Saturday, January 31, 2015

Weird Science - Eavesdropping 3,000 miles away while underwater

1944 - Maurice Ewing and a team of American scientists... believed there may be a layer in the ocean where a combination of pressure and temperature create a narrow channel where certain low-frequency sounds would travel long distances.

In the deep waters of the Atlantic, researches dropped several explosives containing four pounds of dynamite, each timed to detonate at a different depth. Using an underwater microphone called a hydrophone, a second boat stationed 900 miles away successfully detected the sounds.

Subsequent tests picked up the signal at a distance of 3,000 miles.

The discovery of the SOFAR sound channel opened up a new way to study the world's oceans, as well as a unique tool in the nation's defense.

Four of the Newest (and lowest) Social Engineering Scams

1. Phishing with new lethal-strains of ransomware
Ransomware caught businesses’ attention in 2013 with Cryptolocker, which infects computers running Microsoft Windows and encrypts all of its files, as well as files on a shared server. The extortionists then hold the encryption key for ransom (about $500 USD), to be paid with untraceable Bitcoin. The longer the victim waits to pay, the higher the price, or the data can be erased. Now, copycat CryptoDefense has popped up in 2014 and targets texts, picture, video, PDF and MS Office files and encrypts these with a strong RSA-2048 key, which is hard to undo. It also wipes out Shadow Copies, which are used by many backup programs... 

2. Phishing with funerals 
Perhaps a new low - social engineering gangs have been caught sending people phishing emails that appear to be from a funeral home telling the reader that a close friend of yours is deceased and the burial ceremony is on this date. They have already penetrated and compromised the funeral home’s website, so the moment that the concerned friend clicks on the compromised website they get redirected to a bad guy’s server...

3. IVR and robocalls for credit card information 
Similar Articles group masks Social engineering attacks from the front lines attention. Bad guys steal thousands of phone numbers and use a robocaller to call unsuspecting employees. “It’s fully automated, Sjouwerman says. “The message goes something like – ‘This is your credit card company. We are checking on a potential fraudulent charge on your card. Did you purchase a flat screen TV for $3,295? Press 1 for yes or 2 for no.’” If the person responds no – the script then asks the victim to enter his credit card number, expiration date and security code. In some cases, employees worry that their company credit card has been compromised and they might get into trouble, so they play along...

4. Healthcare records for spear-phishing attacks 
With massive data breaches in 2013, the criminal element has reached a point where they can grab personally identifiable information and start merging records – including healthcare records. For instance, a bogus email looks like it’s coming from your employer and its healthcare provider announcing that they’ve made some changes to your healthcare program. They’re offering preferred insurance rates for customers with your number of children. Then they invite the email reader to check out a link that looks like it goes to the health insurer’s web page. “Because the email is loaded with the reader’s personal information, there’s a high likelihood of one click – and that’s all it takes” to infiltrate company systems...

How the Hell Are These Popular Spying Apps Not Illegal?

(a long and excellent article)
Here are some sordid scenarios. Your ex-girlfriend can see every time you swipe right while using Tinder. Your former husband is secretly listening to and recording your late-night Skype sessions with your new boyfriend. Some random slippery-dick is jacking off to the naked photos in your private photo library. For millions of people, it's not hypothetical. 

Someone could be spying on every call, Facebook message, snapchat, text, sext, each single keystroke you tap out on your phone, and you'd never know. I'm not talking about the NSA (though that too); I'm talking about software fine-tuned for comprehensive stalking—"spyware"—that is readily available to any insecure spouse, overzealous boss, overbearing parent, crazy stalker or garden-variety creep with a credit card. It's an unambiguously malevolent private eye panopticon cocktail of high-grade voyeurism, sold legally. And if it's already on your phone, there's no way you can tell.

Spyware companies like mSpy and flexiSPY are making money off the secret surveillance of millions of people's devices. Literally millions of people, according to the sales figures provided by these spyware companies, are going about their days not knowing that somewhere, some turdknockers are scouring their photo libraries and contacts and WhatsApp messages, looking for digital misdeeds.

Spyware has been around for decades, but the current crop is especially invasive. They make money by charging people—from $40 a month for a basic phone spying package on mSpy up to $200 a month on one of flexiSPY's bigger plan—for siphoning activity off their target's devices.

Friday, January 30, 2015

The Sundance Film the FBI Doesn't Want You to See

(T)ERROR is the first film to document an active FBI counterterrorism sting investigation.

In the feature documentary (T)ERROR, which premiered this week at the 2015 Sundance Film Festival, everyone is spying on everyone: the informant on the target, the target on the informant, the FBI on the informant, the filmmakers on the FBI.

Incredibly, directors Lyric R. Cabral and David Felix Sutcliffe manage to film not just the one doing the surveilling but also the one being surveilled — without either subject knowing the other is also appearing on-camera.

It’s a daring feat made even more impressive when you realize the FBI has no idea that the informant they’re using is in fact simultaneously using them.

But unlike Homeland or some John le Carré novel, where spying is sexy and the characters are all perspicacious, (T)ERROR depicts the reality of today’s domestic intelligence gathering: it is not glamorous, the vernacular is informal, the surveillance techniques utilized include “advanced” approaches like trying to befriend someone on Facebook, and incompetence abounds (at one point a confidential phone number is discovered by typing it into Google).

Cell Phone Spying Case to Court - Force Sheriff to Reveal Secrets

NY - The Erie County Sheriff's Office is scheduled to be in court next week as it refuses to hand over information regarding its use of cell phone spying equipment.

2 On Your Side was first to report on the agency's use of so-called cell site simulator equipment. The machines -- often used under the names "Stingray" and "KingFish" -- mimic cell phone towers and trick phones into sending over information.

As we reported exclusively, the county paid more than $350,000 for the machines.

The Top 5 Soviet Bugs & Wiretaps During the Cold War

In an interview Leonid Shebarshin, a former head of the First Chief Directorate of the KGB said, “Our good fortune will only be made known after we suffer a major defeat. Our real success will be made known no earlier than 50 years down the line.” Successful spy operations are already a thing of the past, with modern-day intelligence seeming to consist of a series of failures...

