The use of shielded category Ethernet cable for IP Video

It comes up from time to time from customers and vendors when and where to use shielded category twisted pair cable for Ethernet.   Most vendors hate it.  It’s hard to terminate, doesn’t flex well and nobody ever seems to agree on how it should be grounded.    For the most part, it wasn’t much of a problem for CAT3 or even CAT5 cable.  But with higher and higher bandwidth (and thus frequency) demands on the cable, using CAT6A cable in certain environments for network applications becomes important.   And while there’s a decent argument for why you may not need CAT6A cable for IP video (see this article for more information), many of our clients are using it as a corporate standard, regardless of the application.

Although CAT6 cables have improved the cable twist to handle gigabit Ethernet and reject noise, this by itself is not enough for environments that have high electromagnetic interference (EMI).  What is EMI?  Think of EMI as gremlins that are trying to attack the signal of your network cable.  EMI is generated as electromagnetic waves in the radio frequency (RF) spectrum, and can come from many sources.  The most logical is an RF transmitter, like a radio station tower or even HAM radio antenna; but other sources can be harder to spot, such as a nearby computer, high voltage power lines, a leaky transformer, or fluorescent light fixture that’s going bad.   Running network cables in your ceiling or plenum space could potentially put these cables near those kinds of sources, and thus introducing the gremlins to degrade or even interrupt communications over the Ethernet network cable.   Since Ethernet is a collision based network strategy, this usually looks like a slow connection, as the network repeatedly keeps re-transmitting packets that were found to be in error.  Result, poor network performance and potentially bad video.

Most people are familiar with UTP cable (Unshielded Twisted Pair), versus STP (Shielded Twisted Pair), and UTP is commonly used in CAT5e cabling that is predominant for gigabit Ethernet networking in most commercial and residential applications.  STP cables have an additional metallic braid that forms a sort of shield (google “Faraday shield” for how it works) around the conductors, and reduces the amount of interference that can be injected into the cable.   Still, both types of conductors (STP and UTP) have one thing in common, the twisted pair, that by itself reduces interference by its inherent design.

Photo courtesy of Axis Communications.

 

 

 

 

 

 

 

 

 

 

The drawback of STP cables is that they increase the total cost of the installation. STP cables are more expensive due to the shielding (and usually are higher quality), which is an additional material that goes into every foot of the cable.  The shielding also makes the cable heavier and stiffer. Thus, it is more difficult to handle during installation (pulling cable over long distances through a conduit is hard enough with flexible cable).

While most installations can be done effectively using UTP cable, we recommend using STP cable for high EMI environments like manufacturing, laboratory, or research facilities where other high energy or RF generating devices may be in use.  Also, if you’re forced to run category cable in a cable tray that’s shared with power conductors (low or medium voltage), use STP cable even though the cable tray is separated and may have it’s own shielding for the power conductors.   It is also highly recommended to use an STP cable where the camera is installed outdoors or where the network cable is routed outdoors.

Oh, and what to do with that drain wire?  Our suggestion is to use some of the pre-fabricated shielded keystone jacks like this one.

 

 

 

 

 

 

 

 

 

 

 

Posted in: IP Video

Leave a Comment (0) →

Bitcoin Hacked! Hackers steal $70M dollars! And Other Sensational Journalism…

Bitcoin…  Another story.   The mainstream media, in their usual quest for drama and ratings, is in a fever pitch about the December 5 hack of Nicehash.com that resulted in the theft over over 4736 bitcoins (~$77M dollars as of this writing).  See here for what is claimed to be the blockchain identifier for the transfer:  https://blockchain.info/address/1EnJHhq8Jq8vDuZA5ahVh6H4t6jh1mB4rq

The claim that seems the most ridiculous is that “Bitcoin is NOT safe, and is hackable!”.   This is nonsense, and it is like saying that the US dollar isn’t safe because your neighborhood Bank of America was robbed.  The fact is, nicehash.com didn’t have adequate security measures in place to prevent the hack (even with the most annoying Captcha I’ve ever used), and it probably has ruined the company.

