Tag Archives: security

Hotel room theft

Posted on by
3

Keycard lockIt happens. For the most part, it’s rare. At the risk of tempting fate, I’ll admit that we’ve never been victims of hotel theft, though we practically live in hotels (200-250 nights per year for the past 20 years.)

Of course we take some precautions and listen to our own advice, particularly based on our version of the hotel room security check. But travel makes us weary and sometimes we become lax. Laziness is part of reality.

Though I believe in locking valuables into the room safe or alternatively, into my largest hard-sided suitcase, there’s always the security-versus-convenience trade-off to be considered, not to mention the gut-instinct and informed-decision. In other words, a lot of variables. I might start out vigilant, then slack off. In my book, I said:

Electronic access points on the underside of a keycard lock.

Electronic access points on the underside of a keycard lock.

I also consider the relaxation factor. If you stay in a hotel for several days, a week, perhaps more, you get comfortable. Maybe you get to know the staff. Maybe you let down your guard. If I were a hotel employee bent on stealing from a guest, I’d wait until the guest’s last day in hopes she might not miss the item. Then she’d leave. Are thieves that analytical? I don’t know. But I like to make a policy and stick with it.

Logical, but idealistic. I can’t say that I always follow my own rules. I get complacent. I get tired of the drill. Constant travel is draining.

Anyway, hotel employees are not the only potential room thieves. There are the door pushers and the loot-’n-scooters who social-engineer their ways past housekeeping—both outsiders.

Electronic keycard lock on a hotel room door.

A looming threat is door-hacking. For a few bucks, anyone can build a small electronic gizmo that will open keycard locks made by Onity, which are currently installed on millions of hotel room doors around the world. The electronic lock-pick, revealed in July 2012 by hacker Matthew Jakubowski, opens our belongings to yet another potential risk. Perhaps our safety, too.

Fixing or replacing door lock hardware will be expensive, so some hotels have resorted to simply plugging the tiny access port—with a removable plug. Hotel security chiefs tell me that most hotels will do nothing until they get a rash of theft reports. Now, the thefts have begun.

Have I changed my hotel room behavior? Nope.

© Copyright 2008-2013 Bambi Vincent. All rights reserved.

Unrelated posts:

Hotel guests: read all about ’em

Posted on by
2
Hotel registry on display

Hotel registry on display

So much personal information on display at quaint, old-fashioned hotels like the one we recently stayed at in Bali. Which rooms are occupied? What are the names of the guests in each room? When did they arrive? When will they check out? Who are they traveling with? Have they paid yet?

A modern hotel wouldn’t give out any of this information. A modern hotel won’t even speak your room number out loud. A modern hotel won’t give a caller a guest’s room number. A modern hotel certainly wouldn’t advertise which rooms are occupied by single women! (Rooms 69, 72, 74, 209, 217 for starters.)

Hotel key inventory

You’re only given one key per room at this hotel, and the key is on a wooden fob the size of a doorknob, meant to inspire you to leave the key at the front desk when you go out. Not wishing to advertise our comings and goings, I detach the key, leave the wooden chunk in the room, put the Do Not Disturb sign on the door, and keep the key with me.

Hotel obby safes

I’m not sure if the safety deposit box numbers correspond to the room numbers, but I think they do. If so, it’s easy to see who hasn’t bothered to use one.

The hotel is charming, despite and partly because of its old-fashionedness, and despite being called Swastika. (I refuse to allow the Nazis to own this ancient Sanskrit word for the symbol of well-being.)

© Copyright 2008-2013 Bambi Vincent. All rights reserved.

Unrelated posts:

Framed and accused of theft

Posted on by
2

Toshiba Ultrabook security guardIn what could be called a social experiment, it is proven that a man in a police-like uniform has great power and ordinary citizens are easily bamboozled into idiotic obedience. When the intent is robbery, pseudo-cops usually rely on flashing a fake badge; compliant victims then hand over their wallets.

In the following cases, “pseudo-cops” detain and accuse innocent passersby of theft. Watch the accused squirm under interrogation and threats; remarkably, they never question the legitimacy of the uniformed authority.

Bob Arno, preeminent pickpocket, was asked to help make a commercial for Toshiba and Intel. The idea was to slip the company’s new laptop into the bags of unsuspecting people as they strolled through Culver City, California. The laptop, called “UltraBook,” is so thin and light, the company believed that no one would even notice.

Preposterous! It turned out to be a challenging assignment.

Ben Seidman and Bob Arno

Ben Seidman and Bob Arno

Bob roped in the talented and adorable magician Ben Seidman and together, the two deceivers rehearsed the teamwork and choreography necessary to “put-pocket” the computer.

