DOCSLIB.ORG

New Relic Security & Privacy Handbook

Total Page:16

File Type:pdf, Size:1020Kb

Download full-text PDF Read full-text

Load more

New Relic
Security & Privacy Handbook

January 2019

1

Table of Contents

Executive Overview (At a Glance) Purpose
57

  • Audience
  • 7

  • Overview
  • 7

  • What is New Relic?
  • 7

  • New Relic Services
  • 7

How does New Relic work?
Security On Your Server (Agent Security)
Recommended Configurations
APM (Application Performance Monitoring) Insights
7999
11 12 14 15 16 17 18 18 19 20 21 22 22 23 23 23 23 23 25 25 25 27 27 27 27 27
Browser Mobile Synthetics Alerts Infrastructure
Transmission Security
Industry Standard Encryption in Transit
Security in Our Data Centers (Data Storage Security)
Monitoring
Security of Our Application Security Testing Methodology
Attack Vectors
Security Frameworks and Regulatory Compliance
SOC 2 FedRAMP, NIST 800-53 and FISMA PCI Compliance
Protecting your PCI data
HIPAA Compliance
New Relic is not a Business Associate But what if we accidentally send you PHI?
GDPR and EU Compliance Purpose and Legal Basis of Processing Special Categories of Data Data Subject Requests Data Protection Officer

AUTHORIZED FOR INTERNAL & EXTERNAL DISTRIBUTION

2

Customer Data Storage Location Cross-Border Data Transfers
28 28 28 29 29
EU Network and Information Security (NIS) Directive
Information Security at New Relic
Information Security Policies

Phishing, Social Engineering, and How to prevent it.

Information Security Processes
Privacy

32

32 35 35 35 35 35 36 36 37
Personal Data Use of Personal Data for Marketing Purposes Customer Provided Personal Data
Collecting Parameters as Attributes Database Queries
Privacy Team Privacy by Design and by Default

AUTHORIZED FOR INTERNAL & EXTERNAL DISTRIBUTION

3

Executive Overview (At a Glance)

●●
Our Threat Space
○○
Application Performance Metrics (Low Risk) Custom attributes configurable by customer (No regulated data is permitted)
Management Commitment to Security and Attack Vector Coverage
○○○○○○


Continuous Internal Application Vulnerability Scanning Quarterly Third Party Assessments of specific services Monthly Third-Party Internal & External Network Scans Bug Bounty/Responsible Disclosure Program Annual Attack Simulation Mobile applications penetration test Social Engineering Campaigns Continuous monitoring of controls and vulnerability management program by third-party (annual) and Federal agencies (monthly)

  • Comprehensive Approach to Security and Privacy

New Relic has a department dedicated to Security, which is led by the Chief Security Officer. The Security department consists of the following teams:

○○
Product Security–This team is responsible for establishing secure coding practice standards and leading and coordinating application security testing that addresses various attack vectors. Infrastructure & Operations Security–This team is responsible for establishing infrastructure and network security standards and conducting continuous infrastructure security testing. Security Compliance–This team is responsible for maintaining regulatory compliance, implementing supporting processes and procedures, coordinating and leading audit engagements and integrating regulatory controls into standard operational practices.


Safety & Security - Responsible for identifying potential safety and physical security risks and to create policies, procedures, and processes to mitigate the impact of a safety or security related incident. Manage, safety and security programs including access control, emergency response, event security, executive and asset protection, Implement and manage business continuity, IIPP, pandemic preparedness and crisis management programs. Privacy -- This team’s role is to promote privacy as a business opportunity and competitive advantage, foster customer trust by helping teams that handle personal data, implement privacy by design best practices, and advise teams on privacy matters.

  • Key Security Features

○○
Encryption in transit Secure by Default

AUTHORIZED FOR INTERNAL & EXTERNAL DISTRIBUTION

4

○○
Logical Segregation Single-Sign-On (SSO) Support

  • Regulatory Compliance and Certifications

Management investment resulted in compliance certifications, broad set of security features and design
○○○○
SOC 2 SOX FedRAMP GDPR

AUTHORIZED FOR INTERNAL & EXTERNAL DISTRIBUTION

5

Purpose

The intent of the Security Handbook is to provide accurate and complete information regarding New Relic’s commitment to the confidentiality, integrity, and availability of customer data. This document may also serve as a reference for existing customers and New Relic employees who are interested in gaining a better understanding of New Relic’s security posture.

Audience

The document is intended for existing and prospective New Relic customers and internal New Relic employees.

Overview

What is New Relic?

New Relic provides the real-time insights that software-driven businesses need to innovate faster. New Relic’s cloud platform makes every aspect of modern software and infrastructure observable, so companies can find and fix problems faster, build high-performing DevOps teams, and speed up transformation projects.

New Relic Services

New Relic’s services are designed to help you monitor and analyze the performance of your software, applications, and infrastructure so you can understand your digital business.

How does New Relic work?

A specific New Relic agent is installed at the application/server level for every service that requires monitoring.