Nicehash is was a very popular and easy to use mining service where people (including myself) can mine for Bitcoin (and other cryptocurrencies) using their PC or specialized hardware built for mining. Nicehash pays miners a “fee” for mining cryptocurrencies, and pays them on a round basis.  The nice thing was they paid in bitcoin, no matter what coin you were actually mining.  Naturally, they had to have a pretty large amount bitcoin to be able to make these payments, and they advertised it regularly on the web.

Nicehash also had a policy of not making payments to external wallets (meaning, under the control of the individual miner, and not on nicehash.com) unless they had a mining balance of .01 bitcoin or more. That’s about $170.00 and many miners had just slightly less than that balance that was stolen from the community wallet that nicehash.com paid miners from. And because Bitcoin transfers are generally not traceable to an individual, the money is gone. In short, everybody loses.

The trouble sets in when someone, somehow, found a way to get into their Bitcoin wallet and transfer the coins out to themselves.  The FBI is almost certainly involved, as well Interpol, Europol, and possibly some other European or Slovenian police agencies.

So why still invest in Bitcoin? Because Bitcoin is based on a blockchain technology that is very reliable and secure.  The concept of bitcoin and it’s blockchain is not hackable in itself. Rather, nicehash.com was hacked and lost their bitcoin.  There are different types of blockchain strategies, and some are more efficient, quick, secure, and anonymous than others.  Bitcoin was the first cryptocurrency to use this concept, and while you can “see” what address funds are transferred to and from, you cannot see “where” physically (geographically) or any other identifying information for who or where the funds were sent to or from.

So what is blockchain? Google is your friend here, as there are tons of videos and wikis about blockchain and how the different types all work.   But in a (very simplistic) nutshell, blockchain is the concept that all transactions in an ecosystem are using a distributed cryptographic ledger, and most importantly, the SAME ledger. This means that if Zack, Sally, Mike and Kim are all in a trading club and are sending money to each other, they each have a copy of the ledger, and when Mike sends Zack funds, it is recorded on all four ledgers and the ledgers all have to agree (using a cryptographic algorithm) on the transaction date/time, amount, and transferees bitcoin address. If they don’t agree, the transaction is invalid and the transaction is rejected, thereby preventing someone from just inserting a million dollar credit to their own ledger.  As you can also imagine, for something like Bitcoin that’s been logging and recording all these transactions around since 2009, that ledger can be quite large… about 2 gigabytes large… and still growing.

The cool thing is this technology can be applied to other types of transactions, such as deed transfers, contracts, information exchanges, or gaming, to name a few. Because the transaction is secure, encrypted, and shared, it is virtually “hackproof”.  What isn’t “hackproof” is anything stored online, like Nicehash’s wallet,  or any other online wallet that you yourself don’t have the private keys for and can transfer to cold storage.   Online wallets are very convenient.  Coindesk.com is very popular and has exploded in recent weeks due to the popularity and price spike for Bitcoin, but it’s generally not considered a good idea to keep large sums of Bitcoin stored there unless you have an immediate need for it.  Keep it in an offline wallet and use cold storage.

So in short, Bitcoin is just like any other fiat cash currency, the bearer holds the value, and if you don’t take steps to protect it, someone else can (and probably will) steal it.

 

 

 

Posted in: Company News

Leave a Comment (0) →

Door Handedness

One of the questions that comes up all the time in access control design layouts is door handedness.  It’s not a hard concept to understand once you see it graphically, but it’s sometimes tough to remember in the field if you’re not accustomed to working with door hardware on a daily basis.

While we would typically prefer security doors to swing into the secured space (easier to barricade if needed in an emergency and the hinges are typically on the secured side), usually the handedness of a door isn’t left up to security and is based more upon building code and/or the function of the space.

The following graphic explains it better than I’ve seen it anywhere, and shows you the door swing based upon being on the Outside (or “unsecured” side where the card reader or key would be).

