Saturday, January 28, 2012

1960's - 1980's Spy Satellites Now Museum Pieces

Three formerly classified spy satellites went on public display Thursday at the National Museum of the U.S. Air Force, in Dayton, Ohio.

The satellites -- Gambit 1 KH-7, Gambit 3 KH-8 and Hexagon KH-9 -- were among the most important U.S. photo reconnaissance systems from the 1960s to the 1980s, according to an Air Force report. They used specially-designed film and cameras to take photos from orbit. (more)

SpyCam Story #644 - The Faculty Restroom Can Cam

AR - A former Lavaca Middle School science teacher received a five-year suspended sentence Wednesday after pleading guilty in Sebastian County Circuit Court to video voyeurism.

Michael Allen Clark, 44, was arrested May 20 after he admitted to an Arkansas State Police investigator that he placed a school-issued video camera in the faculty restroom at the middle school, according to a police report.

The camera was discovered by a custodian in a wicker basket, on a shelf located in front of the toilet in the bathroom. The custodian turned it over to Jerri Schaffer, a math teacher at the middle school. (more)

Weekend Project - OTS Some Spy Gear for $50. or less

DARPA-Funded Hacker's Tiny $50 Spy Computer Hides In Offices, Drops From Drones

Security researcher Brendan O’Connor is trying a different approach to spy hardware: building a sensor-equipped surveillance-capable computer that’s so cheap it can be sacrificed after one use, with off-the-shelf parts that anyone can buy and assemble for less than fifty dollars.

...the F-BOMB is designed to be a platform for all sorts of applications on its Linux operating system. Outfit it with temperature or humidity sensors, for instance, and it can be used for meteorological research or other innocent data-collecting. But install some Wifi-cracking software or add a $15 GPS module, and it can snoop on data networks or track a target’s location, O’Connor adds.

One version attaches to the Parrot Drone, an iPhone-controllable quadcopter, sucking power off the drone’s rechargeable battery and allowing the user to hover over a target, land it on a roof, or drop the F-BOMB from a hook attachment on the drone. Another version fits inside a carbon monoxide detector, and can be plugged into a wall socket to hide in plain sight inside a target’s building. (more)

SpyCam Story #643 - The Town Hall Spy

Shirley Town Hall
MA - A former Shirley town administrator has pleaded guilty to charges that he videotaped female employees in a town hall restroom, and also secretly wiretapped and spied on other town workers.

Middlesex District Attorney Gerard Leone said Kyle Keady pleaded guilty Friday in superior court in Woburn and was sentenced to three years in prison, followed by seven years' probation. Keady was fired after he was charged in 2010.
He pleaded guilty to charges including video recording a person in a state of nudity, wiretapping and breaking and entering.
Just coincidence?
Prosecutors said Keady put a pen camera in the ceiling above a women's restroom stall, and recorded other workers in offices more than 100 times, using pen devices, video cameras and a baby monitor. He also allegedly broke into one home four times. (more)

Thursday, January 26, 2012

Spycam Story #642 - The Epidemic Continues

CT - A man from South Windsor accused of secretly taping people getting undressed is due in court Thursday. Police said Paul Zajac, 20, hid cameras in bathrooms and bedrooms at his home and his ex-girlfriend's house. He is being charged with 24 counts of voyeurism. (more)

FL - A 24-year-old man was arrested Monday on suspicion of using his iPhone to take an upskirt video of a woman using a Redbox outside a Walmart in Lake County. Lorenzo Adan Ramirez, a landscaper and father of two from Tavares, was arrested in Mount Dora on charges of video voyeurism. (more)
 
Canada - A former Merritt radio personality will go to jail for nine months and be forbidden from being around children for five years after pleading guilty to possessing child pornography and voyeurism. Jamie McDerment, a small and slightly built 24-year-old man, was led away in handcuffs by two sheriffs Friday afternoon after being sentenced in provincial court... Police also found covert images he admitted to taking of young boys partially naked in a bathroom at Riverside park in August. (more)

I mention incidents like this to raise public awareness of the increase in optical surveillance, and to encourage new laws to address the situation.

Spycam Story #641 - The Church Sleepover

TX - Charges have been upgraded against the Haughton man arrested Sunday after law-enforcement officers learned he placed video cameras in a bathroom used by teenage girls over the weekend.

Paul E. Holmes, 55, of the 700 block of Opal Circle in Haughton, has now been charged with 16 counts of video voyeurism and four counts of production of child pornography.

Police learned Sunday that Holmes had positioned video cameras in one the bathrooms of his house that was used by teenage girls during a sleepover as part of a local church youth activity.

When one of the girls was in the bathroom, she noticed a camera, told her parents, who then provided the information to the Haughton Police Department. When questioned by police, Holmes admitted that he owned the video cameras that were placed in the bathroom that the girls were using. (more)

Spycam Story #640 - Epiphany Party at My Place!

