Tag Archives: Infragard

InfraGard like Neighborhood Watch

Bookmark This (opens in new window)

Copy of a comment made on another blog that demonstrated a deep distrust for InfraGard and all national and local law enforcement…

David, your comments seem to indicate that you are distrustful of InfraGard. I want to challenge your distrust and suggest that you join InfraGard and find out for yourself that your fears are unfounded. We are all ordinary people – the only thing that makes us different is that we recognize the fact that we need to learn more about how to protect our citizens and assets.

Neighborhood WatchWe are not a ‘secret organization’. We do not have security clearances, and InfraGard membership does not grant us any such clearance. A good way to describe InfraGard is to liken it to a “Neighborhood Watch“, but instead of being aligned with neighborhoods we are aligned with industries. And like neighborhood watch, InfraGard members are equipped with knowledge on how to better deter, recognize, and report criminal activity. InfraGard helps the financial, agriculture, public utilities, telecommunications, transportation, chemical, and other industries with critical asset protection. These are the core industries that our nation depends on every day.

What it really comes down to is this: do you want criminal activity curbed, or not? Or perhaps you would prefer to live in a society without law enforcement at all – your blog suggests a deep distrust and disregard for all levels of law enforcement. Do you not recognize that, imperfect as it is, law enforcement protects your own liberties?

InfraGardAs to InfraGard’s Code of Ethics – my including it in my blog does not reassure myself, as I have a well-formed and clean conscience with regards to my professional conduct. I do not need the reassurance. It’s posted as an educational tool for others who are considering a career in information and business security. In this profession we are held to a high standard of professional conduct – higher than those of our peers, in the context of protecting our employers’ and country’s citizens and assets.

Todd’s position at King County Health does not give the FBI “access” to public medical information – the FBI, like any other law enforcement agency, must obtain a subpoena to access protected information.

Neighborhood WatchI spoke with Nolan and Jeff – they are puzzled as to why you label them as InfraGard “recruiters”. They are ordinary members like the rest of us. All of us recognize InfraGard’s good works and benefits of membership (access to sensitive non-public (but not classified) information, training in the protection of our country’s critical infrastructure, networking with other members), and as such we frequently encourage our colleagues and acquaintances to join. InfraGard is just like a good Neighborhood Watch – most participants immediately recognize the benefits and encourage other neighbors to join.

InfraGard’s work benefits all citizens – so instead of sitting on the sidelines and criticizing what you don’t understand, why don’t you join us. We and your neighbors could use your help.

my personal position on the FBI’s CIPAV capability

Bookmark This (opens in new window)

In the days since I posted a story on the FBI’s use of CIPAV (which may be their “magic lantern” capability), my blog has been visited by many individuals who are trying to figure out how to detect whether CIPAV is running on their systems and, if so, how to disable or remove it.

Sorry, can’t help you. Won’t help you.

As a security professional, I deeply understand the concern about spyware, key loggers, and other tools that track our movements and even our keystrokes. When they originate from commercial or malicious sources, of course I want the ability to detect, disable, and remove. I wrote a book on the subject three years ago.

But when law enforcement obtains a court order and uses the same sort of software, I will not publicly discuss if such capabilities exist or how they work. Being an InfraGard board member, I have visibly close ties with the FBI and other branches and levels of law enforcement. As my disclaimer reads, I am 100% white hat. I support law enforcement as long as law enforcement is acting within established laws. My disclaimer is reproduced below.

My professional codes of ethics ((ISC)², ISACA, GIAC, InfraGard) forbid me from activities that give even the appearance of impropriety. Hence, I do not possess, and never have possessed, nor downloaded, examined, or viewed, any tools that can be used to exploit weaknesses. I do not associate with those who do. I am 100% white hat.