 

Courtesy of Specialtydoors.com

Also, note from the table below that a Left Hand door isn’t the same as a Right Hand Reverse door, as the lock hardware has to change in order to be able to latch properly.

  • Left Hand:  Door swings inward to the Left, uses LH Hinge, LH Strike, LH Lock.
  • Right Hand: Door swings inward to the Right, uses RH Hinge, RH Strike, and RH Lock.
  • Left Hand Reverse:  Door swings outward to left, uses RH Hinge, RH Strike, and LH Lock.
  • Right Hand Reverse: Door swings outward to Right, uses LH Hinge, LH Strike, and RH Lock.

 

So next time someone says that a door is a “Right Hand Reverse” door, you’ll know that they really mean the door swings out to the right towards you if you’re standing on the outside.

 

 

Posted in: Company News

Leave a Comment (0) →

Alarm Circuit Supervision – Why You Should Care

EOL resistors installed at panel instead of terminating device.

                  The wrong place for EOL resistors.

Nearly every project we work on, we recommend that alarm initiating devices, especially door contacts, are to be configured using end of line (EOL) resistors for 4-state supervisory circuits.  The actual resistance value and configuration can vary by system manufacturer, but typically it involves wiring a 1K Ohm resistor in series and another in parallel with the switch, at the terminating device itself (not in the panel or junction box above the door).   This ensures that we have circuit supervision from the alarm panel (or card reader panel) all the way down to the device termination, so we know if the device is in a normal state (1), an alarm state (2), shorted state (3), or cut state (4).   This is known as 4-state supervision, because it distinguishes between 4 possible scenarios for the supervised device.

For an example of why you need device supervision, I recently had a high profile client contract me to do a security survey of their research building.  One of the basement doors had a door contact on it that was not supervised and had been cut and shorted about 30 feet away from the door.  The card access system monitoring the door didn’t use 4-state monitoring and the door appeared to be “closed” all the time, even though it was commonly known that maintenance staff actively used the door for that area.  It had been in that state for several years before it was identified and later repaired.

This simple addition offers greater security to the system, yet often gets omitted by vendors in the installation because it requires extra time and expense, and even causes confusion with some installers (really).  Worse, we sometimes end up with installations like the picture above that adds the EOL resistors to the panel with Dolphin connectors.  This type of installation does not offer any real security, and potentially introduces the opportunity for spurious connections inside the panel.  Thankfully, vendors like GRI manufacture magnetic contacts that come pre-assembled with the resistor array included.  They include 1K, 2K, 3.3K, 5.6K, 10K, and 33K resistors in a variety of contact packages, and also sell resistor packs for retrofit installations.

Years ago, one of the best explanations I ever read about alarm circuit supervision was from an Andover Controls card access panel installation guide.  I had learned already about 4-state supervision and why you should do it, but the following illustration shows it more clearly than anywhere else I ever saw it.  I ran across it again the other day and decided I would put it in an article here on the site.  The illustration below shows how the first two iterations of EOL resistors do not offer any significant line supervision, and could easily be defeated.  The third configuration offers 4 unique resistance values that correspond with the 4 possible state conditions.

Credit to Schneider Electric / Andover Controls for the illustration.

Posted in: Security Technology, Training

Leave a Comment (0) →

Video Surveillance System Best Practices – The Right Way to Use CCTV

One of the most common questions we are asked by clients when starting a new project is if they should use Closed Circuit Television (CCTV) cameras for video surveillance.