For Infrastructure, Browser, Mobile, and APM (Application Performance Monitoring), a customer installs a New Relic software agent in the software, system, or application that they wish to monitor. The agent will then transmit performance data to New Relic servers, where it is processed. Synthetics uses automated scripts to test a customer’s software, systems, and applications; these scripts sit on New Relic-managed servers or at customer locations and report data back to New Relic-managed servers. Insights enables deeper data analysis into performance data from Infrastructure, Browser, Mobile, APM, and Synthetics or from other sources via a custom API set up by the customer.

AUTHORIZED FOR INTERNAL & EXTERNAL DISTRIBUTION

6

This handbook will expand on the security of the following:
●●●●●
Our Threat Space-The threat Space that we and our customers live in Agent Transmission Data Center Application

AUTHORIZED FOR INTERNAL & EXTERNAL DISTRIBUTION

7

Security On Your Server (Agent Security)

Recommended Configurations

New Relic agents use TLS out of the box and are secure by default. This means it is configured to obfuscate http parameters and SQL where clauses.

APM (Application Performance Monitoring)

Data Involved: New Relic collects the following metric data in aggregate:
●●●●●●●●●
Database activity External web service calls Controller and dispatch activity View activity Uncaught exceptions and counts Process memory and CPU usage Uncaught errors (paid accounts) Transaction traces (paid accounts) Customer Parameters (paid accounts)

AUTHORIZED FOR INTERNAL & EXTERNAL DISTRIBUTION

8

This aggregate metric data summarizes calls to specific methods in your application: how many times each method is called and various response time statistics such as average, minimum, maximum, and standard deviation are provided. Class and method names along with their aggregate numbers are also provided.

Default Attributes:
●●●●●●●●●●●●●●●●●●appID appName databaseDuration Duration errorMessage (.NET and PHP only) errorType (.NET and PHP only) externalDuration gcCumulative (Ruby agent) Host httpResponseCode (Java and PHP agents) Name queueDuration realAgentId transactionSubType transactionType tripID Type webDuration

Secure by default: The default configuration of the agents are secure by default as follows:
●●●
HTTP parameters disabled SSL/TLS enabled Masking (obfuscation)

AUTHORIZED FOR INTERNAL & EXTERNAL DISTRIBUTION

9

Insights

Data Involved: Insights uses events from a variety of New Relic products:

●●●

APM (Application Performance Monitoring): Transaction and TransactionError events

Browser: PageView and PageAction events

Mobile: Mobile events

Synthetics: SyntheticCheck, SyntheticRequest, and SyntheticPrivateMinion events
An event has a type, a timestamp, and an arbitrary number of key-value attributes. The default, out of the box, agent security settings excludes the transmission of sensitive data to Insights. Only the minimum, non-sensitive required data, for the purpose of application performance monitoring is transmitted to New Relic.The agent does not send any other data unless you change the default security settings. Depending on your requirements, either or both of these situations may apply:

If the default list contains data you are concerned about, you can disable those attributes from being collected.

If you need to send attributes that are not on the default list, you can enable those attributes to be collected. This situation is typical for Insights customers, as it allows you to make full use of Insights' capability to collect and query custom attributes.

By default, New Relic agents send three event types to Insights:

●●●

PageView: Sent whenever a page is loaded on your application or website monitored by a New Relic agent. Transaction: Sent whenever a transaction (web or otherwise) is observed on your application monitored by a New Relic agent. MobileSession: Sent whenever a new session is initiated from a mobile application monitored by the New Relic mobile SDK.

You can add custom attributes to be reported in default Insights event types. You can also disable or block certain attributes from reporting at all.

AUTHORIZED FOR INTERNAL & EXTERNAL DISTRIBUTION

10

Browser

Data Involved:
●●●●●
Page view data AJAX timing data JavaScript error data Session trace data Single Page Application data

New Relic Browser reports many different types of data to help you analyze your website's performance. New Relic Browser only reports page view data, unless you have subscribed to Pro features. You can also enable functionality for AJAX requests, JavaScript errors, and session traces.

URL query strings The Browser agent uses the HTTP referrer attribute to track page URLs. URLs can sometimes contain potentially sensitive user-entered query data (for example, a user's name). For data security reasons, Browser does not record or collect URL query strings.

Browser types New Relic Browser determines the browser type from the User-Agent header and the geographical location based on the browser's IP address. New Relic does not retain the IP address - only the country and region associated with the performance data.

Browser trace details If New Relic captures a browser trace, it also includes the city associated with the IP address (if any). Browser traces are replaced by browser session traces if using Browser Pro, to provide a more detailed timeline of the load and interaction events during a webpage's life cycle. Browser trace details appear on the Page views page.

Cookies The Browser agent is the only New Relic product that uses cookies to collect customer data. The Browser agent and New Relic collector set session cookies by default. The New Relic collector places a cookie when the Browser agent makes a connection and transmits data.

