Saturday, November 30, 2013

New Spy Camera Takes 3D Photos in Almost Complete Darkness

Spies operating under the cover of darkness might find that their job is about to get easier as U.S. scientists have developed a camera that can take photographs of objects and people that are only very dimly lit.

 The camera works by reconstructing 3D images from photons reflected from barely visible objects.

The technology could be used in next generation spy cameras... (more)

German Report on Industrial Espionage

EU Takes Aim at Industrial Espionage

Brussels is taking aim at industrial espionage with proposals to tighten laws so businesses can better safeguard their “trade secrets” from prying rivals.

The reforms put forward by Michel Barnier, the EU single market commissioner, aim to bolster defences against unlawful acquisition of information that is commercially valuable and secret but not covered by a patent...

Trade secrets range can range from anything from technical processes for making bathplugs, to innovative marketing strategies, valuable customer lists, or recipes for market-beating cakes or pies.

Unlike a book or trademark or patented technology, the holder of a trade secret has no exclusive right to it. Rivals seeking to close a competitive gap can legally reverse engineer the information. The proposed reforms, unveiled on Thursday, only target methods for obtaining information that are illegal, such as espionage, bribery or theft.

Mr Barnier said: “Cybercrime and industrial espionage are unfortunately part of the reality that businesses in Europe face every day. We have to make sure our laws move with the times and that the strategic assets of our companies are adequately protected against theft and misuse.” (more)

Thursday, November 28, 2013

Columbia Engineers Make World’s Smallest FM Radio Transmitter

A team of Columbia Engineering researchers...

led by Mechanical Engineering Professor James Hone and Electrical Engineering Professor Kenneth Shepard, has taken advantage of graphene’s special properties—its mechanical strength and electrical conduction—and created a nano-mechanical system that can create FM signals, in effect the world’s smallest FM radio transmitter. The study is published online on November 17, in Nature Nanotechnology. (more) (what was transmitted)

Wednesday, November 27, 2013

U.N. - End Excessive Electronic Spying

A U.N. General Assembly committee on Tuesday called for an end to excessive electronic surveillance and expressed concern at the harm such scrutiny, including spying in foreign states and the mass collection of personal data, may have on human rights.

The U.N. General Assembly's Third Committee, which deals with human rights issues, adopted the German and Brazilian-drafted resolution by consensus. It is expected to be put to a vote in the 193-member General Assembly next month.
"For the first time in the framework of the United Nations this resolution unequivocally states that the same rights that people have offline must also be protected online," German U.N. Ambassador Peter Wittig told the committee.

The United States, Britain, Australia, Canada and New Zealand - known as the Five Eyes surveillance alliance - supported the draft resolution after language that had initially suggested foreign spying could be a human rights violation was weakened to appease them. (more)

TUMs Solves Wireless Security Headache. Warning: explanation gives headache.

Researchers at the Technische Universität München (TUM) have proven that wireless communications can be made more secure through a novel approach based on information theory."
The method is counter-intuitive and involves information theory and zero capacity channels. "The scheme uses two physical channels – that is, frequency bands in a wireless system – that are inherently useless, each being incapable of securely transmitting a message," says TUM.

Intuitively, combining one zero-capacity with another zero-capacity should result in zero capacity. “But in this case,” Schaefer explains, “it’s as if we’re getting a positive result from adding zero to zero. We find that we are able to ‘super-activate’ the whole system, meaning that combining two useless channels can lead to a positive capacity to transmit confidential messages securely.”

Superactivation is not unknown in quantum theory. It's the combining of zero capacity quantum channels to produce a channel with positive capacity; but is not yet applicable to current technology. But what Boche and Schaefer have achieved "is," says Boche, "the first example of super-activation – where zero plus zero is greater than zero – in classical communication scenarios.”


Why Care About the NSA?

Tuesday, November 26, 2013

Protesters Capture Government Surveillance Van

The Security Service of Ukraine, the nation’s intelligence agency, have its white mini-van back, courtesy of the Berkut anti-riot police officers.

Demonstrators seized the van during a protest rally on the evening of Nov. 25, suspecting that it contained sophisticated equipment for eavesdropping on telephone conversations of protest leaders.

The taking of the van prompted clashes last night between police and protesters. After a 30-minute standoff, punctuated by fighting, the demonstrators recovered evidence from the van and the police reclaimed it.

Opposition lawmaker Mykola Kniazhytsky posted a picture of a passport, car tag numbers and what he said were technical listening devices found in the van on his Facebook page. Opposition leaders promised to analyze the recordings and release their findings. 


Equipment believed to be listening devices found in the white mini-van that SBU officers were using while parked near European Square.

That left officials trying to explain what the van was doing at the protest site...


License plates that protesters say they found inside a van used by SBU officers that was parked near European Square...

