Practicing Good Teleconference Hygiene

Look around your home office, or whatever room is standing in for your home office while you are confined to quarters. What do you see?  A Harry Potter wand collection perhaps or just piles of papers that you’ve been promising to file for a hundred years.

While there are plenty of articles on issues around security and file backup while working from home (one of mine is here), I haven’t read much on sanitizing the background you are in front of when you are on a video conference call. Zoom offers “virtual backgrounds” but only if you are sitting in front of a wall or screen with uniform lighting so that the software can detect the difference between you and your background. There are plenty of hilarious examples of people wearing the wrong thing in front of a green screen so that parts of them disappear into the background.

Let’s say that you don’t have a professional green screen setup in whatever is filling in for your office at home. Is there anything that you should look out for in your background? First off, pretend that you are your webcam. You can either fire up your videoconferencing software and see what it sees when your image is on the screen or you can simply face in the same direction that it is pointing and see what it would see.

I am a licensed firearms instructor and one wall of my home office is decorated with framed bullets (yes, collecting “bullet boards” is a thing). But during a conference call, these could be distracting, or worse. To some people, anything having to do with firearms is distressing – and in fact, a school reported a student to police because his teacher saw several BB guns on his wall while he was attending a virtual learning class.

What is in your webcam’s field of view that could be distressing or could open you up to industrial espionage or identity theft? Family photos with names or dates on them? Could you be “outing” a family member who is working undercover for law enforcement, the military or a government agency? Perhaps your significant other gave you a boudoir photo for a special occasion and it is hanging in a position of honor – within view of your webcam.

If you work for a company with a professional button-down image, disheveled stacks of papers might not make for the best background. And could you have binders with customer or competitor names on them in bookshelves behind you? Maybe books by Mapplethorpe or other controversial authors should be moved out of view as well.

A half-dozen years ago I worked on the distributed team of a company with a culture of wry wit. My videoconference background always was a white closet door, but when we decided to attend a conference with a “Zombie Safety Zone” theme, I remembered that I had some zombie targets in my garage. For our next videoconference, I hung one of them behind me. It took a while, but it did get noticed.

While you definitely want to be following all company or industry recommendations on information security and backup, you also should think about practicing good video conferencing hygiene as well. Stay safe, drink plenty of liquids, and think positive thoughts. A little black cloud inside your mind will come across on a webcam – and we don’t need that just now.

How to Buy a New Handgun

From top: .44 magnum Ruger Redhawk, 9mm SIG P365 SAS and .22 North American Arms derringer.

In just the first six months of 2020, approximately 19 million firearms were sold; more than double during the same period a year later.

75% of my handgun customers and students are new gun buyers and many have never even held a firearm before. This leads to two dangers; purchasing the “wrong” handgun or mishandling a handgun that they already have purchased.

The purpose of this article is to offer up some suggestions to someone who wishes to purchase a handgun, either for sport or protection. I am not going to address training, which I believe every new firearms owner should have, except for listing the three inviolable rules for safe handling of a firearm. 

  1. All firearms are loaded – this includes training firearms.
  2. Do not aim a firearm at anything that you don’t intend to kill or destroy.
  3. Keep your finger off of the trigger until you are on target and ready to fire.

Newton’s Law

Newton’s law states that for every reaction, there is an equal and opposite reaction. For a handgun, this means that as the bullet leaves the barrel, the firearm will push back against your hand and therefore your arms and shoulders. Because the barrel usually is higher than your grip, your hand acts like a fulcrum and the handgun tries to pitch upwards. Newton also said an object with larger mass will move less than an object of smaller mass.

Assuming that the same cartridge is used, this means that a heavier firearm will recoil less than a lighter handgun. So why doesn’t everyone purchase the heaviest handgun they can find? There are multiple tradeoffs. A heavy gun takes more muscle to hold it up and keep it on target and if you plan to carry a handgun on your person for self defense, it can get very heavy indeed.

Some people with smaller hands gravitate to smaller and lighter handguns.This could be a big mistake if you are a beginning shooter or if you cannot handle the additional recoil that a lighter handgun generates or if you cannot operate the mechanics because of the heavier springs that a smaller firearm uses.

I have seen several students come through the door with super-light titanium- or scandium-framed revolvers meant for off-duty use by law enforcement officers which are designed to fire .357 magnum loads and then watch as they feel the pain of shooting a “pocket rocket” after ignoring my admonitions.