Now, a computer, no matter how light, is a noticeable weight factor when added to a tote someone is carrying. And it is of a size that is difficult to slip in, between straps, handles, zippers, and buckles. It took some doing to distract the victim and mask the PLUNK! of the extra weight dropping in.

In practice, the two sneaks were more than successful. After brief, seemingly innocent encounters, more than a dozen unsuspecting victims wandered the streets unknowingly toting a Toshiba UltraBook.

Our security guard accuses a victim. The cleaning cart holds a mobile hidden camera, one of many on the set.

Each victim was then questioned by a “security guard” about a laptop which had supposedly been reported stolen. After a polite request to search the victim’s bag, the shocking discovery of the “stolen” laptop, and the victim’s protestations of innocence, the pseudo-cop became rude, belligerent, and provocative.

“For a criminal, you’ve got excellent taste,” the security guard said while admiring the laptop.

“You’re going to jail, missy!” the bad cop threatened one poor victim.

“Your fingerprints are all over it,” the guard told another victim after making him feel the weight of the laptop.

“But you told me to hold it!” the vic protested.

“We have no record of that,” the guard said.

To victim Claudia the guard says “You have great taste in stealing products.”

“Thank you,” Claudia replies, stunned almost speechless.

“What else do you have that’s stolen?” the guard demands.

Toshiba Ultrabook victim Ryan

Ryan denies the theft of a Toshiba Ultrabook

One victim broke down and cried. Another ran away. One accused the guard of racial profiling. But most stood in compliant disbelief.

The video series is a fantastic study of human behavior. It’s amazing to see how obedient people are when ordered around by an actor in a bad uniform. They’re blinded by authority. Most victims obeyed even his most ridiculous commands.

Watch Claudia’s frightened confusion:

Check out Ryan’s reaction:

See Tiffany’s disbelief:

Here’s a montage of many victims:

And meet the pickpockets who did the job:

The video ads were directed by Michael Addis and Jamie Kennedy. Though the experience was briefly brutal and sometimes frightening to the victims, comic relief was brought into each scene at the last minute, and some of the victims were rewarded with the gift of a laptop.

In the real world, thieves take advantage of our engrained respect for authority when they play pseudo-cop. With nothing more than a fake badge and a flimsy story, they make demands similar to our actor’s: open your bag, let me look inside, give me your wallet, give me your money… etc. We tend not to question them; we are obedient. And only later do we realize our gullibility. The thieves exploit our respect for authority and take advantage of our trust—that’s the CONfidence-building that gives the con artist his title.

© Copyright 2008-2012 Bambi Vincent. All rights reserved.

Unrelated posts:

Travel. Glamorous?

Posted on by
1
Sydney didgeridoo

Didgeridoo player in Sydney

Contrast Mamak with our New Year’s day dinner at Appetito, also in Sydney. Recommended by two people, nearby—and most important: open—it seemed a reasonable choice, if not exciting.

The sourpuss staff seated us promptly, took our drink orders, and quickly brought our glasses of wine. From there on it was all downhill. Granted, we were tired, having slept only after the people in the room next to ours checked out—or were arrested—sometime after daylight broke.

Noisy parties might be expected on New Year’s eve, even in an airport hotel. But that’s not what went on at the Sydney Ibis. Its paper walls projected every groan, cry, and vulgarity uttered by our neighbors, and of course their fighting, shouting, wall-punching, and door-slamming. All night.

SLAM! “Get your ass back here, you fucking junkie!” Sob. Whack. SLAM!

The couple moved to the parking lot outside our windows, where they joined others for rollicking beer festivities laced with anger. We later learned the others were traveling companions staying in rooms on other floors.

There were sirens. Police. Ambulance. The woman “was hurting herself.”

Here’s the problem. The Sydney Ibis Airport hotel has no onsite security. It contracts with an outside company, but pays for each “house call.” The hotel’s night manager, who received nighttime complaints from many others in addition to us, was loathe to spring for an officer call and confronted the rowdy couple directly; and only much later called police.

So we may have been a bit cranky as we waited 40 minutes for our New Year’s day dinner. It was an appetizer of seafood frito misto and two pizzas—all quick items to prepare. They weren’t bad. Nothing special, either. Certainly not worth the $102 bill. The place left a bad aftertaste. There must have been many, many better choices.

Research is vital. So is a decent night’s sleep.

Travel: not always what it’s cracked up to be.

© Copyright 2008-2012 Bambi Vincent. All rights reserved.

Unrelated posts:

Airport security belt steals

Posted on by
1

Airport security conveyor, Arlanda airport, Stockholm

There goes our iPad. Swallowed by the security conveyor belt, immediately under the prominent sign that says “The tray stays until it is emptied.” After many uses, I came to
trust that sign.