According to eyewitnesses, protesters overtook the van, prompting hundreds of riot police to descend on the scene, triggering the violent clashes. An SBU officer in the van eventually escaped with police help, while the leaders of the demonstration took to the stage in triumph after police backed off about 9 p.m. (more) (video footage)

Indonesia Posts Truth About Government Spying

Indonesia's former spy chief has said intelligence agencies tapping the phones of national leaders is "normal", and dismissed as an overreaction Jakarta's furious response to reports Australia spied on the president's calls. (more)

Monday, November 25, 2013

Smart TVs Lie to You

So-called "smart TVs" have hit the marketplace, essentially turning TVs into computers that let watchers search for videos, install applications or interact with ads. But that connectivity may be a two-way street, as manufacturer LG investigates claims that its line of smart TVs is collecting data on its customers. 

According to an LG corporate video, "LG Smart Ad analyses users' favorite programs, online behavior, search keywords and other information to offer relevant ads to target audiences. For example, LG Smart Ad can feature sharp suits to men or alluring cosmetics and fragrances to women." 

But what happens when your online behavior trends just a bit naughtier than clothes or cosmetics? Meghan Lopez talks to RT web producer Andrew Blake about spying smart TVs and other trending tech topics in this week's Tech Report. (more)

In  other news...
LG has admitted it continued collecting data on viewing habits even after users had activated a privacy setting designed to prevent it.

The TV manufacturer has apologized to its customers and said it would issue an update to correct the problem. (more)

DIY Surveillance in India Shows Eye-Popping Growth

India's electronic surveillance market - currently at Rs 10 billion ($160,393,125.35 USD) — is growing at a rate of 25% per year as a growing number of people opt for DIY surveillance. 
Cameras are being installed everywhere — outside buildings to prevent burglaries, in cars to keep track of whether the chauffeur is giving unauthorized lifts, inside homes so that people can keep an eye on everything from nannies to grannies. Even the pet dog has a watchful eye on him, as does the teen. 
When it comes to security, privacy concerns go out the window - the one with the CCTV attached. (more)

Not to be Out-Spooked by the NSA...

The FBI is expected to reveal Thursday that because of the rise of Web-based e-mail and social networks, it's "increasingly unable" to conduct certain types of surveillance that would be possible on cellular and traditional telephones.

FBI general counsel Valerie Caproni will outline what the bureau is calling the "Going Dark" problem, meaning that police can be thwarted when conducting court-authorized eavesdropping because Internet companies aren't required to build in backdoors in advance, or because technology doesn't permit it.

Any solution, according to a copy of Caproni's prepared comments obtained by CNET, should include a way for police armed with wiretap orders to conduct surveillance of "Web-based e-mail, social networking sites, and peer-to-peer communications technology." (more)

Shop Owner Installs Surveillance Cameras to... watch the police!?!?

A Miami convenience store owner is fed up with his employees and customers being allegedly harassed by police. So he installs surveillance video to get evidence against the local cops. (more)

Help The OSS Society Pass a Law (It's easy.)

What is The OSS Society?
The Office of Strategic Services Society celebrates the historic accomplishments of the OSS during World War II, the first organized effort by the United States to implement a centralized system of strategic intelligence and the predecessor to the US intelligence and special operations communities. It educates the American public regarding the continuing importance of strategic intelligence and special operations to the preservation of freedom in this country and around the world.

Why pass a law?
The OSS was the World War II predecessor to the U.S. intelligence and special operations communities. It was founded and led by the legendary General William "Wild Bill" Donovan, the only American to receive our nation's four highest military honors, including the Medal of Honor. President Roosevelt called General Donovan his "secret legs."

When General Donovan died in 1959, President Eisenhower said: "What a man! We have lost the last hero."

It's time to honor the "last hero" and all the heroes of the OSS with the Congressional Gold Medal. (more)

Click each link below to show support...
S. 1688 and H.R. 3544: A bill to award the Congressional Gold Medal to the members of the Office of Strategic Services (OSS), collectively, in recognition of their superior service and major contributions during World War II.

Bond Car Submarines at Auction

A car that transformed into a submarine in the James Bond movie "The Spy Who Loved Me" has been sold at a London auction for 550,000 pounds ($865,000).

The sale price was below the auction house's initial estimate price of 650,000 to 950,000 pounds — perhaps because the vehicle (a distinctively-shaped white Lotus Esprit) cannot be driven on the road, although it is said to be a fully operational submarine. (more)

Friday, November 22, 2013

REPORT: Corporate Espionage Against Nonprofit Organizations

How common is corporate espionage against nonprofits?
Most of the cases of corporate espionage we know about in recent years have been uncovered by accident. There has been no comprehensive, systematic effort by federal or state government to determine how much corporate espionage is actually occurring, and what tactics are being used. It is likely that corporate espionage against nonprofits occurs much more often than is known. 

Get the "T"
Who actually conducts the espionage?
When a nonprofit campaign is so successful that it may impair a company’s profits or reputation, companies may employ their own in house espionage capabilities, or they may retain the services of an intermediary with experience in espionage...

