Ask MetaFilter questions tagged with Security

You! You with the shifty eyes, step out of the line!

Fortnight Bender — Fri, 18 Dec 2009 20:38:06 -0800

My brother gets security grief when he flies. Is there a solution? Wondering about airline security. I purchased a flight for myself and my brother online using my credit card. Day of fight I went to do early (within 24 hour check-in) and it says my brother in unable to do it and must show ID at airport. Brother says, yeah this has happened before, his name is on a list and he has filled out a form and sent it in with all the information they (the Gubmint I presume) requested. Apparently that did not solve the problem. We know this is a fairly common issue, and the airline lady at the counter implied it was a waste of time to try and fix it, as he had attempted. Our names are common (or so it seems to me) like Richard and James Smith. Granted that may not be relevant. Because he couldn't be checked in early, and it was an airline whereby you acquire a position in line for seating based on check in time, he was cheated (or so we feel) out of a more favorable position. The only information I gave about him when buying the ticket was his name.

Is there a way to fix this? (Despite what the airline lady said). That is, has anyone successfully fixed this? How do they know he is THE James Smith just by his name (the one who needs further ID check)? Do all of the James Smiths who engage in airline travel enjoy this extra scrutiny? Sorry if that is multiple questions. Neither he nor I fly all that often, but it seems to be a nuisance. Thanks!

Two good reasons to break a lease

beefetish — Fri, 18 Dec 2009 13:27:51 -0800

My lease expires May 15. I need to be in another city the first week of March. My housemate and I want to move out ASAP because our neighborhood sucks. Please advise. More details inside. I plan on breaking my lease anyway because of a job offer in another city- housemate would also be moving at this time, so there's no roommate drama.

However, two attempted break-ins and one suspicious guy loitering in our alleyway last night have tipped our feelings about the neighborhood from "rough but not a clear and present danger" to "why do these people want to break into our house so badly" -- it looked like the same guys trying to get into our house each time. Called the cops each time, cops said, oh yeah, high school students have been breaking into houses all over the place for drug money, nothing we can do. Being hit three times in one week is pretty fucked up so we want to move. Ordinarily I'd find some folks to replace us on the lease but i don't want any of my friends getting their shit jacked. There has been an uptick in violence in the neighborhood the last couple months and it has officially become old.

Dad advises finding a new place, eating the damage deposit, and moving, but not paying the rent on the old place. This strikes me as potentially foolhardy. Is there any way of prematurely terminating our lease without being on the hook for two rents until May?

Securing a bicycle seat

pulled_levers — Fri, 18 Dec 2009 12:08:58 -0800

Recommendations on securing a quick-release bicycle seatpost? I'd really prefer for my seat-post to stay intact without adding too much weight to my bicycle. Any recommendations?

Is YouSendIt.com insecure?

ljshapiro — Wed, 16 Dec 2009 06:21:49 -0800

Is YouSendIt.com insecure? I need to send large files to a client in Dubai (I'm in Los Angeles). Their IT guy wants me to upload to their ftp server because he says YouSendIt is insecure. Fine with me, but I keep getting error messages. I'm pretty knowledgeable about ftp, and I think the problem is on their end, as their server keeps kicking me off. I really need to get these files to them, and YouSendIt Pro (using YouSendIt express, their standalone app) always does the trick for me.

YouSendIt's security FAQ seems pretty robust, and Googling turned up no complaints from users about security issues with the site.

I'm sending the files right now via YouSendIt because I think his assessment of the security problem is unfounded and I have to get the files over there. Am I off base?

What to do with a CISSP and little tech experience?

zombieflanders — Fri, 11 Dec 2009 11:45:34 -0800

I have a CISSP and 6 years experience in the IT Security field. Problem is, most of my experience is with policy, not technology. Where can I go from here? I've been working in IT Security as a government contractor since 2003, and got my CISSP earlier this year. Most of my work has been on the policy side of things such as audit response/remediation, contingency planning, and certification & accreditation. Unfortunately, I've neglected to keep up with or even study a lot of the underlying technology supporting all of it. In other words, I could quote NIST or OMB regs all day long, but put me in front of a monitor with a bunch of logic statements or log extracts on the screen, and I probably couldn't say what I'm looking at. Even worse, my only degree is a bachelor's completely unrelated to any work I've done (thanks, liberal arts education!), and I had no prior experience in the field before this job. In terms of my career path, I'm kind of spinning my wheels, and despite the itch to move on to something and somewhere else, an informal browsing of job openings tells me many employers seem to place a high value on several year's worth of experience with the tech side of things, such as VPNs and firewalls or database management. This would seem to put a kibosh in my hopes of finding something within the next 9-12 months.