Because they chose the wrong tool for the job, some will lose the enthusiasm they had when they walked into the range. There are many small but heavy handguns in stainless steel available that may be a better solution for a beginning shooter.


There literally are hundreds of firearms cartridges available, although a much smaller number are used in handguns. The most popular in rough order of energy leaving the barrel are the .380, 9mm, .38 special, .45 ACP, .40, .357 magnum, .44 special and .44 magnum. The .380, 9mm, .38 special and .357 bullets are all the same diameter and it is the case length and the amount and type of powder inside the case which makes a difference in the amount of energy they deliver. Handguns in .380 and 9mm are available which can fit inside an average palm which makes them ideal for concealed carry applications.

In addition to the “standard” loads, which are agreed upon by firearms and ammunition manufacturers, +P and +P+ loads also are available. These “hotter” loads develop more pressure behind the bullet which means more energy. However, they also require a firearm which can handle the additional pressure.

A firearm can handle any cartridge below the maximum pressure it is rated for. This means that a firearm rated for +P+ also can handle +P or standard pressure ammo, and a firearm rated for +P also can handle standard pressure ammo. Going the other direction can result in catastrophic failure of the firearm.


Handguns have a number of springs which interact with the shooter. For a semiautomatic pistol, these will be the recoil spring which returns the slide to a closed position after the gun is fired, the slide stop spring which holds the slide stop down while the gun is being fired, the hammer spring which drives the hammer forward onto the firing pin and the magazine release spring. For revolvers, these are the hammer spring, the cylinder release spring and the ejector spring. If you are unsure what any of these parts are you can search for the terms “parts of a pistol” and “parts of a revolver.” The strength of each spring varies between different brands and models.

You need to be able to manipulate all of these springs to safely operate a pistol or revolver. If you do not have the strength to manipulate all of the springs on a specific firearm, perhaps that firearm is not a good choice. For example, if you cannot overcome the strength of the recoil spring on a pistol, you will not be able to pull the slide back either to load or unload the firearm. All things being equal, the recoil spring on a smaller firearm will be stiffer than the recoil spring on a larger firearm.


Handguns, like hands, come in all shapes and sizes. If you cannot properly hold the handgun and reach all of the controls, the handgun may not be appropriate to you. A handgun which is too large for you could mean that you cannot get a good grip, cannot properly pull the trigger or cannot operate the controls without moving the handgun around.

Handguns designed for concealed carry tend to be smaller and lighter. With some designs, you may not be able to get more than a couple fingers on the grip, with your ring finger and pinky floating at the bottom of the grip. Depending on the cartridge that the handgun is designed for, you might not be able to keep hold of it at all without substantial practice.


Those of us in California and several other states have restrictions on who can buy a handgun and what we are allowed to buy. The California Roster of Not Unsafe Hanguns is a listing of around 600 handguns that we can buy new from a dealer. We also need a Firearms Safety Card (FSC) which solely allows us to purchase a handgun. Some of my students believed that the FSC was required to take their firearm to the range or allowed them to carry a firearm on their person, which is not the case. Once you have purchased a firearm, your FSC can be put away until your next purchase. There is no reason to carry it on your person unless you drop into gun dealers at a moment’s notice.


Before buying a handgun, ensure that it fits your hands and that you can operate all of the controls comfortably. If you cannot overcome any of the springs, you may need to look at something different. Shooters with smaller hands and little strength may have better success with a revolver. Novice shooters should stay away from lightweight firearms (which recoil more than heavier firearms) and those that use .40, .357 magnum, .44 special and .44 magnum as well as +P and +P+ ammunition. A revolver which can use .38 special as well as .357 is fine because you can start with the less powerful cartridge then use the stronger cartridge as your training progresses.

I also would suggest that first time shooters skip the .380 cartridge and go for a larger firearm which uses 9mm. While the 9mm cartridge is more powerful, using it in a larger firearm means that you will feel less recoil.

As a newbie be aware that there are some seasoned shooters who know it all and will tell you what handgun you just have to buy. Don’t be rushed, don’t be afraid to do your own research and don’t buy a handgun because it is the last one on the shelf. Take your time.

Safety comes first, so always keep the 3 laws in mind when you are trying out firearm in a gun shop. When anyone hands you a firearm, it is your responsibility to ensure that it is unloaded. If you are unsure how to do this, ask the clerk behind the counter. And finally, safely practice as much as possible so that you become intimately familiar with your firearm. Stay safe, stay healthy.

