For someone so security aware I'm surprised you have your full name and N number on a public forum.
Security aware? My day job has a general function to not allow people to log in or break into publicly accessible computers and do bad things, but I don't care if you know where I live.
Come on over. Want a beer?
As far as the password vaults go, they're a security problem waiting to happen, not good security. Encryption always gets cracked eventually. Ask the Germans.
I like their convenience, not their security.
Passwords are just about the dumbest way to secure anything. People use phrases and words they'll remember and modify them slightly trying to be "tricky" replacing letters with numbers and what not. There's lots of tools out there that are free that'll brute force just about any password given enough time. Even with those tricks. In fact they try those tricks first.
I asked a co-worker to CHANGE her local admin password on a Mac so I could take it to have work done on it a few weeks ago. She stuck a sticky note to the back with her CURRENT password instead. LOL. It was her kids name and birthdate and one special character. (Ooh. Big surprise there.)
Rotating keys on key fobs have had security problems too. They're not immune. RSA had a pretty bad physical breach a while back, throwing a large number of those gadgets into question.
Biometrics sometimes work well. Most of the cheap fingerprint readers are easily to defeat with a little latex and a good fingerprint.
Security conscious? Maybe. More like an interest that also helps with the job. Jesse has it harder at his job. He has to be audited by a massive set of rules for credit card handling that the credit card companies themselves don't even meet. PCI. Other stuff (including DoD) is worse. Lots of paperwork and lots of time. Takes lots of bodies just to do the paperwork. Let alone actually secure things. In a former life some telecom DoE stuff was "entertaining" to work on. As were telecoms in general.
Both Rocky Flats and Savannah River Site were a complete waste of a day if you needed to go swap a board out that had failed. At least SRS had an on site Verizon guy who'd do it for us and we could ship to him. He was always annoyed by the 18 year old Marines with M-16s locking him in his office (or the cold switch room) during lockdown drills. Fun guy. I never got the joy of being there when a drill or live event started but my boss got the pleasure of sitting in the conference room where the blinds automatically closed so he couldn't see the NOC for a number of hours one day. His escort told him to stay put after shooing him in there as he was trying to leave for the day and the alert started. Apparently someone misplaced some nuclear material. Happened with surprising regularity back then. Haha.
A few of the data centers I helped build had man traps. Ha. Those were fun to mess with claustrophobic people in if you were the one pushing the open door button. And of course when I was a Sheriff's dispatch intern, we had the Sally port and other stuff.
Even those all had ways to defeat them given enough time and effort and a little knowledge.
One auditor wanted to know how many minutes the coverings we had added to a series of slit windows in a data center would stand up to pounding with a hammer from outside and how we'd know if these slit windows were breached. We had to send a sample to a lab and the results were about 25 minutes. Video cameras and other systems handled the breach if someone was determined enough to climb up high on a ladder and beat on them. Hell, just kicking the ladder out from under them would have been effective as far as security goes. The backlash on the injuries and liability claim would have been kinda rough though. Ha.
Our head of Security always said the most danger to any data center that was unmanned was a jerk with access and a supersoaker under his coat. Especially if filled with something nasty. Take about three to six minutes to completely destroy the power system and drop the site. With a few more tools it wouldn't be coming back online for a few days.
Anyway back to the online stuff. Do I care about what you or anyone else can learn about me online? Nope. Not really.
Everyone here is accessible in a couple of public FAA databases and some of us have other hobbies that government exposes our personal info in also. Attempting to be incognito while having had a public podcast or other media online, even in the past, is also nearly impossible.
By the way, just for the record, the N-number isn't my house. It's a co-ownership.
We also have two photographers and all their photographer friends in our merry band of people loosely associated with the airplane so the N-number is all over the Internet.
I wouldn't mess with the guy who has the address on the registration though, he has more interesting friends than I do. But I'll leave it at that. He also likes stuff chambered in .308 if you want to buy him ammo for Christmas. But he prefers shotgun shells and .22 for plinking.
All I was offering up for the person who hated passwords was that there's lots of password vault tools that integrate right into browsers and even mobile devices these days. You just store the stuff in them and use a single password to open the vault and a hot key combination to send the username and password to a website.
They'll even let you set a wildly random password that you'll never remember yourself and you can carry the vault around on multiple devices so you're never "locked out". They're cheap and work well. They'll also be breached by some dumb software bug eventually. They always are sooner or later.
Nowadays my biggest security concern is some idiot with a backhoe digging up my fiber optics. I don't miss handing my SSN for security checks to random telecom
Workers at AT&T, Verizon, Global Crossing and others annually. Always thought that was pretty stupid of them to ask for but it was that or quit...
GTE wanted it too when I worked on a project under their FAA contract. But it was fun to walk next door to the lab we were testing some gear in at the Chantilly office, er, complex, and meet the DUATS help desk folks. The GTE engineer knew I was a pilot and asked if I had ever used it. Then he surprised me after lunch and took me into the tiny little call center.
During the TWA 800 thing my wife got annoyed with me looking to see if I could catch a glimpse of our gear or the door leading to it behind the big FAA conference room they did the briefings and stuff from. Behind the camera was a spartan room with operations folks who had the touch screen we designed that handled the conference calls and behind that tiny door to the left behind the presentation wall was a little switch room I spent a cold weekend in, upgrading the system.
The opulent look of the FAA conference room was a stark contrast to the rest of the old green painted concrete government standard issue building. There was an 11 x 14 or bigger of that idiot Federico Pena hanging at the end of the long ball outside the conference room. I hear he's doing well managing the family money nowadays after his brother sold much of the land that DIA sits on, to the city of Denver. The guy who had a temper and tood people never to call him anything but "Fred" until he ran for mayor of Denver and needed the Hispanic vote. Dude was a total sleaze. Perfect politician. Ran the city so broke that he had to try using trash trucks to pack down snow because he couldn't buy new snowplows. Haha. Amazing.
Fun times. Dumb kid with a field engineering business card who knew not to **** the customers off and just fix crap. Now I do the same and manage the IT "department" for a little company who's building sits right smack in the middle of what used to be the far north end of 35R at Stapleton. Funny how that worked out. One of my first college jobs was throwing bags for Continental on the ramp there so I could afford to rent Skyhawks and pay the CFI on days off.
"It's been a long strange trip."
Once they say it, I say "talk to me". Half the time I'll end up filing as a back up, maybe 10% of the time I'll use it. Regardless, I still call, been a long time since I sat in an FSS and had their coffee though. There are still actually a few pretty knowledgeable briefers around. Normally I have my weather covered before I call and make my phone brief last moment to get any changes in TFRs or weather.