The intermediary may hire a private investigations firm that either has multiple espionage capacities or that specializes in the particular kind of intelligence needed – such as human intelligence and the infiltration of nonprofits, or electronic or physical surveillance. These private investigations firms may subcontract out espionage to experienced operatives, which gives corporations access to specialized talent while further increasing the level of plausible deny-ability...

Corporations may also hire the services of experienced nonprofit infiltrators who may pose as volunteers, to scout out workplaces and to steal documents left unattended or unguarded. Corporate spies may also plant bugs to obtain and transmit verbal communication. Both offices and homes may be targeted for the gathering of physical intelligence. (more)

Security Directors: FREE Security White Paper - "Surreptitious Workplace Recording ...and what you can do about it."   

Corporate Espionage Infographic

Infographic via David Schilling, Industry Tap.

Recent Technological Innovations Have Completely Changed the Game of Espionage

According to the FBI, competitors criminally seek economic intelligence by aggressively recruiting employees and conduct economic intelligence through bribery, cyber attacks, theft of property, dumpster diving and wiretapping.  

They also establish seemingly-innocent business relationships between foreign companies and U.S. industries to gather economic intelligence, including trade secrets. 

Technologies Used for Espionage

Many of the technologies now used for espionage are just updated versions of previous technology: smaller, lighter and orders of magnitude more powerful.

  • Spying Equipment
  • Spy Cameras
  • Lock Picks
  • Computer Hacking
  • Network Intrusion
  • Video Pen Cameras
  • Miniature Cameras
  • Mobile Phone Spy Gadgets
  • Call Recorders
  • SIM Card Readers
  • Stun Guns Looking Like Cell Phones
  • Telebugs
  • Bionic Ear Boosters
  • Voice Changers
  • Audio Jammers
  • Wireless Video Cameras
  • Pinhole Video Cameras
  • Google Glass type sunglasses, or glasses that record video, pictures and sound
  • Asset Tracking Devices
  • GPS Tracking Devices
Equipment to Protect You from Spies
  • Cellphone Detectors
  • Bug Detectors
  • Thermal Vision
  • Surveillance Cameras (more)
And, of course, us.

Wednesday, November 20, 2013

Audio Surveillance Laws (Party Consent) by State

Click here for statutes.
Click to enlarge.

Mass Surveillance Is Big Business: Corporations Are as Good at Spying as Governments

Data is the currency of surveillance, and it's not just the NSA and GCHQ looking to cash in. As a newly released cache of documents and presentation materials highlights, the private surveillance industry is booming. More shocking is that many firms claim in their own corporate PowerPoints that they've got capabilities that rival that of the government giants.

The document trove, called the Surveillance Industry Index (SII) and released by Privacy International, and contains 1,203 documents from 338 companies in 36 countries, all of which detail surveillance technologies...

Of course, that world isn't open to average consumers, which is why SII—and previously, Wikileaks' Spy Files, among others—is eye-opening. What's even more concerning than systems that guarantee "complete data inflow from all networks" is who's buying it. And while all the brochures I've read so far are careful to specify that surveillance tech is only for legal data collection, "legal" is a very fluid term worldwide...

There's a very good reason that the UN High Commissioner called privacy a human right earlier this year: The vast tools available to people with enough money and network access are more capable of accessing private information than ever before...

"There is a culture of impunity permeating across the private surveillance market, given that there are no strict export controls on the sale of this technology, as there on the sale of conventional weapons,"
Matthew Rice, a research consultant with Privacy International, told The Guardian. (more)

Tuesday, November 19, 2013

Business Espionage - IKEA Snooping Investigation Continues

French police are questioning top executives of the Swedish furniture chain IKEA after allegations that the company illegally used police files to spy on staff and customers.

The arrests of the chief executive officer of IKEA France, Stefan Vanoverbeke, his predecessor, and the chief financial officer, come after more than a year and a half of investigations.

Police searched the company’s head office outside Paris 11 days ago. (more)

Monday, November 18, 2013

Snooping on Credit Cards with Shopping Carts

Researchers at the University of Surrey, UK have successfully used readily available and inexpensive electronic components, combined with a shopping cart antenna, to eavesdrop on NFC and HF RFID contactless communication.

The shopping cart did not perform as well as a small inductive loop antenna (that could be concealed with the electronics in a backpack) but neither are likely to arouse suspicion. 

The researchers say that the eavesdropping distance can be as much as 100cm but is dependant on the strength of the magnetic field generated by the victims device. 

Companies like VISA, Mastercard and Google who have already developed platforms for contactless payments can now add eavesdropping to the existing security threats of skimming and relay attacks. Original paper here (PDF).

Sunday, November 10, 2013

Seattle, where a java junkie hanging on a light pole won't be alone.

