareness is your greatest!  Being aware of what is out there and being aware that there are things you can do are most helpful to you.  Your ability to research the subject matter and read through the techie blogs are just a couple of your available resources.

There are a few other tests that can be done, some as simple as an email to yourself.  There is the EICAR Test String, which has been useful in the past and perhaps it has been updated over the years to aid with the changes in the prevailing Operating Systems…who knows?  (www.eicar.org/anti_virus_test_file.htm)  What you do is send the string in the body of an email or as an attachment via email.  If your anti-virus is working properly you will raise a flag on your system.

Another test of interest, very similar, is the malware security test (http://www.gfi.com/emailsecuritytest/) which is a series of tests sending emails with malicious-like scripts in several common programming languages.

There are some behavioral-analysis tools for the computer and network as a whole in order to test for malware attacks, which do not match to a specific signature but performs basic functions such as writing to your disk.

Malware countermeasures, there are a plethora…your safest bet is to never connect to the internet if you desire to maintain an absolutely clean system.  But we all know that is not likely to ever happen.  Some things you can do are as follows:

  • Keep your system & network updated at  all times
  • Test, Test, Test – ensure it is a fortress
  • Use anti-malware & anti-virus software
  • Back-up critical data regularly
  • Ensure the use of your firewall protection
  • As email goes, if I don’t know the sender I do not open

I hope this short series was helpful to you.  Perhaps, like me, while reading one of these gloom and doom articles or blogs you may open your eyes and say, “maybe I should do something about my security today.”  If you are a professional IT person, I hope you decided this when you got hired…now is kind of late.  But the average home network user, on a general not, assumes that everything is set up and ready for them, but it is not until you make certain of it.