Sault Ste. Marie, MI - Investigation Services officers arrested 48 year-old Emmanuel De Melo of 7 Elmwood Avenue on the 24th of January at 11:10 am at the police station and charged him with one count of voyeurism.

It is alleged that between the 1st to the 12th of January 2012, the accused used video cameras to record a number of persons that used his bathroom area while they were at gatherings at his residence.

The victims were unaware that the recordings were occurring. (more)

Quik! Hide the Bloodhound

Switzerland - Lawyers for anti-globalization activists at ATTAC went head-to-head with Nestlé lawyers for a second day in the civil spying trial in Lausanne. Nestlé admits it hired a Securitas agent to spy on activists at ATTAC.

The company says it is a symbol of globalization that is vulnerable to attacks and the victim of an “ideological war.” Nestlé attorneys argue that it was within its rights to know what was happening in activist circles...

Both sides now await a judgment. (more)

Chucky is Back... and He Owns Your Cell Phone!

Minh Uong/The New York Times
Chuck Bokath would be terrifying if he were not such a nice guy. A jovial senior engineer at the Georgia Tech Research Institute in Atlanta, Mr. Bokath can hack into your cellphone just by dialing the number. He can remotely listen to your calls, read your text messages, snap pictures with your phone’s camera and track your movements around town — not to mention access the password to your online bank account.

And while Mr. Bokath’s job is to expose security flaws in wireless devices, he said it was “trivial” to hack into a cellphone. Indeed, the instructions on how to do it are available online (the link most certainly will not be provided here). “It’s actually quite frightening,” said Mr. Bokath. “Most people have no idea how vulnerable they are when they use their cellphones.” (more)

Wednesday, January 25, 2012

Kessler Investigates Cell Phone Spy Apps

In a six month investigation of illegal spying Kessler International’s forensic team found that most smartphones can be used for conducting unlawful spying and assisting criminals obtain information to conduct identity theft.

In order to test how dangerous your smartphone has become with a simple installation of readily available software from the Internet, Kessler International’s staff purchased a variety of smart phones and installed a variety of popular cell phone spy apps to discover what dangers the software posed and if traces of the apps could be detected by mobile forensic engineers to reveal their existence.

Kessler’s experts tested the products of the major smartphone spyware software providers on BlackBerry, iPhone and a variety of the Android devices. The team of forensic experts then reverse engineered the installation of the software to see how covert the app would be. In every case Kessler found telltale traces of the spyware in every product tested.

Michael G. Kessler, President & CEO of Kessler International stated, “Despite the best efforts of the developers to make their spyware as furtive as possible, my team determined that in every case not one spy app tested could make itself completely invisible. That gives the victims of spyware an important edge in proving their suspicions that their privacy has been invaded.” (more)

Wiretapping Uncovered In The Mexican Congress

Mexican lawmakers said they would formally complain to the attorney general's office Tuesday after finding hidden microphones believed to have been used to spy on the lower house of Congress.

The listening devices were found "in quite a lot of offices, listening to and checking the activities of lawmakers," said Armando Rios Piter, president of the house's political coordination committee, on Televisa channel.

It was unclear who was responsible but lawmakers would release further information when possible, a statement from the lower chamber said. (more)

Google Oggle is in your Face-book

In a move that could make it harder for its users to remain anonymous, Google said it would start combining nearly all the information it has on its users.

This could mean, for instance, that when users search via Google, the company will use their activities on sister sites like Gmail and YouTube to influence those users' search results. Google has not done that before.

Google's move -- which was disclosed in a privacy policy that will take effect on March 1 -- is a sign of the fierce competition between Google and Facebook over personal data. Facebook has amassed an unprecedented amount of data about the lives of its more than 800 million members -- information that is coveted by advertisers. (more)

Monday, January 23, 2012

Supreme Court Rules Trackers Require Warrant

The Supreme Court ruled unanimously Monday that police must get a search warrant before using GPS technology to track criminal suspects.

Associate Justice Antonin Scalia said that the government's installation of a GPS device, and its use to monitor the vehicle's movements, constitutes a search, meaning that a warrant is required.

"By attaching the device to the Jeep" that Jones was using, "officers encroached on a protected area," Scalia wrote.

All nine justices agreed that the placement of the GPS on the Jeep violated the Fourth Amendment's protection against unreasonable search and seizure. (more)

FutureWatch: Civilian use of trackers to be outlawed. Like electronic eavesdropping, what can be done naturally becomes illegal when electronically enhanced.

On-line Spies - Affordable, and easy to find.

...documents filed in two civil cases suggests just how simple and affordable online espionage has become. Computer forensic specialists say some hackers-for-hire openly market themselves online. "It's not hard to find hackers," says Mikko Hyppönen of computer-security firm F-Secure Corp.

One such site, hiretohack.net (ignore log-in), advertises online services including being able to "crack" passwords for major email services in less than 48 hours. It says it charges a minimum of $150, depending on the email provider, the password's complexity and the urgency of the job. The site describes itself as a group of technology students based in Europe, U.S. and Asia.