If you're walking around downtown Seattle, look up: You'll see off-white boxes, each one about a foot tall with vertical antennae, attached to utility poles. If you're walking around downtown while looking at a smartphone, you will probably see at least one—and more likely two or three—Wi-Fi networks named after intersections: "4th&Seneca," "4th&Union," "4th&University," and so on.

That is how you can see the Seattle Police Department's new wireless mesh network, bought from a California-based company called Aruba Networks, whose clients include the Department of Defense, school districts in Canada, oil-mining interests in China, and telecommunications companies in Saudi Arabia.

The question is: How well can this mesh network see you? (more)

Vegas, where a drunk hanging on a light pole won't be alone.

What happens in Vegas stays... with the authorities? 
Las Vegas is installing Intellistreets, which are street lights that have many talents -- including the ability to record sound and shoot video. (video report)

Economic Espionage: Competing For Trade By Stealing Industrial Secrets

In September 2012 FBI agents in Kansas City, Missouri, arrested two Chinese nationals, Huang Ji Li and Qi Xiao Guang, after they paid $25,000 in cash for stolen trade secrets pertaining to an American company’s manufacture of cellular-glass insulation, or foam glass.

Huang trespassed onto the company’s flagship plant in Sedalia, Missouri, 3 months prior and asked suspiciously detailed questions about the facility’s manufacturing process for the insulation. It also is believed he approached an employee at the company’s corporate headquarters in Pittsburgh, Pennsylvania, just days before seeking to build a foam-glass factory in China.

A judge sentenced Huang to 18 months in prison and a $250,000 fine in January 2013 and Qi, Huang’s interpreter, to time served, a $20,000 fine, and deportation. During sentencing, company officials estimated the value of the targeted trade secrets at $272 million. 

The threat of economic espionage and theft of trade secrets to U.S.-based companies is persistent and requires constant vigilance. Even after Huang was arrested, pled guilty, and was sentenced, investigators believed the company’s trade secrets still were at risk for targeting by would-be competitors. (more)

Corporate espionage: The spy in your cubicle

Corporate espionage from a German perspective...
At a trade fair, the head of a company discovers a machine developed by his own employees - but at the stand of a competitor, where the new item is proudly displayed. Looking through his company's inventory, he sees four new printers, even though he in fact ordered five. And to top things off, he's having problems with the state prosecutors, who say his firm is implicated in a bribery charge. His company, in short, has fallen victim to industrial espionage - three times over. 

Since 2001, some 61 percent of German companies have fallen prey to these or similar crimes. In 2013, by comparison, just 45 percent of German firms were entangled in such an affair. Those were the conclusions of a study conducted by business consulting giant PricewaterhouseCoopers (PCW) together with Martin Luther University in Halle-Wittenberg (MLU). For the study, more than 600 German companies, each with at least 500 employees, were examined every two years... the areas of "industrial espionage, economic espionage and the leaking of work and business secrets," there have been frighteningly high numbers of suspected cases. And there could be far more, the analyst added, since being spied upon doesn't necessarily mean that you know it's happening. Corruption ends with prosecutors knocking at the door; an inventory check usually clears up theft. But with spying, "Nothing is gone." (more)

Part of the Security Scrapbook's reason for being is that last sentence. Tracking some of the business espionage stories per year indicates the size of the problem. 

Example: If 1% of business espionage is discovered, and 1% of discovered business espionage becomes news, then 50 business espionage news stories equals 500,000 business espionage attacks — 499,950 of which were successful. Adjust the percentages to suit yourself, but you get the idea. 

The point is, you won't know when your intellectual and strategic pockets are being picked. Especially, if you are not checking regularly. 

Call me. I can help.

Friday, November 8, 2013

Private Investigator + Software Firm = Cell Phone Spyware Arrest

India - The Central Crime Branch (CCB) police arrested two persons, who allegedly used a software to collect confidential and personal data of cellphone users, for detective purposes...

The preliminary investigation has revealed that several mobile numbers of clients all over India have been snooped upon over the past year, the police said.

[The] firm was allegedly involved in using snooping software on Android and Blackberry based mobile phones. The firm was allegedly monitoring phone calls and messages of people, on behalf of their clients for detective purposes...

Once the software is installed and whenever user starts using the mobile, all data pertaining to his calls including conversation recordings / messages / e-mails, chats, picture and videos on the mobile phone would be automatically uploaded to a server hosted somewhere else using the target mobile phone’s GPRS data.

Even the exact geographical movements of the target in terms of latitude and longitude would be recorded and sent to the server in real time. The clients of detective agencies would be provided with a login username and password to view the data and movements of target’s mobile phone on a web browser and Google maps. (more)

Thursday, November 7, 2013

More Kinds of Corporate Spies Target More Kinds of Trade Secrets

Efforts to steal trade secrets from U.S. companies continue at a high level and are hitting new targets, in spite of major efforts to stop such industrial espionage. Losing trade secrets hurts the economy by discouraging investments in the research critical to growth. Some new players are getting into the fray, and the attacks hit a huge variety of businesses from high tech to high fashion.

