Interesting People mailing list archives
Re: I guess you could call this Not Good News
From: David Farber <dave () farber net>
Date: Sat, 8 Mar 2008 12:00:23 -0800
________________________________________ From: Gene Spafford [spaf () cerias purdue edu] Sent: Saturday, March 08, 2008 1:51 PM To: ip Cc: David Farber Subject: Re: [IP] Re: I guess you could call this Not Good News
From: Peter Wayner [pcw () flyzone com] Sent: Saturday, March 08, 2008 7:12 AM To: David Farber; ross () stapleton-gray com Cc: Kevin Poulsen Subject: Re: [IP] I guess you could call this Not Good News So let's say you're a network administrator confronted by someone with a badge that doesn't look real, some business cards that look like they came from a print shop and a piece of paper that says it's a warrant. Do you comply? Or do you just give them a fat pipe to their headquarters and let them sort it out?
Well, I have always counseled my students to be suspicious and use good judgement. If there are 5 people there with guns drawn claiming to be the FBI, then don't challenge them, but try to stay calm and memorize as much as possible of names, faces, and what they do. Law enforcement officers are trained to take command of an active scene. As such, challenges to their authority are not well tolerated. Firm, polite requests within your rights should be honored, however -- but don't threaten. Be sure to actually study and read any ID presented -- don't simply let someone wave it in front of you and claim authority. If there are one or two people at your door you've never seen before and weren't expecting claiming to be from the local Secret Service office and flashing badges, ask them to wait a few minutes. Then call the local Secret Service (or FBI or DEA or Postal Inspector or whatever agency they claim to represent....) office with the phone number in your phone book (NOT from the business card), and ask them to describe the agents involved to your satisfaction. In many cases they will have a cell phone number and can call the waiting agent to do a "handshake" to verify the identity if you are really suspicious. (Of course, that doesn't rule out that they have intercepted your outgoing phone calls... :-) I once had someone in my office from the DC FBI office. I couldn't confirm him with the local office and wasn't expecting him. I asked to see his driver's license. The name matched, and was issued in Virginia. He was bemused, but when I explained, he understood. This wasn't 100% proof, but more than enough for the ensuing conversation. In general, someone with a fake badge/ID will not have a valid license/ passport/etc with the same name -- an impostor is generally going to use a fake name and will depend on the fake badge as ID. Keep in mind that real badges can be stolen or lost. Many Federal IDs coupled with badges don't have pictures, either. So, asking for a second form of ID is not a bad idea if you have doubts. So, if the dude with the cargo pants and ripped T-shirt shows an FBI badge, then you might want a second ID. :-) If you have someone present whose credentials you doubt or who is asking odd questions, call for local law enforcement -- let a uniformed officer help make the call. If for any reason you are really uncomfortable, then listen to your instincts -- ask to resume the talk later, or call for help. At worst, you'll appear a little paranoid. At best, you could be saving resources (or lives!). If you get a legal document and are unsure of its validity, call a lawyer. Do not allow someone into your home until you have verified his/her bona fides. If I wanted "in" I would show up during a bad rainstorm at night, show a badge in dim light at the door, and ask to come in out of the rain -- prey on the good will of the victim. Don't be a victim of social engineering! Afterwards, you can apologize and offer hot coffee and a towel to a valid agent if it happens to you. Some lawyers would claim that you should never allow law enforcement into your premises without a warrant, but I don't subscribe to that school of thought -- but your decision. People in uniform (police, military, Coast Guard, utility companies, PHS, etc) should also honor a request to show official ID beyond the uniform. Local PD may not have other ID, and may not be very cooperative, either, so use your judgement -- especially if they are armed. An impostor can be deranged or criminally inclined, and if challenged may be willing to injure or kill to accomplish goals, so be wary if you have doubts. CIA personnel (and some other Federal agencies) may not have easy call- back methods of verification. So, ask for a trusted third-party introduction -- e.g., get a FBI agent you know to vouch for the person. If you get a phone call from someone claiming to be in authority, listen, but don't give out information. Instead, get sufficient information to verify the identity and home office, then call them back at that location after checking to ensure that the number matches what is in the phone directory and/or online. All Federal agents (and most state) that I have spoken with on these issues indicate that they get special emphasis on responding to challenges to ID themselves -- they should not be angry or upset that you double-check their credentials. If they are, and they are real, then report that to their superiors later on. This is an area of great importance, and almost everyone involved understands that. Trust your instincts to some extent. Don't let a badge or uniform or someone's rushed demeanor overcome a sense of suspicion or unease. So long as you are polite about it, real sworn agents shouldn't hold it against you (although they are human, and some have bad days). If you've been dealing with phishing email and 419 scams online, none of this should be surprising -- the real world can be surprisingly like your on-line account. :-) (As an aside, this whole thread should provide some insight into one set of reasons why many people, including the USACM, are generally not in favor of the REAL-ID act. The average person will not challenge or really seek to verify an ID flashed in front of them.) ------------------------------------------- Archives: http://www.listbox.com/member/archive/247/=now RSS Feed: http://www.listbox.com/member/archive/rss/247/ Powered by Listbox: http://www.listbox.com
Current thread:
- I guess you could call this Not Good News David Farber (Mar 08)
- <Possible follow-ups>
- Re: I guess you could call this Not Good News David Farber (Mar 08)
- Re: I guess you could call this Not Good News David Farber (Mar 08)