Mischel Kwon, who runs a security-consulting firm and is the former director of the U.S. Computer Emergency Readiness Team, a government organization known as US-CERT, says the hacker-for-hire industry is well established. Some are one- or two-person outfits, but there are also larger "organized crime" groups," she said. She and other specialists note that it is also easy to find tools online that assist in hacking into someone's email. (more)

Security Director Alert: Eavesdropping via Video Teleconferencing

Covertly eavesdropping on boardroom chit chat using the teleconferencing system is not new. We've been demonstrating (and correcting) this problem for our clients for years. The vulnerability, however, has finally received some publicity. 
Result: Expect more attempts to access video teleconferencing systems.
Recommendations: Turn off the autoanswer feature on your teleconferencing system. Make sure your system is behind a firewall.

FREE offer: The full Murray Associates Video Teleconferencing Security Checklist is available to corporate security directors (only) at no charge. Contact me here.

via The New York Times...
One afternoon this month, a hacker took a tour of a dozen conference rooms around the globe via equipment that most every company has in those rooms; videoconferencing equipment...the hacker was HD Moore, a chief security officer at Rapid7, a Boston based company that looks for security holes in computer systems...Mr. Moore has found it easy to get into several top venture capital and law firms, pharmaceutical and oil companies and courtrooms across the country...

“These are literally some of the world’s most important boardrooms — this is where their most critical meetings take place — and there could be silent attendees in all of them.” 

New systems are outfitted with a feature that automatically accepts inbound calls so users do not have to press an “accept” button every time someone dials into their videoconference. The effect is that anyone can dial in and look around a room, and the only sign of their presence is a tiny light on a console unit, or the silent swing of a video camera. 

Two months ago, Mr. Moore wrote a computer program that scanned the Internet for videoconference systems that were outside the firewall and configured to automatically answer calls. In less than two hours, he had scanned 3 percent of the Internet. 

In that sliver, he discovered 5,000 wide-open conference rooms at law firms, pharmaceutical companies, oil refineries, universities and medical centers. He stumbled into a lawyer-inmate meeting room at a prison, an operating room at a university medical center, and a venture capital pitch meeting where a company’s financials were being projected on a screen. 

Among the vendors that popped up in Mr. Moore’s scan were Polycom, Cisco, LifeSize, Sony and others. Of those, Polycom — which leads the videoconferencing market in units sold — was the only manufacturer that ships its equipment — from its low-end ViewStation models to its high-end HDX products — with the auto-answer feature enabled by default. (more)

Friday, January 20, 2012

More NOTW Phone Hacking News

According to a report Friday in the British newspaper The Telegraph, a News Corp. division in the UK faces an investigation by the FBI into whether the now-defunct Murdoch tabloid News of the World hacked into a phone on U.S. soil. (more)

Personal Security: How To Avoid Being A Victim, Anywhere, Any time.

via Peter Shankman - NYC street kid, with cred. (abridged version) 

• Don’t develop a pattern of behavior.
• Know your surroundings
• DO NOT IGNORE YOUR GUT. If something doesn’t seem right, it probably isn’t.
• Have your keys in your hands
• Wherever you are, have a small powerful flashlight. 
• Instead of yelling “HELP” when something goes wrong, yell “FIRE!”
• Have a buddy system
• Know the people in your neighborhood.
• Don’t look like a Victim. Walk down a street with your head up and looking around.
Don’t stare (it can be taken as a challenge) but don’t be afraid to look at people.  
• Don’t be clueless 

Read the whole article here. 
Really, read it. Pass it on.

How to Bug a Germ

The world's smallest ear doesn't belong to any animal. Instead, it's a tiny piece of gold suspended in a laser beam. It can hear sounds a million times fainter than any human ear can, making it a powerful acoustic microscope.

The nano-ear is the work of Jochen Friedmann and Andrey Lutich of Munich's Ludwig-Maximilians University. The setup is a progression from the 1986 development of so-called "optical tweezers", which use laser beams to trap microscopic particles inside the most powerful part of the electric field. This effectively suspends the particle so that it no longer moves on its own - the only way it can move if something nearby disturbs it...

FutureWatch: The nano-ear would be hugely useful in bacteria, viruses, and other microorganisms, as being able to "hear" the sounds they make could provide vital new data on what distinguishes different strains. (more)

Illegal Eavesdropping Costs NOTW 1 Million...

...and that doesn't include the lawyers fees, and the lost revenue from having to shut down the paper.

UK - Rupert Murdoch's media empire has agreed to pay large payouts to 37 phone-hacking victims, including British actor Jude Law, football player Ashley Cole and former deputy prime minister John Prescott.

The High Court in London heard details of new settlements totaling about $1 million for illegal eavesdropping by Murdoch-owned tabloids on celebrities' phone conversations...