1. Operation “Information of Our Times”
2. The wiretapping of Franklin D. Roosevelt in Tehran
3. A bug in the U.S. coat of arms (The Great Seal Bug)
4. Bugs in Moscow and beyond
5. The Soviet Union’s Cuban ears

Thursday, January 29, 2015

This Week in World Eavesdropping Wiretapping Surveillance & Spying

Australia - Deputy Police Commissioner Nick Kaldas will front a parliamentary inquiry into a long-running NSW police bugging scandal. Mr Kaldas was one of more than 100 police alledgedly spied on more than a decade ago as part of a covert internal corruption investigation.

IL - Illinois legislators provoked public outrage by reviving an eavesdropping law that the Supreme Court of Illinois struck down earlier in the year—in part because it prohibited citizens from recording public interactions with police. Sponsors and supporters of the new version of the law... insisted that the new statute would allow citizens to record police and that the public's concern was unwarranted. In fact however, Illinois' new eavesdropping law is confusing and harsh. Although it does not ban all recording of police—the court took that off the table—it discourages it about as much possible

R. Crumb prediction (1967)
US - A program used by U.S. and British spies to record computer keystrokes was part of sophisticated hacking operations in more than a dozen countries, security experts said on Tuesday, after former NSA contractor Edward Snowden reportedly leaked the source code for the program.

Canada - On Monday, a new report was released, based on leaked documents from Edward Snowden, showing that Canadian intelligence agencies—part of the Five Eyes spying conglomerate that includes the US, the UK, Australia and New Zealand—partnered with UK spies to siphon sensitive data from thousands of smartphones by sniffing traffic between applications on the phones and the servers owned by the companies that made the applications. The so-called Badass program is designed to sniff the normal unencrypted communication traffic of certain smartphone apps to glean location information, the unique identifier of the phone and other data that can help spies learn the identity of phone users, among other things. It can also be used to uncover vulnerabilities in a phone to help spies hack it.

US - Former U.S. nuclear scientist gets 5 year sentence for spying.

US - The Department of Justice is using an expanded license plate collection program -- originally intended to track drug crime -- to monitor ordinary citizens without criminal records, government documents reveal, raising questions about how widely surveillance data is shared among agencies and companies.

NYC - A contractor for Johnson & Johnson was arrested for placing a hidden spy camera in a company bathroom that recorded multiple people using the toilet, authorities said. Stephen Lewins, 42, of Brooklyn, was arrested for unlawful surveillance on January 23, after the pinhole camera was discovered in the restroom a week earlier, the NYPD said. A Johnson & Johnson employee found the camera and an SD card hidden in a wall above a light switch inside the unisex bathroom Jan. 16. The company said it alerted the NYPD immediately.

WI - A ban on undercover videos on Wisconsin farms is being considered at the state Capitol. Though the bill is expected in the next week or so, laws known as “ag gags” have been proposed all over the country. According to the ASPCA, 26 state legislatures have looked at bans on covert video and pictures. That footage is typically used by animal rights groups to expose animal cruelty and mistreatment.

Canada - A cast member of CTV sitcom Spun Out has been accused of voyeurism after two women alleged they found hidden cameras in a Toronto condo. Jean Paul "J.P." Manoux, 45, was charged Tuesday by Toronto Police with one count of voyeurism. Last week, Police officers responded to a call from two women -- ages 27 and 25 -- at a Queen St. W. condominium building. The two women allegedly "discovered hidden cameras and video equipment connected to the Internet" in a condo they rented from a man, according to a police statement.

Wednesday, January 28, 2015

Panama’s Ex-president’s Hunger for Gossip Fueled Tapping

When the United States rejected former Panamanian President Ricardo Martinelli’s request for spying equipment to eavesdrop, U.S. diplomats feared, on his political enemies, the former supermarket baron turned to another source: Israel.

Now scores of Panama’s political and social elite are learning that the eavesdropping program that Martinelli’s security team set in place sprawled into the most private aspects of their lives – including their bedrooms. Rather than national security, what appears to have driven the wiretapping was a surfeit of the seven deadly sins, particularly greed, pride, lust and envy.

Nearly every day, targets of the wiretapping march to the prosecutors’ office to see what their dossiers contain, often emerging in distress. Martinelli, who left office in July, is facing a rising tide of outrage not only over the wiretapping, but also over reports of vast corruption. His personal secretary has left the country. The eavesdropping equipment has vanished.

Town Supervisor Accused of Eavesdropping on Employees

NY - State Police arrested the Windham Town Supervisor after they say she used video and audio recording devices to eavesdrop on employees.

Stacy Post, 51, put the recording devices in the Windham Town Office Building after being elected to Town Supervisor, according to police.

They say Post eavesdropped on employees and other users of the town offices.

Post has been charged with felony eavesdropping and possessing eavesdropping devices.

You Only Live Once, or Die Another Day

The former Russian spy Alexander Litvinenko may have survived a previous poisoning attempt before a lethal dose of polonium was slipped into his tea at a London hotel, a long-awaited judicial inquiry into his death was told Tuesday.

The former KGB officer, an outspoken critic of Russian President Vladimir Putin, was living in Britain and doing consultancy work for the British intelligence service MI-6 when he met two Russians for a drink at the Millennium Hotel in November 2006. Weeks later, he suffered an agonizing death, apparently from the effects of radiation poisoning.

The strange case soured relations between Britain and Russia for years. On his deathbed, Litvinenko claimed that he had been poisoned on Putin’s orders.

Need A Secure Portable 1 or 2TB Hard Drive? (Yeah, you do.)

iStorage diskAshur Pro 1TB review: one of the most secure and encrypted portable hard drives you can buy...

If you use a portable drive for business, there's a very strong case for keeping that data secure with a hardware-encrypted drive. And when customer data is at stake, there's a legal obligation to button it down to keep it confidential in the event of the drive being lost or otherwise compromised.

Even home users may prefer to keep their files and data to themselves. Which is why encrypted portable drives like the iStorage diskAshur Pro can be such a great idea, with their built-in keypads that need a numerical PIN to be entered before they give up their secrets.

