security (5)

Charlotte riots and the "Festival in the Park"

I noticed on http://festivalinthepark.org/ that Charlotte’s “Festival In the Park” this weekend is still going ahead as scheduled, despite the Charlotte riots and curfews.  I was wondering how that is working out.  Are the artists and crafters actually setting up?  What were they told by the promoter?  Will anyone show up tomorrow and Sunday?  Are the police actually able to provide credible security?

Read more…

How do you handle your cash at venues?

My husband and i have been doing art fairs for 4 years now, and always try to be carefully strategic as to where to put our check out counter and cash area to ensure it is accessible only to us.  And until yesterday it was a great strategy.  Neither of us are certain how, but believe that it was toward the last minutes of the show that someone got in and took all of our $20 bills from below the till.  i am certain this was while i was distracted to the front of the tent by one customer, and my husband was pulling the vehicle up behind to begin the load out.  I shared our story with some of my friends who are fellow artists, and have had a variety of responses for how they handle cash.  The majority have indicated either an apron, fanny pack or some sort of bag that fits snug to the body.  I would love to hear your thoughts on how you handle cash.  I feel like such an idiot that i must have left up my guard for just a moment or two.  The only other explanation is that my neighbor has light fingers... because i expected her to be at the back of her booth, and thought nothing of seeing her close by.

Read more…

ZAPP IE Exaggeration Uncalled For

    A retired diplomat well experienced in security, negotiation, and tact, my husband's complexion goes a little red when he senses insensibilities and totally uncalled for exaggeration (unless it's adeptly manipulated to draw out a laugh or two).  His reaction to such things is to research them immediately and try to discern truth from distraction; to tone down hyperbole so that rational thought might actually be encouraged.  Well, I'll let him take over:

     Such was the case when we received a no-reply email from ZAPP yesterday, the subject of which was "Four Important Updates You Should Not Miss!", one of which was "Note from the Department of Homeland Security About Internet Explorer."  Uh-oh, you think, I'm using IE, and I'm screwed!

     We're not trying to minimize the potential dangers we all face, but to enlighten those of us who are not computer experts or web professionals so that we don't naively fall prey to the cries of "wolf!" we hear so often these days.  The danger is still there, but why must an organization like ZAPP -- which plays such an important role these days for so many us here -- needlessly distort, overdo, and indeed fabricate facts in an attempt to scare us to move from one browser to another?

    ZAPP referred to "a widely distributed alert" from DHS that "advised computer users to stop using the Internet Explorer (IE) web browser," and wrote that DHS "stated that the browser is susceptible to a hack that could result in a security breach."

     Let's discuss this alert's origin, first.  The alert is yes, from DHS, but more accurately from their US-CERT (United States Computer Emergency Readiness Team), which actually issues alerts after culling software warnings from Carnegie Mellon University's "Vulnerability Notes" database.  Note that Carnegie Mellon has published over 46,000 vulnerabilities since September 26, 2000 -- an average of over 3,000 per year, or roughly 8 each and every day, 7 days a week.  Of those, US-CERT publishes alerts for the "most frequent, most high-impact types of security incidents ...".  To receive an emailed alert from US-CERT, you must be signed up to receive them; otherwise, you'd need to access US-CERT's website daily, especially if you're a system administrator for an organization (e.g., ZAPP).  Most everyday computer users, like you and we, don't need to see them (although it pays to be aware of all security alerts, be they physical, or IT-related).

     (We may also critique ZAPP's use of "DHS" as the alert's originator.  DHS alerts can take many forms, but they're usually not formally "DHS" alerts.  In addition to US-CERT alerts, these include advisories from NTAS (the National Terrorist Advisory System), FEMA, USCIS, and USCPB.  A little more specificity or elaboration would be more useful, practical, and less alarming.)

     Second, does this specific alert advise computer users to "stop using the Internet Explorer (IE) web browser"?

     It says (or more accurately, said) no such thing.  The US-CERT alert's specific recommendations are that "users and administrators review Microsoft Security Advisory 2963983 for mitigation actions and workarounds," and for "those who cannot follow Microsoft's recommendations, such as Windows XP users, [they] may consider employing an alternate browser (emphasis ours)."

  Even more confounding is the fact that Carnegie Mellon published the vulnerability on April 27, US-CERT issued the alert on April 28, and on May 1, both Carnegie Mellon and US-CERT called attention to Microsoft's May 1 security update and resolution regarding the specific issue.  ZAPP's email is dated May 6!  It probably should be filed in our "Who Cares?" folder.  It looks like the problem was resolved a week before ZAPP scared the hell out of us with their DHS alert telling us not to use Internet Explorer.

     Third, ZAPP's email adds that it has "long recommended that ZAPP users utilize the Firefox, Chrome, or Safari browsers."  That's interesting, because according to their website:  "For optimal performance, use the most recent versions of Mozilla Firefox, Google Chrome, Internet Explorer, or Safari.  In our experience, Mozilla Firefox and/or Google Chrome are most compatible with ZAPP."  We don't know about you, but even in internet / software-speak, we find it difficult to make a distinction between "optimal performance," and "most compatible."  Contrary to their email with its ultra-scary DHS alert, it appears that ZAPP has also "long recommended" Internet Explorer for optimal performance.