I didn’t at first. I’d grab and hold the tray before it got to the dangerous end-of-the-line, and fight the force of it’s mechanized trajectory. Because I knew: at the end of the belt, the tray drops swiftly to a lower level and is carried back to the security officers and then on to line’s starting point, where passengers take an empty tray.

At some point I noticed all the stuff mounted above the end of the conveyor belt. There’s a video camera, a mirror, and some sort of sensors. I tested the tray-trap—warily, I left a jacket inside. The tray waited at the end of the line until I removed the jacket. Huh.

Airport security contraption

I became complacent. Next time, I didn’t pick up my jacket from the blue-bottomed tray until I had my computer re-stashed. I let my belt lie while I grabbed my mini-toothpaste.

And when Bob’s iPad sailed through with it’s light gray cover, I kept an eye on it but didn’t fetch it.

Bob takes a long time to get through security. He travels with his MacBook Pro, MacBook Air, iPad, video camera, and six or seven hard drives. (Gotta be productive on the road…) We have a strategy: I whiz through and pack up my stuff in 45 seconds or so, then keep an eye on his stuff while he’s spreading out equipment in multiple trays and taking off his belt.

Luckily, I saw the machinery swallow his iPad. If I hadn’t have noticed, it could have been forgotten in the confusion (and rush).

“Stop, thief!” Or no. I said something else. “Our iPad’s been eaten!”

“Would have made a nice little present for the security officers,” Bob said.

We could easily have walked away from it. I wonder how many people do? This security check point is at Stockholm’s Arlanda Airport. London Heathrow has the same setup. I’ve seen it in other airports, too, but I can’t remember where. Copenhagen? Munich?

© Copyright 2008-2011 Bambi Vincent. All rights reserved.

Unrelated posts:

Database data loss

Posted on by
4

Vault door

People often share their credit card anxiety with me. They’re afraid their cards will be lost or stolen and huge bills will be run up by a thief, and that their identities will be cloned. “Is it better to just carry cash?” they ask. “Should I follow the waiter when I pay my restaurant bill?” “How safe is it to use a credit card on the internet? Will my identity be stolen?”

So let’s put these questions to rest. Then we can move on to the real risk.

First, yes. Your credit card can be lost or stolen and big debts can be incurred by others. You won’t be responsible—your financial institution takes the hit. But in the grand scheme of things, the odds are not high that your credit card will disappear and be compromised. The risk is higher in some places than in others, and for some people more than for others. But that’s life. Get over it and live.

No. It’s not better to carry cash. Keep some cash for small (or secret) purchases, and use credit cards for the rest.

Yes, shop on the internet with your credit card. If it makes you feel better, get one of those temporary credit card numbers on your account, good for a single transaction or a limited amount. Without internet and a credit card, you’re crippled.

The real risk of identity theft and credit card fraud

It’s big business. The hotels and hospitals we go to, the stores, banks, schools, airlines, doctors, utilities, banks, credit unions we use, and even government organizations. All of these and more store information about us. They all comply with information security regulations to some extent. But how much and how well? Our identities are in the hands of those who store our details.

If our PII (personally identifiable information) is set free, it will most likely be due to an electronic data breach of some sort, in a (probably-large) batch with others’ information.

We used to be concerned that manilla folders containing our records were physically locked up. Who had access to them? How were they discarded? Shredded or dumped in a Dumpster? There’s so much more to worry about now, and so much more than a single set of paperwork. Our most sensitive secrets and deepest dirt are stored electronically on hard drives, on servers, in the cloud, backed up, on laptops, mobile phones, and even on thumbdrives.

Laptops and thumbdrives are lost and stolen every day. Databases are breached every day. This is where the risk is, and it’s out of our hands.

The advantage goes to data thieves like Rogelio Hackett who, until a little slip-up, broke into the computer networks of businesses, downloaded credit card information, and sold it for profit. Big profit.

“The bad news is that banks and businesses have not made great progress in the fight against account takeover fraud,” says The Information Security Media Group in its 2011 Business Banking Trust Study. Bringing institutions to compliance has been a painful process.

Security vulnerabilities are uncovered daily in computer networks everywhere, from the Australian Parliament House to the Pentagon to our water supplies In the 3/28/11 Los Angeles Times, Ken Dilanian wrote that “Impeding the move toward bolstering U.S. infrastructure is the government’s lack of authority to coerce industry to secure its networks and industry’s lack of an incentive to implement such protections.” He was referring to the threat of terrorist cyberattacks, but our personal security is at risk as well.