As we work the the programmatic stage of the project, we try to apply some industry best practices with the client on HOW the cameras will be used on the property.  Here’s a quick rundown on some of the concepts we try to apply:

  1. Identify the purpose of the system and the objective of the surveillance.  This should be a detailed statement that originates in the project’s Basis of Design document.  The objectives should be detailed and achievable.  For example, “providing a view of the entire parking lot” is not a good performance objective, while “identifying the license plates of each vehicle entering or leaving the lot, along with a digital time-date identifier” is an effective performance objective.
  2. Minimize the number of cameras in the system. While this obviously has an impact on the initial cost of installation, it also enables the owner to utilize the system more effectively with fewer personnel and technical resources.  It helps to reduce the overall operating and maintenance costs as well.  A side benefit is that it encourages the system designer to “task” the cameras.
  3. “Task” each camera. Cameras must be placed so that each camera has a dedicated field of view.  The field of view should be directly related to one of the performance objectives.  Once a field of view has been defined, a camera and lens that meet the general performance requirements for the task can be specified. As with Item #1 above, the purpose of each camera should be identified in the design documents.
  4. Avoid new or unproven technologies. Select equipment and a system topology that uses proven technologies.  The shift in video cameras from analog cameras that use coaxial cable for NTSC composite video signals to IP cameras that use Cat 5e or Cat 6 data cable is an example of a technology that was slow to be adopted, but has proven itself to be a reliable improvement.  On the other hand, owners who have adopted unusual technologies, such as 360º digital PTZ cameras that require special software to render a viewable image, sometimes find that they are locked into a platform that may not be supported long term.  A helpful analogy is to consider cameras to be similar to telephones.  A good design allows the cameras to be replaced or upgraded as required while continuing to use the same cabling and infrastructure.
  5. Invest more heavily in the cabling and infrastructure than you might otherwise. The infrastructure that serves the cameras includes cabling, power cabling, power supplies, fiber-optic conductors, adapters, and hardware.  The main components of the infrastructure should last at least 20 years or more.  Cameras, however, will last significantly less than that period.  Therefore, be sure to invest wisely in the basics, as they will outlast three camera generations or more.
  6. Maintain the system properly after installation. Ongoing maintenance after the initial installation is a critical component of an effective surveillance system.   One of the key issues in a wrongful death lawsuit brought against Sumitomo, Inc., for a murder that occurred at their Research Triangle Park, NC, site in the early 1990s was whether or not certain video cameras were operational at the time of the incident.  While it is doubtful that a malfunctioning camera would have been a significant contributing factor, it was nonetheless an issue that was uncovered during the discovery phase.  The camera had been out of order for at least six months and the defendant produced work orders for the repair.  Unfortunately, some of the work orders had been delayed by a facilities manager who kept putting the repairs off until a later budget period.  An owner cannot be expected to guarantee that all parts of a system will be operational at all times, but it is expected that repairs will be made in a timely manner and that the owner exercises due care.
  7. Develop a written Appropriate Use and Retention policy for archived video. A surprising number of owners do not have any written policy regarding the appropriate use and retention of recorded video. A proper policy should be developed in conjunction with corporate counsel and should conform to the records retention policy of the organization. The policy should specify for what purposes the video images may be used and what type of authorization is necessary to access or copy them.  It should identify them as to the appropriate level of confidentiality.  It should specify what constitutes inappropriate use and what disciplinary action may be taken if personnel violate the policy.  And, as with all such policies, it should be disseminated to the personnel who have access to the video to ensure they are aware of their responsibilities.
  8. Archived video should not be retained beyond the specified retention period without proper authorization. Archived video is a company record and may be subject to discovery or subpoena.  Once the retention period, which is usually 30 days for most applications, has expired, the video should be deleted.  Corporate counsel can provide guidance on what would constitute a duty to retain specific video in connection with an incident or ongoing investigation, but video should never be retained beyond the limit specified.  We are aware of at least two instances in the past in which an owner has been asked to go through ALL videocassettes in their possession because an employee stated to an attorney that they “sometimes” kept some of the video for other purposes.  This is an expensive and time-consuming process and usually doesn’t produce anything of value.
  9. Leverage technology where it makes sense.  Using software technologies that are easily applied or even come included with the IP camera or Video Management System (VMS) can increase the overall effectiveness of your surveillance system and your security operation.   While one-off, proprietary hardware technologies might be so unique they are not supported later, software technologies are usually less painful to resolve if they don’t work as desired.  Software technologies like Axis Technologies’ “ZipStream” video compression or video analytics features such as face detection or autotracking are a more recent inclusions to camera and VMS software that can improve the effectiveness of video surveillance by making your operation more efficient and capturing and storing meaningful video clips instead of empty scenes that offer no value.
  10. Be sure you can record audio.  Many IP cameras come with audio microphones and recording capability built in.  Before you deploy these types of cameras with audio enabled, check with Corporate counsel to make sure that you are not violating any state or local statues prohibiting the recording of audio on your premises.  Some shy away completely from audio recording because of a broad interpretation of 18 U.S. Code § 2511, otherwise known as the Wiretap Act, which states that it is illegal to intentionally or purposefully intercept, disclose, or use the contents of any wire, oral, or electronic communication through the use of a “device”.  While video is not specifically mentioned in the statute, and a camera is not specifically mentioned as a “device”, it certainly fits a broad interpretation.  When in doubt, don’t record audio; but if permitted, audio recording can significantly enhance the evidentiary benefits of video surveillance.