We Phish Yahoo! a Merry Christmas :-)


Yahoo! recently announced that a billion user records were stolen from them. Just another run of the mill hack? Apparently not. You see, more than 150,000 U.S. government and military employees are among the victims of Yahoo!’s newly disclosed data breach. And their names, passwords, telephone numbers, security questions, birth dates, and backup e-mail addresses are now in the hands of cybercriminals.

What Is A Backup Email Address And Why Do I Care?

Like many other web services, Yahoo! allows customers to set up a recovery email address. If you forget your password or your account is locked, a special link in an email sent to your backup address can be used to recover your credentials. And apparently, many thousands of those backup email addresses ended in .gov or .mil. Yeah, workers with access to US government systems.

Yahoo! Did Not Know They Were Hacked…

Many have said that there are two types of companies; those that have been hacked, and those that don’t know that they’ve been hacked. In this case, cyber-security researcher Andrew Komarov kindly let the federal government know that he found Yahoo! users’ credentials on the Dark Web, and the feds in turn notified Yahoo!. But that wasn’t even the beginning of the nightmare.

And in fact, Bloomberg News reviewed the database that Komarov discovered and confirmed a sample of the accounts for accuracy. The thought that employees of government agencies like the National Security Agency may have had their personal information stolen immediately sent chills through the security community.

Since a 2015 survey by password manager Password Boss shows that 59 percent of consumers reuse passwords, the chances are high that the passwords on a hacked user’s Yahoo! account and their backup email account probably are the same.

Komarov also found communications from a buyer for the data, but only if it contained information about a very specific set of people. The buyer supplied a list of ten names of U.S. and foreign government officials and industry executives to the hackers, and if their information was included in the stolen online loot, they had a deal.

… for Three Years!

I may have forgotten to mention that the data actually was stolen in August 2013, creating a 3-year opportunity for bad actors and foreign spies (based on the names in the buyer’s request, Komarov is pretty sure that it came from a government) to identify employees doing sensitive and high-security work here and overseas.

So of course, there are lessons on cyber-hygiene to be learned from this story:

  • Don’t reuse passwords. Use a password manager if you need to. Personally I use Codebook, but figure out what works for you.
  • Use different names on your work and personal email accounts. Work might be and home might be It makes machine-based searching harder if not impossible.
  • Don’t use real security answers. In my case, I treat them like passwords and use random character strings. This is another good reason to use a secure (not online!) password manager with strong encryption.
  • If at all possible, use multi-factor authentication to access (and recover) your online accounts. And ask your company to implement multi-factor authentication on your internal systems and even your mainframe in case your password is somehow exposed.
  • Create a backup email address on another personal email service rather than using your work address. If you use, have your backup on You don’t even need to use your backup address for anything other than account recovery.

Even though it is not related to this story, another tip is don’t access work and personal email using the same email client. Autocomplete might send your work email out to a friend, which could be mildly regrettable to a terminatable offense.

Make My Day – Then Break It

I travel to Las Vegas several times a year for trade shows. When American Express opened their first USA-based Centurion Lounge at McCarran airport several years ago, I was in heaven and looked forward to hanging out there after my arriving flight and before my departing flight.

And as you can guess, I was in seventh heaven when they opened a lounge at my home airport of SFO on November 6th, 2014. As a United million miler who flys around 100,000 miles a year, I am often there on a weekly basis.

And my opinion of the San Francisco lounge has gone down on a weekly basis as well. This is sad because American Express bills the lounge as a premium product, open only to their Platinum and Black card members.

What changed? They used to have 2-3 staffers at the front desk so that you could be on your way to breakfast in seconds to minutes. Now they have one person at the desk and it can take up to 10 minutes in line waiting for people who need to get out their boarding pass, ID, and American Express card for entry (probably the same folks who get undressed and take everything out of their computer bag at the last minute in the TSA pre-check line).

Additionally, they moved from celiac-friendly breakfast dishes (gluten free frittata and chicken sausages) to unsafe dishes (quiche and chicken sausage with farro). They also removed one of the coffee machines, leaving a long line for the remaining one while people stand in front of it trying to figure out the touch screen display.

Okay, so these absolutely are first world problems. But if American Express is trying to sell these lounges as premium attractions, they aren’t doing a very good job in their San Francisco location – and I don’t think it’s a local management problem.

These days, I only drop by the lounge to grab some hot water for my morning tea to go with the gluten free bagel and cream cheese that I carry with me through security. So if anyone from American Express is reading this, I hope you can do something to again make my day in your San Francisco lounge.

