Friday, August 31, 2007

...and not a penny to, "Be sure to wipe and flush."

NY gets $11M to promote seat belt use
New York will receive more than $11 million in federal funding to encourage and enforce seat belt use. ... The DOT granted more than $109 million to 17 states, the District of Columbia, Puerto Rico, and four territories. (more)

An outrageous waste of money - to promote the obvious to a few idiots. Announced late on a Friday prior to a holiday weekend. Just coincidence?

This Week's Bad Boys of Eavesdropping (government version)

U.S. Attorney General Alberto Gonzales
Gonzales also told Congress there was little dissent within the Bush administration about the legality of a warrantless electronic surveillance program launched by the NSA after the Sept. 11 attacks. But that appeared to be contradicted in testimony by a former deputy attorney general, who said several top Justice officials at one point threatened to resign over a disagreement with the White House. (more)


Former Philippine Air Force Sergeant Vidal Doble
...who admitted to having wiretapped former elections commissioner Virgilio Garcillano and President Gloria Macapagal Arroyo at the height of the 2004 elections. (more)


Polish Prime Minister Jarosław Kaczyński
Accused of... "Wiretapping colleagues, using these wiretaps for political goals, in my opinion trying to arrange the detention or arrest of government colleagues - this is not the kind of activity which can be included in the canon of any code of conduct, aside from the gangsters' code," Giertych, leader of the right-wing League of Polish Families (LPR) opposition party, told reporters in Warsaw this week. (more)


Cyprus Competition Commissioner Giorgos Christofides
Police charged him in connection with allegations he was spying on his staff, press reports said yesterday.
Since July, Christofides has been caught in the maelstrom’s eye after employees at the Commission for the Protection of Competition complained he used the CCTV system to watch their every move, that he listened in on their phone conversations and even scrutinized their emails. It’s also been alleged that Christofides set up a live web-link from the offices to his laptop so he could keep an eye on his staff while he was out. (more)

Your Employee's Bad Computer Security Habits

- Borrowing Wi-Fi
About one in three corporate employees who work from a laptop sometimes piggyback on a stranger's wi-fi connection they spot with their wireless Internet card, according to InsightExpress' study. While that allows for easy telecommuting without a broadband bill, moving confidential data across an insecure wireless connection can be risky.

- Using USB Drives
Those little USB key chains make for easy file transfers, but when they store sensitive information, they also pose a security risk. Not only are they frequently lost, but they're also built to run certain programs automatically when plugged in. One security researcher, Steve Stasiukonis, planted 20 USB drives in the parking lot of a bank, each with a piece of software that steals passwords and log-ins from employees' computers and sends them to a third party. Fifteen were picked up by employees and plugged in, ferreting off sensitive information and demonstrating the devices' potential for exploitation.

- Forwarding to Third-party Webmail
Services like Gmail or Yahoo! Mail are free, universally accessible and often easier to use than clunky corporate e-mail, tempting workers to forward their work messages to a Webmail account. But when confidential data is copied from your business's e-mail servers and ends up on Google's or Yahoo!'s, it's no longer completely in your control.

- Opening E-mail Attachments
Opening attached files on e-mail from strangers is one risky behavior that seems to have finally become unfashionable. Ninety-three percent of workers now know better than to expose themselves to malware or viruses by opening files from anonymous or unfamiliar messages. But some not so brilliant users actually infect themselves purposefully out of curiosity, says David Perry, director of education at Trend Micro.

- Clicking Hyperlinks in E-mails
Just as employees have started wising up to attachment threats, cyber-criminals have moved on. More common now is malware that installs itself when the user visits a Web page linked in a spam e-mail. Those links can be masked to read as legitimate sites like eBay.com or Amazon.com while sending users somewhere far less desirable.

- Surfing Shady Sites
Allowing employees to visit porn or gambling sites at work is a bad idea for several apparent reasons. But one of the less obvious is the threat of Web-based malware, which often lurks on disreputable sites.

- Not Securing Wireless Devices
As smart phones proliferate, the definition of the word "computer" is blurring at the edges, and so is the security perimeter of a business with wireless employees. Many wireless devices don't come with security software or encryption of data pre-installed. (more)

Thursday, August 30, 2007

Colorado Parents Can Now Spy On Teen Drivers

An insurance company is providing parents with another tool to track how their teenagers are driving. American Family Insurance began offering a program to put cameras in cars in August.

...the camera only records 10 seconds before and after an out-of-the-ordinary driving event like a swerve, speeding, not coming to a full stop or a collision.

"Nobody can view the video except for the parents, with a password that's proprietary to them," said Tom Walker, an agent with American Family Insurance. (more)

Do It Yourself Sky Spies - The Draganflyer



Unmanned Aerial Vehicles (UAVs) like the military's MQ-1 Predator and local government's SkySeer are meant to protect us. They cost a lot of money.


The flip side of the coin... Industrial Espionage on the cheap!

UAVs are easy to make. Many hobbyists are already doing so - and showing off their aerial surveillance videos on YouTube! Many of these videos were shot using a Draganflyer - a hobbyist helicopter outfitted with a wireless video camera.

From Draganflyer's advertising... "Whether you need high quality aerial video for a sporting event, advertising, or any other purpose you will get it done efficiently and professionally with the Draganflyer SAVS."

While we don't believe they were thinking about industrial espionage 'other purposes', just imagine one flying over your sensitive production facilities, new construction site, or a personally private area. (more video)

Wednesday, August 29, 2007

Key Eavesdropping Cracks Car Locks

A group of computer security researchers in Israel and Belgium say they've discovered the electronic equivalent of a Slim Jim -- a way to pop the electronic door locks on most cars without ever touching them.

By listening in on the wireless “conversation” between a car and its key, the researchers found they could crack the code that keeps the communication secret. Then they were able to emulate the electronic key and trick the car into unlocking itself.

The research paper, called “How to Steal Cars, (PDF)” was presented at the Crypto 2007 conference at the University of California, Santa Barbara, last week. (more)

Electronic Surveillance - "There’s money to be made..."