Plans for a fighter jet are an obvious target for corporate and other kinds of spies, but experts say industrial espionage also has been aimed at high fashion designers and toymakers, innovative steel makers, food and beverage companies, clean energy research and wind turbine makers. Corporate spies also are seeking information about the management practices that guide successful businesses. (think boardroom bugging) (more)

Secret Agent Suits - Odds Are You Live to See Tomorrow

"We offer our clients a bullet-proof suit to keep them safe during their travels to dangerous places for work. We wanted to create a lightweight garment that not only looks professional, but can also act as reliable body armor. The idea was to create a stylish and discreet alternative to wearing a bulky bullet proof vest underneath a suit. This way, our clients, wouldn’t have to worry about looking awkward during meetings, and they can travel to work feeling comfortable, safe, and confident.

This past year, Garrison Bespoke worked alongside suppliers for the US 19th Special Forces in developing the custom bulletproof suit. Using nanotechnology, it’s comprised of the same carbon nanotubes designed for the US troops’ uniforms in Iraq. Yet, the patented suit material is a lot thinner and flexible; fifty percent lighter than Kevlar (the material commonly used in bullet-proof gear). The entire suit acts like a shield, with nanotubes in the fabric hardening to block force from penetrating through.

The Garrison Bespoke bullet proof suit was made to fulfill three important expectations: First, to be modern and stylish. Second, to be light and comfortable. And, third, to be reliable and safe. After putting the suit to test, we can proudly say that all expectations have been met." (more)

Prices start around $20,000.00.

Hacker Who Helped Catch Cheating Lovers in FBI's Sights

Among the five people added this week to the FBI's list of "most wanted" cyber criminals is a former San Diego college student who developed an $89 program called "Loverspy" or "Email PI." Sold online from his apartment, the program was advertised as a way to "catch a cheating lover" by sending the person an electronic greeting card that, if opened, would install malicious software to capture emails and instant messages, even spy on someone using the victim's own webcam.

Click to enlarge.
The case of Carlos Enrique Perez-Melara, 33, is noteworthy because he appears to have made relatively little money on the scheme, unlike others on the FBI list who were accused of bilking millions of dollars from businesses and Internet users worldwide. But Perez-Melara, a native of El Salvador who was in the United States on a student visa in 2003 when he sold the spyware, allegedly helped turn average computer users into sophisticated hackers who could stalk their victims...

In addition to hacking-for-hire services, there is an established commercial market for snooping software that domestic violence advocates warn can also be used to stalk victims. Software such as ePhoneTracker and WebWatcher, for example, are advertised as ways to monitor kids' online messages and track their location. For $349 a year, Flexispy of Wilmington, Del., promises to capture every Facebook message, email, text and photo sent from a phone, as well as record phone calls. These services generally would be legal only if the person installing the software also owned the device or were given consent by the owner. (more)

The Current State of Cyber Security in Latin America

Latin America is experiencing tremendous growth—unfortunately the growth in question relates to cyberattacks. “If you look at Peru, you see 28 times as much malware in 2012 as in 2011; Mexico about 16 times; Brazil about 12 times; Chile about 10; and Argentina about seven times,” said Andrew Lee, CEO of ESET. These tremendous growth rates are expected to continue in the coming years, Lee noted.

Tom Kellermann, vice president of cybersecurity at Trend Micro, a network security solutions company. He discussed a report that Trend Micro released jointly with OAS called Latin American and Caribbean Cybersecurity Trends and Government Responses. 

Kellermann noted that while organized crime groups, such as narco-traffickers, have embraced cybercrime, the governments of Latin American countries haven’t been able to keep up in terms of defending against this type of crime. “Only two out of five countries have an effective cybercrime law, let alone effective law enforcement to hunt [cyberattackers],” he said. (more)

NSA Spy Scandal - The Final Word?

Get Over It: America and Its Friends Spy on Each Other

"All history teaches us that today's allies are tomorrow's rivals." John le Carré 

With the French saying they are shocked—shocked!—to discover that America is spying on them, and the long-monitored German chancellor, Angela Merkel, reportedly in a state of outrage, this may be a good time to explain why it is considered so necessary. Why monitoring "foreign-leadership intentions" is a "hardy perennial" in U.S. espionage practice, as National Intelligence Director James Clapper put it during congressional hearings this week. And why most of what is done today, one way or another, is likely to go on. 

...the NSA may be reined in. But one way or another, the spying will go on.  (more)

This story was written by, Michael Hirsh, chief correspondent for National Journal. Alternate ends to the NSA story don't seem plausible. Think back to the Church Committee hearings and Secretary of War, Henry L. Stimson... "Gentlemen do not read each other's mail." 