There are many factors to consider when laying out a video surveillance system, but applying the above principles when considering the scope and size of your CCTV system will help avoid some of the of the more common problems and pitfalls that can arise from poor planning.

 

 

 

Posted in: Premises Liability, Security Technology

Leave a Comment (0) →

Products That Don’t Exist, But Should

While working with a client for a high end residence, he brought up the video door bell gadgets that are all over the internet and in every Lowes or Home Depot. The objective was to have a decorative camera that would recognize video motion and record video and sound for visitors at the doorstep.

There are quite a few of these products available on the market, and for the general consumer they are probably a good fit.   But for our client base, a high end residence will typically have an integrated security and access control system, including video cameras.   Products like Ring and SkyBell must be used with a contract service that stores the video in the cloud, and are typically accessed and viewed via a smartphone app and are proprietary in nature.   This means they don’t support standards like RTSP or ONVIF which would allow off the shelf network video recorders (NVR) to record the video on-site or remotely as part of a comprehensive monitoring service.

To make things worse, these cameras typically operate over WiFi, and do not have any kind of battery backup.   Unreliable wireless communications and unreliable power don’t make for good security.   But at the same time we don’t want to add some industrial looking door bell to the client’s residence.   So what residential products like this are available currently that we can connect to our own NVR?  Nothing.   Really…. nada, zip, zilch.   There are currently no low profile, decorative products commercially available that will support a hardwired video connection and operate as a standard doorbell camera.

Another option was a product with a security camera integrated into the porch light.  Kuna makes some great looking products that would fit most any residential style and decor.  Kuna Maximus Light w/Camera But again, these products lock you into a monthly cloud service contract with proprietary protocols that are not available to 3rd party NVRs.  The Kuna Maximus product almost fits the bill too, providing good looks with security lighting, 720P video and two-way voice communications, but it still requires WiFi and is proprietary.

Someone Please Build This:

Here’s a product idea for high end residential and ornate commercial environments that want additional security.   Take a product like the Kuna Maximus where you have a decorative security light with a built in camera, but instead make it with the following features:

  • Motion Triggered Lighting (two-level lighting for soft accent lighting and full power security lighting when motion is detected).
  • 2 Megapixel IP Camera with Night Vision, H.264 video codec.
  • Two way audio communications with built-in microphone and speaker.
  • Support for HTTP, ONVIF, RTSP, FTP, SMTP, DHCP, DDNS, and SNMP protocols.
  • 10/100 Ethernet via built in powerline adapter, plus 802.11ac Dual Band 2.4G/5G Wireless support

So here’s the thinking behind this.  Almost every residence has a porch light at the front door.  This device would replace the existing wall mounted porch light, using the exact same 2-wire 12o VAC power that already exists.  It operates as any other motion security light, either “off until motion sensed”, or “1/2 brightness until motion sensed and then full brightness”.  It takes any standard Edison bulb.   The good part comes in where we add the camera that can use WiFi (if you must) or the built-in powerline Ethernet interface, allowing you to connect it to your own home network using a powerline module plugged into the wall near your router and then via CAT5 to your router.   From there it can behave as any other network camera on your NVR, or it can operate standalone with video motion detection and send emails when triggered, or upload via FTP to a web server, or whatever.  The powerline Ethernet adapters allow us to avoid WiFi where we can, and use the existing power wiring, eliminating the need for additional CAT5 cabling to the light.  If video is centrally monitored, the remote operator could communicate via IP audio to the person in front of the camera using a video management server.