...And so a new industry was born, known in the trade as ‘Intelligence Support Systems’, complete with its own annual conference. If you’re in Dubai next February, drop by. Since there’s money to be made, panels cover such areas as ‘Electronic Surveillance Cost Recovery Solutions’ and – for the benefit of those who prefer to carry out the intercepts in-house before passing the data on ready-analysed to the relevant government agencies – the key topic of ‘how to transform packet intercept into intelligence’ (more)

Eavesdropping on VoIP Calls—Part 2

In Part 1 of this opus, I (hopefully) painted a scary picture of how easy it is to eavesdrop on VoIP traffic. So what can you to protect your own VoIP traffic? Let's take a look at some of your options.

-- Use Skype
Skype is famous for its excellent call quality and reliability. Its call security is pretty good, and is used on all Skype services—VoIP calls, text chat, and video and file transfers. Skype uses a digital certificate authority and signed certificates, peer authentication, and strong encryption.

-- ZRTP encrypts all VoIP
PGP is the most widely used e-mail encryption software. It now exists in two main forms: a commercial implementation maintained by the PGP Corp., and the free software version, GNU Privacy Guard (GPG). (more)

Goodby, Talking Clock

It's the end of time, at least as far as AT&T is concerned. The brief note in customers' bills hardly does justice to the momentousness of the decision. "Service withdrawal," it blandly declares. "Effective September 2007, Time of Day information service will be discontinued."

In the 1930s, an Atlanta company called Audichron devised a system for the time to be provided automatically. Audichron leased its technology to phone companies nationwide, often with sponsorship from local businesses.

Time ladies -- and a few gentlemen -- came and went over the years. Then, in the 1950s, a woman named Mary Moore emerged as the nation's leading time-teller.
Her reading of hours, minutes and seconds was delivered in a distinctive if somewhat prissy tone. Moore's odd pronunciation of the numbers 5 ("fiyev") and 9 ("niyun") influenced a generation of operators, much as flying ace Chuck Yeager's West Virginia drawl is said to have been adopted by innumerable airline pilots.

By far the most prominent time lady was Jane Barbe, who succeeded Moore at Audichron in the 1960s. A former big band singer, Barbe (pronounced "Barbie") went on to become the voice of recorded telephone messages in the 1970s and '80s in the United States and elsewhere.

Joanne Daniels
started recording the time and other messages for Weatherchron about 25 years ago, and ultimately became the voice Californians hear when they call the service. “I was told at one time that my voice would last until well into the 21st century,” the 65-year-old said. “Now it looks like I’m about to be laid to rest.” (more)

Poland's Eavesdropping Scandal Shuts Down Parliament

The testimony by Poland's Former Minister of Interior about Polish Government use of special services organizations to spy on political opponents has stopped proceedings of the Polish Parliament. And the stoppage may end up being long term. Parliamentary Speaker Ludwig Dorn said if the opposition continues to demand breaks the current session could "go on for months".

Yesterday, during the reading of the secret testimony of Former Minister of Interior Janusz Kaczmarek, Former Minister of Education Roman Giertych exploded when he learned that conversations between him and Former Deputy Prime Minister Andrzej Lepper were recorded and transcripts of their conversations given to Prime Minister Jaroslaw Kaczynski.

Making accusations of a "Polish Watergate", Giertych demanded a delay in Parliamentary proceedings until next Tuesday.

The delay stops all work of the Parliament. (more)

SpyCam Story #374 - Porno Prof

'Hidden camera' teacher faces more charges
Australia - Police have laid more charges against Cromer High School teacher, Robert Ian Drummond - accused of secretly filming up the skirt of a teenage girl on Sydney's Northern Beaches. Manly Local Court today heard Drummond faces two new charges of producing and possessing child pornography, which relate to the recording made of the girl. (more)

Point, Click, TAP! - How the FBI does it...

The FBI has quietly built a sophisticated, point-and-click surveillance system that performs instant wiretaps on almost any communications device, according to nearly a thousand pages of restricted documents newly released under the Freedom of Information Act.

The surveillance system, called DCSNet, for Digital Collection System Network, connects FBI wiretapping rooms to switches controlled by traditional land-line operators, internet-telephony providers and cellular companies. It is far more intricately woven into the nation's telecom infrastructure than observers suspected.

...the surveillance systems let FBI agents play back recordings even as they are being captured (like TiVo), create master wiretap files, send digital recordings to translators, track the rough location of targets in real time using cell-tower information, and even stream intercepts outward to mobile surveillance vans. (more)

Tuesday, August 28, 2007

Listen to VoIP Phones - Even When On the Hook

Recently disclosed information suggests that it is a relatively simple matter to remotely eavesdrop on a broad range of SIP-enabled devices. For readers who aren't aware of what SIP-enabled devices are, SIP (Session Initiation Protocol) is a protocol that is used by a lot of VoIP software and associated telephone handsets to establish, modify, and control a VoIP connection between two parties.

The research that was published indicates that, for at least one vendor, it is possible to automatically call a SIP device from that vendor and have it silently accept the call, even if it is still on the hook - instantly turning it into a classic bugged phone. Whereas historic telephony bugs needed physical targeting of the line running to a property or place of business, the presence of VoIP in the equation allows bugging from anywhere in the world with equal ability.

Now anyone can do from their armchair what only spies and law enforcement used to be able to do from inside the telephone switch / pit / distribution board, though it's still illegal to do so. (more)

Pew! What's that smell? A progressive spying technique?

The head of one of the leading insurers in non-standard, high-risk personal auto insurance apologized on Thursday for some substandard behavior - spying in church on people who had the sued the company.

Progressive Corp Chief Executive Glenn Renwick apologized for the use of private detectives, who went undercover to join an Atlanta church group in order to discredit a couple suing the insurer. (more)

Monday, August 27, 2007

Which one is the bug?






Photo #1 is one of these.







Photo #2 is one of these.


Plug Bugs Are Heard Around the World
• GSM SIM card inside enables dial in from anywhere in the world
• Listen to conversations from a distance
• Looks like a standard 3-way adaptor plug

"Using the GSM network we can convert any normal 3-way plug into a sophisticated listening device. The plug can be used in your own home or office to gather audio intelligence from across the globe.

Cleverly constructed inside is a GSM SIM card combined with a powerful Knowles microphone which will silently open the connection when you dial in from anywhere in the world, thus allowing you to listen to the surrounding sounds and conversations.