     Finally, a rudimentary search of US-CERT software alerts will quickly reveal cautions concerning Firefox, Google Chrome, and Safari.  Where was ZAPP when these were published?

    So why would an organization like ZAPP publish a wolf-crying, potentially terrorist-related alert in an email like this?  Because their IT person was probably having a bad day.  And their email drafter was probably too confused (or web-innocent, like most of us), to question it.  And the person approving its issuance on May 6 was probably on a fishing trip and didn't realize the "danger" we'd all been in for a week and a half while he or she was busy catching trout.

     These are how things go sometimes.  So stay smart!  Be alert, but don't become paranoid.  Paranoia always calls for more work than is necessary.  (Such as installing and using a new browser, when the one you're already comfortable with, probably works fine.)  Paranoia can also freak out your neighbors.

Read more…

Security is always an issue at the nation's art fairs with smaller events not having to pay much attention to it but the large ones that attract 100,000's of thousands of people beefing up their staff to insure the safety at their shows. When the Super Bowl was in Detroit a few years back I was on the staff and went to a meeting with not only local police but FBI, Homeland Security and border patrol officials speaking to us and briefing us on what to do. It was very sobering.

Texas' big show the Fort Worth Main Street Festival is taking place this weekend in the shadow of Monday's tragic occurrences in Boston. Festival organizers surely had their load increased in preparation for the event as they redoubled their security plans. The Fort Worth Police Department is deploying additional uniformed and undercover officers, as well as bomb-detecting K9 units, to areas in and around all large public events, said a city news release.

Suggestions that will be helpful to artists not only this weekend but going forward:

The release recommended signing up for a free service at www.nixle.com, where the Fort Worth Office of Emergency Management warns of natural or manmade emergencies in the area with texts and/or email.

Festival guests are asked to follow Homeland Security's caution: "If you see something, say something."

But because it's a free festival with 20 points of access, monitoring what people bring into it would be difficult, said spokeswoman Clair Bloxom.

"If someone saw a person leave a backpack at an artist's booth, you'd definitely want to report that to a police officer," she said. "We're encouraging people not to bring backpacks."

Guests also are asked not to bring coolers, said Jay Downie, event producer.

"If you bring a bag, keep it on your person," he said. "Any unattended bag will be confiscated."

Read more…
Just before I left them at a health food store called Water Lily, last December 2009...

Well, January 4th the lawyer for the landlord apparently escorted Water Lily's owner out, for non-payment of January 1st rent...

To boot, all goods were going to be sold & the monies were going to be divied up between sales tax, the landlord & other creditors...

My 4 oil paintings (24 x36) were still on the wall...On consignment...But how to get them out?

Well, the key to proving the art was really still mine was those security tags. I had ordered them from a
website FineArtRegistry.com & when they had arrived in the mail, I had dutifully stuck one on the back of each work, photographed the paintings front & back, & uploaded that to the Fine Art registry website...

I also had taken a minute before bringing them to Water Lily to make a note of my plans, in the description section of the webpage...

So...When the lawyer for the landlord said what proof do you have that those paintings are your etc. etc., I sent a link in an email to the web page which showed those 4 paintings, descriptions, size, medium, style, & details of the show & where & when...

Not only that, the inventor of those security tags was able to vouch for me that I had uploaded all of this information just before December 1st, so the timeline was correct.

Even more powerful, was when the lawyer got to be difficult, I listed those paintings as "Stolen" which is a special button you can activate- seeing as the way I saw it, they had my paintings, knew they were mine & didn't want to give them back...To me that meant "stolen"...

Teri Franks, of FAR (Fine Art Registry) told Mr. lawyer , in no uncertain terms, that if he attempted to sell my paintings they would come up as stolen to the international fine art community...

No title, no-one would buy them or could ever sell them...

Powerful stuff...

Anyways, I am writing this because I am so grateful to FAR for all of their hard work in getting my paintings back...

I did get them back on Wednesday February 24th- took me about a month of hard fighting...But we won...

I said to Teri, how can I ever thank you? She said, tell people... So, I am telling people...

Teri is going to court March 15, in Michigan, to fight a very big gallery who has been selling fakes & forgeries & other bad stuff, & they sued FAR for publishing that truth...

If anyone is in Michigan round that time you are welcome to support FAR by showing up to the trial or hearing or whatever they call it...More can be read on the FAR website...(fineartregistry.com)

Sari Grove

p.s. sorry this sounds kind of like an ad- it is really the truth, it's just coming out a bit corny I don't know why...?

p.p.s. Today I brought a painting to show a brand new gallery called Lane Gallery, so maybe they will take me...We'll see...(They really liked the story about the security tags though, smart & cool & tech, & a great way to follow where your work ends up-the ownership transfer thing is a neat way to track provenance, plus you can get COAs (certificates of authenticity) just for marketing support...
Read more…