Stimson's views on the worth of cryptanalysis had changed by the time he became Secretary of War during World War II, before and during which he, and the entire US command structure, relied heavily on decrypted enemy communications. (wikipedia)

Wednesday, November 6, 2013

Security Director Alert - Draft a 'No Recording' Policy for Your Company

Here's why... 

by Philip L. Gordon, Littler Mendelson P.C.
With audio recording applications (“apps”) often standard issue on ubiquitous smart phones, employees are now armed with a relatively inconspicuous way to capture their supervisor’s every gaffe.  

Signs available here.
In September, a $280,000 jury verdict in favor of an employee on race and sex discrimination claims demonstrated just how damaging an audio recording can be in employment litigation. In that case, the plaintiff, who is African American, caught her supervisor, who is Hispanic, using the “N” word on tape, and the judge admitted the recording into evidence. Putting aside the risk of employees collecting damaging evidence for anticipated litigation, the ever-present specter of audio recording can undermine the type of corporate culture that so many employers are trying to encourage nowadays, one that thrives on collaboration and candid discussion among colleagues.

In 13 states — California, Connecticut, Delaware, Florida, Illinois, Maryland, Massachusetts, Michigan, Montana, Nevada, New Hampshire, Pennsylvania and Washington — anti-wiretap laws generally prohibit the recording of face-to-face communications without the consent of all parties to the communication. However, in the remaining 37 states and under federal law, audio recordings, whether surreptitious or not, are legal so long as the person making the recording participates in the recorded conversation. In these states, secret recordings by one of the participants not only are legal, but the former Acting General Counsel (“Acting GC”) of the National Labor Relations Board (NLRB) recently took the position that workers have a legally protected right to record their co-workers and managers. In a decision published on October 30, 2013, an administrative law judge (ALJ) flatly rejected the Acting GC’s position and upheld the employer’s general prohibition on all audio recordings in the workplace without prior management approval.

The employer in that case, Whole Food Markets, promulgated the prohibition to thwart the “chilling effect” of workplace audio recording. More specifically, Whole Foods’ policy explains that concern about audio recording “can inhibit spontaneous and honest dialogue especially when sensitive or confidential matters are being discussed.” Although not stated in the policy, Whole Foods’ head of human resources testified that the policy applied to all employees, whether management or non-management; to all devices that captured voice; and in all areas of the store, including the store’s parking lot and entrance area; but only during working time. (more)

Ask Philip Gordon about drafting a "no recording in the workplace" policy for you. 
Be sure to add video, too.

Security Directors: FREE Security White Paper - "Surreptitious Workplace Recording ...and what you can do about it."   

The Wall of Sound Meets its Match - Sono - An Acoustical Wall Filter Idea

Austrian industrial designer Rudolf Stefanich has created a concept device that is capable of filtering outside noise from entering your room.

Called ‘Sono’, it transforms any window into an “active noise canceling system”, allowing users to eliminate and filter the sounds that pass through their windows.

By turning a knob, the device filters out disruptive noises like car horns and construction works, but allows pleasant sounds like birds chirping or the sound of the wind through.

“In our loud and busy world, a moment of silence has become a scarce and almost luxurious experience,” said Stefanich. “Sono lets you reclaim that silence for your home.” (more)

FutureWatch - The same concept could be used to prevent eavesdropping via acoustical leakage from rooms.

Tuesday, November 5, 2013

A Brief Spy Technology Retrospective

Government surveillance is nothing new. The United States started tracking telegraphic information entering into and exiting the country in 1945. The technology associated with spying, however, has become much more advanced. History shows a steady evolution of the ways governments secretly gather information.

More info about The Thing.
"Spying has gone on throughout history," says Peter Earnest, a former Central Intelligence Agency officer and executive director of the International Spy Museum. "Since globalization, spying has increased because countries want to know what other countries are doing.The discipline of intelligence has already increased a great deal in the post-Cold War world."

Briefcase recorders in the 1950s led to transmitters hidden in shoes in the 1960s. By the early 1970s, bugs hidden in tree stumps intercepted communication signals. Devices continued to become more compact. In the 1980s, tiny transmitters with microphones were hidden in pens.

The advent of the Internet ushered in the Web bug, which tracked who viewed websites or e-mails and provided the IP address of an e-mail recipient. In 2013, drones and computer programs continue to develop as surveillance tools.

So how does the future look for spying?

"It looks good,"
Earnest said. (more, with photos of spy gear)

Monday, November 4, 2013

How a Slight Movement Can ID Your Smartphone

One afternoon, security researcher Hristo Bojinov placed his Galaxy Nexus phone face up on the table in a cramped Palo Alto conference room. Then he flipped it over and waited another beat. And that was it. In a matter of seconds, the device had given up its "fingerprints."

Code running on the website in the device's mobile browser measured the tiniest defects in the device's accelerometer — the sensor that tracks movement — producing a unique set of numbers that advertisers could exploit to identify and track most modern smartphones.

The accelerometer enables, among other things, the browser to shift from landscape to vertical as a user tilts the phone. It turns out every accelerometer is predictably imperfect, and slight differences in the readings can be used to produce a fingerprint. Marketers could use the ID the same way they use cookies — the small files that download from websites to desktops — to identify particular users, monitor their online actions and target ads accordingly.