The plug is NOT a working model and can be used to monitor a particular area for periods of audio surveillance.

Note: This unit can be used legally within the EU."

Don't let the foreign look of this bug fool you. It can be built into any type of electrical connector, power strip, radio, TV, lamp, clock, computer, coffee pot or anything which has a source of power.

Video spying tells tale:

Pets let loose when owners are out!

Ever wonder what your pets do when they are home alone?

Jamie Skeate did more than just wonder. The 27-year-old from St. Cloud, Minn., and her husband videotaped her dogs, Bosco, a Great Dane, and Lily, a greyhound.

"Sometimes we would come home and their toys would be all over the house, and my husband and I would joke that it looked like they had had a party," she says. (more)

Life Imitates Art... Linkletter

...from an Arizonia college newspaper...
"If you like Overheard on Campus, do your part to keep this space filled by submitting the products of your eavesdropping today!


The Arizona Daily Wildcat is proud to feature "Overheard on Campus," where private conversations become public hilarity.

Got a good one? E-mail it to campus@wildcat.arizona.edu. Be sure to include your name, year and major with your submission." (more)

*** Security Alert *** Video Phone Eavesdropping and Denial of Service Vulnerability

A vulnerability has been reported in the Grandstream GXV3000 IP Video Phone, which can be exploited by malicious people to cause a DoS (Denial of Service) and eavesdrop with vulnerable devices.

The vulnerability is caused due to an unspecified error in the SIP stack and can be exploited to set the phone to an inconsistent state by sending an "INVITE" and a "183 Session Progress" message sequence. This allows an attacker to eavesdrop with the device and also disables it to hang up.

The vulnerability is reported in firmware version 1.0.1.7. Other versions may also be affected.

Solution:
Reportedly fixed in version 1.0.1.12. Contact the vendor for more information.

Sunday, August 26, 2007

NYC Sightseeing (in reverse)

Surveillance Camera Outdoor Walking Tour: The Lower East Side New York City - A fascinating look at how often you are being taped during your daily jaunt through the city. Taking this guided stroll throug the Lower East Side you'll marvel at the electronic observation of your path. (more) (more)

Chinese spying on German government computers

Numerous computers of the German government are infected by Chinese espionage programs, the weekly Der Spiegel news magazine said in a report to hit the newsstands on Sunday.

Chinese cyber spies snooped reportedly on computers in the chancellery, the foreign and economic ministry as well as the research ministry. According to the Verfassungschutz, the Chinese hackers are believed to be linked to China's People's Army.

Reacting to the report, the Chinese embassy in Berlin dismissed it as "irresponsible speculation without any basis of proof".

Chancellor Angela Merkel was due to embark on Sunday on a one-week visit to China and Japan.

The German media has repeatedly reported on extensive Chinese economic espionage inside Germany. (more)

SpyCam Story #373 - Video Gossip

UK - A Tesco boss was caught on CCTV in a steamy clinch with a 16-year-old shelf stacker... in his supermarket cash office. Store manager Harish Bhatoya, 25, faces the sack and the teenage girl has already quit over the scandal.

One Tesco worker recorded four minutes of the 6pm incident from the CCTV monitors on a mobile phone. The footage circulated among staff and eventually bosses at the supermarket giant's head office found out. ... Two senior members of staff came down to the store on the Monday and took the CCTV tapes. (more)

"...and we also send the feed to Santa."

UK - Motorists using mobile phones are being caught by a police spotter plane.

The £300,000 "eye in the sky" flies at around 10,000 ft - and uses a powerful camera which can zoom in on a driver with amazing precision.

If someone is spotted using a phone, the police alert colleagues on the ground to stop them.

The aircraft is being used by Cheshire Police on its way to and from other jobs. A police spokesman said: "The camera is of a military spec and can magnify to almost any degree required." (more)

Obviously, there is no need to spend about $600,000.00
(not to mention the fuel bill), or fly at an altitude of 10,000 feet to catch people driving while using mobile phones. Heck, the fine alone would have to be in the thousands to make this cost-effective. However, the "other jobs" might make this worthwhile, and releasing a nutty story like this to a sensational-hungry press and gullible public; free frosting on the enforcement cake!

Saturday, August 25, 2007

Want to ...be a Private Investigator?

...read the magazine they read, just for fun?
...ask a PI a question on-line?
...play with real PI gear?
...find a PI to help you?

Then, you need to bookmark this web site.

Pin the Tail on the Dopey... or, PI Spies Bug Sports Guys

Australia - There is a new gig in town for private eyes: spying on athletes caught up in doping allegations.

Tender documents show the Australian Sports Anti-Doping Authority is hiring a panel of private investigators to monitor athletes, coaches and officials who are already under suspicion.

An authority spokesman, Simon Tidy, said private investigators using video and audio surveillance equipment was new for the authority.

"We have our own investigators … but in terms of video and audio, we don't do that at the moment," he said.

The tender, which closed last week, called for companies with the resources to conduct "covert and overt" investigations in Australia and overseas.

Investigators who won contracts, expected to be for three years, would have to hold a current investigator's licence, and have undergone an Australian Federal Police character assessment in the past two years.

They will report day-to-day accounts of surveillance operations, and provide comprehensive video and audio records, including a "compilation tape" with many hours of footage. (more)

SpyCam Story #372 - Surfer's Paradise

Australia - A Gold Coast man has been charged with stalking after allegedly installing security cameras in his share house to spy on his three female flatmates.

Police said the 36-year-old man from Surfers Paradise lived with three females aged 24, 34 and 37.

He has been charged with wilful damage, observations or recordings in breach of privacy, and possession of tainted property and will appear in Southport Magistrates Court today. (more)

Teacher Charged With Wiretapping

WV - A vocational teacher is accused of illegally recording a fellow instructor in an apparent attempt to catch her 'ranting and raving' at students.

Hancock County sheriff's officials say 52-year-old Joyce Wells of New Cumberland admitted she recorded Marcie Stewart by placing a tape recorder outside her classroom on May 2.

It is illegal in West Virginia for anyone to audiotape a conversation to which he or she is not a party. (more)

Judge upholds charge in videotaping case

IL - Rejecting claims of prosecutorial misconduct, a McHenry County judge Friday upheld the indictment of a Cary teen accused with two friends of videotaping a sexual encounter one of them had with an unknowing female classmate.