So, having belatedly realized that I've been an idiot and painted myself into a corner in the short term, education- and experience-wise, am I SOL in the job search given the timeframe above? Would moving into the auditor side of things be a viable alternative? And regardless of the job search itself it's clear I need to add a lot to my skill set, so where's a good place to start?

Dell Mini 10v Just Showed Up--How to Protect it?

mixer — Wed, 09 Dec 2009 10:42:28 -0800

I just got a new Dell Mini 10v. I need some advice on programs--for security and to fight viruses! First thing, this is for my gf, who doesn't know anything about computers. I want to download all the good stuff for her. What security/firewall programs are good? I prefer the free stuff, mind you!

(I am a Mac OS guy. If I were to keep the compu, it would definitely be a hackintosh, but, alas, it's for her! So fill me in on how to protect this cool little thing.)
Thanks!

Why isn't there more theft at airport baggage claims?

lunchbox — Thu, 03 Dec 2009 21:31:34 -0800

Why isn't there more theft at airport baggage claims? At most airports I've been to, the baggage claims are openly accessible from the outside, and no verification/authentication is necessary to walk in the door, grab a suitcase from the conveyor belt, and walk right out. (I know some airports require people to show baggage check receipts, but most I've been to haven't.) What's more, valuable suitcases often sit around for long periods of time without being claimed, leaving thieves plenty of time. How does this baggage-claim system not implode from epidemic theft?

Painful Choices.

Anonymous — Sat, 28 Nov 2009 13:24:10 -0800

Relatives-In-Law Might Run Shady Business From Home, Should I Go There For Christmas? Hi Ask.Metafilter, I really need your help.

I recently learned that my SO's relatives might be growing weed at their home (on West Coast). The relatives don't know that I know. Because my particular career might require a security clearance (which I do not have yet), I want NOTHING to do with it.

When I heard about their possible shady business I decided to never go to their home. It was a simple, private rule to keep me a safe distance from their possible shady business. I was happy meet them anywhere else (restaurant, etc..), just not at their house. However, now they have invited us to their home for Christmas morning.

I am faced with two bad choices:

1) Not go to their house, forcing my SO lie to the relatives about why I cannot make it. This hurts SO (alot) in the process (which I absolutely don't want to do), because she would have to lie, spend Christmas without me, and get grief from relatives because her SO isn't there.

2) Break my own rule, and go to their home. This choice is best for my SO, but puts me uncomfortably close to an possible activity I want no part of. Furthermore, I worry they might decide "come out of the closet" and talk about their shady gardening activities while I am there.

Currently, my plan is to go to their home for a few hours on Christmas morning and then leave, making the excuse that we have to go to another party. If they talk about their business, my SO and I would leave right away. My SO fully supports this plan.

What would you do? Does anyone know if going to their home will affect my chances of getting a security clearance (given that I am not sure they are doing it and have absolutely absolutely no part in it)? What are the dangers?

Short Version:

1. SO's relatives MIGHT grow weed from their home.
2. They don't know I know.
3. I might need security clearance in future.
4. Previously, I decided to never go to their home, just in case.
5. SO's relatives invited us to Christmas at their home.
6. I am worried going there would ruin my chances of getting security clearance.

P.S. Having Christmas morning outside the home (at a restaurant) is not an option.

defragging security mac

ebesan — Sat, 28 Nov 2009 08:45:33 -0800

Recently had my mac (V 10.4.11) defragged; by another person. Question- I am (too late) concerned about security. What steps can I now take to go thru and secure everything? Change all passwords, ok. Anything else? Where are the weak points?

Law-abiding civilian wants to kinda remove personal info from a laptop

salvia — Fri, 27 Nov 2009 14:41:33 -0800

What are the basic steps to remove personal information off of a hard drive? (XP Home, SP3) I'm trading up a work computer for a newer one. I'd like to make sure to erase things like my frequent flier password, browsing history and downloaded docs, emailed files, and documents I created myself.