It's a novel approach that raises a new set of privacy concerns: Users couldn't delete the ID like browser cookies, couldn't mask it by adjusting app privacy preferences — and wouldn't even know their device had been tagged. (more)

Sunday, November 3, 2013

When Paranoids Collide they Blow the Whistle on Tea Kettles

Customs agents in Russia found tea kettles and irons bugged with tiny Spyware chips that exploit WiFi connections, reports a local news outlet coming out of St. Petersburg.

According to Gizmodo, the microchips are capable of spreading spam and malware to WiFi-enabled devices within 200 meters.  Specific details of the dodgy shipments remain shady...

Simon Sharwood of The Register reports that it is indeed possible to build a spambot small enough to fit inside of a kettle, as the necessary components are small and cheap enough...

One question remains unanswered, however: why would China send bugged tea kettles to spy on the ordinary tea-drinkers of Russia?

Gizmodo suggests that perhaps local authorities were mistaken about their findings, pointing out that WiFi tea kettles already exist.

Business Insider speculates that if the kettles are bugged, it could very well be a test for larger operations to plant such microchips.

We'll let you weave your own intricate conspiracy theory. (more)

Last Week on Halloween

This Judge is a Surveillance Expert. He has Cred.

James G. Carr ’62, a senior judge on the U.S. District Court for the Northern District of Ohio and a former member of the Foreign Intelligence Surveillance Court (FISC), described the process through which the federal government conducts electronic surveillance and railed against National Security Agency (NSA) whistleblower Edward Snowden in a talk in the Gund Gallery’s Community Foundation Theater...

Carr told his audience “every one of us in this room probably has been overheard under a FISA warrant... It’s a general search,” Carr said, “that which the Fourth Amendment most directly and most clearly, unequivocally prohibits. Nobody can dispute that.”...

In July, Carr wrote an op-ed in The New York Times calling for Congress to reform the court. He suggested judges be allowed to appoint outside lawyers to “represent the interests of the Constitution and the public” in cases where a novel issue, such as new surveillance technology, is present in the warrant application. Government agents are required to inform the court if their application raises that kind of issue...

Carr had harsh words for Edward Snowden, the former NSA contractor who provided documents about NSA surveillance procedures to journalists before fleeing to Hong Kong and then Russia. He asked audience members how many of them thought Snowden’s actions were worthwhile, and upon seeing hands raise, said, “I want to try and disabuse you of that view.”

Snowden, he said, had been “in the hands of the Chinese and the Russians for months, and if anybody in this room thinks for a moment that they don’t know everything he learned … c’mon now. 

The NSA, Carr said, “does a crucially important job,” whereas Snowden, whom he mockingly called “the great American patriot,” had done “irredeemable” damage.

In the Q & A after the talk, one student asked Carr, “Why bother protecting our lives if you don’t first protect our rights?” Carr responded, “Because if we have no lives, we have no rights.” (more)

Why is Carr the expert? 
Because he wrote the book. (more)

10 Most Audacious Eavesdropping Plots

Operation Ivy Bells
At the height of the cold war, the National Security Agency, CIA and the US Navy collaborated to tap into underwater communication lines used by the Soviet Union. 

Operation Stopwatch
This joint operation between the CIA and the British Secret Intelligence Service was again an attempt to tap into communications by the Soviet Military.

The Cambridge Spies
Rather than relying on modern eavesdropping, this operation used old fashioned infiltration.

Click to enlarge.
The Gunman Project
During 1976, the KGB managed to install miniaturized eavesdropping equipment and transmitters inside 16 IBM Selectric Typewriters used by staff at the US embassy in Moscow and consulate in Leningrad. 

The Bundesnachrichtendienst Trojan Horse Affair
Germany may have been the victim off NSA eavesdropping, but its own Federal Intelligence Service, the Bundesnachrichtendienst, has also engaged in such activities.

The MI6 Spy Rock
In a modern version of the dead letter drop, British spies working out of the embassy in Russia used a transmitter concealed in an artificial rock to pass classified data. 

Acoustic Kitty
Acoustic Kitty was a top secret 1960s CIA project attempting to use cats in spy missions, intended to spy on the Kremlin and Soviet embassies. (more)

Moles in Berlin
In 1956, American and British agents tunneled into East German territory in order to tap a telephone line. This allowed them to eavesdrop on important conversations between Red Army leaders and the KGB. A segment of the tunnel can now be visited. (more)

An international diplomatic crisis erupted in May 1960 when the Union of Soviet Socialist Republics (USSR) shot down an American U-2 spy plane in Soviet air space and captured its pilot, Francis Gary Powers. Confronted with the evidence of his nation's espionage, President Dwight D. Eisenhower was forced to admit to the Soviets that the U.S. Central Intelligence Agency (CIA) had been flying spy missions over the USSR for several years. (more)

Animal Spies
A former CIA trainer reveals, the U.S. government deployed nonhuman operatives—ravens, pigeons, even cats—to spy on cold war adversaries. “We never found an animal we could not train.” (more)

What Corporations Can Learn from the Vatican

Contrary to a widely circulated report, the US National Security Agency (NSA) could not have eavesdropped on the conclave that elected Pope Francis, a veteran Vatican journalist has reported.