How Police Agencies and Schools Can Make Campuses Safer

Here are some of the programs schools have implemented and law enforcement’s role within them

With the third anniversary of the Sandy Hook Elementary massacre upon us, it’s important to consider what steps schools have taken – and should take – to help keep their students safer. Here are some of the programs schools have implemented and what law enforcement’s role within them should be.

Armed Security

Well before the Umpqua Community College (UCC) shooting in Roseburg (Ore.), one of the biggest debates on campus was whether the school should have armed security officers. Since the school had only one unarmed security officer on duty at the time of this incident, we know what the outcome of that discussion was.

Will an armed school security staff keep schoolchildren safe? A private school in California thought so and contracted with a local executive protection firm to bring plainclothes armed guards onto their campus. Unfortunately, they neglected to notify local law enforcement, which found out by accident. If there had been an incident, it might not have ended well if law enforcement thought that the security officers were a threat.

It’s vital that school staff and law enforcement have a common response and crisis management plan. Collaboration and communication are key to avoiding hiccups such as the one mentioned above.

LE Fire Marshals

From Sandy Hook until now, most school shooters have been students and therefore know the building layout, students, and staff. This gives them a tactical advantage over responding officers that must be reduced or eliminated.

In a previous article on my PoliceOne blog, I discussed creating the equivalent of a fire marshal for law enforcement. Just like a fire marshal walks every commercial building in his or her district to evaluate the risks and make recommendations, the LE equivalent should be doing the same.

Fire marshals have books of rules, lists of building exits, know what kind of automatic extinguishing systems are required and where fire extinguishers should be placed in each building, and so on. Firemen also practice constantly with the most realistic live fire scenarios possible.

You can clear a building and address the threat much more quickly if:

  • You know the layout of the building and any lurking dangers
  • You can get through locked doors without having to breach them
  • You have photos of school staff and know if they are armed
  • You can communicate with school staff while you are on the move
  • You can make contact with the perpetrator if you have a hostage situation

Pre-planning with local school staff can help you understand not only the possible situations you might face, but also how to work with them when seconds count.

Go Bags

Part of the planning process should be building one or more crisis go bags. Like your own bug-out bag, it should contain the items that you will need in a threat situation at a specific school and should be kept at that school where you can get to it quickly when needed. The bag should be a backpack so that it can be grabbed and carried on the run, leaving your hands free for other things.

In 2000, the California Attorney General’s Crime and Violence Prevention Center and the California Department of Education’s Safe Schools and Violence Prevention Office published their go bag guidelines for school administrators, but didn’t include recommendations for law enforcement. Here are the items that should be included in a go bag for responding cops:

  • Laminated aerial photos and maps of the school in multiple sizes (a large map for the incident commander and smaller maps for officers on the move). The smaller maps can be accordion-folded if necessary, but they must be able to fit into pockets so that officers can keep their hands free. These maps should be clearly marked to show:
    • The location of shut offs for gas, water, electricity, telephone, alarm, sprinkler, and cable TV systems along with the instructions to disable them. Responders may need to access or shut down communications, especially in a hostage situation.
    • Hazardous areas such as chemistry labs and locations where pesticides, paints, bottled gasses and other toxic chemicals are stored or used. It will not end well if someone turns on a flashlight or takes a shot in a chem lab if the gas has been turned on.
  • Painter’s “blue” tape that can be used for marking.
  • Permanent markers in wide and fine point sizes (like Sharpies®) that can be used to write on the maps or anything else. Don’t worry about erasing markings that you make on the map so that you can re-use them. The maps should be used in the hot wash and archived.
  • If the school has a CCTV system, a list of camera locations.
  • Photos of key staff and school security guards.
  • Emergency point of contact lists including school staff who will be working with your staff as part of the Incident Command System.
    • Recommend that key school staff have a unique, easy-to-identify marking on their badges so that your staff can identify them by sight. The school does issue ID badges to staff, right? If not, that is another recommendation.
  • A phone book listing classrooms, break rooms, offices, the loading dock, and other places where people may gather. Both internal and external numbers should be included.
  • An HT on the school’s radio system if they have one. Batteries should be separate and if they are rechargeable should be in a charger close to the bag.
  • Master physical keys and card keys that will open every door in the building. If the master keys don’t open everything, then keys should be color-coded to the locks they fit so an officer doesn’t need to fumble through the keys when seconds count. There should be multiple sets on a brightly colored lanyard.
  • Knowing the locations where utilities enter the premises can be very important in a fire or hazmat incident. This should include both above and underground utilities.