Read this for the state of cybersecurity:

A new survey reveals that roughly three-quarters of energy companies and utilities experienced at least one data breach in the past 12 months. … Seventy-one percent of respondents said that “the management team in their organization does not understand or appreciate the value of IT security.” Moreover, only 39 percent of organizations were found to be actively watching for advanced persistent threats, 67 percent were not using “state of the art” technology to stop attacks against SCADA (supervisory control and data acquisition) systems, and 41 percent said their strategy for SCADA security was not proactive. The survey also concluded that the leading threat for energy utilities was not external attackers, but rather inside ones—43 percent of utilities cited “negligent or malicious insiders” as causing the highest number of data breaches. …

InformationWeek (04/06/11)

To get a fuller grasp of the number of electronic records lost or stolen, take a peek at the DataLoss DataBase project, which “documents known and reported data loss incidents world-wide.” You can search by type of data lost (Social Security numbers, financial information, credit card numbers, etc.); by the industry sector (business, government, educational institution, etc.) You can see if the breach was by an insider or an outside attacker, and whether it was malicious or accidental. And you can search by many types of breach: improper disposal, a hacked or lost computer, a stolen drive, a web attack, etc. I’m especially fond of the datalossdb Twitter feed, for minute-by-minute reports of data losses, with links to known details. For example:

    http://bit.ly/eDcD2s – Blockbuster Video – Employee and applicants’ records containing names, contact details, Social Security and personnel matters found discarded

    http://bit.ly/gW2WYs – AllianceBernstein Holding LP – Employee downloaded client files and transactions before resigning

    http://bit.ly/dTAmUX – Qdoba Mexican Grill – Customers’ card numbers acquired and misused

    http://bit.ly/hdmt25 – Hyundai Capital – Personal credit rating information of 420,000 vehicle loan customers plus 13,000 security passwords acquired by hackers

And on and on. The feed may shock you daily, as it does me. Why is our vital information handled so carelessly?

Well-known and trusted companies like Brookstone, AbeBooks, Ralphs Grocery, Ritz-Carlton, Smith’s Food & Drug, Best Buy, Verizon, etc., assure us they store our information responsibly. Then they farm it out to Epsilon online marketing, a company they do not control. Epsilon got hacked.

More than 65 companies have been impacted, to the great risk and inconvenience of their customers. I got emails after the breach from three of the businesses, warning that data on me had been among the stolen records. Security experts now expect a massive increase in “spear phishing,” in which individuals are personally targeted and tricked by spoofs of companies they have a legitimate relationship with. I get plenty of phishing email already, and some of them look damn believable. Expect them to look even better now, addressed to us by name.

I’m not going to address every risk and precaution here. There is much, and it’s all to be read elsewhere on and off this blog. My points are two:

1. Our ordinary everyday activities may expose us to a little risk of credit card fraud and identity theft, but the big risk is out of our hands.

2. Do look at DataLoss DataBase or at least skim its Twitter feed to get an idea of how much information is lost daily.

© Copyright 2008-2011 Bambi Vincent. All rights reserved.

Unrelated posts:

Hotel room security lapses

Posted on by
4
Delta Bessborough Hotel, Saskatoon

Delta Bessborough Hotel, Saskatoon

When you check into a hotel and are handed a key to a room that turns out to be already occupied, you have to wonder about the hotel’s security. You definitely come to a conclusion about its competence. This is no small mistake, in my book.

When we checked into the Delta Bessborough in Saskatoon, we were given a room key, as usual. We hauled our luggage up to find that the room had not been cleaned. Down we went. Got a new key. Back up to another floor. Opened the door and found a woman inside! One more time down and up and we got a third room, this one a keeper.

I’m not terribly irked by the first mistake, but I find the second inexcusable. It makes me wonder who might barge into my room later. Will I be inside at the time? Just how confused is the front desk, anyway? How much responsibility will they take for potential repercussions?

Bob and I were surprised at how insignificant the front desk people seemed to deem the error. “I know, I know you got the wrong room, sir, we apologized!” a staffer said, as if we were harassing him. Inconvenience seemed to be the complaint he was addressing; not insecurity. And—he was busy with front desk things.

Contrast that with an incident the next day at a Crown Plaza. Our checkout time was 4 p.m. We returned to the room at 3 p.m. in a rush to pack, but couldn’t get in. Our two keys no longer worked. Hearing our distress at not being able to get in, a nearby service staffer came along with his master key and let us in, no questions asked. While we were irritated that our access had been wrongly cut off, we were grateful that someone was there to let us in, and we took advantage of his empathy. On the other hand, he was someone we’d never seen, and who had never seen us. Technically, he shouldn’t have let us in. That sort of behavior compromises the safety of guests and their belongings.