The decision moves 17-year-old Stefen Mueller a step closer to trial on the felony eavesdropping charge stemming from the Jan. 6 incident. ...

The eavesdropping charges against Mueller and his co-defendants allege they set up a hidden video camera in one of the teen's bedrooms to capture a later encounter between one of them and a 17-year-old girl. (more)

Wiretap Law History - Chapter 1

Whispering Wires: The Tragic Tale of an American Bootlegger
ISBN: 9781592992522
by Philip Metcalfe

In Whispering Wires, Metcalfe tells the story of Roy Olmstead, one of the principal bootleggers in Prohibition-era Seattle, and the first major federal court case concerning the use of wiretaps.

He writes, "Set into motion then was a constellation of conditions that no one could have foretold. Prohibition had produced a shadow universe governed by an aberrant moral algebra." This historical narrative follows the city officials, Prohibition agents, and rumrunners who chased, evaded, and double-crossed each other during one of Seattle's most thrilling eras. (more)

Vintage - "Just Coincidence?"



Cold War jet trains. (more)

Thursday, August 16, 2007

Are bloggers part of the news media?

The U.S. government — led by two of its most secretive agencies — is increasingly saying, "Yes, they are."

Despite the rap that bloggers simply "bloviate" and "don't try to find things out," as conservative newspaper columnist Robert Novak once sniffed, the Central Intelligence Agency (CIA) and the National Security Agency (NSA) have altered policies to indicate they're taking blogs seriously, and a growing number of public offices are actively reaching out to the blogosphere.

The CIA recently updated its policies on Freedom of Information Act requests to allow bloggers to qualify for special treatment once reserved for old-school reporters. And last August, the NSA issued a directive to its employees to report leaks of classified information to the media — "including blogs," the order said. (more)

The Old 'Cell Phone Eavesdropping' Trick

IL - A Carpentersville man was accused of giving the old telephone slogan “reach out and touch someone” a high-tech twist when he bugged a car with a cell phone, police said Wednesday.

A 27-year-old woman called police at 8 p.m. Tuesday, saying she found a cell phone lying under the seat of her car with an open line.

When police called the number of the last incoming call, a man answered and said he was the woman’s husband, police said. But they said they are unsure of the relationship between the victim and the man.

Howard Fabriccio, 30, of 130 Austin Ave., Carpentersville, was charged with eavesdropping and possession of an eavesdropping device, police said.

Police said the phone was set to ring silently and automatically answer. The person on the other end could listen to what was happening in the woman’s car after the cell phone number was dialed.

When the phone was discovered, police said there was a timer on the phone that had been active for more than an hour. (more)

Wednesday, August 15, 2007

Biting with Bluetooth

The carwhisperer project...

Once the connection has been successfully established, the carwhisperer binary starts sending audio to, and recording audio from the headset. This allows attackers to inject audio data into the car. This could be fake traffic announcements or nice words. Attackers are also able to eavesdrop conversations among people sitting in the car.

Ideally, the carwhisperer is used with a toooned dongle and a directional antenna that enhances the range of a Bluetooth radio quite a bit. (more)

Bluetooth Sound Bites

When you talk over a hands-free Bluetooth device while driving your car, it is possible that some unwanted persons are listening to your conversation without your knowledge. Jim Stickley, ID theft expert and CTO of TraceSecurity, proved that the devices are vulnerable to eavesdropping.

Appearing on NBC’s TODAY show, Stickley demonstrated how vulnerable the hands-free car devices are even to the most simple of attacks.

During the testing, Stickly followed a car that was equipped with a hands-free Bluetooth device and listened the conversation without the knowledge of the occupants. (more)

10 things you can do to make sure your data doesn’t walk out the door

This is important. People will sneak into your offices, open your computers and steal your hard drives. How do I know? My client has a CCTV recording of it happening to their top Administrative Assistant's computer just this past weekend.

Debra Littlejohn Shinde says, "Let’s look at what you should be doing to keep your data from walking out the door...
#1: Practice the principle of least privilege
#2: Put policies in writing
#3: Set restrictive permissions and audit access
#4: Use encryption
#5: Implement rights management
#6: Restrict use of removable media
#7: Keep laptops under control
#8: Set up outbound content rules
#9: Control wireless communications
#10: Beware creative data theft methods formats

Remember that your data can walk out in many different formats. A user can print out a document and carry it out in paper form or a thief can steal printed documents from trash cans if the paper hasn’t been shredded. Even if you’ve implemented a technology such as rights management to prevent copying or printing documents, a person could take a digital or film photograph of the content onscreen or even sit and copy the information by hand. Be aware of all the ways your data can leave the premises and take steps to protect against them." (more)


SpyCam Story #371 - "Mr. Simpson, I presume."

Tracking down the guy who hid a video camera in a Seattle ladies’ room was made a little easier when the suspect allegedly recorded himself setting it up. (doh!)

The suspect was booked on suspicion of voyeurism after the manager of the downtown movie theater where the camera was found identified the suspect as one of his employees. (more)

Cutting Edge Spies

Gillette has launched a campaign site as part of a campaign for its new Fusion Power Stealth range.

The site includes a spy mission game, involving streamed briefing videos complete with 3D animations, an interactive game and chance to win a trip to a spy school.

The brand has been integrated into the site by challenging the 'spy' users to help recover a stolen razor.

As well as the main game mission, the website provides a breakdown of the stolen gadget's features and has a prominent 'tell a friend' mechanic, where you can 'recruit' others.

Spies can also keep a track on their fellow 'spooks' via a timed leader board. (more) (site)

Monty Python Security - Man Eating Badgers

Pretend you are John Cleese and read aloud.

"British forces have denied rumours that they released a plague of ferocious badgers into the Iraqi city of Basra.

Word spread among the populace that UK troops had introduced strange man-eating, bear-like beasts into the area to sow panic.

But several of the creatures, caught and killed by local farmers, have been identified by experts as honey badgers.

The rumours spread because the animals had appeared near the British base at Basra airport.

UK military spokesman Major Mike Shearer said: "We can categorically state that we have not released man-eating badgers into the area." (more)

Break Time - Play Security Problem Excuse Bingo

Please come back after your BINGO BREAK.