The diskAshur Pro follows a line of similar drives sold in this country (UK) by iStorage Limited, which are rebranded and renamed drives designed by and made for Apricorn Inc in the USA. This latest version is called the diskAshur Pro, otherwise known as the Apricorn Aegis Padlock Fortress, and has been given a FIPS 140-2 security rating.

Tuesday, January 27, 2015

Avoid Video Surveillance Liability

via Eric Pritchard, Esq...
Summary: Here are five keys to limiting your liability when using and deploying video:

1. Understand and obey wiretap laws. Federal wiretap laws prohibit the interception of oral communications with limited exceptions.

2. Obey state laws prohibiting video cameras. Several states prohibit or regulate video surveillance.

3. Obey state laws respecting privacy rights. Every state has law concerning an individual’s privacy rights.

4. (Installers) Use an effective, enforceable contract to allocate the risk of loss. An effective contract for the provision of video-related services and equipment should limit your company’s liability just like it does for other services.

5. (Installers) Installing video without a recurring contract is a missed opportunity. Develop a policy of not selling or installing video cameras without a contract for some form of recurring revenue. 

• Side note: If you are the user, keep the system maintained so you are not accused of providing a false sense of security.

NYC - Spycam Found in Bathroom Used by Top Corporations

The New York City Police Department reported today that a pinhole camera was found in a unisex bathroom at Johnson & Johnson (JNJ)’s corporate offices in NYC last week. A designer with the company discovered the camera, located above the light switch.

Johnson & Johnson ’s building maintenance supervisor reported the camera to the New York Police Department after it was discovered on Jan. 16, 2015. After examination, the camera was found to contain an SD card used for video storage. Johnson & Johnson’s Carol Goodrich said the company had immediately contacted the NYPD after the camera’s discovery...
Spycams are disguised as many things. This one is a USB stick.

“The device was hidden above a light switch in the bathroom next to offices that include Ralph Lauren and Haynes Roberts...” reported the New York Post. “The bathroom with the hidden device is open and accessible to all tenants and guests on the floor. It wasn’t clear whether the potty perv who put it there captured customers or models who do photo shoots nearby in RR Donnelley’s Studio W26. Investigators had yet to review the storage drive recovered with the camera.”...

Today’s story about the pinhole camera is part of what appears to be a trend. * NBC ran a story on March 27, 2014 about numerous reports of cameras being found in public bathrooms...

The NYPD indicates they are investigating the J&J camera as a sex crime and unlawful surveillance, with the added possibility of obscene material involving people under the age of 17.

*More like pandemic based on news reports and sweep requests received here.
• That USB stick spycam... only $8.76 here.

Economic Espionage - NYC Russian Banker Arrested by FBI

Federal prosecutors arrested a Russian banker in New York on Monday and charged him as a spy, accusing him and two others of secretly gathering information about the New York Stock Exchange, U.S. energy resources and sanctions against Moscow.

Prosecutors described clandestine meetings and coded communications between the banker and his handlers, one of whom worked as a trade representative of the Russian Federation in New York, the other as an attaché to the Permanent Mission of the Russian Federation to the United Nations.

The spycraft alleged in the complaint reads like a throwback to the Cold War. Yet the alleged operatives’ target was more modern: economic intelligence... 
The most interesting part...
Mr. Buryakov suggested they ask about the NYSE’s use of exchange-traded funds, potential limits on the use of automated high-frequency trading systems... NYSE spokesman declined to comment.

• The movie Blackhat illustrates market manipulation, and why it would interest them.
• Classic spycraft is alive and well. It ain't all IT-based.
• Nice job, FBI!

Can You Be Insecure Playing for the NFL? Sure, if you're an app.

The National Football League's official app for both iOS and Android puts users at risk by leaking their usernames, passwords, and e-mail addresses in plaintext to anyone who may be monitoring the traffic, according to a report published just five days before Superbowl XLIX, traditionally one of the world's most popular sporting events. 

(You can stop reading here. Trust me, it just gets worse.)

As Ars has chronicled in the past, large numbers of people use the same password and e-mail address to log into multiple accounts. That means that people who have used the NFL app on public Wi-Fi hotspots or other insecure networks are at risk of account hijackings. The threat doesn't stop there: the exposed credentials allow snoops to log in to users' accounts on, where still more personal data can be accessed, researchers from mobile data gateway Wandera warned. Profile pages, for instance, prompt users to enter their first and last names, full postal address, phone number, occupation, TV provider, date of birth, favorite team, greatest NFL Memory, sex, and links to Facebook, Twitter, and other social networks. Combined with "about me" data, the personal information could prove invaluable to spear phishers, who send e-mails purporting to come from friends or employers in hopes of tricking targets into clicking on malicious links or turning over financial data. Adding to the risk, profile pages are transmitted in unencrypted HTTP, making the data susceptible to still more monitoring over unsecured networks, the researchers reported.

"Wandera's scanning technologies have discovered that after the user securely signs into the app with their account, the app leaks their username and password in a secondary, insecure (unencrypted) API call," a report published Tuesday warned. "The app also leaks the user’s username and e-mail address in an unencrypted cookie immediately following login and on subsequent calls by the app to domains." The app allows users to make a variety of in-app purchases.

Corporate Espionage Cartoon

Monday, January 26, 2015

U.S. Spies on Millions of Cars

DEA Uses License-Plate Readers to Build Database for Federal, Local Authorities

The Justice Department has been building a national database to track in real time the movement of vehicles around the U.S., a secret domestic intelligence-gathering program that scans and stores hundreds of millions of records about motorists, according to current and former officials and government documents.

The primary goal of the license-plate tracking program, run by the Drug Enforcement Administration, is to seize cars, cash and other assets to combat drug trafficking, according to one government document. But the database’s use has expanded to hunt for vehicles associated with numerous other potential crimes, from kidnappings to killings to rape suspects, say people familiar with the matter.

EP Team Alert - Dating Apps Let Snoopers Track Users

Snoopers have spied on massive numbers of amorous singletons by exploiting security flaws in dating apps.

Luckily, the spies were not creepy stalkers or violent perverts, but a group of cybersecurity experts on a mission to make life safer for daters.

They were able to track volunteers' every move in a discovery which should send chills down the spine of anyone using apps to find love...