At Columbine, the sprinklers were triggered and no one knew how to turn them off. Hallways quickly filled with water, making it difficult to escape. In some places, water got dangerously close to electrical equipment. The emergency responder might be the only person who can safely gain access to the shut off point.

Further Collaboration

There is a lot more that LE and school staff can do together well before an incident. Remember, no matter what steps are ultimately taken, collaboration and communication between the school and the local police department is key:

  • See if schools in your jurisdiction will allow you to use them for law enforcement and hazmat training.
  • Make it easy for an officer standing in a hallway to determine which way they should orient the map of the school by coloring or striping the walls and echoing those on the map. This also makes it easy for LE to communicate their position should they need backup.
  • Number all building doors, including entry doors. It’s much easier to call out a number than describe where a door is located. Ensure that numbers are visible whether the doors are open or closed.
  • Outline classroom and office walls by painting lines on the roof of the building. Doing this might assist if you need to insert video or listening devices from above.

And if the worst happens, you should already know where these would be located:

  • Internal command post
  • Staging area for law enforcement and other first responders
  • Media staging area well away from the above staging area that can accommodate a large number of vehicles
  • Family Center away from any other staging areas where family members can stay informed and pick up their loved ones. You really don’t want family and media to be in the same place at the same time.

This article was originally published on Please add your own recommendations in the comments here or on the original PoliceOne article if you are a law enforcement professional. Stay safe everyone!

I’m Not Your Sheepdog – Jeff Knox

Today’s entry is from guest blogger Jeff Knox of the Firearms Coalition and was originally published on the Knox Update blog.

With the events in San Bernardino and Paris fresh in my mind, this entry seemed appropriate. You have to protect yourself rather than expecting someone else to protect you. I have added links to some of Jeff’s references which were not in the original.

Tools of the Trade

Tools of the Trade

Like many Americans, I frequently carry a gun. I’ve done so for over 30 years without ever laying hand to it in need. Professor John Lott of the Crime Prevention Research Center reports that some 12.8 million people, over 5.2% of the adult U.S. population, are licensed to carry a concealed handgun. In addition to concealed carry license holders in all 50 states, 7 states require no permit at all for concealed carry, and 40 states have few restrictions on carrying as long as the gun is visible. On top of that, as I have reported recently, there appears to be a growing trend among people who routinely carry a firearm to also routinely ignore signs that tell them they can’t. It is a growing form of civil disobedience that puts no one at increased risk of death or injury. As the number of concealed carriers grows, violent crime continues to fall. This doesn’t prove that more guns equals less crime, but it irrefutably proves that more guns do not equate to more crime.

Unless you live in one of the extremely restrictive states like New York, New Jersey, or Massachusetts, any time you are on the street or anywhere that does not have controlled access, with metal detectors and bag searches, etc., there is a fairly high probability that someone nearby is legally carrying a gun. But they are not carrying that gun to protect you.

A popular essay from Lt. Col. Dave Grossman, divided humans into three categories: “Sheep,” “Wolves,” and “Sheepdogs.” I would suggest that Lt. Col. Grossman left out an important fourth category: “Porcupines.”

My wife is neither “sheep” nor “sheepdog,” and she certainly is no “wolf.” She is a “porcupine;” harmless and docile if left alone, but ferocious and dangerous if threatened – even more so if her progeny are threatened. She would choose flight over fight every time, if flight is a viable option. But if flight is not an option, she has the tools, training, and mindset to win the fight.

Our nation’s convoluted laws on self-defense and liability also force all but the most dedicated “sheepdogs” into the role of “porcupine” as well, making “porcupines” the most prevalent variety of armed citizen. We won’t passively stand by while the wolves have their way with us or our families, but neither can we take responsibility for protecting the “sheep” from the “wolves.” Certainly most people who carry would take action to help someone in need if there was an opportunity to do so, and there was no obvious alternative, and while many of us would probably prefer to characterize ourselves as “sheepdogs” rather than “porcupines,” the reality is that protecting you, your spouse, and your children is your responsibility, not ours. You should also be aware that protection of you and your family is not the responsibility of the police either. The courts have conclusively ruled that the police have a duty to protect only the public at large, not individuals.