Law said he launched his case to find out the truth about the intrusion into his private life between 2003 and 2006. He said he changed his phones and had his house checked for bugs, but that the information continued to appear in the press. (more)

SpyCam Story #639 - The House Guest

CT - A Manchester man was charged Wednesday with 24 counts of voyeuristic recording of another person. Police said Paul Zajac, 20, of Union Street, was charged after a forensic examination of his computer turned up 24 images of people using a bathroom or changing in a bedroom in a home in South Windsor where he used to live. (more)

SpyCam Story #638 - The Hole in the Wall Gang

WA - A 33-year-old Renton man is accused of attempting to spy on his estranged wife by drilling a hole in her bedroom wall and inserting a tiny camera to record what was going on inside, according to King County prosecutors.

Michael James Halvorson, who was originally arrested Dec. 28 for violating a protection order, was charged earlier this month with residential burglary domestic violence, according to court records.

Halvorson and his wife of nine years separated in the spring and are in the middle of a divorce, according to charging papers. But they shared a duplex — he lived in one unit with his father, and she lived on the other side... A wall separated Halvorson's bedroom from his wife's...
 
...at 4 a.m., his wife was "woken up again by the sound of something drilling through her bedroom wall"...a "snakelike camera" equipped with a flashlight came through the wall, extending about 6 inches into the room... officers later found a home-inspection camera with a flashlight in Halvorson's bedroom, but were unable to locate Halvorson... Crumbled drywall was found on both sides of the hole, papers say. (more)

Thursday, January 19, 2012

Security Director Tip: Kill Crime Around Your Executives' Homes

Better than 10 Bobbies blowing their whistles. 
Turn their neighborhoods into networks of awareness.

A company called Village Defense provides neighborhoods with a real-time communication system that connects your executives with their neighbors.

Here's how it works when you are part of the Village Defense group...
"With one phone call, you have the ability to notify all your neighbors when a crime or suspicious activity is in progress, through a text message, home phone call, and cell phone call. Now, everyone knows exactly what's going on and what to look out for. Transition from living in isolation to connectivity by bringing your neighborhood into the 21st century." 

Does it work?
"Sims Estates, a once-struggling neighborhood in northwest Atlanta, has experienced a 73% reduction of crime due to the Village Defense real-time crime alert system." (more)

FutureWatch - Watch for this concept to spread from crime alerts, to alerts of all kinds (lost pets, door-to-door salespersons alerts, neighbor needs help, road conditions, for sale items, etc.). This would be an especially valuable service if local government joined in (recycle pick-up reminders, police news, posting town events, etc.). Think of it as a micro-Internet.

007 Rocks!

 UK - In a television program aired on Russian state television in 2006, Russia's FSB security service accused Britain of using the gadget for top secret communications in Moscow, but London did not admit to the charge at the time.

Now Jonathan Powell, who was chief of staff to then Prime Minister Tony Blair, has confirmed the Russians were correct.

"They had us bang to rights," Powell says in a BBC documentary to be aired on Thursday...
A combination of video grabs from footage broadcast by Russian state-run television in 2006 allegedly shows a man, said to be a British spy, in a park outside Moscow collecting a fake rock being used as a high-tech version of the spy's traditional letter-box or dead drop in which agents can anonymously deliver or retrieve information. (more)
 

Russian television claimed there was proof British spies used electronic equipment hidden inside a fake rock to exchange information between agents and embassy staff.

An agent would pass by and download data from his portable computer, while a diplomat would later collect it in a similar way. Four Britons involved in the spy ring have been identified by the Federal Security Service.

Christopher Pierce, the diplomat who was said to have installed the secret link, was also responsible for financing Russian non-governmental organizations with British grants, and so was one of the other alleged spies, Mark Doe...

Britain expressed “concern and surprise” over the allegations at the time. The “spy rock scandal” was taken with skepticism by many people, including Russians. They said it was either a scam or simply blown out of proportion in what was described as a Kremlin assault on NGOs. (more)
Click to enlarge.

Security Director Tips: Tell Employees about these Safety Apps

If you’re concerned that someone you care about could be in danger, or if you worry about safety yourself, here are a handful of apps that can help... 

bSafe
This free app lets users select personal Guardians, the people who will be notified when help is needed. All users’ guardians are alerted with an emergency SOS message that includes the sender’s location, while a direct call is placed to one specified contact.

StreetSafe
Unlike other safety apps that alert friends or family who may not be able to help in the event of an emergency, this iPhone app features a silent alarm that, when triggered, dispatches emergency help to your exact location. If you are feeling uneasy and want someone to stay on the phone with you until you arrive safely at your destination, you can also activate StreetSafe’s Walk With Me feature, which connects you with a trained Safety Advisor

MyForce
Before using this one you need to complete an online profile that includes your photo and any medical issues you may have. Then when MyForce receives an alert from you, it dispatches the nearest emergency responders and transmits to them your profile information. MyForce also records audio coming from your phone and reports any updates or movement to the authorities.