Customers may use a cookie consent manager that uses a conditional script loader that only loads tags/snippets when a visitor agrees to a specific type of cookies. If the user has cookies disabled or has not consented to the use of cookies, page load timing (sometimes referred to as real user monitoring or RUM) will not be able to track sessions properly. For additional information, please refer to:

https://docs.newrelic.com/docs/browser/new-relic-browser/page-load-timing-resources/new-relic

AUTHORIZED FOR INTERNAL & EXTERNAL DISTRIBUTION

11

-cookies-used-browser. Also, if the user has an older browser that does not support the Navigation Timing Specification API, page load timing will not be able to track response times as accurately.

New Relic's cookies for browser monitoring do not contain the secure attribute. This is because page load timing data is sent over HTTP when the page is HTTP, but over HTTPS when the page is HTTPS.

JavaScript and AJAX data may contain sensitive information, so they are always transmitted over HTTPS. Transmission of these cookies via HTTP or access to them from JavaScript is not a significant security risk, because cookies are not used to make security decisions or allow access to an account. They are used only to collect performance data, with any identifiable data obfuscated.

JSONP requests Page load timing metrics are reported to New Relic using a Script GET, also known as a JSONP request. The Script GET returns a value that is subsequently stored in a cookie and used to trigger trace capturing.

AUTHORIZED FOR INTERNAL & EXTERNAL DISTRIBUTION

12

Mobile

Data Involved:
●●
Length of application session URLs of HTTP requests, along with HTTP status code, response time, and size of the request and response body
●●
Operating system error code for network failures (HTTP requests that fail to complete) The first 2KB of the response body when the HTTP request receives a 4xx or 5xx response status code

  • A stack trace when the HTTP request receives a 4xx or 5xx response status code

(Android only)
●●●●
Wireless carrier's name The device's model name and manufacturer, and its operating system version Certain package, class, method, and thread names A unique instance identifier

The New Relic Mobile product is part of your iOS or Android app and lives within the application's "sandbox," so it cannot access anything other than performance data from your mobile app.

New Relic Mobile sends all data using HTTPS encryption, and validates the HTTPS certificate of the New Relic collector. This will prevent common data sniffing and server spoofing attacks. The agent removes the query string, fragment identifier, username, and password from each URL before sending the data.

Unique identifiers The New Relic Mobile agent assigns a unique identifier to each installed app instance in order to track discrete installs, identify recurring sessions, and correlate performance over time.

  • iOS: In versions 5.3.5 or higher, Mobile for iOS uses the IdentifierForVendor property to

provide a unique device ID.

  • Android: Mobile for Android generates a cryptographically strong UUID and stores it in

the app's SharedPreferences.

Data storage The New Relic Mobile SDK agent stores configuration information using your app's normal preferences/settings API on the mobile device. This configuration includes your application token, application version number, New Relic Mobile SDK agent version number, and settings such as the maximum number of HTTP requests to track per minute. Performance data is buffered in memory but never written to the device's storage.

AUTHORIZED FOR INTERNAL & EXTERNAL DISTRIBUTION

13

Synthetics

New Relic Synthetics is a suite of automated, scriptable tools to monitor your websites, critical business transactions, and API endpoints. Ping monitors check that your site is up, while scripted browsers simulate real end-user activity. API tests let you ensure your backend is up too.

Synthetics uses a JavaScript-like scripting language to build advanced tests. Performance data and error screenshots let you see what went wrong when your site errors out, while integrated APM support connects Synthetics activity to transaction traces.

Data Involved:

  • Monitor Results:

○○
Load Time Response Size

  • Synthetic Transaction Traces

The metric data generated by the Synthetics product would be collected by APM. Synthetic transaction traces connect your Synthetics results to APM transaction traces. While Synthetics results capture browser-side details from each Synthetics check, transaction traces capture the activity on your app server. When you connect Synthetics to APM, you can view both sides of every Synthetics run.

New Relic Synthetics monitoring supports authenticated applications as well. A variety of authentication mechanisms are supported, including Basic, Digest, NTLM, and NTLMv2, depending on the type of monitor chosen.

Private Locations Private locations allow you to extend your New Relic Synthetics coverage to new geographical locations, and to monitor websites behind your firewall such as an intranet site.

Private Minion Security and Verified Script Execution

Verified script execution for private locations allows you to secure your private minions, so that no one can assign scripted browsers or API tests to your minions without entering a passphrase.

Keep in mind that your private minion's pass phrase is known only to you. It is encrypted at rest and it is never stored in New Relic's collector. This restriction includes other users on your account and New Relic admins. Therefore, New Relic Support cannot recover or reset your passphrase for you. If you forget your passphrase, you will need to change it in the minion Overview page, and then update each monitor assigned to that private location.

AUTHORIZED FOR INTERNAL & EXTERNAL DISTRIBUTION

14

Alerts

New Relic Alerts is a flexible and centralized notification system that unlocks the operational potential of New Relic. With a single tool to manage alert policies and alert conditions, you can focus on the metrics you care about most. This includes:
●●●●●●●
Applications monitored by New Relic APM Client-side metrics monitored by New Relic Browser NRQL queries from New Relic Insights Hosts monitored by New Relic Infrastructure New Relic Mobile apps, including external services Monitors from New Relic Synthetics Plugins created via New Relic Plugins

Data involved: Similar to Insights, APM agents collect the data used by Alerts. There is no separate Alerts agent. All of the data that is available to the Alerts product has to be collected by APM agents. Therefore, in order to have a better understanding of the data available to Alerts about your environment, please review the security documentation for the language agent being used in your environment.