I realize many people would find it easiest just to reformat the hard drive, but I'd rather not do that myself, as I don't know what I'm doing or have the disks, plus that'd look more suspicious than leaving behind a few non-work files. I'm not concerned anyone is going to run file recovery software or investigate me, and I don't have any confidential client data that I need to protect. I don't use this for much besides work, and I never save bank passwords, and they're probably going to reformat the computer right away, so I'm not that worried.

I just don't want someone to open a folder and accidentally stumble across some doc I forgot about ("FindingANewJob.doc") or some cached NSFW pic or pdf download that I clicked on in Metafilter, or some embarrassing google search term, or a personal essay a friend emailed me on Outlook that I edited over the weekend. I'm looking for a middle ground between the Department of Defense seven-wipe wiping standard and/or total reformat, and just leaving behind entire folders full of potentially-personal things.

What's a reasonable way for me to clean files and browsing history off of the computer? Is there a good checklist of folders to empty out? Is there a way to know which folders have exclusively system files and which have user-created documents? If you delete a file, then empty the Recycling Bin, is that pretty good or is there one step further you need to take to keep someone from accidentally encountering TMI?

If it matters, I am one of three users on the machine, and I don't know if I have full admin privileges, but I can add and remove programs.

I realize this is a pretty common question, and I've found some decent eHow articles, but I trust AskMe more than my googling skills. Thanks a bunch for any advice you can offer.

Home invasion - best security?

dukes909 — Wed, 25 Nov 2009 08:13:20 -0800

I live in a semi-rural area. After a rash of recent home invasions in my area (which is something new for here), I'm wondering whether to invest in an alarm system, a gun, or more motion detector lights and just keep locking the doors and windows as I have always done? I have 4 dogs that range from a beagle sized one that is mean to a 95 pound lab that barks like hell but is very loving. My wife is home alone (well, with the dogs) for a couple of hours in the morning after I go to work. Our house is set back from the road a fair distance, and we don't have neighbors that are within visual distance. What do you recommend? I've called the Sherrif's office to ask for advice and they were no help, saying just to use deadbolts etc. Recently (last week) someone rang a neighbor's doorbell at 4am. The neighbor went to the door (with a gun hidden behind his back) and in the meantime the person who rang the bell ran to the back of the house and was working their way in the backdoor (picking the lock). The neighbor saw them, held the gun up and pointed at them and then the bastard still kept trying to come in. Eventually the crook got the idea and sauntered off after getting ready to kick the door in. I don't know why he suddenly decided to leave after having a gun pointed at him the entire time.

A 2nd incident occurred nearby where the homeowner woke up to a .45 pointed at their head, until the thief got some cash. There was another incident where the intruder knocked an older woman out cold with a lead pipe! Now I'm paranoid and my wife says I should not worry!

Help me with a bit of passive home defence

Anonymous — Tue, 24 Nov 2009 09:26:38 -0800

Looking for a GSM alarm system for my house. I don't live in the States, so the answer should ideally be non-US specific. I was wondering about the Panasonic BL-C131A, but that needs presumably a decent amount of light and a working internet connection to alert me of break-ins. And without push email, fifteen minutes could pass before I get the alert. It's not really ideal, I don't think... A GSM alarm seems like a better idea, but they all seem so expensive and if not expensive then Chinese. Does anyone have a recommendation for a basic all-in-one system with GSM alert for under $200? I only need one PIR, with bonus points for expandability. I noticed Ontech GSM Mini 9009 (+ Ontech GSM Relay 9010) but they are fairly expensive considering the actual alarm isn't included here. Any thoughts? Surely in this digital age the home security market has moved on from closed solutions like a monitoring centre?

Clear Wireless Keys Automatically?

NYScott — Thu, 12 Nov 2009 13:48:48 -0800

Auto-Delete XP Laptop's Wireless "Preferred Networks" List? At work, we have laptops we loan to staff. I want to be able to make sure all "Preferred Networks" are deleted automatically, or at the very least, the Network Keys are cleared.

As you probably know, once you connect to a wireless network on an XP machine, that network is stored in your list of Preferred Networks. It also stores the network's key (password), and will automatically log on when detected. Since we're loaning laptops to people, I don't want our network settings stored on the laptops (nor do I want their home network settings retained). My thought is: what if a laptop is stolen? The thief could park outside one of our buildings, and from the comfort of his car, he could automatically log into our network, using the credentials of the previous user...

