URL shortening services like bit.ly and tinyurl.com have grown as demand for leaner and cleaner web links has grown due to social networking and microblogging sites like Twitter and Facebook.

In addition, the frequent use of shortened URLs on these social media sites has increased the trust that people have in their legitimacy.

However, clicking on shortened URLs can increase security risks for web surfers since the shortened URLs hide the destination ( real ) URL that the link takes you too. Shortened URLs can be used by internet scams and phishers to hide and promote a multitude of bad web sites.

The Internet Explorer 8 web browser reveals the real destination URL to users as protection against bad sites and phishing scams. However, the shortened URL alias reveals no information about the real URL and can be used to fool users into visiting a malicious site.

Short URL’s can also fool numerous network security tools. Shortened URL’s are typically trusted by firewalls, web filters, and spam blocker software.

There are some software tools available to protect users from malicious shortened URLs.

Twitter users can use Tweetdeck. Tweetdeck has an option in the settings to that previews destination information for short URL’s. The tool will display the title and real destination URL for shortened URL’s that are posted in tweets.

There are browser plug-ins and services that perform a similar function outside of Twitter. TinyURL has a tool that allows users to preview destination URL’s that have been shortened.

ExpandMyURL and LongURLPlease both offer browser plug-in tools that people can use to preview the real URL as well.

URL shortening is a great web service that will only grow in the future, but people need to take steps to guard themselves against the numerous ways that these shortened URL’s can be used for malicious and criminal purposes.

Source: PC World

Washington D.C. is attempting to build a city-wide surveillance system that would bring together thousands of city-owned video cameras, but city officials don’t yet have the money to complete the network or privacy rules in place to govern its use.

The security system will conduct 24/7 monitoring of public camera systems run by nine city departments. The first phase will bring together about 4,500 cameras trained on schools, public housing, traffic and government buildings that will feed into a central command office in the Washington D.C. Homeland Security and Emergency Management Agency.

Hundreds of additional security cameras will be added within the year.

By bringing all of these surveillance images together in one department, city officials hope to improve public safety and emergency response times.

The large D.C. surveillance system shows just how public security cameras have grown in use since the Sept. 11, 2001, terror attacks. By the fall of 2008, Washington D.C. will have installed approximately 5,600 security cameras, which is about triple the number it had in 2001.

Other cities have increased their use of public security cameras as well. New York plans to use a network of 3,000 public and private security cameras to monitor Lower Manhattan. Chicago’s emergency management office will soon be using more than 6,000 video cameras in schools, police other city departments.

U.S. cities, as well as Washington D.C. government departments, have varying regulations on the use of security cameras.

Washington D.C.’s attorney general’s office is currently working on a public policy to protect privacy rights, but it will not be finished by the time the surveillance system is implemented, said Darrell Darnell, head of the city’s homeland security department. Each city agency involved will follow their own rules in the interim, he said. Policies vary on such matters as how long images are kept.

In the past, courts have ruled that people have no right to privacy in public places. However, civil libertarians and some security professionals are concerned about who is watching the electronic eyes and how long they store the electronic images.

“If you’re just saving it, at some point, this stuff is going to be posted to YouTube,” said Frank Baitman, president of Petards Inc., a maker of video security systems.

Issues also can arise when security cameras are installed for one purpose and then used for another unintended reason. One example occurred in Tacoma, Wash., last year, when a high school official showed parents video images of their daughter kissing another girl.

The D.C. surveillance system will have between three to five operators watching footage from the cameras during eight-hour shifts. By the end of 2008, video analytic software will be installed that can alert operators to potentially dangerous events.

Baitman, the security expert, questioned whether that size staff could prevent crime, observing, “There’s no way you could have someone watching 1,500 cameras, even with video analytics, and identify crimes.”

Source: Washington Post

The Threat Level blog from Wired.com is reporting on a proposal in congress that would provide millions of dollars for the funding of video surveillance cameras to be used in US elementary schools.

On April 17, federal lawmakers will have a hearing on a proposal that allows public schools to use millions in federal grants to install surveillance cameras in their halls.

The proposed bill adds surveillance cameras to the list of security items eligible for Justice Department Safe School grants.

However, the bill would bar schools from using the security grant funding for assessing what the threats and weaknesses to the school are.

That item is replaced in the bill by phone tip lines where people can report dangerous students.

The House Judiciary committee’s Crime, Terrorism and Homeland Security subcommittee will convene a hearing on the school surveillance on Thursday April 17 at 10 a.m. EST.

Source: Wired.com

CNet News is reporting on how an Indiana man named Fred Thompson used a homemade, automated security system connected to his personal computer to catch thieves who broke into his house.

Thompson’s interest in automated, do-it-yourself home security started after his home in Fort Wayne, Indiana was burglarized. He responded to the first burglary by setting up a video camera connected to his computer and configured it to remotely notify him when motion was detected in his house while he was away.

On October 10, 2006, Thompson’s security system notified him that movement had been detected in his home. He then called police, and headed home in his car.

Thompson and Police Officer Stephanie Souther discovered that his front door had been unlocked and a window at the back of the house was open. The recorded video showed that a man entered the back of the house, unlocked the front door to let someone else in and the two thieves then searched the house.

A large piece of copper pipe was found to be missing from the house.

After the police failed to generate any suspects, Thompson posted his video on YouTube a week later with the title “Burglars Caught in Fort Wayne.”

Detective Everett D. White of the Fort Wayne Police happened to notice it.

White showed the YouTube video to his colleagues at work the next day, and one recognized the men.

On November 16, 2006, Richard Klaff was charged with felony burglary and felony theft.

A jury convicted Klaff the following June, and a judge sentenced him to six years jail time plus a one year probation.

Klaff appealed the conviction, claiming the evidence against him is insufficient. However, the Indiana appeals court ruled on March 31 that the video “establishes that not only was Klaff present at the house, but also that he was an active participant, and thus the evidence may raise a reasonable inference of guilt.”

Source: News.com

Washington Times reporter Bill Gertz is reporting that the US Government’s Printing Office is outsourcing the production of its electronic passports to overseas companies, including one Thailand company that was the victim of Chinese espionage efforts.

The outsourcing of passports raises concerns that the government is putting cost savings ahead of national security.

The Government Printing Office’s decision to outsource the work has proved profitable, allowing the agency to earn more than $100 million in recent profits by charging the State Department more money for blank passports than it actually costs to make them.

US lawmakers said they are concerned by these findings and plan to investigate why U.S. companies weren’t used to produce the state-of-the-art passports, one of the cornerstones of American border and national security.

GPO officials as well as the Homeland Security and the State Departments played down security concerns, saying they are confident that timely audits and other protections in place will stop terrorists and foreign spies from stealing the sensitive information to make fake passports.

However, GPO Inspector General J. Anthony Ogden doesn’t share that confidence. He warned in an internal Oct. 12 report that there are “significant deficiencies with the manufacturing of blank passports, security of components, and the internal controls for the process.”

The electronic passports contain a small computer chip inside the back cover that contains the passport number, photo and other personal information of the holder.

The Netherlands-based company that assembles the U.S. electronic passport covers in Thailand, Smartrac Technology Ltd., warned in its latest annual report that, in a worst-case scenario, social unrest in Thailand could lead to a halt in passport production.

Smartrac divulged in an October 2007 court filing in The Hague that China had stolen its patented technology for e-passport chips, raising additional questions about the security of the US passports.

Stolen blank electronic passports are the most problematic because they are the hardest to detect with current security procedures.

The GPO plans to produce 28 million blank passports this year up from about 9 million five years ago.

Source: WashingtonTimes.com