This weekend, Colby Moore (security researcher at Synack) will present a talk at the tech conference ShmooCon, where he will discuss how he managed to track "tens of thousands" of amorous app users at the same time.

He suggested dating app security holes could even be used to spy on celebs.

"We [will] show just how easy it might be to reveal the identity of and track your favorite athlete, politician, or movie star," Moore wrote.

Snow Day Project - Make a Sneaky Snake Spycam for <$20.

It's snowing here in the Northeast United States. Tomorrow will be a down day. Need a spy project to combat cabin fever? This guy shows you how...

Tom Cruise Bugged Nicole Kidman's Phone, says Scientology movie

Church of Scientology leaders ordered the wiretapping of Nicole Kidman's telephones

...during her marriage to Tom Cruise as part of a campaign to break up the couple, according to an explosive new documentary.

Marty Rathbun, formerly the religion's second highest-ranking official, told Oscar-winning film-maker Alex Gibney, that his role was to "facilitate the break-up" for church leader David Miscavige.

The church on Monday said that the "accusations made in the film" were "entirely false".
(more) (more)

SpyCam News - Internal Affairs Agent Overly Into His Job

CA - A camera found in the women's bathroom at the Border Patrol compound in San Ysidro has one agent in a lot of trouble. San Diego police told Team 10 that a ranking agent hid the camera and someone found it.

Officers confronted the agent at the Border Patrol administrative offices on West Ash Street in downtown San Diego.

Two separate Team 10 sources confirmed the agent works with internal affairs.
(more with video)

Countering Light Bulb Eavesdropping

Q. "How to prevent light bulbs from being used as pickups for speech?" (meaning, being used as part of an eavesdropping system)

A. The easiest way, of course, is to keep the bulb turned off, however, I know that's not what you mean.

The second best way is to make sure there is no way for the bad guy to see the light bulb. Most attacks require accessing the bulb's variations in light so they can be remotely demodulated. (See Leon Theremin's invention.)

Some bulb attacks are made possible because additional electronics are placed inside the bulb (cameras, transmitters, microphones, etc.). The easiest countermeasure to this is to replace the bulbs with bulbs you purchased from a local Home Depot / Lowe's type store. Mark the bulbs when you install them, then check periodically to make sure they haven't been switched out.

Also, be sure to check the fixtures and wiring paths for attached microphones and modulation circuitry. Cut the power while doing these things.

These are not high-tech countermeasures, but they are effective.

Hope that helps,

Sunday, January 25, 2015

Industrial Design Theft is No Joke

As I was marched over to an unfamiliar bank of elevators towards the back of the building, I realized I was the prime suspect.

An unreleased design that I had access to, and had done dozens of renderings of, had suddenly appeared on the market—produced by a prime competitor of ours. I was in the elevator with my boss, who was the Head of Global Industrial Design at this particular corporation, where I'd been working as a CAD and rendering jockey for many years.

But I was still a contract employee, not staff. And I had access to this design that few people in the design group had even seen.

The elevator doors opened at a high floor I'd never been to, and I got my first glimpse of the Legal Department...

Business Espionage - The South Africa Report

SA - As the current Sony-North Korea tit-for-tat game attests, industrial espionage has now been brought to an open space, and its debilitating consequences are evident – including in South Africa...

Click to enlarge.
Industrial espionage is the least-known concept within the intelligence compendium, although many agencies are now involved in this activity... Several private businesses have been mentioned in cases involving illegal theft of commercial information. This attests to the fact that in modern societies, as was the case in earlier centuries, economic intelligence is an integral aspect of business, albeit as a business risk.

Studies conducted under the auspices of the University of the Witwatersrand and the University of South Africa for several years have found that industrial espionage in SA is on the rise...

SA-specific accounts of industrial espionage are mostly contained in business publications...

For example, in 2003, The Star reported that British American Tobacco SA (BATSA) conducted spying activities on its rival, Apollo Tobacco; and Finsettle, a subsidiary of Barnard Jacobs Mellet, stole business information secrets of CST Outsourcing. In March 2014, Business Day reported on a suspected case of industrial espionage practices of BATSA involving spy networks and payment of agents by the JSE-listed company. The inference is that industrial espionage is a burgeoning business strategy in SA.

Hacking Wi-Fi is Child's Play - Now run out and find me a child.

The great Groucho Marx, in character, was reading a report and remarked that a 4-year-old child could understand it. So, he said, "run out and find me a 4-year-old child."

Betsy Davis isn't 4. She's 7, but it's still pretty impressive that a computer-savvy 7 year old could Google the information she needed in order to hack into a public Wi-Fi system in a little under 11 minutes. Fortunately, Betsy is not a criminal hacker, but was enlisted as a part of a security experiment to show how easy it is to hack into such network and steal information from unwary people.

Many people assume that the Wi-Fi that they're using is secure, but this isn't always the case.

The actual quote as reported by NPR...
In the Marx Brothers classic Duck Soup, there's a scene in which Groucho's Rufus T. Firefly, the newly installed leader of Freedonia, receives a report from the Treasury Department. "I hope you'll find it clear," says the minister of finance. "Clear?" replies Firefly incredulously. "Why, a 4-year-old child could understand this report." Then he pauses for a beat: "Now run out and find me a 4-year-old child. I can't make head or tail of it."

Did Meanwell Mean Well, or... She Wanted the Cash, Man

New York Yankees general manager Brian Cashman has more than just on-the-field problems... his alleged former mistress, Louise Meanwell, is filing a lawsuit against the Yanks' front office man. 

The suit says that Cashman not only hacked and spied on Meanwell's e-mails, but he also contacted the woman's mother in an attempt to have Meanwell committed in order to cover-up his affair... 

Cashman's mistress is currently in court going through her own legal battles after she was arrested for attempting to extort Cashman for $15,000, and she allegedly stalked him as well after what is believed to be a 10-month fling occurred with Cashman.

It was only after Meanwell found out Cashman had another mistress and had no intention of getting a divorce from his wife that she threatened to blow the lid off their relationship.

This one just keeps getting weirder and weirder by the day.