Those of us who have a natural inclination toward being “sheepdogs” have some pretty significant disincentives to acting on those inclinations. Not only is it physically dangerous to intervene in a violent situation, it is a legal minefield that in most cases must be navigated in a matter of seconds. While laws and jurisprudence protect police from prosecution and civil liability, and while some protections exist for individuals acting in defense of themselves and their families, there are few shields for someone acting on behalf of a stranger. Armed citizens who intervene in situations where they or their families are not in imminent danger, place themselves at significant risk of prosecution and civil penalties. We also tend to be keenly aware of the fact that any error involving a firearm can be devastating and permanent.

Violent encounters usually happen quickly, and they can be very confusing. It’s not always clear who is the “good guy” and who is the “bad guy.” Anyone who has ever been through a quality personal defense course has been cautioned to avoid deploying a firearm or engaging an aggressor unless there is no other alternative. In any shooting situation, there are two key problems to deal with. Problem One is survival. Problem Two is dealing with the legal and emotional fallout from solving Problem One. Ending a life can be emotionally devastating, and the legal consequences can destroy bank accounts and quality of life as surely as being gravely wounded. For most of us, there are no legal repercussions for running away. In the real world, this means flight is better than fight. Our training, and often the law, dictates that if we’re enjoying a movie when a homicidal lunatic starts shooting people on the other side of the theater, our first responsibility is to get out and away, especially if our family is with us. If we’re in a college class and we hear gunfire from the next building or a classroom down the hall, we, just like our unarmed classmates or students, should evacuate or “shelter in place,” not head toward the gunfire.

This approach is galling to many gun owners, especially those of us with a natural inclination toward being “sheepdogs.” We would rather fight than run. We would rather put ourselves at risk than allow evil to go unchecked. But regardless of the level of training and skill a person has, the multiple layers of risk that are inherent in any shooting situation stack the deck against playing the hero unless there is no other alternative.

Both sides of the debate over bearing arms have a tendency to relegate armed citizens to the role of “sheepdog,” but that is a role that the law and prudence won’t let us accept, though some of us will try despite the obstacles. For the most part, we are “porcupines.” We are armed for defense of ourselves and our families, not for you and yours. In a worst-case scenario, one of us might be present and save your life in defending our own, but don’t count on it. We don’t carry for you.

Infiltrate, Exfiltrate, and… Inject?

SafeThis is a blog about spying in the Internet era. While activists would have you believe that it’s all about online personas, there is still a lot of cloak-and-dagger up close and personal spying going on. When Edward Snowden dumped his files, many Western spy agencies had to pull back agents because their covers were blown.

Even more covers may have been blown with the latest hack into the US government’s Office of Personnel Management’ security clearance database, where the Chinese gained access to employees’ 127-page SF-86 security-clearance forms, on which candidates for sensitive jobs have to give an exhaustive account of their past, including foreign contacts. They also got investigational info that includes employees’ extramarital affairs, sexually transmitted diseases and other health matters, as well as the results of polygraph tests. Can you spell “Blackmail?”

What is absolutely hilarious, yet sad at the same time, is that we found out during a hearing held by the House Committee on Oversight and Government Reform that the stolen data was not protected by practices like data masking, redaction and encryption. Oops!

But what if breaking in and playing “spot the spy” or determining whom they can target for espionage against us is not the game of the Chinese government? What if the Chinese are more interested in injecting data into the system?

I wrote a Forbes blog about losing your own identity if your biometrics are overwritten. In a nutshell, if someone changes your password to steal an online account, it is not all that hard to regain control of it. But what if someone hacks into a biometrics database and replaces your fingerprints with those of someone else? How do you prove that you are you?

But I am getting ahead of myself. Let’s start at the beginning. Cloak-and-dagger spies need an identity and a back story. That is, James Bond can’t just show up behind enemy lines. Q needs to create a persona, an alias, and fake documents to make it appear as if he is someone who he is not.

An excellent story in the Economist talks about spying in pre-computer days, when intelligence agencies kept files on paper. Access was strictly controlled and making copies was near impossible. That arrangement was cumbersome but made it possible to see exactly who had looked at a file, when, and why. Snowden would not have been able to dump hundreds of thousands of documents without someone noticing.

More importantly, it was no problem for a government to create a person out of thin air, and especially easy to create a fake passport, which would of course be as real as any other passport. Other documents could be inserted into paper files, such as birth and marriage certificates, and fingerprint cards. The spy had to memorize and practice their created backstory until it was perfect, otherwise their cover could be blown.