This product should already exist, and quite frankly I can’t believe it doesn’t.  It would probably cost less than $300 retail, and I’d not only be using them on every executive residence that I was responsible for, I’d have one on my own home too.   And if you really want to have some contract service to store video in the cloud, fine… just don’t make it the only option.

 

Posted in: Reviews

Leave a Comment (0) →

Kile Unterzuber Receives NCESA President’s Award

We are proud to announce Kile Unterzuber has received the 2017 President’s Award by the North Carolina Electronic Security Association.

“The recipient of the 2017 President’s Award has been an outstanding leader to the NCESA for many years.  His exceptional ability to lead the industry in educational advancement has been respected and admired for many years.  His leadership passion has provided direction and pathways for the organizations through top level education.    The never-ending work of this volunteer has earned him the reputation of an unselfish and highly accountable industry advocate.  With many years of industry experience, Kile has proven through his honorable and ethical character that community and industry service is essential. He has always dedicated himself to better the world around him and the industries he serves.” — Chris Lohr, President NCESA

Posted in: Company News

Leave a Comment (0) →

Cat 6a cabling, do you really need it for IP Video?

In security, modern IP video CCTV camera systems inevitably involve support from the IT/Data Communications departments now, and we often get asked about “how much” bandwidth is needed and what cabling types we need for the cameras, switches, and servers.  Often our advice is in conflict with the IT corporate standards, and we end up explaining the practical use for video in security.  This article attempts to discuss in layman’s terms the differences in the cabling types, and how they relate to IP video security.  The actual physics behind the IEEE 802-series specifications are complicated and beyond the scope of this document (fair warning: that rabbit hole goes deep).

In order to understand the basic question, some explanation is needed on the different types Ethernet cabling, and their capabilities and limitations. It’s mostly about increasing the frequency capabilities of the cable.  Cat 5e is built to meet the specification requirements of up to 100 MHz, Cat 6 takes the spec to 250 MHz, and Cat 6a takes it all the way up to 500 MHz. The main difference between these cabling standards is the amount of insulation for the conductors and the rate of twist, although there is also a slight increase in the gauge size for Cat 6 also.   The net effect of these modifications is to reduce crosstalk, attenuation, and EMI.  This can also have the effect of reducing propagation delay and delay skew, which can be measured in millisecond increases in transmission times in some cases.  Delay is known in all types of transmission media, even fiber optics, and is the amount of time that passes between the transmission of a signal and when it is received at the other end of the data link.  In collision based networks like Ethernet using TCP/IP, minimizing propagation delay and skew can have an increased effect on the efficiency of the network and the net amount of data that can be transmitted upon any given network.  Dropped packets mean re-transmission, and bandwidth gets eaten up by repeating data information that’s already been sent (at least) once before.

Cabling Standard Limitations

Cable Type Max Distance Max Data Rate
Cat 5e 100 Meters 1 Gbps
Cat 6 50 Meters 10 Gbps
Cat 6a 100 Meters 10 Gpbs

 

Cat 6 was the first entry into copper based 10Gpbs data transmission at a commercial scale. The problem with Cat 6 is that after 50 meters the data rate is essentially 1Gpbs, or no better than Cat 5e.   Cat 6a was later introduced and will do the full data rate of 10Gbps for the full rated distance for Ethernet (100 meters).  However, Cat 6a cabling is significantly larger in diameter than Cat 5e and has a stiffer jacket, making cable installation more difficult.  It’s also more expensive, about 33% more expensive than Cat 5e.