"Kiosk mode" will not work for us; users need to be able to make & retain changes. And relying on individuals to delete the Preferred Networks is useless.

Ideally, once you log off/reboot, the settings are cleared.

Any suggestions?

Thanks!

Where is this powder coming from?

JakeWalker — Wed, 11 Nov 2009 17:48:56 -0800

What is the name of the technology that produces powder (that verifies authenticity, I suppose) when you bend a drivers license or other ID card? My friend has a New York Drivers License (maybe not the newest one, but still pretty new). If you bend the license, it releases a kind of powder, presumably to verify its authenticity. I'm really curious about the technology (and not because I'm trying to make a fake ID, it is just an interesting technique), and I'm having a hard time googling for more info. Does anyone know what this security technique is called? What other states use it? Where I can find out more?

security clearance + previous drug use?

Anonymous — Mon, 09 Nov 2009 12:44:40 -0800

If a person smoked pot in early July 2009, what is the likelihood of that person getting a secret security clearance for summer 2010 federal government internships? Is there anything that person can do now to maximize chance of getting a clearance? Other relevant details: various drugs used from 2004-2006 (though in relative moderation except for high frequency of smoking weed), then 1x or 2x a month marijuana usage from then on. Came to a full stop after July 4, 2009 before starting graduate school and have no plans to resume drug use ever.

Various websites say that the general rule is "12 months of no drugs," but it is ambiguous as to whether that is for top secret or secret.

Again, this person is looking for secret clearance rather than top secret, and this is for non-intel positions with the US government. And most internships start in May.

Basically, is it worth it to even apply for positions that require applicant to eventually get a secret clearance for the summer? Is there anything that can be done to help get this thing? (and, uh, if the answer is "there's no way in hell that you'll get the clearance," does anyone know of any federal agencies that don't require clearance?)

Throwaway gmail account that I'll check: governmentandsmoking@gmail.com

Best way to eliminate personal data on Macbook Pro?

UMDirector — Fri, 30 Oct 2009 06:44:02 -0800

After problems with my old laptop Apple sent me a free replacement, whats the best way to migrate my data, eliminate personal info but leave potential problems intact? So my 2007 MacBook Pro has been a nightmare, multiple logic boards, wireless card outages etc. So they replaced it with a brand new current model MacBook Pro. My initial plan was just to dump my time machine backup onto the new machine, but I am wondering if that would instantly slow down the new machine by adding all the old pref files and junk that accumulates over the years to slow down machines? Should I worry about this? Would it be better to do a pile of fresh installs and manually copy music directories and such?

Also I want to send me old machine back to Apple as intact as possible. I would hate for the current wireless card issue to be a software problem and then I do a entire install and wipe and it fixes it. So I want to send it back as is but delete my personal data, passwords, etc. What's the best way to do this?

I know the names don't match, but it's really me! I swear!

arianell — Mon, 26 Oct 2009 18:22:48 -0800

Someone purchased an airline ticket for me, but booked it under my nickname instead of my legal name. I don't have any photo ID with my nickname on it. Will I be able to fly? (I know there have been previous questions asked about this kind of thing, but none since these new TSA guidelines were implemented.)

Everyone calls me by a nickname that is very different from my "actual" first name. Say my name is Josephine, but I go by Scarlett because of my hair color.

Anyhow, my boyfriend booked a trip for us, and he forgot to reserve my ticket as Josephine instead of Scarlett. We called the airline, and they can't/won't change the name on the ticket. Instead, they kindly offered to let us purchase a replacement ticket for the low low price of $600, which neither one of us can afford.

I know that, until recently, you didn't actually have to show ID to procure your boarding pass or get through security, although the agents at the security checkpoint would flag you for an extra screening. How much has this policy changed? Does it seem likely that I'll be able to board my flight? If not, do I have any other options?

Any good books on web penetration testing?

jacobian — Sun, 18 Oct 2009 08:28:13 -0800

Any good books on web penetration testing? I'm a web developer and consultant, and I often deal with web application security. Everything I know about penetration testing I've learned in a pretty ad hoc manner, and I think it's time to give myself a bit of a more formal background.

I'm familier enough with the concepts (SQL injection, XSS, CSRF, etc.); I even teach classes on those subjects. I've got decent knowledge crypto and digital security in general. I also have a few tools I sorta know how to use (Burp Suite being the main one). But I don't really have any good grasp on the "right" way to actually conduct a formal web penetration test -- I usually just flail around for a while trying different things until I "feel" satisfied. Doesn't really make for a very scientific process, I know.