SecuraFone
This free iPhone and Android app provides free GPS tracking and monitoring that can be helpful when dealing with children, aging parents or employees. Once the app is downloaded to a phone, the SecuraFone account creator can log in to locate any phone registered to the account. (more)

And, of course, one featured here recently, Help!

Wednesday, January 18, 2012

SpyCam Story #637 - Games at the Party Store

MA - A business owner was arrested after he was caught watching his female employees via a video camera in the restroom. Police said Marco Silva, 40, of 1028 Rock St., Fall River, installed a covert video camera in the bathroom of Kolby Rentals, 2452 GAR Highway.

A female employee made a complaint to Swansea Police. She reported to Det. Marc Haslam that every time she and other female employees went to the restroom, Silva would go to his office and shut the door. The employee then noticed the bathroom view on Silva’s computer monitor in his office and notified police.

Police seized a covert camera in the bathroom during the search along with a VCR and monitor from Silva’s office. (more)

SpyCam Story #636 - "Just puttin' out personnel fires, Chief."

OH - The second in command in the fire department has been placed on administrative leave following accusations that he spied on the department through webcams...

...the investigation began after complaints ''that fire department personnel believed their personal activities and conversations while working at the department were being subject to video and / or audio surveillance.''

Firefighters told the chief and trustees that they believed that cameras on fire department computers were configured to remotely video and or audio record departmental personnel without their knowledge. (more)

Business Sports Espionage: 4th Olympic Arrest

UK - British police arrested a fourth man on Wednesday as part of an investigation into allegations of spying during a fiercely contested bid process to select who will move into London's Olympic stadium after the 2012 Games.

A 45-year-old man was detained in south London by officers from the Economic and Specialist Crime Command on suspicion of fraud. Material was seized during a search of a house, Scotland Yard said in a statement.

It is the fourth arrest since November following allegations by soccer club West Ham United and the public body the Olympic Park Legacy Company (OPLC) in respect of the unlawful obtaining of information.

OPLC chairwoman Margaret Ford has accused Premier League soccer club Tottenham Hotspur of putting all her 14 board members under surveillance. (more)

Wiretapping and Divorce Advice from a Lawyer

You think your wife is cheating on you? 
You remember the password to her Gmail account because you set it up for her? 
 You log into her account and discover emails between her and her new lover? 
Think that’s legal? 
Think that’s admissible evidence in court? 
Not so fast. 
Before you log onto your spouse’s email account or intercept any messages whatsoever whether email, voicemail, etc., consult with a lawyer about wiretapping laws. In your passion to discover what your spouse is doing, you might just violate federal wiretapping laws. This could backfire on you and could be more costly to you than the information you would otherwise discover is worth. Again, talk to a lawyer about this. (more)

Shawn L. Reeves is a Columbia, SC family lawyer. His office is located at 1201 Main Street, Suite 1980, Columbia, South Carolina.

Business Sports Espionage: KC Chiefs - Wiretaps & Bugs

KS - Buried amidst the hoopla of the divisional playoffs last weekend was an eyebrow-raising report in The Kansas City Star detailing some very serious accusations about life behind closed doors at Chiefs headquarters.


 
According to a report, Todd Haley was one of many ex-employees who thought the Chiefs' facility was bugged. (John Rieger/US Presswire)

According to the report, a culture of fear and paranoia has developed since Scott Pioli was hired as general manager in 2009, including claims of wire-tapping and room bugging. The suspicions were held by many former employees of the organization, including former coach Todd Haley.

One former high-ranking staffer said the level of paranoia "was probably the highest that I had ever seen it anywhere." Haley -- who wasn't quoted in the story -- reportedly stopped talking on his personal cell phone during the past year -- fearing it to be bugged -- and repeatedly checked his office for listening devices. (more)

P.S. The original headline for this report is: League not investigating bugging claims at Chiefs headquarters.
Can you think of any good reason why? 
Can you think of any nefarious reason why?
Credit to Todd Haley who had the sense to conduct TSCM (debugging) inspections.

Monday, January 16, 2012

Sneak Peak - Cell Phone Spying for the Everyman... and women, too!

Coming soon to a spy store not necessarily near you...
"Recover It utilizes forensic quality data recovery of over 25 different types of files and works on most devices with flash memory including cameras, SD cards, and Smart Phones - including iPhone, Android and Blackberry. Plug the external device into a computer to have the Recover It scan it. Retrieve deleted data at any time even if the recycle bin has been emptied.

Search for illicit use of a PC including online chatting and visits to pornographic sites. Search your entire computer for chat logs from the most used messaging sites. Uncover the source of porn site visits and locate suspected pornographic images. This stick even scans deleted images and Internet cache files. Create a report in an easy to read format so you can see what your kids or employees are saying to people online." (more)

Why do I mention it?
So you will know what you are up against.