"To help vendors focus on their obligations here, Jutta Degener and I present Security Problem Excuse Bingo. Usual bingo rules apply, with vendor press releases, news interviews, and legal notices used as source material. Cards can be generated and downloaded from www.crypto.com/bingo/pr

Because we follow all industry standard practices, you can rest assured that there are no bugs in this software. We take security very seriously." ~ Matt Blaze

Tuesday, August 14, 2007

Your Mobile Phone May Be Bugged if...

The following clues may indicate your cell phone is bugged...

• Software displays "App Closed: Main" error message frequently.
• Unusual additions in your phone's "Application Manager" menu.
• You see unusual entries in you phone's "Call Duration Log."
• Error messages - "message stuck in outbox" / "no sms credit".
• You hear unexpected 'beeps'.
• The phone's screen backlight switches on for no apparent reason.
• Your phone starts acting sluggish; keypad buttons jam.
• You see error messages more frequently than normal.
• Battery life suddenly drops.

Be aware that some cell phone spyware runs cleaner than others; thus, not having these problems does not mean you are free of spyware. Keep alert.

Things you can do to reduce your vulnerability to spyware...
• Use an inexpensive phone. "Smart" phones get bugged.
• Use a cell service which is not GSM. Most spyware is GSM based.
• Keep your phone turned off when not needed.
• Force spies out. Make fake calls and SMS's as a test.
• Switch phones, carriers and numbers occasionally.
• Consider using pre-paid phones.
• NEVER accept a phone as a gift.
• NEVER loan your phone; not even for a few minutes.
• ALWAYS keep your phone in your complete control.

See how easy it is for the general public to obtain spyware. Click here.

Protecting your business against eavesdropping is also easy. Click here.

~Kevin

Monday, August 13, 2007

The Science of Wiretapping (NPR)

On August 5, 2007, President Bush signed the Protect America Act of 2007 into law. The law, an amendment to the Foreign Intelligence Surveillance Act of 1978 (FISA), extends the government's authority to wiretap without a warrant. In light of the new law, Science Friday (Ira Flatow) consulted wiretap experts Matt Blaze, a technologist and professor of computer and information science at University of Pennsylvania, in Philadelphia and Susan Landau, Distinguished engineer at Sun Microsystems Laboratories about the science of wiretapping.
Matt Blaze explains old-style wiretapping
Susan Landau explains where NSA tapping might take place
(more)

How to remotely disable security cameras nondestructively from quite a distance…

Cell Phone Activated DIY CCTV Camera Blinding Project - from c-h-a-o-s.com

"It’s no secret. A lot of my inspiration comes from movies and for quite some time I have become more and more annoyed by Hollywood's sometimes rather silly solutions for an agent to shut down security cameras in order to remain undetected: e.g. blowing up the nearby power-plant or rigging up gadgets in sewers, where they can be detected by renovation workers and the sorts. If you blow something up or otherwise break it, your counterpart will immediately know it is sabotage and rule out a simple technical malfunction.


Another thing that got me to write this article is the abundant usage of surveillance cameras everywhere which makes me want to burst the bubble about security of surveillance cameras by exposing their weakness. Switching point of view will also often lead to improvement…" (more)

$10 hack can unlock nearly any office door

Cut a couple of wires, insert a small, easy-to-make device between them, and you can walk right through all those supposedly card-protected locked office doors.

At the Defcon security conference over the weekend, a hacker and Defcon staffer who goes by the name Zac Franken showed off how a small homemade device he calls Gecko can perform a classic man-in-the-middle attack on the type of access card readers used on office doors around the country.

What's more, making a Gecko is easy and cheap. Franken says the hardware costs about $10.

According to Franken, the hack subverts the Wiegand protocol, commonly used for communication between the card reader and the back-end access control system... (more)

Reverse Engineer Your Spy Ear

- You can buy a Spy Ear for a dollar! (or less)

- It can amplify sounds up to 60 dB or a factor of a 100.

- It has a self limiting property and adjusts the gain so that the amplified signal volume is always just right.

- It runs of two LR44 1.5 volt button cell alkaline battery, so it's perfect for portable projects.

- Many of today's projects, such as in robotics, require analogue front end for sensing the environment and the Spy Ear circuit is just right to fill in as a multi-purpose front end amplifier.

- It is simple enough to reverse engineer.

So, the Spy Ear is a fantastic cheap, small and rugged circuit for modding and hacking! (more)

Sunday, August 12, 2007

China Enacting a High-Tech Plan to Track People

(Modern Canterbury Tales. On our way to 1984.)

At least 20,000 police surveillance cameras are being installed along streets here in southern China and will soon be guided by sophisticated computer software from an American-financed company to recognize automatically the faces of police suspects and detect unusual activity.


Starting this month in a port neighborhood and then spreading across Shenzhen, a city of 12.4 million people, residency cards fitted with powerful computer chips programmed by the same company will be issued to most citizens.

Data on the chip will include not just the citizen’s name and address but also work history, educational background, religion, ethnicity, police record, medical insurance status and landlord’s phone number. Even personal reproductive history will be included, for enforcement of China’s controversial “one child” policy. Plans are being studied to add credit histories, subway travel payments and small purchases charged to the card.

Security experts describe China’s plans as the world’s largest effort to meld cutting-edge computer technology with police work to track the activities of a population and fight crime. But they say the technology can be used to violate civil rights.

The Chinese government has ordered all large cities to apply technology to police work and to issue high-tech residency cards to 150 million people who have moved to a city but not yet acquired permanent residency. (more)

Spycam catches CCTV operator (snicker)

UK - CCTV operator Wayne Tomlin spends his working day helping to catch criminals on camera, but he was caught out driving at more than twice the speed limit by a spycam.

The 25-year-old computer technician, who works for Sunderland Council's surveillance team, was rushing to carry out urgent repairs when he was caught speeding.

A mobile police camera clocked him doing 66mph in a 30mph zone on Springwell Road, Grindon.

He has been banned from driving for 42 days and ordered to pay a £400 fine.

Brian Chapman, defending, said "Mr. Tomlin had accidentally broken the speed limit while hurrying to repair a camera which protected council staff at a city centre office." (more)

Who's on the Line? These Days, It Could Be Everyone

Eavesdropping techniques have changed dramatically in recent years. So has society's perception that eavesdropping is an immoral and unacceptable business practice.

