Commentary: Recent Disclosure of an Alleged Flaw in Burglar Alarm Panels

On the 12th of this month, Security eNews–your news blog–carried the following news item related to single-use and combination burglar / fire alarm panels, alleged to be non compliant with regard to UL 985 and NFPA 72:

SDM Magazine (image)Major Alarm Panel Recall Could Be Looming | There appears to be a major issue of non-compliance with both the NFPA and UL codes by possibly every alarm panel manufacturer in the industry — despite being UL certified (click here).

I’d like to make a personal observation on this matter.

Allan B. Colombo, Tech Writer
Allan B. Colombo,  a security/fire Trade Journalist/Writer

First, was public disclosure with the Consumer Product Safety Commission (CSPC) really necessary? In a world where the popular news media grandstands on any and every opportunity to demonize the security industry, was this really necessary?

Second, as technicians, many of us have suspected that there might be potential issues with the electronic burglar alarm panels we use… but we didn’t publicly disclose the matter because it would tell every burglar known to man that there could be an inherent issue. Oh, and we commonly run our alarm wires inside the walls, inside the structure, and not outside so burglars cannot easily short them.

Combo Burg/Fire Panel (image)
Typical combo burg/fire alarm panel (not named in complaint with CSPC).

Third, couldn’t this be handled in some other manner, other than involving all the above as well as the entire world?

In conclusion, the resolution to this issue is now beyond comprehension or the financial ability of  anyone to address via normal channels.

Not only will this effectively cause most burglar alarm panel manufacturers to expend an unimaginable amount of money and effort to fix, if found to be an issue, but it could put some of them out of business. It may also mean that every alarm company out there might have to return to their good customer’s place of business or residence to replace the alarm panels that they previously installed–and most likely at their own expense.

Did I forget to mention the lawsuits that could result because of all this? Of course, some of the older panels out there were installed before UL and NFPA compliance was codified. That will, of course, help limit or contain the problem to some degree.

Alarm dealers, the immediate resolution to this problem is to stop running all your wires surface on the outside of buildings and homes.  Well, at least make sure you don’t (sorry for the bit of sarcasm here).

And finally, I sincerely hope I’m making a mountain out of a mole hill here, but time will tell. One thing is for sure, this will be an interesting ride.  –Al Colombo

About Al Colombo
Allan B. Colombo (image)Allan B. Colombo is a long-time trade journalist and copywriter in the security and life-safety markets. Over the past 35 years his byline has appeared in nearly every security and locksmith trade magazine on the planet. He’s now a Senior Design Specialist with TpromoCom, a social media, content, and web design company based in Canton, Ohio.

Editor’s Note: Feel free to leave me a comment below. Thank you.

Cisco ‘Knowingly’ Sold Hackable Video Surveillance System to U.S. Government

The Hacker News

Cisco ‘Knowingly’ Sold Hackable Video Surveillance System to U.S. Government | #TpromoCom #Hacker #VideoSurveillance #Legal | Cisco Systems has agreed to pay $8.6 million to settle a lawsuit that accused the company of knowingly selling video surveillance system containing severe security vulnerabilities to the U.S. federal and state government agencies.

image of nypd CI officer at row of monitors

The lawsuit began eight years ago, in the year 2011, when Cisco subcontractor turned whistleblower, James Glenn, accused Cisco of continue selling a video surveillance technology to federal agencies even after knowing that the software was vulnerable to multiple security flaws.

According to the court documents seen by The Hacker News, Glenn and one of his colleagues discovered multiple vulnerabilities in Cisco Video Surveillance Manager (VSM) suite in September 2008 and tried to report them to the company in October 2008. (click here)

Allan B. Colombo, Tech Writer
Allan B. Colombo, Tech Writer
Editor’s Note: For many years, I sought to warn security dealers of the risks of using specific brands recently named by the U.S. Government as being off limits to all federal applications. At the time, as the administrator with the CCTV Security Technicians Forum on Facebook, many members suggested that this only pertains to government use, which is correct, so they were going to continue selling those specific brands. My message to all dealers now as it was then, is that in the end analysis, if a CCTV system you sold and installed is hacked, and you knowingly sold it to the client, you could possibly be susceptible to legal action on the part of the client. –Al Colombo

Human Investigation Management – ISIO
Human Investigation Management – ISIO. Find out more by clicking!

San Francisco could ban government agencies from using facial recognition technology


San Francisco could ban #government agencies from using facial recognition #technology | #TpromoCom #AccessControl | City would be first in US to ban official use of technology. Supervisor: ‘We don’t want to live in a police state.’

San Francisco could become the first city in the country to ban government agencies from using facial recognition technology.

The “Stop Secret Surveillance Ordinance” would prevent government agencies, including police, from using facial recognition in law enforcement. The bill passed unanimously in a committee vote on Monday and will move to the San Francisco board of supervisors for a final vote on 14 May.

The legislation is meant to address concerns about the accuracy of technology and put a stop to creeping surveillance culture, said supervisor Aaron Peskin, who introduced the ordinance.

To read the remainder of this news report, click here.

Human Investigation Management – ISIO
Human Investigation Management – ISIO

New Lawsuit Claims Marriott Still Exposes Customer Information

New Lawsuit Claims Marriott Still Exposes Customer Information | #TpromoCom #Marriott #Privacy #Information | A new class action filed against Marriott following the massive data breach alleges that the hotel giant’s systems are affected by a serious vulnerability that still exposes customer information. 

[image] TpromoCom provides affordable websites & blogs.
TpromoCom provides affordable websites & blogs.