Email Encryption Options

Q.  I have a client who wants us to use encryption for emails and attachments (not voice). Do you have a solution?

A. Thanks for asking. Your client has a number of fairly easy and low cost options.

• If they use Microsoft Office Outlook have them read this.
• Mac Mail. Read this.
• Thunderbird. Read this.
• Google Apps. Read this.
• Here are the 2015 reviews for the "Top Ten" 3rd-party email encryption programs.
• This is a good article on how to implement email encryption.

Not knowing the client, their needs, IT expertise, etc. I can't point them to anything specific, but the above links will certainly get them started.

Hope this helps,

Wednesday, January 21, 2015

Two Canadian Spy Opportunities

Canadian students who want a career in electronic spying have until January 25 to apply to the Communications Security Establishment Canada (CSEC), the electronic surveillance arm of the federal government.

CSEC has started a hiring campaign targeting colleges and universities a few months ahead of the inauguration of its new headquarters in Ottawa (see list of opportunities). The building, with an astronomical price tag of $1.2 billion, is the most expensive government complex in Canadian history, dubbed the spy "Taj Mahal" by several critics. The immense campus is located next to the Canadian Security Intelligence Service (CSIS) headquarters, and the two will be joined by a walkway. The veritable "spy nest" will house 4,000 cryptographers, secret agents and information specialists of all kinds in Gloucester, a suburb of the nation's capital.

The new headquarters of Canada’s electronic surveillance agency had an “extreme vulnerability” which was inadvertently breached by firefighters responding to an emergency call, the Toronto Star reports. The Canadian Communications Security Establishment (CSE) revealed the vulnerability by sending uncensored documents in response to an access to information request by the Star about the fire.

The sensitive information contained in the documents was highlighted, but not censored, compounding one security breakdown with another.

During the construction of the $800 million CAD (about $660 million USD) building for the CSE, a routine call in response to a small fire lead local firefighters to different entrance than the one they were expected at. Finding no-one there, they cut a padlock to access the building.

The documents also reveal vulnerabilities such as inoperative security cameras and a long-missing visitor pass. At least some of those vulnerabilities have since been addressed, and the agency told the Star that the construction access point used in the incident no longer exists, now that the building is complete and occupied.

Weird Science - One-way Spy Mirrors Prove Zero Topological Entropy

Entropy And Complexity Of Polygonal Billiards With Spy Mirrors
We prove that a polygonal billiard with one-sided mirrors has zero topological entropy. In certain cases we show sub exponential and for other polynomial estimates on the complexity.

iPhones Have Built-in Spyware - Well, duh.

NSA whistleblower Edward Snowden has claimed that Apple’s iPhone range of devices contains built-in spy software that can be used to track the owner.

According to Snowden’s lawyer, the software can be remotely activated at any time without the user’s knowledge.

2 Million Cars Open to Hackers - "Say it ain't so, Flo."

An electronic dongle used to connect to the onboard diagnostic systems of more than two million cars and trucks contains few defenses against hacking, an omission that makes them vulnerable to wireless attacks that take control of a vehicle, according to published reports.

US-based Progressive Insurance said it has used the SnapShot device in more than two million vehicles since 2008... According to security researcher Corey Thuen, it performs no validation or signing of firmware updates, has no secure boot mechanism, no cellular communications authentication, and uses no secure communications protocols. SnapShot connects to the OBDII port of Thuen's 2013 Toyota Tundra pickup truck, according to Forbes. From there, it runs on the CANbus networks that control braking, park assist and steering, and other sensitive functions.

The "Internet of automobiles" may hold promise, but it comes with risks, too."Anything on the bus can talk to anything [else] on the bus," Thuen was quoted as saying in an article from Dark Reading. "You could do a cellular man-in-the-middle attack" assuming the attacker had the ability to spoof a cellular tower that transmits data to and from the device.

Tuesday, January 20, 2015

Coming Soon - Confide - The Vanishing App for Executives

Sometime in the coming weeks, confidential-messaging startup Confide will launch a service that allows businesses to send documents, not just texts, using its signature version of disappearing ink.

This advanced Snapchat for grown-ups, the company believes, will bring back the sense of privacy and control that has increasingly become a casualty of online communications. It should also provide a defense against hackers...

The system has been envisioned as a sort of online version of the private business call...

Alone among ephemeral apps, Confide cloaks the text in a way that makes it impossible to capture with a screen shot. The user reads by moving a finger underneath each line of text, which unveils just a few words at a time... Confide's other selling points include end-to-end encryption... The message vanishes from users' phones once it's sent and after it's read.

Monday, January 19, 2015

Security Director Alert - China Travel and Email

Users of Microsoft's Outlook email service in China had their accounts hacked on Saturday 17 January by the Chinese government, according to web monitoring website

The attacks affected people using email clients such as Outlook, Mozilla's Thunderbird and apps on their smartphones that use the SMTP and IMAP protocols, but did not affect the browser versions such as

The man-in-the-middle attack used by the hackers allowed them to intercept conversations between victims, which appear to be private but are in fact controlled by the hackers. was able to reproduce the results seen by victims, including the fake certificates used by the hackers to pretend they were the intended recipient.

"If our accusation is correct, this new attack signals that the Chinese authorities are intent on further cracking down on communication methods that they cannot readily monitor," a blog post said on Monday 19 January.

The attack on Outlook comes just a month after the Chinese government blocked the use of Google's Gmail service in the country.

Sunday, January 18, 2015

Know What They Call... Spy vs. Spy vs. Spy vs Spy?

A tranche of fresh Snowden leaks... detailing the bizarre, fractal practices of "fourth-party collection" and "fifth-party collection."

 "Fourth party collection" is the practice of spying on spy agencies to gather all the data they're taking in. "Fifth-party collection" is the practice of spying on spies who are spying on other spies. Really.

Spy Penned Friends, or You Look a Lot Hotter on the Net

PA - A Blairsville man has pleaded guilty to a single charge that he surreptitiously photographed friends, co-workers, relatives and others without permission, using a digital “spy pen” to capture their images in May 2013.

Wesley Lear, 57, also was accused by investigators of editing the photos to place his victims’ faces on nude bodies and circulated them on the Internet, and was charged with downloading child pornography images to his computer.

UK - Former Deputy Prime Minister Finds Car Bugged

UK - John Prescott has turned detective after finding his Jaguar had been bugged.