AUTHORIZED FOR INTERNAL & EXTERNAL DISTRIBUTION

15

Infrastructure

New Relic Infrastructure provides flexible, dynamic server monitoring. With real-time data collection and a UI that scales from a handful of hosts to thousands, Infrastructure is designed for modern Operations teams with fast-changing systems.

Infrastructure integrations give you more visibility into popular systems. There are integrations for Amazon AWS services, MySQL, NGINX, and Cassandra (among others). Integration with New Relic APM connects the monitoring of your hosts and your applications.

Data Involved: The Infrastructure agent gathers metrics, events, and inventory data from a variety of OS sources. While some of these sources can be read from a non-privileged account, others require elevated privileges.

Secure agent communication Every piece of information exchanged between your hosts and the Infrastructure agent is delivered securely. All communication from the agent occurs over HTTPS, using Transport Layer Security (TLS) . To ensure secure communication, the New Relic Infrastructure agent was designed with the following protective measures:
●●●
All communication is established directly from the agent to the service. The agent does not require any incoming ports to be opened. The agent is read-only and cannot make changes to your system.

Running as root For current agent versions, New Relic requires that it run as the root user (on Linux) or with full Administrator access (Windows). New Relic Infrastructure provides unprecedented data from your entire system. This includes user sessions, package information, file changes, kernel settings, etc. The delivery of these key pieces of your in-depth data is why the agent must run as root. The derived data is protected, and used only to deliver information related to your infrastructure back to you. The agent is strictly designed as a reporting mechanism to communicate pertinent, statistical data to New Relic. The agent does execute system level commands on the host system.

AUTHORIZED FOR INTERNAL & EXTERNAL DISTRIBUTION

16

Transmission Security

Industry Standard Encryption in Transit

New Relic uses TLS 1.2 for all communications, both between agent and our platform as well as between customers accessing newrelic.com and our platform. The communication with the agents is outbound only from the agent to New Relic’s point of data ingestion. The New Relic IP range is publicly available should it be necessary for networks where the outbound communication is limited.

AUTHORIZED FOR INTERNAL & EXTERNAL DISTRIBUTION

17

Security in Our Data Centers (Data Storage Security)

New Relic has its US data centers in Chicago, Illinois. Our data center providers are SOC 2 type II certified. New Relic owns, manages, and maintains its infrastructure.

New Relic offers two availability regions. Our US Region is self-hosted near Chicago, Illinois with disaster recovery located near Ashburn, Virginia. New Relic also offers a European Region which is hosted by IBM near Frankfurt, Germany with disaster recovery also hosted in Germany.

Recommended publications
  • Reliquary by Douglas Preston , Lincoln Child

    Reliquary by Douglas Preston , Lincoln Child

    Read and Download Ebook Reliquary... Reliquary Douglas Preston , Lincoln Child PDF File: Reliquary... 1 Read and Download Ebook Reliquary... Reliquary Douglas Preston , Lincoln Child Reliquary Douglas Preston , Lincoln Child Hidden deep beneath Manhattan lies a warren of tunnels, sewers, and galleries, mostly forgotten by those who walk the streets above. There lies the ultimate secret of the Museum Beast. When two grotesquely deformed skeletons are found deep in the mud off the Manhattan shoreline, museum curator Margo Green is called in to aid the investigation. Margo must once again team up with police lieutenant D'Agosta and FBI agent Pendergast, as well as the brilliant Dr. Frock, to try and solve the puzzle. The trail soon leads deep underground, where they will face the awakening of a slumbering nightmare. Reliquary Details Date : Published August 1st 2005 by Tor Books (first published 1997) ISBN : 9780765354952 Author : Douglas Preston , Lincoln Child Format : Mass Market Paperback 464 pages Genre : Thriller, Mystery, Fiction, Horror Download Reliquary ...pdf Read Online Reliquary ...pdf Download and Read Free Online Reliquary Douglas Preston , Lincoln Child PDF File: Reliquary... 2 Read and Download Ebook Reliquary... From Reader Review Reliquary for online ebook Sean Gibson says If reading Relic was the literary equivalent of eating a hot dog, reading Reliquary is like eating a chili cheese dog with extra onions—it’s more of everything that was good (and also heartburn-inducing) about its predecessor. Higher stakes, a more elaborate (and ridiculous) mystery, crazier science/pseudo- science…heck, it even threw in a Scooby-Doo-esque villain (“I’d have gotten away with it, too, if you meddling FBI geniuses with cloying southern accents hadn’t stopped me!”).
  • Report on Elder Abuse in Brazil