At checkout, I related the matter to the front desk staff because our keys should not have been cut off. “Wait,” the front desk man said. “Would you mind repeating that for our manager? He should be aware of this.” He got it. He understood the security ramifications. I have no doubt that the entire housekeeping staff got a refresher in security protocol.

Hotel door open

A few days before, in another hotel, we actually entered the wrong room. Housekeeping was there and let us walk on in. We saw other people’s stuff and realized we were on the wrong floor. But we could have done anything. “Oh, I just wanted to grab my computer…”

I’ve already written about hotel security in the hands of housekeeping staff.

… the security of our belongings is in the hands of the maids. How well are they trained? How much discretion do they have? When should they break the rules in order to be nice? When should they bend the rules in anticipation of a nice gratuity? What about temporary workers during the hotel’s high season, do they receive as thorough training? How many of us have approached our room only to find that we forgot our key, or the key doesn’t work, and a nice service staff member volunteers to let us in?

Hotel policy is one thing; compliance is another. How do you react when you find that your key doesn’t work (for the third time), the front desk is far away (giant hotel), your feet hurt and your arms are full and you’re dead tired, and the maid with a master key says “I’m sorry. It’s for your own security.”?

At the Campanile hotel in Paris, we got a replacement key from reception just by asking for it, giving the room number only. They didn’t even ask for a name. The staff on duty were the morning shift; they were not there at our check-in late the night before. They simply had no security procedures in place whatsoever.

Bob and I have just stayed at 15 different Canadian hotels over the past 20 days. Without even looking, we found security lapses in three of them. Hotels: take note. Guests: beware. Hotel security: is there a workable protocol?

© Copyright 2008-2010 Bambi Vincent. All rights reserved.

Unrelated posts:

Masked man “swapped boarding pass”?

Posted on by
Reply

No reports expand on the claim that this ballsy Asian impostor “swapped boarding passes with a U.S. citizen and passenger who was born in 1955.”

What 55-year-old U.S. citizen would agree to swap boarding passes with a stranger? Unless the early-20s Asian wasn’t a stranger… Then why isn’t the 55-year-old accomplice mentioned as a suspect, along with the impostor?

Or was the “swap” accomplished by picking the pocket of the other guy? Couldn’t be easier to slip a boarding pass out of a pocket and replace it with another. But then what? The other guy passes through the gate agent’s boarding-pass-scan while neither he, nor the gate agent, realize the boarding pass isn’t his; he boards the plane, looks at the (swapped) boarding pass to see his seat number, and even now fails to notice someone else’s name on the pass?

MSNBC has posted a PDF of an alleged Intelligence Alert issued by the Canada Border Services Agency. The alert states “It is believed that the subject and the actual United States Citizen passenger … performed a boarding pass swap…” which to me implies that the U.S. passenger was a complicit performer of the swap. But who is this “actual United States Citizen passenger,” anyway? Something’s missing.

Something’s fishy.
No one’s saying yet…
© Copyright 2008-2010 Bambi Vincent. All rights reserved.

Unrelated posts:

Hotel room security check

Posted on by
6

Hotel bed

Give your hotel room the once-over.

Bob and I sleep more nights in hotels than in our own home and, to date, we have never been ripped off in a hotel room. True, we use a certain amount of care, but our laptops are usually left out and sometimes valuables are more hidden than locked. We stay in hotels ranked from six stars to no stars, depending on our sponsors and our intentions. In each hotel room, we make a quick and automatic assessment of risks and adjust our behavior to correspond. We have never walked out of a hotel* because of safety issues; we simply adopt the necessary precautions.

We evaluate several pivotal points:

The room key: we prefer electronic card keys. Old-fashioned metal keys can be copied, and where might copies be floating around? Electronic locks are usually recoded after each guest. Most electronic locks save records of whose keys have recently gained entry. Authorized keys are registered to their users. So if a guest reports a problem, security can tap into records stored in the lock’s mechanism and see the last ten or so entries, be they housekeeping, an engineer, a minibar man, or the guest himself.

In 2007, Tokyo's Disneyland Hilton issued paper keys with room numbers printed on them.

In 2007, Tokyo's Disneyland Hilton issued paper keys with room numbers printed on them.

Electronic key cards should not be marked with a room number. They’re usually given in a folder which identifies the room. Leave the folder in the room when you go out and carry just the un-numbered magnetic card. If you lose the key, the safety of your room won’t be compromised.