The former Deputy Prime Minister discovered the device hidden in his car when he took it to a garage because it had problems starting.

Mechanics found a tracker concealed under the driver’s seat that was hooked up to the car battery, draining its power.

The sophisticated device uses mobile phone technology and is capable of reporting the Jag’s movements at all times. It also has an inbuilt microphone enabling it to pick up conversations.

And the 6 inch-square black box is even capable of immobilising the car if instructed to by mobile phone.

Lord Prescott told the Sunday Mirror: “I’ve been told that whoever knows the SIM card that goes with the tracker can send out a signal and stop the engine...

"This type of surveillance breaches our right to privacy – I’ve had my mobile hacked, my phone tapped, and now someone might have been tracking my car.”

But insisting he was calm about the find he joked: “I can only hope whoever listened to my conversations installed an automatic bleeper too.”

Best guess from here... Installed by the car dealership, or previous owner, to thwart late payments or theft.

History: The Case of the Vanishing Private Eyes

How 19th-century America's biggest, most dogged detective agency went on to get unceremoniously acquired 100 years later by a Swedish conglomerate...

Sam (Dashiell) Hammett was a wayward youth. Having left school at the age of 13, he spent his teenage years holding down odd jobs, blowing his paychecks on horse races and boxing matches, and consorting with prostitutes in the rougher sections of Baltimore and Philadelphia. Within a few years, alcoholism had its claws in him, and by age 20 it was rumored that he had already contracted a venereal disease.

In 1915, Hammett, the son of a Maryland farmer, joined the Pinkerton National Detective Agency at the age of 21. During the early 1890s, the Pinkertons, as they were more commonly known, had boasted a force of 2,000 active operatives and some 30,000 reserve officers. By comparison, the United States Army, which for decades had been primarily concerned with fighting Native Americans in the West, had fewer than 30,000 officers and enlisted men assigned to active duty.

60 Seconds + 1 USB Necklace = A Spy Hiding in Your Computer

The necklace, called USBdriveby, it’s a USB-powered microcontroller-on-a-chain, rigged to exploit the inherently awful security flaws lurking in your computer’s USB ports. In about 60 seconds, it can pull off a laundry list of nasty tricks...

...this device hijacks your machine, disables many layers of security, cleans up the mess it makes, and opens a connection for remote manipulation even after the device has been removed..

So what can you do to protect yourself from things like this? Not a whole lot, really — that’s why attacks like this and BadUSB are so freaky. A lot of these flaws are inherent to the way the USB protocol was designed and implemented across so many hundreds of millions of computers; short of filling your USB ports with cement or never, ever leaving your computer’s ports unattended while out and about, there’s no magic fix.

Friday, January 16, 2015

Need Some Espionage Done? Post Your Black Bag Job On Line

At a time when huge stealth attacks on companies like Sony Pictures, JPMorgan Chase and Home Depot attract attention, less noticed is a growing cottage industry of ordinary people hiring hackers for much smaller acts of espionage.

A new website, called Hacker’s List, seeks to match hackers with people looking to gain access to email accounts, take down unflattering photos from a website or gain access to a company’s database. In less than three months of operation, over 500 hacking jobs have been put out to bid on the site, with hackers vying for the right to do the dirty work.

Thursday, January 15, 2015

What Do These 3 Spy Tools Have in Common?

The Spike Mic Launcher is a remote listening device delivering audio surveillance. The Spike Mic dart has a built in microphone with two interchangeable tips: Sticky Dart and Suction Cup. Launch it or stick it to a surface and listen. With a live audio feed you’ll remain undetected as you hear conversations happening in far away locations. Digital transmission in the 2.4 GHz Wi-Fi band.

Record up to 20 minutes of video using 3 unique lenses on the Tri-Optics Video Watch. Rotate the watch’s outer ring to switch between standard, wide or zoom lenses. Hide your watch in an unsuspecting location and let the internal motion detector auto-record video whenever it detects movement. Use the included USB cable to download your footage and charge the Tri-Optics Video Watch. Stream, record and capture live video and photos.

Spy Wire Mic lets you record conversations covertly! Attach the recording device to your belt and line your jacket with the wired microphone. Press the record button to activate audio recording and capture conversation.

• Low price (between $9.99 and $39.99)
• Available at Walmart.
• Recommended for ages 8+

Building a generation of adults predisposed to snooping one birthday at a time.

Wednesday, January 14, 2015

Privacy Tip #572 - Get Out of the Directories recently provided some excellent help for increasing your on-line privacy...

Search your name on the site (if that doesn't work, try your maiden or former name), and choose the state where you live. Click the appropriate street to find your specific listing and copy the URL.

Go to the opt-out page, paste the URL, and enter your email address to remove the listing. You may have multiple listings on Spokeo if you have moved or changed your name, and will need to return to the opt-out page to remove each one.

Start on this opt-out page (not the main PeopleSmart homepage) to "manage" (aka remove or update) your listing. Once you select the listing, click on the work info that applies to you (if it's not the correct information, just skip the step and proceed).

When you reach Define Your Privacy Preferences, deselect all checks under "Contact Information" and "Work Information." Select "Apply these settings to other people search websites" and then submit.

To remove your member profile, email or call 1-888-704-1900. The company claims that it takes up to 10 days to process a request. If your info still appears after 10 days, don't hesitate to persist, and call or email again.

The opt-out page will prompt you to verify your identification by attaching a scan of a driver's license, passport, military ID, state ID, or employee ID from a state agency. The photo and driver's license number should be crossed out. A notarized statement of your identity is also acceptable.

Enter in an email address to receive a confirmation when your info has been removed, and type in any additional records found on the site in the Additional Information field.

You can also fax your ID verification to 425-974-6194, or mail a copy to Intelius Consumer Affairs, P.O. Box 808, Bothell, WA 98041-0808.

Why You Need to Sweep for Bugs (TSCM) - Reason #4: CYBERSPIES

Your security efforts are IT focused. 
You diligently monitor your computer's front door, the network. 
Meanwhile these hack-vac bugs are sucking it all out your back door.

A TSCM bug sweep program can catch these.