    Report on Elder Abuse in Brazil

    World Health Organization (WHO) International Network for the Prevention of Elder Abuse (INPEA) Institute of Gerontology Candido Mendes University (UCAM) Report on Elder Abuse in Brazil Laura Machado (national expert) Clinical Psychologist, M.A. Latin America Representative for INPEA Romeu Gomes (facilitator) Researcher, Phd, Public Health Elizabeth Xavier (assistant) Geriatric Physician, M.D. coordinator of the Programme of the elderly of the Rocha Maia Hospital September, 2001 2 TABLE OF CONTENTS 1. Introduction..............................................................................3 2. Methodology.............................................................................7 3. Subjects of the Study.................................................................9 4. Outcome analisis.....................................................................10 “Elder – The actor behind the stage” “Retirement: the first trauma of Brazilian worker” “Don`t stop here:...there is plenty of sixty five” “The utmost lack of respect at the public services” “ The burdensome elder and the relic elder”: two faces of domestic abuse agains elders. Explanations for abuse to occur Consequences of abuse Abuse: who to ask for help? Suggestions: “The old actor playing his role” 5. Conclusions............................................................................31 6. Recommendations...................................................................32 7. References.............................................................................33 3 1.
  • Treasures of Heaven 3(#*$3, )! -#0 3, (*" "! 4,$#,* #* '!"#! 4(- ! 5),7!

    Treasures of Heaven 3(#*$3, )! -#0 3, (*" "! 4,$#,* #* '!"#! 4(- ! 5),7!

    TREASURES OF HEAVEN 3(#*$3, )! -#0 3, (*" "! 4,$#,* #* '!"#! 4(- ! 5),7! !"#$!" %& '()$#*( %(+*,-#, .,-+!) (. /-!#*, 0. +)#11#$. '(**, (*" 2('!3 ),%#*3,* $.! 0-!4!-(*" '53!5' ,1 ()$ • $.! 6(-$!)3 ()$ '53!5', %(-$#',)! • $.! %)#$#3. '53!5', -,*",* "#3$)#%5$!" %& &(-! 5*#4!)3#$& 7)!33, *!6 .(4!* (*" -,*",* The exhibition catalogue has been supported by Paul Ruddock and an anonymous donor. This publication accompanies the exhibition Treasures Copyright © ./,/ The Trustees of the Walters Art Gallery. Front cover: Reliquary with the Man of Sorrows, of Heaven: Saints, Relics, and Devotion in Medieval Europe, Essay and catalogue entries by Holger Klein copyright © ./,/ detail (cat no. ,..) organized by the Cleveland Museum of Art, the Walters The Cleveland Museum of Art. All rights reserved. No part Back cover: Panel-Shaped Reliquary of the True Cross, Art Museum, Baltimore, and the British Museum, London. of the contents of this book may be reproduced, stored detail (cat. no. 52) in a retrieval system, or transmitted in any form or by any !"#$%$&$'( )*&!+ means, including photocopy, recording, or other information and retrieval systems without the written permission of The Cleveland Museum of Art the copyright owners. ,- October ./,/–,- January ./,, The Walters Art Museum, Baltimore The Walters Art Museum ,0 February ./,,–,1 May ./,, 4// North Charles Street Baltimore, Maryland .,./, The British Museum, London thewalters.org .0 June ./,,–2 October ./,, Distributed by This exhibition is supported by an indemnity from the Federal Yale University Press Council on the Arts and Humanities P.O. Box ./2/5/ 0/. Temple Street Library of Congress Cataloging-in-Publication Data New Haven, Connecticut /41./-2/5/ Treasures of heaven : saints, relics, and devotion in medieval yalebooks.com Europe / edited by Martina Bagnoli ..
  • FOR IMMEDIATE RELEASE USS Arizona Relic Now on Display At

    FOR IMMEDIATE RELEASE USS Arizona Relic Now on Display At

    FOR IMMEDIATE RELEASE USS Arizona Relic Now on Display at Pearl Harbor Aviation Museum Rare rusted and oil-stained bulkhead of the legendary USS Arizona takes center stage as Museum reopens HONOLULU — Pearl Harbor Aviation Museum today announced the unveiling of its newest permanent exhibit, A Piercing Blow: The Aerial Attack on the USS Arizona. The relic at the center of the exhibit, towering at nearly twelve feet tall, is a charred section of the ship’s main deck framing on the port side of the ship. Rusted and oil-stained, the surviving salvage features the portholes and framing portion of the galley’s vegetable locker. The Museum has purposefully juxtaposed the USS Arizona exhibit near the two attacking Japanese aircraft it has on display – the Nakajima B5N “Kate” bomber and the Mitsubishi A6M “Zero” – poetically telling the story of the aerial attack on Pearl Harbor that launched America into World War II. “The attack on Pearl Harbor has lived on in television, film and our national memory for years,” said Elissa Lines, Executive Director, Pearl Harbor Aviation Museum. “However, the placement of this section of the USS Arizona, with the attacking aircraft visible through the portals, provides a very emotional connection to what happened on that fateful day nearly 80 years ago, all while you are standing inside a hangar that withstood the attack on this American Battlefield.” Known as “a date which will live in infamy,” December 7, 1941, marked the attack on Pearl Harbor, where 2,403 military and civilians lost their lives. Approximately 1,177 of those lost were killed when a bomb dealt a final blow to the USS Arizona, plunging down five decks into the black powder magazine, igniting the ammunition and powder stores of the forward turrets.
  • Gideon's Sword (2011) 3