Some hotels still use metal keys attached to a big fat ornament and expect guests to leave keys at the front desk when going out. I’m not fond of this method for several reasons. First, I prefer privacy and anonymity rather than announcing my comings and goings. In some hotels, anyone can look at the hooks or pigeonholes behind the desk and know if a room is occupied or empty. Second, I don’t care for the delay entailed in asking for the key on returning. I could just take the thing with me, but its design discourages that. So third, I don’t want to haul around a chunk of brass the size of a doorknocker. And finally, these keys are usually well identified with the name of the hotel and room number. Losing it would expose one to substantial risk. When possible, Bob and I remove the key from its chunk and just carry it, re-attaching it before check-out. At other times, we go traditional and turn in the key as the hotel suggests.

Deadbolts and door latches: we like these for security during the night, but they aren’t universal. In Paris once, two men entered our room in the dead of night. Luckily, we woke up and Bob dramatically commanded them to get out. “Pardon,” they said, “c’est une erreur,” it is a mistake. The strange thing was that they had been standing there whispering for a moment. If it had truly been a mistake, wouldn’t they immediately back out of an occupied room? We should have placed a chair in front of the door beneath the knob.

Peephole in the door: I always look out at who’s knocking on the door, and if there’s no peephole, I ask through the closed door. Minibar? No thanks. Window cleaner? Wait til I check out. Engineer? I’ll call the front desk and find out who and why.

Connecting doors to adjoining rooms: I always double check to make sure they’re locked. They always are.

Windows: this is what I look at first, mostly because I hope they open. If they do open, I need to know about outside access. Is there a balcony? If so, there’s probably access to mine from a neighboring balcony. I’ve spoken enough with Frank Black, a career burglar, to never leave a room with an open balcony door. Frank specialized in burglarizing high-rise apartment buildings, but 21 years in prison has, apparently, retired him from that business. He’s now a respected tattoo artist and children’s book author.

In Florida (and I presume elsewhere, too), a certain subset of cat burglar is called a pants burglar. These creep in at night through open lanai doors, while the occupants are sleeping. They’re named for their beeline to men’s trousers, where they hope to find a wallet. They also visit the dresser top hoping to find, perhaps, a woman’s ring taken off for the night.

One morning I woke to see a perfect convergence of wires out the window. Only the view from my pillow created this lovely, serendipitous intersection of three unconnected and discrete (phone? electric?) lines.

One morning I woke to see a perfect convergence of wires out the window. Only the view from my pillow created this lovely, serendipitous intersection of three unconnected and discrete (phone? electric?) lines.

I love an open window, but before I sleep with a breeze, I need to analyze window access. If my room is on the ground floor, on an atrium floor, or if it has a rooftop out the window, I won’t sleep with it open. If there are nearby balconies, forget it. Of course it also depends on the overall ambiance and character of the property. At a safari lodge in Tanzania I’ll worry more about baboons. In a thatched-roof teak tree-house in Bali, I figure I’ve paid enough to expect good security. At an all-inclusive beach resort with rooms that don’t lock—well, I planned for that when I packed.

After a quick appraisal of the room’s security combined with its overall quality, we know how careful we want to be. In truth, we leave our laptops out in full view in about eighty-five percent of the rooms we stay in. Small valuables? Never. Wallets and jewelry? In the safe.

Some travelers believe in using duct tape to fasten their valuables to the underside of a bedside table, or other furniture. I can’t endorse that practice, unless it’s a last resort.

“During peak travel seasons hotels tend to use a lot of transient help,” Bob Arno says, “and sometimes the screening of these temporary employees is not as high as it could be. So yes, one always has to be concerned about hotel room theft.” The only way to protect your small valuables is to lock them in the hotel room safe.

But is the safe safe? We generally feel secure with electronic safes that allow us to key in our own code or swipe our own magnetic strip. For a magnetic strip, we use an airline or telephone card, not a credit card. The old-fashioned type of safe that takes a regular metal key we do not consider safe and do not use. We’ve surveyed police officers, hotel security, and FBI agents on this issue, and they agree with this reasoning.

Excerpt from Travel Advisory: How to Avoid Thefts, Cons, and Street Scams
Chapter Four: Hotels—Have a Nice Stay

*Once, during a short stay in a Greek hotel, we felt it unwise to leave the things in our room unattended. Had our visit been longer than overnight, we would have relocated.

© Copyright 2008-2010 Bambi Vincent. All rights reserved.

Unrelated posts:

Police, security, challenge photographers despite public right

Posted on by
Reply

Airport security checkpoint

Is it legal to take photos at airport security checkpoints, or not?

Occasionally I’ll politely ask a TSA officer if I may take a picture. Usually, they say no. You know, “for security reasons.”

But not always. A few times they’ve said yes, but don’t take pictures of the X-ray machines. That always leaves me a little puzzled: which X-ray machines? Which part of them? But the TSOs didn’t seem to care and left me unsupervised.