Sunday, January 15, 2012

Security Alert: Time to Update Your HP Printers' Firmware

Not a real HP fire. Just shown to get your attention.
HP announced that the potential existed for a certain type of unauthorized access (info-theft, fiery sabotage, etc.) (more) to some HP LaserJet printers and confirmed it has received no customer reports of unauthorized access. HP has issued the following statement:

HP has built a firmware update to mitigate this issue and is communicating this proactively to customers and partners. No customer has reported unauthorized access to HP. HP reiterates its recommendation to follow best practices for securing devices by placing printers behind a firewall and, where possible, disabling remote firmware upload on exposed printers.

The firmware update can be found at www.hp.com/support and selecting Drivers.

Additional printer security information is available at www.hp.com/go/secureprinting.

FREE - Mobile Security V6.0 - Android Security Software

Now available as a free download, Mobile Security V6.0 offers Android users several new features to protect their privacy and financial information, as well as significant improvements to the user interface.

Mobile Security 6.0 detects and deletes viruses, malicious URLs, and other threats before you even know they exist. With newly enhanced features including GPS-based anti-loss/theft features, backup and restore tools for your contacts, complete privacy protection, traffic monitoring, and more...
 
Version 6.0 includes the following features that enhance the already extensive capabilities of 5.0:

Anti-eavesdropping protection: With anti-eavesdropping, users can be sure their calls are not being recorded by third party apps or viruses.

Financial security protection: When users access financial websites via their system browser or start e-bank/securities apps, NQ Mobile Security V6.0 automatically scans all running apps to determine if any active apps pose a security risk.

Mobile Security: Fights malware, spyware, phishing, viruses, hacking, and more.

Privacy Protection: Protects the data stored on your phone, ensuring that your social networking, email, and financial accounts can't be hacked and your personal calls can't be recorded.

Anti-Theft/Anti-Loss: Remotely locates, locks, or deletes information from a lost or stolen mobile device, and sounds an alarm to help you find it.

Backup and Restore: Safely and seamlessly stores your contacts so you can easily access them from any Web browser.

System Optimization: Provides control over running apps and power consumption.

Traffic Monitoring: Provides real-time updates on data usage and caps on maximum data usage.

NQ Mobile Security V6.0 for Android can be downloaded for FREE at: http://www.nq.com/mobilesecurity or from the Android Market. (more)

SpyCam Story #635 - Stock(boy) Photography


IL - Madison County prosecutors have charged a Troy man with spying on a woman in a restroom in a store in Troy on July 16.

Police Sgt. James Newcombe said police believe 21-year-old Jonathan D. Spotanski used a mobile phone to make a video recording in a public restroom at the Schuette SuperValu market, 523 Troy Road. Newcombe said Spotanski resigned shortly after he was spotted trying to retrieve the phone from a dropped ceiling. (more)

Mandela Spy Camera Probe Continues

South Africa - A probe was still under way into the spying on former South African President Nelson Mandela by two Western news agencies, authorities said on Friday.

A completed docket against British news agency Reuters and US Associated Press (AP) have been handed over to prosecutors, Eastern Cape police said. Meanwhile, national police confirmed that the probe was still under way.

Reuters and AP reportedly had installed at least three closed circuit television (CCTV) cameras spying on Mandela's house in Qunu in the Eastern Cape. (more)

Business Espionage: Arrest for Unsportsmanlike Conduct

UK - A third person has been arrested by police investigating allegations that people acting for Premier League soccer club Tottenham spied on officials during the club's failed bid to take over London's Olympic Stadium after the Games.

Tottenham has been accused of ordering surveillance on the London Olympic executives who eventually chose the bid of rival London club West Ham to take over the stadium.

Since August, London police have been investigating allegations of wrongdoing in the bidding process that were made by West Ham and the Olympic Park Legacy Company, whose board members decide the future of venues on the site of the Games. (more)

SpyCam Story #634 - The Busted Busman

NH - The former Provider bus driver charged with sexually assaulting two boys riding his school bus allegedly filmed those assaults with hidden cameras, according to recently unsealed court documents.

The documents, an affidavit and inventory regarding a Sept. 28 search at the home of John Allen Wright, 45, of Milton, allege Wright used a number of cameras hidden in pens and a pair of sunglasses to film encounters, both sexual and not, on his bus... a pair of spy-camera sunglasses and directions on how to use them were found in Wright's living room, along with a number of pens containing hidden cameras. (more)

Saturday, January 14, 2012

SpyCam Story #633 - "A big troop cheer for the FBI!"

MI - Scott Allan Herrick, 40, of Twin Lakes, Michigan, was sentenced to serve 95 years in prison, U.S. Attorney Donald A. Davis announced today. Herrick surreptitiously videotaped boys as they were dressing in the boys’ locker room in the YMCA in Muskegon and kept a massive collection of 100,000 images of child pornography with him at the Gerber Boy Scout Camp in Twin Lakes, Michigan. He was convicted at trial of three counts of attempting to produce child pornography. On the first day of trial, Herrick pleaded guilty to two counts of distributing child pornography and one count of possessing child pornography...