Old-school wiretapping was captured most perfectly in "The Lives of Others," last year's Oscar winner for Best Foreign Film, about surveillance by Stasi agents of the former East Germany: the long hours listening to conversations as a reel of tape wound round and round. Those were the days when "wiretap" meant using alligator clips to literally tap into a phone wire.

Watching wiretapping, Hollywood-style, has become so scintillating that some people fear we are being inured to the potentially sinister and abusive side of its uses. (more)

Tap Dance

Zimbabwean President Robert Mugabe “signed into law the controversial Interception of Communications Bill, which gives his government the authority to eavesdrop on phone and Internet communications and read physical mail.” In order to defend the law, which has been called “the dictator’s tool kit,” Mugabe’s spokesperson pointed to President Bush’s wiretapping program:

Communications Minister Christopher Mushowe said Zimbabwe is not unique in the world in passing such legislation, citing electronic eavesdropping programs in the United States, the United Kingdom and South Africa, among other countries. (more)

Outsourcer'er Outwitted ...or, Harry Pottersfield for the spy who billed me

(Cautionary Tale - Spies need to protect their information. You should too.)

UK - A major security alert has been sparked after the theft of a computer database containing thousands of top secret telephone records from police investigations into terrorism and organised crime.

Worried police chiefs throughout the UK launched a massive inquiry into the removal of the sophisticated computer and other IT equipment from a private firm specialising in gathering evidence from mobile phone calls made by suspects. (more)

Thursday, August 9, 2007

Unveiling Mata Hari: Dancer, Sexpot, Desperate Housewife, Spy

Mata Hari had a weakness for officers, and it didn't much matter which side they were on. In 1917 the exotic dancer who delighted audiences by wearing very little was convicted of espionage by the French government and brought before a firing squad at the age of 41.

Was she really the conniving femme fatale French authorities said handed over state secrets to the Germans, leading to the deaths of 50,000 Frenchmen? Pat Shipman sets out to answer that question in her engrossing "Femme Fatale: Love, Lies and the Unknown Life of Mata Hari." (
more)

Spying on Others Evolves

Deric Bownd pointed us to an excellent article on why spying is an innate urge in humans, and animals.

The power of a pair of eyes is strong. Eyes - even ones carved in wood or drawn on paper - can force subtle changes in behavior. This is why totem poles and Nazar Boncuk's work. Hiding eyes can also provide a feeling of protection; the primary purpose of masks and often the primary purpose of sunglasses. Fascinating, as eyes often are. (more)

Sacre Yourself Into a Bug Sweep Program

"My name is Daniel Harrison. I’ve spent a number of years in the security and surveillance industry, as a consumer, surveillance gadget designer, and as a product supplier.

My experience has shown me that it is very difficult for customers in the security and surveillance industry to find what they are looking for.

Spy Review provides information, reviews and advice relating to the security industry. I hope you enjoy the site!" (more)

Dan runs a great site for keeping up on cool spy equipment available to everyone. This should scare you into checking for bugs periodically. Call us. We can help.

Wednesday, August 8, 2007

Mr. Woo and his Robots - WooHoo!

How can a man with no formal robotic education create funny and awesome robots out of electronic parts he finds in the junk heap? Mr. Woo found a way, and created so many robots his wife has threatened to leave him (partially because he burned the house down in doing so).

Among the more impressive ones are an actual working rickshaw robot that takes him and the wife to town (no idea how it's powered), along with a junior rickshaw robot that takes the kid to town as well. (more)

Email security has been around forever, you just need to turn it on

The most likely way to get eavesdropped on is in the last 100 feet whether that’s through a wire (through layer 2 hijacking) or wireless LAN connection. To enable Server to Client encryption, you simply check a simple option to enable SSL and... (more)

Trial date slated in alleged police eavesdropping case

A December trial date has been set in the illegal-eavesdropping case against former Lafayette Police Chief Randy Hundley.

Hundley and three other officers - all of whom have left the department - were indicted in June 2006 in an investigation of secretly recorded conversations at the desk of the chief’s secretary. (more)

Wi-Fi eavesdropping persists despite stronger security

Computer security experts don't appear to be gaining ground on electronic eavesdroppers in the battle to safeguard wireless Internet connections, the head of Harvard University's network operations told a nationwide legislative conference Tuesday.

That means investment in public Wi-Fi projects could end up putting masses of sensitive data such as credit card numbers in the wrong hands if public users aren't educated about the risks of using such networks.

"It's extremely convenient, but it's inherently insecure," Harvard's Jay Tumas told state government information technology specialists at a National Conference of State Legislatures session on Wi-Fi risks. (more)

We have tools which discover corporate wireless LAN hacking. Call us to schedule an inspection.

Tuesday, August 7, 2007

India Outsources - Parental Responsibility

India - Many prestigious public schools of the city are hiring detectives to spy on their students, if private detective agencies are to be believed.

According to these agencies, the schools want them to track the movements of the students whom they suspect of indulging in ‘undesirable’ activities. These students are the ones who are irregular at school and often reach home late after school.

Have they found anything amiss about the conduct of the students? "On tracking the movements of suspect students, we found that students who told their parents they were at their friends’ place were actually freaking out at bars, pubs and cinema halls," says Ashish Mathur of Trident Investigation Network. (more)

Marital E-mail Snooping Lawsuit

NH - Timothy Quick has sued his estranged wife, Cynthia Quick, claiming she violated federal wiretap laws by sneaking into his online e-mail account.

The lawsuit charges that Cynthia Quick, or someone acting on her behalf, somehow “surreptitiously and without authorization” got the password and access to Timothy Quick’s America Online e-mail account. (more) (the lawsuit)

SpyCam Story #370

A woman fled the DEFCON conference after being identified in front of hundreds of other attendees as an undercover television reporter on a crusade to expose collusion between cyber criminals and federal agents.

Organizers were able to confirm that the woman had a camera in a small black bag that allowed her to surreptitiously video tape people attending the show. She hoped to tape people admitting to breaking the law and then attempt to tie them to federal agents who also attended the show. At one point, she was observed panning a room with her hidden camera.