So: any suggestions for books (or any other sort of learning material) on web penetration testing? I'd prefer something more on the advanced side of the spectrum; I'd rather be overwhelmed than bored.

Help me connect Mac-at-home to Windows-at-work?

OlivesAndTurkishCoffee — Fri, 09 Oct 2009 07:40:00 -0800

What could happen to my mac if I connect remotely to my windows computer at work. Is there a viciously secure way of doing this? I need to connect my home mac to my office's windows computer remotely. So far, this has stumped the tech guy so I've been using a small windows netbook and connecting via vpn. But opening files on the company network takes forever and we need a better solution.

He is currently working on a solution that allows me to connect to the small business server using my mac via the windows Remote Desktop Connection Client 1.0.3 for Mac.

This worries me because I don't want windows stuff touching my mac! But my worry is based on mere suspicious distrust of windows rather than any actual knowledge of how these things work.

Those of you who do know about these things: Will using this client application make my mac vulnerable to windows risks; and, if so, is there a better more secure solution? (or a better solution with the netbook?)

How not to store plaintext passwords?

bottlebrushtree — Thu, 08 Oct 2009 09:56:51 -0800

Best practices for storing OracleDB/mysql/ldap/smtp/etc... system passwords for enterprise application integration use? I'm working with a vendor who currently is storing passwords in plain text in configuration files.

If you've ever configured Wordpress you are familiar with how your mysql password gets placed in plain text in the wp-config.php file.
This vendor is doing a similar thing for mysql, ldap, smtp, etc...

This has made some people uncomfortable.

I'd like some suggestions for best practices to minimize the use of passwords in plaintext (or trivially encoded text) in text configuration files.

These passwords are being used to drive external databases, ldap auth, smtp sending, etc...

Their Java / Tomcat application is expected to be running 24/7 as a Server. This particular instance will be on Windows Server 2003 though Linux is also supported.

It would be nice if it would be possible to have unattended restarting of the application without a user having to enter in a master password, but if that is the only solution we may be comfortable with it.

Some background:

The application uses LDAP to authenticate users (and hence has the LDAP system password in a configuration file)

The application stores its data in a SQL database (Oracle in this case, though they also support mysql. We have to stay on Oracle)

The application sends mail using SMTP

Thanks.

Can you use airport amnesty bins to erase certain crimes?

Damn That Television — Mon, 05 Oct 2009 08:07:50 -0800

Where can I find the written laws that regulate amnesty bins at airports? (Amnesty bins are the bins right before the metal detectors in some airports where you can, according to signs, throw away anything that you can't take through security without penalty.) And, related, are these actually legally binding, or just a gentlemen's agreement? Could someone hypothetically put a stolen painting in the bin, and be free of legal consequence of having stolen it?

Please help me put together a remote office door unlock system for a local non profit.

TomMelee — Wed, 30 Sep 2009 09:37:20 -0800

At secure offices, you have to get buzzed in the door. Help me build one of those systems for a local non-profit. Bonus points for inexpensive and practical for home use too! First off, I can't even really figure out what to google. I've tried "security door controls" and I get some good looking stuff, but I don't know the right terminology for what I'm looking for. So here goes.

I want a button under or at a desk (or multiple desks) that, when pressed, unlocks a door on the floor below. This is NOT a high security application, it does NOT need to be bulletproof. There are some ladies who work alone at this rural agency in the mornings, and they'd like to let people in the building w/o letting them in the office, but there's a stairwell...etc.

Ideally we can do this on the cheeeep, something homebrew would be totally fine. Very little money to work with here, everything goes to youth programming, and we'd like it to stay that way. T'would also be a fun project for our new house...so...enlighten me.

It doesn't *have* to be a door-bell like button, it could be a keyfob, but we're thinking low-voltage wires are the way to go.

There are three desks who would like to have access to the button, so I'm guessing three buttons!

You tell me!

How do I keep my rental home secure?

aflores — Fri, 25 Sep 2009 12:41:02 -0800

Living in Albuquerque, currently renting a house, and wondering what options are available for home security in this specific situation? Are there any non-invasive setups for an alarm system? In particular, with no landline? A quick search online revealed a system by GE with a cellular setup, which would be a possibility, but I'm looking for more personal experiences with home security in a rental situation.