With everyone’s lives open to the world, it is much harder to create a digital timeline as part of a persona and popping paper cards into paper files won’t cut it any longer. People don’t just appear out of thin air and it is not hard to use your favorite search engine to find out more about someone whether they like it or not. And if you believed that a site had its historical timeline altered, you could always make a trip back in time using the Wayback Machine.

So let me leave you with this chilling possibility. What if foreign governments are not in our systems solely to get data out of them, but also to write their own data into them? Perhaps they can increase someone’s security clearance, change adjudication data to slander someone else, make a double agent look more valuable to us, remove damaging foreign contact information, or maybe even add someone to the payroll.

Is anyone looking at that possibility by comparing the latest contents to read-only archival copies? I wonder…

Special thanks to my friend Bill Fisher for giving me the idea for this post!

Don’t Carry Off Duty Until You Are Trained


In November of 2014, I wrote an article on PoliceOne about why I believe that law enforcement officers should carry all the time, even when off duty. I wanted to share with all of you the kind of training that I believe  should be provided to officers so that they can carry safely while off duty (or working undercover).

This article is based on training that I received from a recent NRA law enforcement instructor development school and could save an officer’s life, keep command and training staff out of prison, and protect communities from paying damages.

First and foremost, officers (and retired officers carrying a firearm under the protection of the Law Enforcement Officers Safety Act – LEOSA) need to be trained to properly select and handle their undercover or off-duty firearms. Next up is how to interact with uniformed officers who show up on scene to prevent a tragic blue on blue encounter.

The NRA plainly states that, “qualification is not training.” Just because an officer can hit the target during qualification doesn’t mean that he or she is qualified to carry off duty. And if an undercover, off-duty, or retired officer shoots someone or is shot him- or herself by uniformed officers, command and training staff could be guilty of vicarious liability or deliberate indifference.

Run down this checklist and if you cannot answer “yes” to every one of these questions, there may be a ticking time bomb in your jurisdiction.

Do you train your active and retired officers how to…

  1. clean, store, carry, and protect their off-duty firearms?
  2. properly select the type of holster to use for specific situations?
  3. demonstrate that they can safely draw, aim, challenge, fire if required, and re-holster their firearm with speed or with stealth?
  4. display their law enforcement credentials?
  5. call for help while they are covering or have already shot someone?
  6. follow instructions from uniformed officers to prevent blue on blue injury or death?
  7. know when to take action versus when to be a good witness?

In summary, personnel who cannot demonstrate all of the above might not be good candidates for off-duty carry. And if you have to give an active or retired officer a qualification “pass,” you are doing a disservice to both of you, your command and training staff, and perhaps your community. Read up on Robert Bates, a volunteer deputy for the Tulsa County Sheriff’s Office if you don’t believe me.

Stay safe.

If You Want a Sandbox, Why Not Hit the Beach?



Dear Ron,

I try to be a good C-level executive but am really getting fed up by my cyber security staff. Every time I ask them if we’re going to get hacked like everyone else, they ask me to buy a sandbox for them. I mean, seriously… a sandbox? I’m trying to keep my company safe and they want to build sand castles. What the hey?

Yours truly,


Dear Mr. or Ms. CxO,

Before I reply to your question, let me give you a some hacking history.

In the dawn of the personal computer revolution, 15-year-old Rich Skrenta pranked Apple II owners with a self-replicating program called “Elk Cloner.” This program spread itself on floppy disks. If an Apple II booted from an infected floppy disk, Elk Cloner became resident in the computer’s memory and wrote itself to any other floppy disk inserted into the machine.

The cure to Elk Cloner was to read any floppy disk inserted into the machine, look for the program, and delete it. Because there was one version of the program and programmers knew what to look for, it was obvious what to erase from the disk. In other words, the program had a “signature” that was easy to detect so that it could be isolated or erased.

As hobbyists and then criminals started writing more software like this for fun and profit, Norton, McAfee, and dozens of other companies sprung up with software written to detect malicious software (now dubbed malware) by their signatures. Each time a new piece of malware was detected, the anti-malware companies would update their signature list to detect it. But then more sophisticated criminals and governments got into the malware business. Not only did the volume of malware increase, but chameleon-like malware that didn’t have a fixed, detectable signature started to appear.

By the time a company realized that malware was running on its systems, confidential data could be long gone. As I wrote on a Forbes blog, many companies only learned that they were hacked after law enforcement told them that their confidential information was being sold on the black market.