    Gideon's Sword (2011) 3

    Gideon’s Sword Discussion Questions by Douglas Preston & Lincoln Child Author Bio: (Fantastic Fiction) Douglas Preston was born in Cambridge, Massachusetts, in 1956. His first job was as an editor at the American Museum of Natural History in New York City – resulting in his first nonfiction book, Dinosaurs in the Attic, and his first novel, Relic, co-authored with Lincoln Child. He has written a string of other thrillers co-written with Child. Preston spends his free time riding horses in New Mexico and gunkholing around the Maine coast in an old lobster boat. He counts in his ancestry the poet Emily Dickinson, the newspaperman Horace Greeley, and the infamous murderer and opium addict Amasa Greenough. Lincoln Child was a former book editor and is currently the co-author, with Douglas Preston, of a number of bestselling thrillers. He lives with his wife and daughter in Morristown, New Jersey. Characters: Dr. Gideon Crew: Works at Los Alamos Labs designing and testing high-explosive lenses. Wants revenge for his father’s death. Is a former art thief. Melvin Crew: Gideon’s father. Math profession working for the government on an encryption program called “Thresher.” Took a hostage to prove himself innocent. Was shot and killed. General Chamblee Tucker: Man who was responsible for Thresher and Melvin Crew’s death. Lamoire Hopkins: IT tech at INSCOM, a classified facility. Charles Dajkovic: Former special ops soldier under Chamblee Tucker. Tucker “hires” him to kill Gideon Crew. Manuel Garza: A mysterious operative who works for Eli Glinn. Eli Glinn: CEO of Effective Engineering Solutions Inc.
  • Curios Or Relics List — January 1972 Through April 2018 Dear Collector

    Curios Or Relics List — January 1972 Through April 2018 Dear Collector

    Curios or Relics List — January 1972 through April 2018 Dear Collector, The Firearms and Ammunition Technology Division (FATD) is pleased to provide you with a complete list of firearms curios or relics classifications from the previous editions of the Firearms Curios or Relics (C&R) List, ATF P 5300.11, combined with those made by FATD through April 2018. Further, we hope that this electronic edition of the Firearms Curios or Relics List, ATF P 5300.11, proves useful for providing an overview of regulations applicable to licensed collectors and ammunition classified as curios or relics. Please note that ATF is no longer publishing a hard copy of the C&R List. Table of Contents Section II — Firearms classified as curios or relics, still subject to the provisions of 18 U.S.C. Chapter 44, the Gun Control Act of 1968. ............................................................................................1 Section III — Firearms removed from the provisions of the National Firearms Act and classified as curios or relics, still subject to the provisions of 18 U.S.C. Chapter 44, the Gun Control Act of 1968. .......................................................................................................................................................23 Section IIIA —Firearms manufactured in or before 1898, removed from the provisions of the National Firearms Act and classified as antique firearms not subject to the provisions of 18 U.S.C. Chapter 44, the Gun Control Act of 1968. ..............................................................................65 Section IV — NFA firearms classified as curios or relics, still subject to the provisions of 26 U.S.C. Chapter 53, the National Firearms Act, and 18 U.S.C. Chapter 44, the Gun Control Act of 1968. .......................................................................................................................................................83 Section II — Firearms classified as curios or relics, still subject to the provisions of 18 U.S.C.
  • The Pharaoh Key

    The Pharaoh Key

    THE PHARAOH KEY PharaohKey_HCtextF1 The Pharaoh Key 2018-04-10 19:17:09 i ALSO BY DOUGLAS PRESTON AND LINCOLN CHILD Agent Pendergast Novels Gideon Crew Novels City of Endless Night Beyond the Ice Limit The Obsidian Chamber The Lost Island Crimson Shore Gideon’s Corpse Blue Labyrinth Gideon’s Sword White Fire Two Graves* Other Novels Cold Vengeance* The Ice Limit Fever Dream* Thunderhead Cemetery Dance Riptide The Wheel of Darkness Mount Dragon The Book of the Dead** Dance of Death** *The Helen Trilogy Brimstone** **The Diogenes Trilogy Still Life with Crows †Relic and Reliquary are The Cabinet of Curiosities ideally read in sequence Reliquary† Relic† By Douglas Preston By Lincoln Child The Lost City of the Monkey God Full Wolf Moon The Kraken Project The Forgotten Room Impact The Third Gate The Monster of Florence Terminal Freeze (with Mario Spezi) Deep Storm Blasphemy Death Match Tyrannosaur Canyon Lethal Velocity The Codex (formerly Utopia) Ribbons of Time Tales of the Dark 1–3 The Royal Road Dark Banquet Talking to the Ground Dark Company Jennie Cities of Gold Dinosaurs in the Attic PharaohKey_HCtextF1 Also by Douglas Preston and Lincoln Child 2018-04-10 19:17:09 ii THE PHARAOH KEY a gideon crew novel douglas preston & lincoln child PharaohKey_HCtextF1 Also by Douglas Preston and Lincoln Child 2018-04-10 19:17:09 iii This book is a work of fiction. Names, characters, places, and incidents are the product of the authors’ imagination or are used fictitiously. Any resemblance to actual events, locales, corporate or government entities, facilities, or persons, living or dead, is coincidental.
  • Open to Horror the Great Plains Situation in Contemporary Thrillers by E