The woman was identified as Michelle Madigan, an associate producer for Dateline NBC. (more)

"Liar, liar..."

FL - The Orlando Fire Department is investigating allegations that one of the department's top administrators and another chief in charge of internal affairs cheated on a promotional exam five years ago.

The evidence includes an audio recording containing an alleged conversation among as many as four firefighters secretly listening in while a colleague took a test they would be given the next day. ...

Internal-affairs manager Dwain Rivers concluded that eavesdropping on the test would not violate the law... (wrongo - Fla. Stat. ch. 934.03: All parties must consent to the recording or the disclosure of the contents of any wire, oral or electronic communication in Florida. And if all did consent, wouldn't fraud and conspiracy come to mind?) (more)

Spy vs. Spy

President Bush has signed into law a bill that gives the U.S. government more power to eavesdrop on suspected foreign terrorists. (more)

Zimbabwe’s President Robert Mugabe has signed into law controversial new bugging regulations. The Interceptions of Communications Act allows state agents to monitor telephones, as well as private e-mails and post. (more)

A Modern Morton's Fork Decided

Editorial excerpts regarding the new U.S. law which expands government's authority to eavesdrop.

"I’d Rather Be Spied on Than Dead or Out of Work" ~ Denny Hatch
"I haven’t asked anyone to spy on me. Yet know I am being spied on—by government, by business, by marketers—and were I holding down a real job in a real office, my employer would be spying on me. And I am glad of it. Quite simply, we are all being spied on. Get used to it.

...if mining my data, surveillance of my phone records, monitoring my Web activities and tracking my movements with spy cams will keep me safe, so be it."

(Cautionary Tale Alert)

"...A number of years ago, I made a speech to the Canadian Direct Marketing Association in Ottawa. That morning, the daily paper reported that the Bureau of Fisheries required a massive overhaul of its phone system due to a dramatic increase in traffic. In light of the wild over-fishing that had sent the Canadian fishing industry into the tank, the minister looked into why in the world additional phone lines were needed when basically nobody had much to do. It turns out that each of the 10,000 employees was making an average of seven visits a day to Internet porn sites. (P.S., the phone system was not upgraded.)

I don’t cotton to companies spying on their employees. But—when in the office—if they are making seven visits a day to porn sites, freelancing, blogging, updating their Facebook.com page and writing mash notes on company time—or revealing company secrets to competitors—they should be fired.

The compromising of corporate secrets is the most serious; if a competitor gets inside your IT system, learns your plans, finds out your costs and steals your business, you will be toast." (more)

Saturday, August 4, 2007

Cautionary Tale #436 - Teachers Pet

IN - Still unaware of who is responsible for putting an unauthorized recording device in the office of former Sandridge Elementary School Principal Leroy Coleman, Sandridge District 172 is looking into having a company check other areas of the school for bugging devices.

Interim Superintendent Diane Dyer-Dawson recently told the School Board she received an $8,000 price quote from one company for an electronic surveillance sweep of the school.

The company would check such areas as offices, the media center, teachers lounge, locker rooms, and student and faculty restrooms for eavesdropping devices, transmitters, receivers and cameras, Dyer-Dawson said.

She said the security of the school was seriously compromised when a camera was secretly placed in Coleman's office and a DVD recording began circulating, showing Coleman engaged in sex acts in his office with former teacher Janet Lofton at various times and dates between December and January. (more)

Consider this a cautionary tale. Regularly scheduled inspections for eavesdropping devices are a common practice in business and government. Discovering snoops and spies during the intelligence collection phase - before they use your information against you - is cheap insurance. A proactive inspection program also reduces $$$ losses and personal embarrassments. Call us to start your program.

...all of them?

India's Intelligence Bureau has been ranked among the top 5 intelligence outfits in the world. According to a survey conducted by Strategic Forecasting, or STRATFOR, India’s IB exhibits efficiency and a high level of sophistication.

The STRATFOR report says IB's strength lies in its ability to conduct electronic surveillance with microphones. This comes as a relief to the Indian intelligence community, embarrassed by claims of its ineptitude by a key aide of former British PM Tony Blair.

Alastair Campbell had claimed Indian intelligence bugged Blair's Hotel room when he visited Delhi in 2001, but the British security service easily discovered them. (more)

Mountie surveillance expert charged with selling secrets to the Mob

Canada - An RCMP expert in electronic surveillance has been arrested in Montreal and charged with selling police secrets to organized crime, Sun Media has learned.

Angelo Cecere, a 50-year-old visually impaired civilian employee, has worked for decades for the RCMP, listening to sensitive police wiretaps, translating them from Italian, and interpreting them for police. (more)

IA Supreme Court: Parents can wiretap kids

The Iowa Supreme Court ruled Friday that telephone conversations a father recorded between his daughter and the teacher he suspected of sexually abusing her will be admissible in court, writing that parents may record their children’s telephone conversations if it is necessary for a child’s welfare. (more)

Zimbabwe passes 'eavesdrop' law

Africa - Zimbabwe's President Robert Mugabe has signed into law a bill allowing the state to eavesdrop on private phone conversations and monitor faxes and emails.

The Interception of Communication Act, published in the government gazette on Friday, provides for the setting up of an interception centre to listen into telephone conversations, open mail and intercept emails and faxes.

The law also compels Internet service providers to install equipment to facilitate interception "at all times or when so required" and ensure that its equipment allows full-time monitoring of communications. (more)

Del Male non Fare e Paura non Avere

People having an affair in Italy would be well advised in future not to use their car for illicit assignations.

An Italian judge yesterday ruled that wives or husbands who suspect marital infidelity are entitled under the law to bug their spouse’s car in the search for incriminating evidence. (more)

VoIP Vandals

Internet telephone services like Skype and Vonage are starting to look less like digital gimmicks and more like the next generation of voice communication. They're cheaper than traditional phone services and increasingly fast and reliable. But they may also be far more hackable.

Security professionals at the Black Hat conference in Las Vegas spent Wednesday outlining the exploitable vulnerabilities in voice over Internet protocol technology, or VoIP. In a series of presentations, they demonstrated ways in which cybercriminals can eavesdrop on VoIP calls, steal data from Internet telephony devices, intercept credit card numbers from VoIP connections and shut connections down altogether. (more)

Eavesdropping on VoIP Calls—Part 1

Just like with all TCP/IP traffic, it is easy for a snoopy person to sniff unencrypted VoIP packets and record your conversations. And don't think they won't.