The Honorable Paul L. Maloney, Chief U.S. District Judge, presided over the trial and sentencing... sentencing Herrick to 1140 months (95 years) of incarceration...

Herrick was the camp director for Gerber Boy Scout Camp in Twin Lakes, Michigan. Herrick also worked as a pool safety instructor for third grade children at the YMCA in Muskegon, Michigan. Herrick was trading child pornography and was discovered during a series of undercover FBI operations. On July 1, 2010, FBI and Homeland Security Investigations-Immigration and Customs Enforcement (“HSI-ICE”) agents executed a search warrant on the Gerber Boy Scout Camp and discovered evidence of child pornography. Herrick was arrested on July 8, 2010, and has been held in custody since. (more)

Security Directors: FREE Security White Paper - "Surreptitious Workplace Recording ...and what you can do about it."   

Peter Shankman on Situational Awareness - A Cautionary Tale

How One Bit of Stupidity Could Have Brought Down a Multi-Million Dollar Media Company - An (abridged) true story, by Peter Shankman, who has a better grasp of business espionage than most executives.

Everyone is always concerned about digital espionage. “My account was hacked!” “I clicked on a bad link!” “Fifty million credit card numbers were stolen!” The fact is, however, that digital espionage is the least worrisome thing for the majority of companies. The chances of your company getting “hacked” and information being stolen is minimal, compared to getting in trouble due to the stupidity of your employees.

I was flying home this past weekend from Florida. I got into my seat and got settled. My seatmate sat down, an older gentleman in a suit and tie...

I happened to look over to my left, and this man was reading a huge binder. Had to be at least 100 pages, if not more. He was on the first few pages. I looked over, and in giant letters, it said “KEY INVESTMENT HIGHLIGHTS.” That caught my interest, as it would anyone. Within five words, I realized that he was reading an overview of a very large media company – In another thirty seconds, I’d put it together – This guy worked for a company that was hired to help this very large media company sell themselves. In other words, a company that produces both online and offline properties, that you probably read every week, was up for sale.

My seatmate couldn’t have been more clueless. He had his headphones on, enjoying his silence, while flipping pages in this binder, taking notes, not looking up, not aware of his surroundings in the slightest...

He spent an hour of the flight on several pages that were titled “Liabilities” – It was all proprietary information about problems the company was having, and how they planned to fix them. Unreal...

...the man sitting next to me was reading proprietary information, information that could be very, very damaging to this company if in the wrong hands, and he couldn’t have cared less about it. When I landed, I confirmed it. This was extremely private information.

I’ve often said that privacy doesn’t exist, that we all need to be smarter, that instead of working on new ways to gain more fans, perhaps we should take a day and work on situational awareness!

I decided to see how out of it he really was, and also prove a point. Check this out.


Heavily Redacted by Me

This is one of a handful of photos I took with both my iPad and my Droid. Just to see if I could, which obviously, I could.

The man next to me caught a break that day. I’m not a dick. I’m not going to name the company, nor the company he works for (which was on the bottom of every page of the report.) But I have a feeling I’m in the minority here.

Guys, we have to be smarter than this. We simply have to. We can’t afford not to. Here are four tips on how to be:

1) Assume you’re always being watched. Assume everything you do can be watched, and probably is. You have to assume this for everything, from your work life to your personal life. It means you’ll be seen doing anything stupid that could get you in trouble, from doing drugs with people you assume are friends, to meeting someone for insider information in a parking lot. It’s too easy to get caught nowadays.

2) Assume most people are much less nice than me. I knew immediately what I was looking at, and also that I’d never go public with the information... I’m not saying don’t be nice to people you meet – But don’t start sharing information with people until you truly trust them. In other words, enter every interaction with a healthy dose of cynicism. That’s not a bad thing. It’s a smart thing.

3) It’s always little things that will nail you. You have any idea how many times I’ve been in an airport or hotel lounge, when I’ve heard someone spouting off their credit card to the person they’re talking to? Or explaining, step by step, their entire itinerary, while their home address sits on their luggage?... We need to pull our heads out of our collective smart-phone asses and start realizing what the hell is going on around us!

4) As always, alcohol comes into play. Some of the most fun I’ve ever had in my life has come at events where I’ve stayed sober... I still say the best way to get drunk is with a trusted friend, in your own home. Anything else just asks for trouble.

I’d suggest that we make 2012 the year we become smarter – But I’ve been suggesting that for years. And it never seems to happen.

We need to be smarter. (unabridged version)

Friday, January 13, 2012

From our "You Can't Make This Stuff Up" files...

A Polish military prosecutor has shot himself in the head during a break in a press conference at which he was defending his office against allegations of illegal wiretapping. (more)

SpyCam Story #632 - Darwin Award to Video Voyeur

Australia - A man who secretly filmed his housemate showering is ashamed and embarrassed about what he did, a Northern Territory court has been told.