Example 1:
"KeySweeper is a stealthy Arduino-based device, camouflaged as a functioning USB wall charger, that wirelessly and passively sniffs, decrypts, logs and reports back (over GSM) all keystrokes from any Microsoft wireless keyboard in the vicinity.

All keystrokes are logged online and locally. SMS alerts are sent upon trigger words, usernames or URLs, exposing passwords. If unplugged, KeySweeper continues to operate using its internal battery and auto-recharges upon repowering. A web based tool allows live keystroke monitoring."

Unit Cost for Parts: $10 - 80 depending on operation
Status: Operational, open source, open hardware, declassified.
Note: KeySweeper can be built into anything that uses mains power. (Think: power strips, clocks, lamps, legitimate wall warts (as pictured), radios, print centers, fax machines, etc.)

Example 2:
The Pwn Plug Academic Edition is a penetration testing drop box.

Wireless (802.11b/g/n) high gain Bluetooth & USB Ethernet adapters
Fully-automated NAC/802.1x/Radius bypass
One-click EvilAP, stealth mode & passive recon

The Pwn Plug Academic Edition acts as a penetration testing drop box that covers most of a full-scale pentesting engagement, from physical-layer to application layer. The Pwn Plug Academic Edition is controlled through a simple web-based administration and comes preloaded with an array of penetration testing tools and Wireless, Bluetooth, and USB Ethernet adapters.

Example 3: 
The Pwn Plug R3 is a next-generation penetration testing device in a portable, shippable, “Plug-and-Pwn” form factor.

Onboard high-gain 802.11a/b/g/n wireless
Onboard Bluetooth
External 4G/GSM cellular
Greatly improved performance and reliability The Pwn Plug R3 is a next-generation penetration testing device in a portable, shippable, “Plug-and-Pwn” form factor. With onboard high-gain 802.11a/b/g/n wireless, onboard Bluetooth, external 4G/GSM cellular, ruggedized case design, and greatly improved performance and reliability, the Pwn Plug R3 is the enterprise penetration tester’s dream tool.

Example #4:
The MiniPwner

The MiniPwner is a penetration testing “drop box”. You (or maybe a cleaner you’ve bribed) needs to plug it into an Ethernet plug in the target’s building, and then you can slurp all the data out of their network via a wifi link.

The penetration tester uses stealth or social engineering techniques to plug the MiniPwner into an available network port. (common locations include conference rooms, unoccupied workstations, the back of IP Telephones, etc.)

Once it is plugged in, the penetration tester can log into the MiniPwner and begin scanning and attacking the network. The MiniPwner can simultaneously establish SSH tunnels through the target network, and also allow the penetration tester to connect to the MiniPwner via Wifi.  

Example #5:
WiFi Pineapple Mark V
Slightly larger than a smartphone the WiFi Pine-apple Mark V is the “ultimate” cyber surveillance device. It uses an “intuitive” web interface to enable hackers to break into a corporate’s IT networks through its wifi connections. It costs $100.

Example #6: 
USB Switchblade
"The goal of the USB Switchblade is to silently recover information from a target Windows 2000 or higher computer, including password hashes, LSA secrets, IP information, etc.

This gadget, which looks like a USB stick, has a program that swings into action when it’s inserted into the USB drive. It then begins its naughty work (without the user knowing) it by exploiting a flaw in USB autorun settings. How about dropping it in the car park of your target’s offices, seeing if someone will pick it up and plug it in to see what’s on it..."

Tuesday, January 13, 2015

Book Review: “Cell Phone Investigations” by Aaron Edens

Until now, if you wanted to learn all about cell phone investigations you would be cobbling together knowledge in scavenger hunt fashion. Your trek might include:
  • seminars, given by a few universities and forensic software vendors; 
  • technical law enforcement newsgroups where tips are swapped; 
  • articles and white papers ferreted out on a topic by topic basis;
  • and a lot of personal trial and error.
Times have changed.

All the basics one needs to know is clearly laid out in this book. Each chapter is packed with many interesting sub-chapters like: caller ID spoofing, cell site dumps, storing and preserving evidence. The Table of Contents shows the important bases covered…

  • Chapter 1: Search Warrants
  • Chapter 2: Phone Records
  • Chapter 3: Tools for Examining Records
  • Chapter 4: Cell Towers and Cell Sites
  • Chapter 5: Cell Phone Forensics
  • Chapter 6: Digital Evidence
  • Chapter 7: Types of Examinations
  • Chapter 8: Using Cell Phone Forensics
  • Chapter 9: Locked Devices
  • Chapter 10: iPhone Backup Files
  • Chapter 11: Sample Search Warrants
  • Templates
  • Appendix

Law enforcement investigators will particularly appreciate Mr. Edens’ street tips. 

Example 1: Arresting officers need training when it comes to electronic evidence collection. If 12 gang members are arrested you are likely to get a bag o’ phones without knowing which suspect owns what phone. “Without a doubt if they had seized 12 firearms the process would have been completely different. The firearms would have been photographed in place to precisely document the location at which they were found, and to establish dominion and control.”

Example 2: The five errors law enforcement officers make when using cell site information. Most of these apply to private investigators and attorneys as well. “Investigators will commonly refer to the cell phone and the target of the investigation interchangeably. I strongly recommend you avoid this dangerous habit,” and goes on to explain the important reason why.

Strip away the some of the law enforcement only information and you have an excellent book for the private sector with fascinating CSI tidbits tossed in. Say the phone you want to examine is soaked in blood or some other yuck biohazard. What can / should you do? Hint, don’t try cleaning it with soap, water and your electric toothbrush. Nah, I’m sure you knew better about the toothbrush. Try alcohol in an ultrasonic tub instead.

New devices like smart watches, and breadcrumbs from the Internet-of-things, are bringing new opportunities and challenges continually. Updates and revised editions of this book are to be expected, and a companion web page with late breaking news would be a welcome addition.

Having all the information in one place has been accomplished very well. Transferring the knowledge to the reader – easily – will take a little more finesse.