Remember the early days of cell phones, when people used ordinary police scanners to eavesdrop? Newt Gingrich, Nicole Kidman and Tom Cruise, Prince Charles, and hosts of other celebrities learned the hard way the value of using cell phones with strong encryption.

It's not as easy to snoop wired IP traffic because you need physical access to the wires, but it's not that hard, either. Anyone on your network, anyone on other networks that you contact—and all points in between, including service providers—all have the opportunity to do an awful lot of juicy snooping. Throw in some poorly secured wireless access points, rogue wireless access points, or wireless VoIP endpoints, and you have a real security risk.

While spying on other people's communications is mostly illegal, that's small comfort if it happens to you. (
more)(one good solution)

"Can you hear me now?"

UK - Mobile phones have everything these days: GPS, SMS, MP3... and now MI5.

In a development straight out of James Bond, spooks have worked out a way of using everyone's favourite gadget as a bugging device.

Real-life Qs have developed a crafty surveillance technique that involves sending a signal to the target mobile which reprogrammes the electronics and allows it to be used as a listening device. The affected phone - even if it is in standby mode or apparently switched off - remains in contact with the listening station, transmitting conversations picked up on its microphone.

And if you still think this is science fiction, think again. Last week, German police admitted using the system. In Britain, the Home Office have been more, well, British, saying: "We are aware of the technique but we don't comment on which techniques are used by law enforcement agencies." (more)

Bail bondsman convicted of wiretapping phone

MO - A part-time bail bondsman from Sparta was convicted Wednesday in federal court of wiretapping a Springfield woman's telephone.

Richard A. Hugh, 54, was found guilty of intercepting the telephone communications without permission, according to a press release issued by the U.S. Attorney for the Western District of Missouri.

Hugh installed the phone tap on the woman's phone line in December 2005 in an effort to locate a fugitive in a Lawrence County case, the release said. Using equipment bought at a Radio Shack, he recorded conversations for about 11 days. (more)

...the smart ones do.

India - Detectives today are being approached to spy on matters big and small, issues personal and professional. Be it for checking on spouses, pre-marital screening, employee verification, update on a business rival or uncovering cyber crime, the reasons for hiring a sleuth are many and varied.

Spy, detective, sleuth or secret agent. Whatever you decide to call them, the very word implies danger, intrigue, and enemies. Their job is to obtain information. From tracking down an errant husband or a two-timing wife to shadowing corporate, business or political rivals or verifying credentials of prospective employees, sleuthing is big business today. Large corporations spend a lot of money on precautions and protective countermeasures. (more)

Microchips implanted in humans: High-tech helpers, or Big Brother surveillance tools?

CityWatcher.com, a provider of surveillance equipment, attracted little notice itself - until a year ago, when two of its employees had glass-encapsulated microchips with miniature antennas embedded in their forearms.

The "chipping" of two workers with RFIDs - radio frequency identification tags as long as two grains of rice, as thick as a toothpick - was merely a way of restricting access to vaults that held sensitive data and images for police departments, a layer of security beyond key cards and clearance codes, the company said.

Innocuous? Maybe.

To some, the microchip was a wondrous invention - a high-tech helper that could increase security at nuclear plants and military bases, help authorities identify wandering Alzheimer's patients, allow consumers to buy their groceries, literally, with the wave of a chipped hand.

To others, the notion of tagging people was Orwellian, a departure from centuries of history and tradition in which people had the right to go and do as they pleased without being tracked, unless they were harming someone else.

Chipping, these critics said, might start with Alzheimer's patients or Army Rangers, but would eventually be suggested for convicts, then parolees, then sex offenders, then illegal aliens - until one day, a majority of Americans, falling into one category or another, would find themselves electronically tagged. (more)

Teacher Apologizes for Bugging Colleague

A middle school science teacher charged with bugging a colleague's classroom has pleaded no contest in the case, saying her actions were embarrassing to her and her family.

Anne M. Harvey, 44, of Flushing apologized to the fellow teacher and following her plea Thursday was sentenced to six months of probation and 75 hours of community service. Harvey also was fined $250.

She originally was charged with attempted eavesdropping, a misdemeanor punishable by up to a year in jail and a $1,000 fine. But she pleaded no contest to a misdemeanor charge of trespassing for eavesdropping.

A no contest plea is not an admission of guilt, but is treated as such for sentencing purposes. (more)

SpyCam Story #369

MI - A former township treasurer, Brian Hill, has been found guilty of filming teenage foreign exchange students showering in his home. Hill has been convicted on 13 felony counts, including making and possessing child pornography, and eavesdropping (more)

Spy News

The Usual Suspects...
Maintenance worker charged with spying at nuclear plant. (
more)
South Korean man accused of lying about spy activities. (more)
McLaren (auto racing) submit 'spying' defence (more)
Aide to Vice Presidents Al Gore and Dick Cheney before joining the FBI, pleaded guilty to espionage. (more)
Belarus Intelligence Chief Axed After Spy Scandal (more)
Rice Urges Russia to Extradite Suspect in Spy-Poisoning Case (more)
Bulgaria's spy chief says foreign agencies helped free medics (more)
...and just for nostalgia and fun...
Get clued in to these spy legends (more)

In Fly Spy News...
Robotic Bird Designed to Spy on Humans (more)
Flying robots spy for government (more)
Iran's Spying Squirrels (more)
India to Launch Israeli SAR Spy Satellite (more)
India to buy more Russian spy planes (more)
New-age Ball spy satellite tests A-OK (1-2 foot resolution) (more)
Cheesed-off spooks give up on duff spy-sat (more)

In Workplace Spy News...
Your boss is spying on you right now. What can you do? (more)
Email told assistant to spy, says manager (more)
Spying in the Workplace: Big Money? (more)
Find Out If Your Printer Is Spying on You (more)

In Tanning Salon Spy news...
US - Man accused of spying inside tanning booth (more)
UK - Peeping Tom crashes through ceiling while spying (more)

In Spy Shop News...
Best Find: Spy Shops (more)
17 Cameras Roll as Thieves Break Into Spy Store (more)