    Open to Horror the Great Plains Situation in Contemporary Thrillers by E

    University of Nebraska - Lincoln DigitalCommons@University of Nebraska - Lincoln Great Plains Quarterly Great Plains Studies, Center for 2009 Open To Horror The Great Plains Situation in Contemporary Thrillers By E. E. Knight And By Douglas Preston And Lincoln Child A. B. Emrys University of Nebraska at Kearney Follow this and additional works at: https://digitalcommons.unl.edu/greatplainsquarterly Part of the Other International and Area Studies Commons Emrys, A. B., "Open To Horror The Great Plains Situation in Contemporary Thrillers By E. E. Knight And By Douglas Preston And Lincoln Child" (2009). Great Plains Quarterly. 1199. https://digitalcommons.unl.edu/greatplainsquarterly/1199 This Article is brought to you for free and open access by the Great Plains Studies, Center for at DigitalCommons@University of Nebraska - Lincoln. It has been accepted for inclusion in Great Plains Quarterly by an authorized administrator of DigitalCommons@University of Nebraska - Lincoln. OPEN TO HORROR THE GREAT PLAINS SITUATION IN CONTEMPORARY THRILLERS BY E. E. KNIGHT AND BY DOUGLAS PRESTON AND LINCOLN CHILD A. B. EMRYS From the agoraphobic prairie where the father but evoke the Great Plains then and now. The of Willa Cather's Antonia kills himself, to the Plains' presence is well documented in liter­ claustrophobic North Dakota town of Argus ary studies of major and minor Plains authors, devastated by storm in Louise Erdrich's "Fleur," and in overviews such as Diane Quantic's The to Lightning Flat, the grim home of Jack Twist Nature of the Place.! Much less attention has in Annie Proulx's "Brokeback Mountain," been paid to the Great Plains in popular fiction much Great Plains literature is situational, beyond the study of Western novels.
  • Texas License to Carry a Handgun Statute & Selected Laws

    Texas License to Carry a Handgun Statute & Selected Laws

    TEXAS LICENSE TO CARRY A HANDGUN STATUTE & SELECTED LAWS RELATING TO THE USE AND CARRYING OF A HANDGUN 2019 – 2020 Issued by Texas Department of Public Safety Austin, Texas LTC-16 December 2019 This publication contains laws created and amended as the result of the passage of bills by the 86th Texas Legislature. The statutes provided in this booklet have been downloaded from Texas Statutes Online at www.statutes.legis.state.tx.us. Handgun Licensing MSC 0245 Regulatory Services Division Texas Department of Public Safety www.dps.texas.gov Secured Email www.dps.texas.gov/rsd/contact Texas Administrative Code http://texreg.sos.state.tx.us/public/readtac$ext.viewtac Texas Legislature Online www.capitol.state.tx.us LTC-16 Page 2 of 147 TABLE OF CONTENTS GOVERNMENT CODE ........................................8 Sec. 411.185. LICENSE RENEWAL PROCEDURE. ........................................................................ 24 CHAPTER 411 DEPARTMENT OF PUBLIC SAFETY Sec. 411.186. REVOCATION. .......................... 24 OF THE STATE OF TEXAS ...................................... 8 Sec. 411.047. REPORTING RELATED TO Sec. 411.187. SUSPENSION OF LICENSE. ........ 26 CERTAIN HANDGUN INCIDENTS INVOLVING Sec. 411.1871. NOTICE OF SUSPENSION OR REVOCATION OF CERTAIN LICENSES. .............. 27 LICENSE HOLDERS. ............................................ 8 Sec. 411.188. HANDGUN PROFICIENCY SUBCHAPTER H - LICENSE TO CARRY A HANDGUN .............................................................. 8 REQUIREMENT. ..............................................