But do you really need 10Gbps at the edge device?  Probably not for most applications.  Even current high resolution cameras would not be able to fully utilize a 10Gpbs network, never mind that the server hardware on the other end processing a couple dozen full rate video streams would be overwhelmed.  Currently, high resolution 3 megapixel (MP) cameras are widely available on the commercial market.  At 30 frames per second (fps) and at full resolution, it would consume a maximum data rate of 15,000 kilobits per second (Kbps), or 15 Mbps, and more likely it would consume quite less.  In most security applications, resolution and data rates are throttled not because of bandwidth limitations as much as for storage limitations on the server.  Exceptions to that would be the gaming industry and congested high speed traffic areas such as toll booths.  But for most of our applications, we typically find 2MP cameras at 10fps a reasonable compromise that consumes less bandwidth (and disk space) while still providing adequate video information for surveillance, response, and investigation.

Common Camera Resolution and Bitrates

Resolution (MP)
Pixels Frame Rate (fps)
Bitrate (Mbps)
1.0 1280 x 720 30 6
2.0 1920 x 1080 30 10
3.0 2048 x 1536 30 15

 

Even at full resolution and frame rate, you could theoretically put eighty-three (83) 3MP cameras (1250 Mbps/15 Mbps) on one 10GBase-T network cable. Of course in reality it would be considerably less, but you get the idea.

So where is 10Gpbs Ethernet really needed?  For now, backbones.  Those connections from network switch to network switch that are relaying end device connectivity to other devices, clients, or servers.  Often these are fiber optic links, but more and more they are being made available as copper links and using Cat 6a.

So what do we recommend?  Given the additional cost and current technical capabilities of IP cameras, we typically recommend Cat 5e cabling as sufficient for all IP video cameras where the 100m distance limitation is held and special conditions that require fiber optic cable or special media converters don’t apply.  There are also some technical concerns on the terminations and number of cycles for insertion/reinsertion that can come into play due to the cable’s rigidity.  Cat 5e is readily available, inexpensive, reliable, easy to work with, and more than capable of the task at hand.

Still, if the objective is to “future proof” your installation, Cat 6a is among the latest and greatest and should ensure that even 100 MP cameras of the future would be handled without re-cabling.

 

Posted in: Security Technology

Leave a Comment (0) →

The Impact of Closed Circuit Television

Almost 30 years ago when I was first entering the security industry, closed circuit television (CCTV) cameras weren’t terribly different from the cameras that were being used to for movie and television production.  They were smaller, typically had less resolution and no audio, but the basic principles were the same.   Charged Coupled Device (CCD) cameras were fairly new, and if you wanted low light performance, you were resigned to use tube cameras.  Yes, tubes.  As in vacuum tubes.  Tube cameras actually used a vacuum tube for the imager, and the tradeoff for low light sensitivity was a shorter life span, higher power requirements, and reduced reliability.   Later, Complementary metal–oxide–semiconductor (CMOS) cameras came into play and helped overcome some of the limitations of both tube and CCD technologies.

Vidicon Imaging Tube for Old Style CCTV Camera

Since then, digital Internet Protocol (IP) cameras have come into play.    These newer cameras offer increased light sensitivity, much higher resolution, and new enhancements like video analytics and flexible communications options.

While all of these advancements make for better security, the most important enhancements are the video analytics and IP communications.   These two technology advances increase the likelihood of detecting activity and being able to monitor and record that activity from almost any location.