Andrea Tornielli of La Stampa writes that the Vatican had deployed sophisticated anti-bugging technology in the Sistine Chapel and throughout the apostolic palace in the days leading up to the conclave. The anti-bugging measures were already in place during the general congregations at which cardinals exchanged ideas prior to the opening of the conclave. Reporters who were in the building testified that internet connections were interrupted and cell-phone signals lost when the system was activated. 

Vatican security experts take pride in their ability to foil espionage, Tornielli reports. (more)

Can a Perv Skirt Privacy Laws by Raising The First Amendment?

MA - An Andover man is hoping to slip past the law by arguing women in skirts are taking a chance when they ride the T (Boston's transit system) because there’s no guarantee of privacy. 

Michael Robertson is appealing to the state’s highest court saying he didn’t commit a crime when he allegedly tried to take cellphone photos up women’s dresses on the Green Line in August 2010.

That “up-skirt” case included an undercover transit cop and another T passenger. The 31-year-old now faces more than two years in jail if convicted of two counts of photographing an unsuspecting nude or partially nude person.

His lawyer argues it’s the outdated law that’s in the wrong — not her (sic) client — and other photographers could have their First Amendment rights trampled, too. (more)

Music to Spy By

via Jason Whiton, UK distributor, Network (the "Criterion Collection" of retro TV/Film), has been tempting us for some time with news of upcoming remastered vinyl soundtracks from spy shows like The Prisoner, Department S, and The Saint. Some lucky collectors in Britain even had a chance to pick up a limited-edition EP of spy tunes during the last Record Store Day.

From Network's On Air newsletter: "It’s a measure of the quality of the music from these series that it can be enjoyed outside of the context of the programmes themselves, as our previous soundtrack releases on CD have demonstrated. 

Now, with the resurgence of interest in that formerly archaic artefact the LP record, we’re proud to present the first in a series of brand-new audiophile releases on 180g virgin vinyl. 

Although high-quality masters were already available from the CD releases, we have returned to the original analogue tapes which have been mastered afresh for vinyl to take advantage of the format’s more subtle dynamic range. Mastering and vinyl cutting have been supervised by one of the very best in the business – Ray Staff of AIR Studios – ensuring that these tracks have never sounded so good since they went down onto tape in the late 1960s." (more)

Saturday, November 2, 2013

High School Football Spying?!?! - Four Destrehan Coaches Accused

LA - Five people, including four Destrehan High School assistant football coaches, were booked with unauthorized use of intellectual property Wednesday after they allegedly used a leaked computer password to get a sneak peek at the game plan of their upcoming opponent, South Lafourche. 

Others could still be charged, said Brennan Matherne, public information officer for the Lafourche Parish Sheriff’s Office...

The criminal charges are the latest fallout stemming from an incident in which the coaches allegedly used computers to spy on South Lafourche’s football practices last week.

The scandal already has resulted in a forfeit for Destrehan and sanctions for the coaches involved. (more)

Encryptor's Unite! - From Those Wonderful Folks Who Brought You Lavabit & Silent Circle

Our Mission - To bring the world our unique end-to-end encrypted protocol and architecture that is the 'next-generation' of private and secure email.

As founding partners of The Dark Mail Alliance, both Silent Circle and Lavabit will work to bring other members into the alliance, assist them in implementing the new protocol and jointly work to proliferate the worlds first end-to-end encrypted 'Email 3.0' throughout the world's email providers. 

Our goal is to open source the protocol and architecture and help others implement this new technology to address privacy concerns against surveillance and back door threats of any kind. (more)

In the Days Before Spread Spectrum Communications - Spread Wings Communications

Read all about America's secure communications laboratory, just miles from the Countermeasures Compound, in Ft. Monmouth, NJ... (more)

Friday, November 1, 2013

Mobile Phone Use a Significant Security Risk for Companies

New research suggests that companies are leaving themselves open to potentially serious security and legal risks by employees’ improper use of corporate mobile devices.

Buy them the Cone of Silence.
Experts from the University of Glasgow looked at a sample of mobile phones returned by the employees from one Fortune 500 company and found that they were able to retrieve large amounts of sensitive corporate and personal information. The loss of data such as this has potential security risks, inviting breaches on both an individual and corporate level.

A University of Glasgow release reports that the data yielded by this study on thirty-two handsets included a number of items that could potentially cause significant security risks and, lead to the leakage of valuable intellectual property or exposed the company to legal conflicts. (more)