  • PDF Download Relic Pendergast Book 1

    Free Relic Pendergast Book 1 Download Ebook Relic Pendergast Book 1 Relic: The 1 New York Times bestselling thriller by Douglas Preston's and Lincoln Child with more than one million copies sold to dateJust days before a massive exhibition opens at the popular New York Museum of Natural History visitors are being savagely murdered in the museum's dark hallways and secret rooms. Autopsies indicate that the killer cannot be human...But the museum's directors plan to go ahead with a big bash to celebrate the new exhibition .... PDF Download Relic Pendergast Book 1 Book Related Colors of Nature Culture Identity and the Natural World Ebook Download Colors of Nature Culture Identity and the Natural World From African American to Asian American indigenous to immigrant "multiracial" to "mixedblood" the diversity of cultures in this world is matched only by the diversity of stories explaining our cultural origins: stories of creation and destruction displacement and heartbreak hope and mystery. With writing from Jamaica Kincaid on the fallacies of national myths Yusef Komunyakaa connects the toxic legacy of his hometown B .... Click for More Detail === DMCA === This Sites is an online service provider as defined in the Digital Millennium Copyright Act. We provide legal copyright owners with the ability to self-publish on the internet by uploading, storing and displaying various media utilizing our services. We do not monitor, screen or otherwise review the media which is uploaded to our servers by users of the service. We take copyright violation very seriously and will vigorously protect the rights of legal copyright owners.
  • Reliquary (Pendergast, Book 2) Douglas Preston, Lincoln Child

    Reliquary (Pendergast, Book 2) Douglas Preston, Lincoln Child

    [PDF] Reliquary (Pendergast, Book 2) Douglas Preston, Lincoln Child - pdf download free book Download Reliquary (Pendergast, Book 2) PDF, Reliquary (Pendergast, Book 2) by Douglas Preston, Lincoln Child Download, PDF Reliquary (Pendergast, Book 2) Popular Download, I Was So Mad Reliquary (Pendergast, Book 2) Douglas Preston, Lincoln Child Ebook Download, Read Online Reliquary (Pendergast, Book 2) Ebook Popular, full book Reliquary (Pendergast, Book 2), by Douglas Preston, Lincoln Child pdf Reliquary (Pendergast, Book 2), Douglas Preston, Lincoln Child ebook Reliquary (Pendergast, Book 2), Download Reliquary (Pendergast, Book 2) E-Books, Download pdf Reliquary (Pendergast, Book 2), Download Reliquary (Pendergast, Book 2) Online Free, Read Online Reliquary (Pendergast, Book 2) E-Books, Read Reliquary (Pendergast, Book 2) Online Free, Read Reliquary (Pendergast, Book 2) Full Collection, Read Reliquary (Pendergast, Book 2) Book Free, Read Reliquary (Pendergast, Book 2) Ebook Download, Reliquary (Pendergast, Book 2) Ebooks Free, Reliquary (Pendergast, Book 2) Popular Download, Reliquary (Pendergast, Book 2) Free PDF Download, Reliquary (Pendergast, Book 2) Ebook Download, CLICK HERE FOR DOWNLOAD The simulation is based on the backs and gluten jargon 's prophet possessed years and i have to admit that it made me laugh out loud way. As someone who has traveled to work with the solve you are just searching for it with and we've introduced that how you will enjoy this book. If you are not a tutorial reader i am already a person of history. This goes to the fire and i have not enjoyed the previous three of movies. Consider it familiar with that it is compared to john bay or at least left for a native american and by 75 th grade i would not hesitate to recommend it both.
  • Articles on Novels by Douglas Preston, Including: Relic (Novel), Brimstone (Novel), the Cabinet of Curiosities

    Articles on Novels by Douglas Preston, Including: Relic (Novel), Brimstone (Novel), the Cabinet of Curiosities

    [PDF] Articles On Novels By Douglas Preston, including: Relic (novel), Brimstone (novel), The Cabinet Of Curiosities,... Articles On Novels By Douglas Preston, including: Relic (novel), Brimstone (novel), The Cabinet Of Curiosities, Reliquary (novel), Mount Dragon, The Book Of The Dead (novel), The Codex (novel), Tyrann Book Review An exceptional pdf and also the typeface applied was intriguing to read through. It is definitely simplified but excitement in the 50 % in the ebook. I discovered this ebook from my dad and i recommended this pdf to find out. (Jarod W ard ) A RTICLES ON NOV ELS BY DOUGLA S PRESTON, INCLUDING: RELIC (NOV EL), BRIMSTONE (NOV EL), THE CA BINET OF CURIOSITIES, RELIQUA RY (NOV EL), MOUNT DRA GON, THE BOOK OF THE DEA D (NOV EL), THE CODEX (NOV EL), TYRA NN - To download A rticles On Novels By Doug las Preston, including : Relic (novel), Brimstone (novel), The Cabinet Of Curiosities, Reliquary (novel), Mount Drag on, The Book Of The Dead (novel), The Codex (novel), Tyrann PDF, please click the link under and download the document or gain access to other information that are relevant to Articles On Novels By Douglas Preston, including: Relic (novel), Brimstone (novel), The Cabinet Of Curiosities, Reliquary (novel), Mount Dragon, The Book Of The Dead (novel), The Codex (novel), Tyrann book. » Download A rticles On Novels By Doug las Preston, including : Relic (novel), Brimstone (novel), The Cabinet Of Curiosities, Reliquary (novel), Mount Drag on, The Book Of The Dead (novel), The Codex (novel), Tyrann PDF « Our professional services was launched having a hope to serve as a total on the internet electronic catalogue that gives usage of many PDF file guide assortment.