For most small and medium sized businesses or municipalities, the thought of a comprehensive video management system seems not only unnecessary, but impractical from a monitoring and timely intervention standpoint.  “Video cameras don’t stop crimes, all they do is record it”, we often hear.  This is not necessarily true.  CCTV video serves three important roles in security:

  1. Deterrence – Sometimes just the sight of a video camera will deter criminal activity from ever happening in the first place. Because being watched means being held accountable, this is a strong enticement for on premises security cameras.  No, this doesn’t mean adding “dummy cameras” is a good idea.  In fact, installing dummy cameras can make matters worse in premises liability cases for incidents occurring on your property.
  1. Detection – Having all of the campus CCTV cameras monitored in a single location allows for an operator to spot potential negative events during or even prior to them actually happening. IP enabled cameras offer increased detection capability in two ways; first they allow for cameras to be placed anywhere within the corporate network infrastructure (or even further away via hybrid cabling or wireless networking), and second they permit remote monitoring from anywhere there is network or internet access, including smart phones and tablets.  This allows for remote monitoring and recording at an off-site or contract monitoring facility, and also allows the ability to feed recorded or live events to first responders almost in real-time.    It also means that cameras can be located just about anywhere in your corporate footprint, including on-board vehicles.
  1. Assessment – Being able to discern what, where, and when something is happening on camera is critical to determining how to respond to a particular event, and also aids in evidentiary requirements for later prosecution. With the advent of video analytics, that can now be taken a step further with things like video motion detection, face detection, traffic movement, object removal, and facial recognition.   These tools increase the reliability of the observer (or recording device) to actually capture useful video information for use in timely intervention or for evidence in prosecution.   For example, with the right software, imagine a disgruntled employee situation where the former employee’s photo is setup to trigger an alert if the video system “recognizes” his face when he tried to re-enter the campus.  The authorities can be notified and other emergency precautions can be taken much sooner than previously possible.

Each one of these roles is an important piece to the overall security strategy for a business or government entity, and when used with common sense security practices like Crime Prevention through Environmental Design (CPTED) and other industry best practices, CCTV video becomes a powerful tool to both deter, detect, and defend both persons and property in a timely and effective manner.

 

Posted in: CPTED, Premises Liability, Security Consulting, Security Technology

Leave a Comment (0) →

A Theory on the Yahoo Security Breach and Your Instant Messenger Service

In September of 2016, at least 500 million Yahooatb_yahoo_messenger accounts have been affected in one of the largest data breaches in history.  My Yahoo account was one of them, although I only used it as a personal dump account for registering on non-essential websites.  Luckily I kept no personal or financial information in any of the emails there.

Most people, including the media, seem to be concerned with how this will affect the Verizon deal acquiring Yahoo.  Indeed, I’m certain Verizon is VERY concerned with it.   But that’s not the interested thing.  The interesting thing is that Yahoo isn’t talking about HOW the data breach occurred, or if it’s connected with the prior data breach in August that stole 200 million accounts.  Or that the data breach seems to simultaneously occurred with a rather hastily put together service migration of the well used Yahoo Instant Messenger (IM) platform.

More importantly and much less publicized, in August of this year Yahoo completely abandoned the venerable and well documented Yahoo Instant Messenger service, instead offering a dumbed down, less feature-rich service by the same name.  Most transitions of this scale and magnitude would take months or years for the migration, but this happened very quickly, leaving 3rd party vendors (Pidgin comes to mind) without much recourse for their offerings.  After August 5th, anyone that was still using the legacy Messenger app (or the API) was no longer be able to log in or send messages.  You couldn’t even log in…

Yahoo IM is well known to have some security concerns, including the ability to “see” anonymously and remotely if someone is online using it, even in invisible mode.  It also had a very well liked and well used archival feature that recorded the entire text conversation for audit purposes.  Many brokers and traders used this platform to buy/sell products and put together deals very quickly.   They loved it.  But the new version does not support this feature (among others), and brokers have been forced to migrate to other platforms like ICE.

So what does all this tell us?  It tells me that there was likely a very serious security flaw in the Yahoo IM protocol, and that it likely had been exploited to gain access to millions of accounts without the users’ knowledge.   Any time a Fortune 500 company abruptly switches out a venerable product and substitutes it with a hastily deployed, inferior product, you can bet your hat that there was something significantly wrong with it.

Meanwhile, Yahoo is hush hush about it, not even mentioning the curious and spontaneous change to their IM platform that so many have relied upon for years.

Posted in: Security Technology

Leave a Comment (0) →
Page 2 of 4 1234