Turns out that many police and security officers, TSA included, aren’t exactly aware of what’s allowed and what isn’t. Believing photography is prohibited, or erring on the “side of security,” or just exercising their authority, no photos is the default reaction.

Heathrow security checkpoint

And many of us, meek and obedient citizens that we are, we accept that. Or we choose not to challenge the uniform. We don’t know what’s legal and what isn’t, either. We tend to have, in the back of our minds, that it’s illegal to photograph bridges, airports, even police officers.

But yes, it is perfectly legal to take pictures at TSA checkpoints, with a few minor limitations (not the X-ray monitors, not if you interfere with the screening process). You can even videotape if you like—yes, you can film the officers, too. You might be challenged. You might be delayed by the officers. You might even miss your flight.

In fact, pretty much anything can be legally photographed from a public place (again, with a few exceptions), including crimes in progress, police officers, federal buildings, the New York subway, and security checkpoints. Yep, if you can see it, you can shoot it. Pretty much. I’m talking strictly about the U.S. here.

The Washington Post’s interesting July 26 article, Freedom of photography: Police, security often clamp down despite public right reports that photographers are challenging unwarranted restrictions and posting disallowed photos online (usually after being forced to delete them, then recovering them).

…rules don’t always filter down to police officers and security guards who continue to restrict photographers, often citing authority they don’t have. Almost nine years after the terrorist attacks, which ratcheted up security at government properties and transportation hubs, anyone photographing federal buildings, bridges, trains or airports runs the risk of being seen as a potential terrorist.

Portland Oregon attorney Bert P. Krages II has posted a useful, printable document, The Photographer’s Right: Your Rights and Remedies When Stopped or Confronted for Photography, which should be in every photographer’s camera bag. On his website, Mr. Krages says:

The right to take photographs in the United States is being challenged more than ever. People are being stopped, harassed, and even intimidated into handing over their personal property simply because they were taking photographs of subjects that made other people uncomfortable. Recent examples have included photographing industrial plants, bridges, buildings, trains, and bus stations. For the most part, attempts to restrict photography are based on misguided fears about the supposed dangers that unrestricted photography presents to society.

TSA checkpoint

This issue is pertinent to Bob and me in our thiefhunting exploits. We often feel on thin ice when shooting thieves in the wild, especially abroad. And perhaps sometimes we are. We’ve been challenged and chastised many times. Once we had a videotape seized, but we’d seen it coming and swapped the tape for a blank, pocketing the valuable footage we’d just shot.

I was admonished, not too long ago, for taking a few shots of a pair of armed and uniformed police officers drinking whiskey at an airport bar. Okay, it was in Trieste, Italy, not in the U.S.; I have no idea what my legal rights were. The officers leisurely sauntered over, after they’d finished their drinks, and said no photos. Okay. Then they left. Much later, when I left, they made a beeline for me and made me delete the photos. Had they been lying in wait? Anyway, I couldn’t recover the images.

© Copyright 2008-2010 Bambi Vincent. All rights reserved.

Unrelated posts:

Hotel oddity #6

Posted on by
8
The useless chain latch in my room at Miami's Radisson Mart Plaza Hotel.

The useless chain latch in my room at Miami's Radisson Mart Plaza Hotel.

See anything wrong with the chain lock on this door at Miami’s Radisson Mart Plaza Hotel? It’s mounted backwards! Upside-down. It’s useless this way and, worse, gives a false sense of security. Another serious security risk.

Do all the rooms have useless chain latches, or only our room, 612? A polite letter to management brought only a generic “We appreciate your recent message.”

door-chain-upsidedown

Unrelated posts:

Hotel room safe thefts

Posted on by
6

safe-keypad

How safe is the safe in your hotel room? Not safe at all, it turns out, unless you factor in the odds. Odds are, your safe won’t be broken into. But the fact is, the crackin’s easy. Of course it is—hotels must be able to rescue valuables from faulty memories (forgotten codes, departed guests who forgot to empty their safes), lost keys, dead batteries, and power outages.

Hotel management and/or security can always access room safes. But how? Depends on the kind of safe. Does it open with a metal key? By swiping a magnetic card, or punching in a code? Does it use a plastic key card with a pattern of holes punched in it?

A hotel in Palma de Mallorca, Spain.

A hotel in Palma de Mallorca, Spain.

Bob and I have long endorsed the use of safes in hotel rooms, as long as they are electronic. We’ve shied away from metal- and plastic-key safes, concerned about how many copies float around. But there are other ways to enter safes, and an untold number of people who have access, authorized or otherwise.

A deluge of thefts from hotel room safes in Palma de Mallorca, Spain, led to an investigative report by Burkhard Kress for Extra, a news show on German RTL TV (unfortunately not online).