Several lawsuits have been filed against Marriott after the company revealed that hackers had access to its systems since at least 2014 and that they may have stolen the details of up to 500 million customers from the Starwood guest reservation database.

The latest class action, initiated by law firm Edelson in Maryland, claims that Marriott’s network is still vulnerable to cyberattacks. Edelson claims its in-house forensics lab discovered a flaw in Starwood’s internal systems that exposes a “wealth of information.”

Edelson’s complaint is redacted to avoid giving away the details of the vulnerability, but it does note that “some of the largest and most significant data breaches in recent history were carried out by leaving open access to this exact type of data.” 

To read the remainder of this news story, click here.

Secret Charges Against Julian Assange Revealed Due to “Cut-Paste” Error

Secret Charges Against Julian Assange Revealed Due to “Cut-Paste” Error | #TpromoCom #Wikileaks #Legal | United States prosecutors have accidentally revealed the existence of criminal charges against Wikileaks founder Julian Assange in a recently unsealed court filing in an unrelated ongoing sex crime case in the Eastern District of Virginia.

Assistant US Attorney Kellen S. Dwyer, who made this disclosure on August 22, urged the judge to keep the indictment [pdf] prepared against Assange sealed (secret) “due to the sophistication of the defendant, and the publicity surrounding the case.”

Dwyer is assigned to the WikiLeaks case.

To read the remainder of this news story, click here.

Editor’s Note: Why did I post what appears to be purely a political news piece on Security eNews? Because there’s something terribly wrong going on behind the scenes that most all of us have  missed. Ever hear the old saying, “Don’t shoot the messenger?”  Well, someone has given us an important piece of information about what amounts to a whistleblower (Assange) who, himself, gave us some very important pieces of the puzzle. I don’t care if it’s about President Trump or about Presidential hopeful Clinton. If there’s a wrong doing, doesn’t the public have a right to know?  Don’t shoot the messenger.

Additional information on Julian Assange and recent events:

Julian Paul Assange (/əˈsɑːnʒ/;[1] born Julian Paul Hawkins; 3 July 1971) is an Australian computer programmer and the editor of WikiLeaks.[2] Assange founded WikiLeaks in 2006, but came to international attention in 2010, when WikiLeaks published a series of leaks provided by Chelsea Manning. These leaks included the Collateral Murder video (April 2010),[3][4] the Afghanistan war logs (July 2010), the Iraq war logs (October 2010), and CableGate (November 2010). Following the 2010 leaks, the federal government of the United States launched a criminal investigation into WikiLeaks and asked allied nations for assistance.[5]

In November 2010, Sweden issued an international arrest warrant for Assange.[6] He had been questioned there months earlier over allegations of sexual assault and rape.[7] Assange continued to deny the allegations, and expressed concern that he would be extradited from Sweden to the United States because of his perceived role in publishing secret American documents.[8][9] Assange surrendered himself to UK police on 7 December 2010, and was held for ten days before being released on bail. Having been unsuccessful in his challenge to the extradition proceedings, he breached his bail and absconded. He was granted asylum by Ecuador in August 2012 and has remained in the Embassy of Ecuador in London since then. Assange has held Ecuadorian citizenship since 12 December 2017.[10]  (click here)

More to come: 

Julian Assange has been charged, prosecutors reveal inadvertently in court filing | WikiLeaks founder Julian Assange has been charged under seal, prosecutors inadvertently revealed in a recently unsealed court filing — a development that could significantly advance the probe into Russian interference in the 2016 election and have major implications for those who publish government secrets.
The disclosure came in a filing

in a case unrelated to Assange. Assistant U.S. Attorney Kellen S. Dwyer, urging a judge to keep the matter sealed, wrote that “due to the sophistication of the defendant and the publicity surrounding the case, no other procedure is likely to keep confidential the fact that Assange has been charged.” Later, Dwyer wrote the charges would “need to remain sealed until Assange is arrested.”

To read more on Julian Assange, click here.

Tourist Sues Graceland Hotel for $75K Claiming ‘Loud Fire Alarm’ Caused Marriage Issues

Tourist Sues Graceland Hotel for $75K Claiming ‘Loud Fire Alarm’ Caused Marriage Issues | #TpromoCom #FireAlarm #Legal #Stupid |  “Stupid is as Stupid does, and I think I’ve heard it all now,” says Al Colombo, 45-year veteran of the professional fire alarm industry. A tourist is suing the Guest House at Graceland for negligence after he claims he was woken up by an “extremely loud fire alarm,” setting off a series of stressful events and ongoing health and personal issues.

According to a legal filing first obtained by The Blast, Hans-Peter Gauch, 53, who is originally from Switzerland, and his daughter were sleeping at the hotel, located across the street from Elvis Presley’s historic home, in October 2017, when “at approximately 8 a.m. an extremely loud fire alarm sounded and woke [Gauch] from deep sleep,” the lawsuit states.

To read the remainder of this Stupid news article, click here.

Comcast Slapped With Patent Infringement Charges by TiVo

Comcast Slapped With Patent Infringement Charges by TiVo | #TpromoCom #TiVo #Comcast #patent #lawsuit |  Comcast Corp. (CMCSA – Free Report) , the leading cable multi-service operator (MSO) in the U.S., has been reportedly slapped with patent infringement charges by TiVo Corporation (TIVO – Free Report) in relation to its X1 platform. The suit claims that Comcast’s X1 set-top boxes are infringing on at least eight of the patents, which are held by Rovi Corp.

TiVo was acquired by Rovi in 2016 and the merged entity is known as TiVo, which attained ownership over more than 6,000 patents. To read the remainder of this news story, click here.