In its current form, Cell Phone Investigations is a tiring read. Some basic visual communications tenets were overlooked. Lines of type stretch across 6.5 inches of an 8.5 inch page, averaging about 113 characters per line. This makes focusing difficult. To compound the visual felony the text is entirely sans-serif type, making reading even more challenging. The solution for future editions is simple. Use two columns per page, with no more than 55-65 characters (including spaces) per line. Use serif type for the text. Save the sans-serif type for titles and headlines. These typographical shortcomings should not deter you from this edition, however. Just expect you won’t be reading this cover to cover in one sitting.

“Cell Phone Investigations” (238 pages) is perfect for law enforcement, attorneys, and students entering either field. If it was written only for private investigators, security directors and people who deal with the public answering questions about cell phones, it would just be fewer pages. In the end, all groups get the education they need in an accurate, well written, well organized manner, with illustrations and charts appropriately sprinkled throughout. ~Kevin

Monday, January 12, 2015

Why You Need to Sweep for Bugs (TSCM) - Reason # 6: LAWSUITS

The cost of illegal bugging, wiretapping and video voyeurism is more than emotional distress and lost information...

IN - South Bend taxpayers have so far been saddled with about $1.6 million in attorney fees and the costs of settling lawsuits sparked by the police department's recording of some officers' telephone conversations. 

The city and its Common Council have together spent almost $800,000 on attorney fees to date in the ongoing legal battle over the recordings. South Bend also has settled three lawsuits for another $810,000, boosting the total cost of the litigation to about $1.6 million, the South Bend Tribune reported.

The last remaining legal question is whether the wiretapping was illegal... South Bend, joined by four officers, battled the council on that question during a two-day trial in August. A federal judge has not yet ruled. Expect more attorney fees and possibly fines.

A due diligence debugging sweep program (2-4 times per year) cost most companies less than $35,000. per year.  

$1.6 million dollars equals 45+ years of due diligence. 

Interested in lowering your risk and establishing due diligence? I am here to help. ~Kevin

Miss-Fortune Crookie

The executive vice-minister of the Chinese ministry of state security and one of the top spy chiefs in the country, Ma Jian has been arrested on charges of corruption, the South China Morning Post reported Monday.

Sunday, January 11, 2015

Yes, Chinese Police Openly Spy on Your Calls and Texts

Police across China are buying software and equipment to tap mobile phones as President Xi Jinping tightens control of public opinion and the spread of information.

Current cell phone call capture technique.
The police department of the Wenzhou Economic and Technological Development Zone said it spent 149,000 yuan ($24,000) to buy equipment, including what it called Trojan Horse software, from a state-owned technology company, according to a post on its website today. The software is used to monitor calls, texts and photos on smartphones, it said in the post, which was removed after gaining attention on Chinese social media.

The purchases shed light on the extent to which China monitors its citizens’ personal information amid a broader government clampdown on Internet freedom. Provincial governments and police departments in Jiangsu and Inner Mongolia are seeking to buy similar software to gather information from mobile devices, according to procurement lists on their websites.

Tip: Turn Your Old iPod into a Security Camera for Free (UPDATE)

Last summer I tipped you off about an app that turns your old Apple devices into video surveillance cameras. It is called Manything.

Manything recently made the news...

A Tempe homeowner caught a would-be burglar rummaging through her house on her "puppy" cam.

Mia used an iPhone app called Manything to set up a live video feed to keep an eye on her dogs while she was away at work. She pulled up the feed on her work computer and saw an unknown man walking through her living room.

Dispatcher: 911. What is your emergency?

Caller: Hi. There's someone in my house

"My dogs are there, he's giving the dog treats," she told the dispatcher. The man then noticed the camera and turned it off, but Mia has already contacted the police.

Officers surrounded the home and took the man into custody.
(more) (video)

"The World's First Espionage Snacks"

New Branding and Espionage Snacks at the Winter Fancy Food Show, January 11-13, 2015

 ...launching at the show, and sure to change the snacking game as we know it, are Captain Honeypot and Admiral Hornblower, the world’s first espionage snacks that allow you to spy on yourself and honeypot with others.

At the helm of these snack innovations is Robert Ehrlich, who has rocked the snack world as the Shaman of Snacks for the past 29 years, creating some of the most iconic snacks on the planet.

Cash Machine SpyCam Scam

UK - An iPod nano was turned into a spy camera and taped to a cashpoint by thieves in a bid to steal unsuspecting user's bank details.

The Apple device was found by police attached to the hole-in-the wall in Northenden Road in Gatley, Stockport, Greater Manchester.

They discovered that the iPod nano had been turned into a camera and attached to the ATM using duct tape and a fake plastic case was added.

Privacy App Alert - Turn Your Phone into a Burner Phone

Burner is a privacy layer for your phone. Create unlimited numbers at the touch of a button, and keep your personal number private. 

Real phone numbers when you need them
Burners are real numbers with local area codes you can use for calls, texts, and voicemail to stay in touch with anyone.

Control your mobile identity
Manage who can reach you without compromising your personal information. Features like Touch ID lock and custom line colors will keep you organized and in control.

Burn to "disconnect"
Keep a Burner as long as you want... or delete at the touch of a button. Like magic, your number goes out of service and the data is wiped from your phone.

The information above is from Burner's publicity material. Keep in mind your calls are going through a 3rd party. Confidential discussions should be avoided on principle. ~Kevin

Friday, January 9, 2015

Hacktivist Group Anonymous Finds a Worthy Target

Hacktivist group Anonymous has come out to avenge the attacks on the office of Paris-based magazine Charlie Hebdo in which 12 people were murdered.

The Belgian 'branch' of Anonymous posted a video message to YouTube describing a new campaign against jihadists, called #OpCharlieHebdo.

The video, which features someone wearing the Guy Fawkes mask and speaking with their voice obscured, explains (in French) that its members have decided to "declare war on you, the terrorists" - referring to Al-Qaeda and ISIS specifically.

"We will track you down - every last one - and will kill you,” the spokesman says. "You allowed yourselves to kill innocent people, we will therefore avenge their deaths."

The figure says that 'hacktivists' from around the world will track all of jihadist activities online and close down their accounts on Twitter, YouTube and Facebook.

"You will not impose your sharia law in our democracies, we will not let your stupidity kill our liberties and our freedom of expression. We have warned you; expect your destruction."
(more) “Je Suis Charlie