20 year old Jayden Trevitt, 20, cried in the Darwin Magistrates Court as he was given a two-month jail sentence, which was then suspended.

Trevitt had pleaded guilty to filming his housemate on his phone while she was showering. He secretly filmed her from outside a bathroom window on five separate occasions last year. (more)

SpyCam Story #630 - The Road to Woodinville

WA - The husband of a Juanita High School (girl's) volleyball coach has been charged with voyeurism in a case involving many of the coach's players.

Kirkland resident Steve C. Meeks, 23, is accused of videotaping five victims while in a restroom during a non-high school sanctioned team sleepover on Nov. 5, according to charging documents...

Meek's wife, who was a coach for the Juanita High School volleyball team and a former coach of the Kamiakin Junior High volleyball team, arranged for the Rebel volleyball players to have a sleepover at her father's Woodinville warehouse...

During the evening, a hidden video camera was spotted in the ceiling tile of the woman's bathroom by a 17-year-old high school student as she was using the toilet. (more)

Why mention these incidents?
To give show the depth of the problem. (Remember, these are only the failed attempts.)
To give you clues as to where people hide spycams, so you can protect your own privacy.

P.S. King County detectives later found there were actually more than one camera. "We found two hidden cameras – one hidden above the toilet and the other in the ceiling tiles," said Cindi West, a spokesperson for the King County Sheriff's Office, noting the cameras were not wireless and were part of a retail home security system. "There were wires running through the ceiling and it was connected to a DVR (digital video recorder) in another room … There is quite a bit of investigation involved with this case."

P.P.S. Not fur nottin', but... If the warehouse is owned by Ms. Meek's father, and the cameras were part of a hard-wired, overall security system, lawyers might want to check the old man's pockets for depth, and him for culpability. Just a thought. 

Hey, ever see The Road to Wellville? Some things never change, do they?

SpyCam Story #631 - Pfuhl Hides SpyCam at Work

NM - A businessman from Rio Rancho, in jail, accused of using a hidden camera to watch his workers go the bathroom. Richard Pfuhl owns Fine Line Home Inspection...

Back in November, two women who worked for him say they saw a camera behind a vent and called the cops. They say they also found recording equipment inside Pfuhl's bedroom and DVD's of women using the bathroom. (more)

Pocket 3G Spy Car (Yes, it rhymes with noodle.)

This just in...
Click to enlarge.
 from the seller... "See live video on your Mobile phone from anywhere in the world. No time limit no distance limit No internet or IP address needed. Just simply call your 3G camera and see live video of your home, office, car, or even your Nanny." (more)

Why do I mention it?
So you will know what you're up against.

Thursday, January 12, 2012

Social Engineering Attacks on the Enterprise in 2012

Amit Klein, CTO for security company Trusteer has just published his predictions for cybercrime trends in 2012... The following is one of his observations for the year ahead:

Personal information, disclosed on social networks, will be used in social engineering attacks against the enterprise. Fraudsters, all too aware of the valuable intelligence freely available on social networks, are starting to mine these data sources, capturing the personal details needed to successfully complete social engineering attacks. Trusteer predicts this will manifest itself over the coming year as an enterprise issue.

Example: The "mark" might receive an email from someone who claims to be an old high school classmate. The email has a link to an invitation to a class reunion, except that the link really goes to a website that surreptitiously drops a keystroke logger on the unsuspecting person's computer.

Criminals are finding it easier than ever to create a pretext using the unprecedented amount of personal information that people willingly publish about themselves on Facebook, LinkedIn and scores of other social sites...

In the case of attacks against enterprises, every employee is a viable target, from the people in the mailroom to the ones in the corner offices...

Security Tips...
• Train employees to recognize and avoid phishing and other social engineering attacks. Good educational products are available from PhishMe and Wombat Security Technologies.

• Restrict the use of company email addresses for business use only. Encourage employees to use a personal email account for everything that isn't related to company business.

• Implement strict security rules to filter out spam and phishing messages. Wombat has an anti-phishing tool called PhishPatrol that specifically catches phishing and spear-phishing emails. (more)

Security Directors: FREE Security White Paper - "Surreptitious Workplace Recording ...and what you can do about it."   

iSnitch, ilLumiaNaughty & RIMshot Cell Out

India - Apple, Nokia and Research In Motion (RIM) gave Indian intelligence agencies secret access to encrypted smartphone communications as the price of doing business in the country, according to what appear to be leaked Indian government documents.

The purported documents, if they are real, indicate that the smartphone giants gave India's Central Bureau of Investigation (CBI) and Indian military intelligence "backdoor" tools that would let the Indian agencies read encrypted emails sent to and from RIM's BlackBerrys, Apple's iPhones and Nokia smartphones...

A "decision was made earlier this year to sign an agreement with mobile manufacturers (MM) in exchange for the Indian market presence," the military intelligence document reads. (more)