Thanks.

Dear Alderwoman, I did not enjoy my drive through a construction site in your ward. Plz advise.

limeonaire — Sun, 20 Sep 2009 13:38:37 -0800

Engineers, construction workers, and lawyers: How can I find out what the specific site safety requirements and statutes are for an under-construction commercial urban development site? Specifically, I'm looking to find out more about site-safety requirements in the city of St. Louis, Mo. I'm especially seeking information that might shed some light on what might be required in the way of erecting barriers, fences, and signs to keep the general public safely off roads and paths leading into construction sites.

Here's the specific circumstance that prompted this question:

Headed north on a local highway in the dark, amid a light drizzle, I took a city exit I'd never taken before. I soon I figured I'd best find a way to get back on the highway. I made a quick right at the first light I reached, then turned right again at the next light after that, hoping it might take me right back around to the highway on-ramp. (A look at Google Maps when I got home suggested that that's exactly what this road originally did.)

Unfortunately, the road quickly turned into an unlit, half-paved drive, surrounded by overgrown brush. The drive narrowed as I crested a small rise—only to find myself at the edge of a vast expanse of muddy gravel. The street, it seems, currently dead-ends in a vacant lot behind an under-construction Walgreens. The only way out, since this was a one-way street, appeared to be driving toward the already-constructed parking lot. So I drove slowly across the gravel, headed for the parking lot—only to find myself stuck in the mud right next to what turned out to be a new curb. After a series of fits and starts, I finally got my car unstuck—and came down with a big crunch on the other side of the curb.

Hyperventilating, I parked next to the building, where the light was better, and got out to check the car. Nothing creaked or popped or looked obviously broken, so after moving a traffic barrel blocking the new parking lot's only entrance/exit, I made my way back to the highway and drove home.

This morning, I moved my car and checked the pavement where I'd been parked, and saw several fresh oil spots. This car is only a couple years old and has never leaked anything in the time I've had it. So I took a flashlight and peered under the car, and it looked like the plastic cowling protecting the oil-filter area had come partially dislodged. I couldn't see anything else that looked obviously damaged, but clearly I'm going to need to take this in to the shop tomorrow so they can put it on the lift and repair the cowling and/or the oil-filter cap/gasket and/or anything else that might've been damaged.

Hence my initial query. I'm trying to figure out what recourse, if any, I have in terms of recovering damages in this situation (perhaps via small-claims court?)—and making sure it never happens to anyone else. I can't believe they don't have that street blocked off.

I plan to contact that ward's alderwoman first thing Monday. But I'd like to have something concrete to cite in my conversations with her and/or anyone else I have to deal with about this explaining what's wrong with the site, especially since the builder of this development is a very large company.

I found a few sections of the Missouri Revised Statutes that look as though they may apply: 319-035, 319-040, 319-041, 537.346, 537.348.

I also uncovered slides from a PowerPoint presentation on ANSI's A10.34 standard (Google's cached html version here), which, although only a voluntary-adoption measure, still provides some sense of what the baseline standards for construction-site public safety should be. The very first requirement listed? "Restricting public access to the jobsite – a site security plan." Along those lines, best practices listed include "100 percent fencing of the project site," "Use of easy to read signs," "Daily inspection of fences, locks and gates," "Daily inspection of traffic control devices," and "Night lighting or security service." The area of the site I ended up driving into had none of those things: no fences, no gates, no roadblocks, no signage, no lighting, no security.

So...are the statutes I uncovered relevant? Is this ANSI standard relevant? Does anyone know of anything more specific I should be reading about or anyone else I should be contacting at this point? Thanks for any help anyone can give me with this!

Ground Floor Safety?

SweetTeaAndABiscuit — Sun, 13 Sep 2009 08:33:14 -0800

Seeking tips, gadgets, and hacks for feeling safe in a ground floor apartment. I've always resisted living in ground floor apartments, but health reasons are forcing me to give up climbing multiple flights of stairs daily. Buildings with elevators are significantly more expensive in my area, so I'm at least contemplating the idea of living on the ground floor. I live in a relatively safe, suburban small town, but I hate feeling like I can't have my window blinds open and I don't like the idea of my windows and patio door being so vulnerable.

What are things you do/have/bought to help yourself feel more secure when living on the ground floor?