With that out of the way, now I can answer your question. According to Wikipedia, a cyber sandbox is used to isolate and watch untrusted code to see what it is really up to. There are several types of sandboxes, from traditional Type 1 and Type 2 virtualization to a hardware emulation sandbox. To keep this short, I’m not going to go into the differences between virtualization and emulation or why one may be better than the other. I’ll just answer your question in a couple sentences:

Today’s volume and sophistication of malware leave signature-based detection in the dust. The only way to keep up is to understand the expected behavior of approved applications, then look for unexpected actions which may indicate the existence of malware on your systems. And since the only way to see what an application is really doing is to run it in a sandbox, that is why your engineers want you to buy one for them.

“I Want To Be A Police Officer When I Grow Up”


When was the last time that you heard a little girl make that statement? For that matter, when was then last time that you heard any child make that statement? In many urban areas, including the nearby cities of Oakland and Richmond California, law enforcement officers are the enemy. It’s not my job to get into the politics of why this is so – and that discussion could fill an encyclopedia’s worth of volumes.

What I would like to talk about is how you can make a law enforcement career seem pretty cool to the “iPhone and Android generation.” If you haven’t yet heard of S.T.E.M. (or STEM), now is the time to learn about it. STEM stands for Science, Technology, Engineering and Mathematics – educational areas where the United States is falling behind the rest of the world and industries where women, Latinos, and African-Americans are at the end of the pack.

Many technology companies, such as Oracle, Honda, and Toyota, along with dozens of public organizations offer STEM grants to communities throughout the United States.

But you don’t need to fire up your own program because for the past 31 years, the Science Olympiad has led a revolution in science education.

This organization has a nationwide network of science teachers, advisors, judges, and parents who take advantage of a pre-packaged set of documentation, video training, and rules for a wide range of real-time live-fire science competitions in three divisions from grades K-12

Unlike static science fairs with tri-fold cardboard popups and baking soda volcanoes, Science Olympiad competitors need to solve real-life problems while the clock is ticking.

Forensics at Science Olympiad

Forensics at Science Olympiad

One of my favorite competitions, and one that I have judged a number of times, is Forensics, where two students from each team first need to determine if a crime was committed and then “whodunit.” Tests include lifting prints (and explaining how to lift them from various surfaces), reading blood spatters to determine their trajectory, matching DNA and spectrometer plots, and determining the origin of various fibers and hairs. This is science that is much more fun than a cardboard tri-fold and which teaches real-world problem solving.

If I showed you photos of the events that I have judged over the years, what will pop out is that over 90% of the competitors are East-Asian or Indian with a smattering of Whites, a handful of African-Americans, and very few Latinos. What also will surprise you is that over 60% of the participants in my events are female.

In my day job consulting on disaster recovery services to enterprises, I have a mantra of, “Crawl, Walk, Run.” If you already have a local Science Olympiad group that your department can join, that’s great. But if not, you can start as small and as local as you like.

SMSO_5369 ORIGIn my own California county of San Mateo, the Office of Education has a robust STEM program, with a specific program targeted at girls. San Mateo County Sheriff Greg Munks is committed to diversity in his ranks and is proud to have women at every level of command, from correctional officers to deputy sheriff, sergeant, lieutenant, captain and finally, assistant sheriff (one of whom is Trisha Sanchez, pictured to the left). His organizations’ support of the STEM program includes staff and materials for teaching these young ladies what being a deputy sheriff is all about.

Through a partnership between the San Mateo County Sheriff’s Activities League and the advertising technology company Rocket Fuel, 50 third- through sixth grade girls, half from schools in East Palo Alto and half from Garfield Community School in Menlo Park spent the eighth day of 13 STEM sessions learning about being a woman in law enforcement.

Deputy Rosemerry Blankswade and Assistant Sheriff Trisha Sanchez discussed examples of some of the different specialties and tasks the young ladies could pursue including working as a K-9 handler, motorcycle officer, detective, a crime lab technician, lifting latent prints and pulling DNA samples, or even using a radar gun on patrol.

The session ended with the assistant sheriff and deputy encouraging the girls to stay in school and excel in their studies, swearing them in as honorary sheriff’s deputies and inviting them to join the Sheriff’s Explorer Program when they turn 14.

Does your department have an Explorer program? Do you reach out to children before gangs can get to them? Do you work with your local community leaders to help keep kids in school and encourage them to excel in their studies? Please let me know in the comments.