Hidden camera captures master override code.

Hidden camera captures master override code.

Kress booked a room there and mounted a hidden camera, then called hotel management for help opening his safe. The hidden camera footage captured the code that management punched into the safe’s keypad, which ended with the room number. With the permission of the guest in the room next to his, Kress tried the same code appended with the other room number. The neighbor’s safe opened. Anyone with the master code could open every safe in the hotel.

And anyone with a hidden camera could capture the master code.

These three, who shared a room, called police when they found cash missing from their safe. As there were no signs of a forced entry, they believe they were robbed by hotel staff. Police never responded to their call, so they went to the police station.

These three, who shared a room, called police when they found cash missing from their safe. As there were no signs of a forced entry, they believe they were robbed by hotel staff. Police never responded to their call, so they went to the police station.

Kress had his cameraman stake out a different room for a week, waiting for a safe break-in. Alas, he was never hit. Eventually, Kress found out why. The thefts occur in rooms booked by two or more friends staying together. When a theft is reported, front desk staff insist the theft was committed by one of the “friends.”

Guests are required to pay a fee for the use of the safe. This, along with the fact that the only rooms hit are booked by two or more friends, leads me to suspect that these safe thefts are inside jobs. Who but front desk staff know both those facts? Of course the thieves might also be former employees, or individuals in cahoots with an employee.

According to Eric Fischer, a tour leader interviewed by Kress, these thefts have been going on for years at this and other hotels in Palma. He’s kept a log of them. He himself had €14,500 stolen from the safe in his room. When the Spanish police investigated the theft without much interest, Fischer suggested that they take fingerprints. “The police responded no,” he said, “you must be watching too much German TV—we don’t do that.”

key-tracekey-copy

These old safes can still be found in budget hotels.

These old safes can still be found in budget hotels.

What about those plastic key cards with a pattern of holes punched in them? They can be copied onto cardboard by anyone with a pencil and a hole punch. Safes that open with a keypad or your own magnetic card (credit card, grocery store card, or anything swipeable) often have a visible keyhole for a tool held by hotel management or security. Or, the safe may have an innocuous-looking panel that simply snaps off to reveal the keyhole. Whose got that key?

Bob and I have also come across safes screwed to loose shelves in closets.

In our book, we wrote:

Safe-cracks are extremely rare, although a man was recently arrested in Palma de Mallorca and charged with a spate of hotel safe robberies. Somehow, he had come into possession of a master tool which hotel security uses to open certain jammed electronic safes. (Other electronic safes can be opened by security using numerical bypass codes.) Presumably then, the man also had the tools to get into the hotel room itself. The burglar posted his female accessory at the elevator. They each had a cellphone and kept an open connection between them. When people came to the elevator, the woman would delay them for one minute. The burglar would hear the conversation, tidy up, and get out of the room.

Travel Advisory: How to Avoid Thefts, Cons, and Scams While Traveling
Chapter Four, Hotels: Have a Nice Stay

The “international conman” captured last September social-engineered his way into guest rooms and tricked hotel staff into opening safes. Hotel management, meanwhile, walks a fine line, compromising somewhere between providing real security and reluctance to inconvenience guests.

So how does Mr. International Conman get into your safe? Or—maybe not your safe because, obviously, he’s going to target a “whale,” or some other affluent hotel guest. First, he needs to get into your room—when you’re not there. Like any good con artist, he knows that front desk staff at most hotels will ask for ID, so he’s prepared. Here’s how. First, he follows you to learn your room number. Later, he goes to the front desk and, giving your room number, asks for a printout of “his” charges to date. Bingo. He’s now got your name and address. Next job is to whip out a fake ID, right in his car in the parking lot. Sounds like a lot of trouble, doesn’t it? But look at the payout.

Our usual set of old, beat-up Halliburtons.

Our usual set of old, beat-up Halliburtons.

What should you do, then, with your million-dollar bauble? Carry the stuff and get pickpocketed or mugged? Leave it in the hotel safe for the safe-cracker to burgle? Put it in the front office safe? Often, Bob and I choose to lock our stuff into our largest hardsided (aluminum) luggage.

This is a good moment for intuition, or at least for some conscious reasoning. Bob and I stay some 200 or more nights a year in hotels and, though we don’t always use the safe, we’ve never had a problem with one. YMMV. The practical danger in using the hotel safe is remembering to empty it before you check out. When I expect a hurried or groggy, pre-dawn check-out, I scrawl a bedside note to myself.

What kind of joints do you stay in? What do you carry?
© Copyright 2008-2009 Bambi Vincent. All rights reserved.

Unrelated posts: