Friday, October 28, 2016

A Spy's House with a 007 Connection—For Sale

NY - This Long Island estate at 189 Terrace Lane in Upper Brookville
was once owned by English novelist Ian Fleming’s dear friend Ivar Felix C. Bryce — a real-life British spy and, in Fleming’s James Bond books, 007’s best friend, Felix.

The 6,800-square-foot, five-bedroom brick mansion was built in 1917 as a carriage house for the 90-acre Mill River Farm estate. Fully restored, it’s now on the market for $2.99 million. The Bryces bought the estate in 1936 and renamed it Farlands Estate. more

AT&T Requires Police to Hide Hemisphere Phone Spying

AT&T built a powerful phone surveillance tool for police, called Hemisphere. Every day, AT&T adds four billion call records to Hemisphere, making it one of the largest known reservoirs of communications metadata that the government uses to spy on us. Law enforcement officials kept Hemisphere “under the radar” for many years—hidden from courts, legislators, and the general public—until the New York Times exposed the program in 2013...

New documents published by The Daily Beast earlier this week reveal that AT&T required this corrosive secrecy. Specifically, the contract AT&T prepared for police seeking access to Hemisphere provides:
[T]he Government agency agrees not to use the data as evidence in any judicial or administrative proceedings unless there is no other available and admissible probative evidence. The Government Agency shall make every effort to insure that information provided by the Contractor is non-attributable to AT&T if the data is provided to a third-party.
In other words, the first rule of Hemisphere is: you do not talk about Hemisphere. more

Former Rutgers Student Pleads Guilty in Webcam Spying Case

NJ - A former Rutgers University student accused of spying on his gay roommate, who later committed suicide, pleaded guilty Thursday to a reduced charge, ending a long-running case that drew international attention to cyberbullying.

The former student, Dharun Ravi, now 24 years old, streamed video of his roommate, Tyler Clementi, and another man during a sexual encounter in their dorm room in September 2010. Mr. Ravi pleaded guilty in New Jersey’s Superior Court to one felony count of attempted invasion of privacy, the Middlesex County Prosecutor’s Office said. more

"Mr. Bond, you're fired."

Here’s some news that could leave James Bond feeling shaken and stirred: The head of Britain’s top spy agency doesn’t want to hire him.

Alex Younger, the real-life head of M16, the British intelligence agency where the fictional super spy works, tells the British website Black History Month that Bond doesn’t have the qualities he wants for his spies.

“In contrast to James Bond, MI6 officers are not for taking moral shortcuts,” Younger told the website. “In fact, a strong ethical core is one of the first qualities we look for in our staff.”

Although Bond has managed to get through scrapes that would kill many real spies, Younger thinks he’d be weeded out early.

“It’s safe to say that James Bond wouldn’t get through our recruitment process and, whilst we share his qualities of patriotism, energy and tenacity, an intelligence officer in the real MI6 has a high degree of emotional intelligence, values teamwork and always has respect for the law… unlike Mr Bond!” more

Agent Kingfisher Dead - Just Coincidence? - You Decide

Serial protester and spy enthusiast...
who called himself 'Agent Kingfisher' and disrupted a royal James Bond premiere suffers ‘unexplained’ death days after he was caught urinating in the MI5 foyer. more

Iceland's Pirate Party Prepares for Power

The party that could be on the cusp of winning Iceland’s national elections on Saturday didn’t exist four years ago.

Its members are a collection of anarchists, hackers, libertarians and web geeks. It sets policy through online polls – and thinks the government should do the same. It wants to make Iceland “a Switzerland of bits,” free of digital snooping. 

It has offered Edward Snowden a new place to call home. And then there’s the name: in this land of Vikings, the Pirate Party may soon be king...

The Pirates, they say, are less about any specific ideology than they are about a belief that the West’s creaking political systems can be hacked to give citizens a greater say in their democracy. more

Thursday, October 27, 2016

IoT Takes Down the Net — "Wow, didn't see that coming."

If you followed this blog you would have. The topic has been in the Scrapbook for years. IoT insecurity trend has been building for a long time. Few paid attention. When it knocked out the Internet people start taking notice.

Let's review a few of the old posts. Then, imagine a month without the electrical grid.

2009 Video over IP. Convenient, but not secure.
2011 Security Director Alert: Unsecured Webcams Hacked
2011 Man Hacks 100+ Webcams and Makes Blackmail Videos
2011 Scared of SCADA? You will be now...
2012 SpyCam Story #647 - Unintended Exhibitionists
2013 Shodan - The Scary Search Engine
2013 Baby Cam Hackers Can See You, Hear You, and Talk to You... and Your Kids
2013 The Ratters - men who spy on women through their webcams
2013 Spybusters Tip #972 - Own a Foscam camera? There is a security update for you!
2015 Is Your Home Security System Putting You at Risk? at eleven.
2015 Some Top Baby Monitors Lack Basic Security Features
2016 FutureWatch - Keep Your Eye on IoT - The Encryption Debate is a Distraction
2016 Do You Have an IoT in the Workplace Policy? (you need one)
2016 Security Alert: Your Security Camera May Have Friends You Don't Know About
2016 Your New IoT Ding-Dong Can Open Your Wi-Fi... to hackers
2016 Security Director Alert - 46,000 Internet-accessible Video Recorders Hackable
2016 Mom Alerted - Daughters' Bedroom Nanny Cam Streaming on Internet
2016 Hackers Infect Army of Cameras, DVRs for Massive Internet Attacks 

Lawmakers, force the manufacturers of these devices to a higher security standard. ~Kevin

Tuesday, October 25, 2016

O.S.S. Heros Honored ...except by Congress

In February 1945, a small group of personnel assigned to the Office of Strategic Services, the wartime spy agency, scrambled to prepare for a particularly risky mission: inserting a team of agents deep behind Nazi lines with the goal of gleaning crucial enemy information.

For a host of reasons, the proposed operation seemed like a suicide mission. The area targeted for dropping the three-man team into Nazi territory was high in the Austrian Alps, surrounded by towering peaks and flanked by antiaircraft weaponry. Even if the drop went as planned, some of the spies tapped to infiltrate enemy ranks were European-born Jews, increasing the dangers they faced.

After the Royal Air Force refused the dangerous mission, code-named Operation GREENUP, John Billings, then a lieutenant in the U.S. Army Air Corps, was given the job.

Billings and other veterans who made possible some of World War II’s most daring spy missions were among those honored this weekend by the OSS Society
, a group that includes former OSS members and members of the U.S. intelligence, military and Special Operations communities.

In addition to Billings, Gaetano Rossi and Caesar Daraio, two then-sergeants who were part of operational groups made up of Italian American volunteers, were honored with OSS Society awards for their work advancing the Allied cause during World War II. Also honored at this year’s “spy ball” was David Cohen, who served as director of operations at the CIA and as a senior intelligence official with the New York City Police Department, and retired Gen. Norton A. Schwartz, former Air Force chief of staff.

After retiring from the military as a captain, Billings became a commercial pilot. At age 93, he still pilots a Cessna Cutlass. Most of the time he flies “angel flights,” transporting people in need of medical attention.

The OSS Society is advocating passage of a proposed measure that would honor the wartime spies, which so far has not gained required congressional support.
The proposal, which would award living OSS veterans the Medal of Honor, has stalled in the House.*  more

*You can help get this bill passed. It's easy. Click here, see top right corner.

The OSS Society is a 501(c)(3) charitable organization. All donations are tax deductible to the fullest extent of the law. Membership in The OSS Society is available to OSS veterans, their descendants, current and former members of the U.S. intelligence community and U.S. Special Operations Forces, and people who are interested in General Donovan's "unusual experiment" - the Office of Strategic Services.

The OSS Society®
7700 Leesburg Pike, Ste. 324
Falls Church, VA 22043
Phone: 703-356-6667

Indianapolis Colts App Accused of Eavesdropping

The Indianapolis Colts, mobile developer YinzCam and audio technology company LISNR were named in a class action lawsuit filed Oct. 14 in Pennsylvania
App asking for access.
alleging that features of the team’s official app allowed them to listen in to private conversations without consent.

Plaintiff Alan Rackemann, a citizen of Indiana pursuing punitive and statutory damages, lists San Francisco-based law firm Edelson PC as a member of his legal counsel in the case. The Golden State Warriors’ official team app was the focus of a similar lawsuit filed in August that saw Edelson PC also represent the plaintiff in that case, LaTisha Satchell.

“It’s a lot of things that are fishy,” LISNR CEO and founder Rodney Williams said in response to the allegations. “It’s a little bit of lawyers being opportunistic, and it’s a lot of false allegations and just bad information.” more

Monday, October 24, 2016

Interception of LTE Cell Phone Calls, or LTE = Let's Telephone Eavesdrop

Ruxcon Hacker Wanqiao Zhang of Chinese hacking house Qihoo 360 has blown holes in 4G LTE networks by detailing how to intercept and make calls, send text messages and even force phones offline.

The still-live attacks were demonstrated at the Ruxcon hacking confab in Melbourne this weekend, with the demo offering a recording of the hack perpetrated in part on a live network. It exploits fall-back mechanisms designed to ensure continuity of phone services in the event of overloads.

The tested Frequency Division Duplexing LTE network is more popular than TDD-LTE and operates in Britain, the US, and Australia. The competing Time Division Duplexing (TDD) LTE network is more common in Asian countries and in regions where population densities are higher.

Zhang conducted further tests after The Register inquired whether the attacks would work against TDD-LTE and found all LTE networks and devices are affected.

"I asked my colleagues to test TDD-LTE yesterday and it works well, so it really can work against all LTE devices," Zhang says.

"This attack exists [and] it's still reasonable."

...Zhang says the attacks are possible because LTE networks allow users to be handed over to underused base stations in the event of natural disasters to ensure connectivity.

“You can create a denial of service attack against cellphones by forcing phones into fake networks with no services,” Zhang told the conference.

You can make malicious calls and SMS and … eavesdrop on all voice and data traffic.more

Sunday, October 23, 2016

Spy Camera News: Seven Cameras Found in One Airbnb

NV - A man is facing criminal charges after eight people were recorded secretly by hidden cameras in his Airbnb vacation rental home in Las Vegas.

Clark County District Court records show that Christopher Gregory Rogers was indicted last week on five counts of capturing an image of the private area of another person, a gross misdemeanor...

According to a declaration prepared by a Las Vegas police detective, a man and his employees needed a place to stay during the annual Consumer Electronics Show and found Rogers’ listing on Airbnb...

On Jan. 4 the renters met with a host, whom police believe is Rogers’ employee. They noticed security cameras in the common areas of the home and were told the private rooms had no cameras, according to the police report.

Five days later, the renters noticed the smoke detector in the master bathroom had a small camera hidden in it. The renters found other hidden cameras in the private areas of the home and notified Las Vegas police.

A total of six hidden spy cameras were found in the bedrooms and a bathroom. The cameras were being fed to a server room, which contained a digital video recording device, according to the report.

An Additional iHome radio contained a small camera that recorded to a flash drive. Some cameras were pointed at the beds, some at a sitting area in the master bedroom and one at the master shower, the report said. more

Learn how to protect yourself from spycams. Visit

Man Admits Spying on UEA Students in Toilets and Shower

UK - Luke Mallaband, 22, was once in a relationship with one of the women he recorded showering, although she had not consented to being filmed.

Norwich Magistrates Court heard the filming of students at the UEA, and other locations, had been “going on for a number of years”.

Josephine Jones, prosecuting, said a woman using a gender neutral toilet in the UEA library noticed a “white plastic bag on the floor which appeared to have a hole in one corner”.

She had noticed the bag a few days before and opened it to discover a box which also had a hole in it.

“Inside the box she found an iPhone 6 which was recording.”

In total 38 videos had been recorded on an iPhone at various locations, including toilets at the UEA, a bathroom and also at Mary Chapman Court student accommodation at UEA. more

Student Fined for Spying on Women via their Webcams

Student from Munich fined €1,000 for spying on 32 different computers, using their webcams to take photographs, or record their keyboard history. more

Former Director of Enchanted Forest Denies Spying on Women

The former director of the Enchanted Forest lightshow and Pitlochry Festival Theatre has been accused of secretly spying on women and filming them for more than three years. more

Yet Another Spycam Story This Week

UK - Jack Eldred hid a secret camera at his unsuspecting victim's house and filmed her drying herself off with a towel.

Eldred later sent the victim some of the shots on Facebook and threatened to forward them to her boyfriend.

"There is no dispute he made the recordings - they were not only found on his phone, but in one of the videos he can be seen setting up the hidden camera" she said.

In the clip, he was wearing a hoodie as he smiled directly at the camera and gave a thumbs up sign with both hands. more

Friday, October 21, 2016

What Do You Call the New Vinyard in Spy Valley? ..."The Must Sea"?

NZ - A Marlborough wine company with an espionage theme is calling on members of the public to help name their new vineyard.

Crowd sourcing names can be a risky business, as the National Environment Research Council in the United Kingdom found out earlier this year...

Although they derived their name from the presence of the communications orbs in the Waihopai Valley, McCone said Spy Valley Wines did not hold any contracts to supply spooks with wine.

"They do occasionally come in their unmarked vans to buy some wine on a Friday afternoon though," he said. more

Sheriff Arrested - Bugged Ex-girlfriend

TX - The sheriff of Palo Pinto County has turned himself in on felony charges 

of spying on his ex-girlfriend.

Ira Mercer is accused of using an electronic device to intercept his former girlfriend's communications. The indictment lists two incidents, one on Jan. 24, 2015 and again on Dec. 10, 2015...

He is not seeking re-election and his term ends at the end of the year. more

Shades of...
Former Lake Co. deputy accused of illegally recording ex-girlfriend

DIY NSA home, in your spare time!

Harold Thomas Martin is alleged to have spent more than 20 years collecting data from multiple government agencies, federal prosecutors said.

My conception photo of his home office.
Court documents say 50 terabytes of data had been seized but it is not clear how much of this was classified...

Mr Martin was employed with Booz Allen Hamilton, the same consulting firm that employed Edward Snowden, who gave documents to journalists exposing NSA surveillance practices...

If the case succeeds, it raises serious questions about NSA security, says Alan Woodward, a computer security expert from Surrey University.

"The only extraordinary thing about this story is the volume of data stolen," he said.

"If someone was taking the data out of the NSA over a very long period of time, regardless of motive, it does raise a few questions about how they were able to do that: if someone is removing data habitually you'd expect that to be spotted." more

ESCAPE THE NET: A 5-step guide to going MIA online

How do I erase myself from the internet? With growing concerns over online privacy and government surveillance, what was once a seemingly unthinkable question is now becoming more common...

The answer, as you may have guessed, is not so simple. As the saying goes, the internet is forever, and smart, dedicated stalkers will always be able to track you down. But if you're committed — and patient — you can come awfully close to removing your digital footprint. Here's how to do it.

Step 1: Delete your social, shopping and entertainment accounts.

Step 2: Search for yourself and cut any remaining ties.

Step 3: Remove outdated search results.

Step 4: Clear your information from data collection sites.

Step 5: Contact your phone company, unsubscribe from mailing lists and delete your email accounts.
(details on each step here)

Congratulations, you no longer exist online. Right? Well, actually ... you probably still do. It's incredibly hard to fully delete your presence on the internet, but by following these steps, you've come as close as you possibly can.

Wednesday, October 12, 2016

Business Espionage Alert: Spying is the New Hacking

Increasingly cybercriminals are using spying techniques better associated with intelligence agencies 
to identify relevant information about you and your life and turn that around to attack you.

"There are no hackers, they're all gone -- there are only spies," says Eric O'Neill, national security strategist for Carbon Black and a former FBI counter-intelligence operative.

"The new hackers are using traditional espionage techniques and they're blending it with advanced cyber penetrations in order to steal information," he says, adding "just ask the DNC". more

As predicted back in 2013. Help is available. ~Kevin

Smart Watches Banned from Government Meetings

Apple Watch reportedly banned from UK government meetings due to Russian spying fears.

Virtually all connected devices are susceptible to hacking, which is why the UK government banned smartphones from cabinet meetings over fears that they could be used by foreign agents to eavesdrop on sessions. Now, the ban has been extended to cover Apple Watches and similar wearables.

The Telegraph reports that the UK government's biggest concern is that Russian spies could potentially hijack any smart device to discover national secrets. “The Russians are trying to hack everything,” said one source.

There haven't yet been any reported incidents of cybercriminals, Russian or otherwise, using smartwatches to listen in on sensitive government meetings, but the idea isn’t just a case of being overly paranoid. more

Beans from Boston Accused of Spying

CT - A borough couple is suing their neighbors in federal court, alleging they have used the windows and porches of their newly enlarged home to “launch a full scale threatening attack” on their neighbors by continuously spying on them.

Dave and Reba Williams also allege that their Water Street neighbors, Randall and Elizabeth Bean and their two adult sons, Christopher and Matthew, may also be disseminating their recordings and photographs electronically and in other ways.

They allege the two Bean sons have undertaken the surveillance in an “deliberate, calculated effort to harass them.''...

The Williamses, who are in their 80s and residents of Greenwich, have a summer home at 24 Water St. that is appraised by the town at $1.7 million. They bought the home in 2007.

The Beans, who live in Boston, have a summer home at 28 Water St. that they bought in 2014 and is appraised by the town at $1.4 million. Both homes are on Stonington Harbor. more

Yahoo Email'ers Fed-Up with Hacking and Spying Find Forwarding Door Locked

After back-to-back revelations that hackers had compromised a staggering 500 million Yahoo Mail accounts and that the company had complied with a US government request to open incoming emails for surveillance, 

some users are having a hard time switching to any of Yahoo's competitors.

While it remains unclear how many users intend to leave over the privacy concerns and bad publicity, several told the Associated Press that their ability to do so has been hampered since the beginning of the month, when Yahoo disabled its automated email-forwarding option.

Those who had already set up their forwarding are unaffected, but those who wish to begin forwarding messages now are unable. more

Monday, October 10, 2016

How to Delete Your Private Conversations from Google

Google could have a record of everything you have said around it for years, and you can listen to it yourself.

The company quietly records many of the conversations that people have around its products. 

The feature works as a way of letting people search with their voice, and storing those recordings presumably lets Google improve its language recognition tools as well as the results that it gives to people.

But it also comes with an easy way of listening to and deleting all of the information that it collects. That’s done through a special page that brings together the information that Google has on you.

It’s found by heading to Google’s history page and looking at the long list of recordings. The company has a specific audio page and another for activity on the web, which will show you everywhere Google has a record of you being on the internet. more

Friday, October 7, 2016

Bugged Samovar Leads to Arrest of Russian Officials

Russia's security service arrested three senior officials after recording conversations using a bug hidden in a samovar they had given as a gift of thanks for anti-corruption efforts, it's emerged.

According to the influential Kommersant newspaper, the Federal Security Service (FSB) planted the bug as part of an investigation into senior officials of the Russian Investigations Committee (SKR) who were said to be taking bribes. The samovar - engraved with the letters "FSB" and the organisation's logo - been presented to the head of the Investigations Committee's Internal Security Directorate, Mikhail Maksimenko, and was left sitting in his office, Moscow daily Izvestiya reports.

The three were arrested in July, but details of the bugging operation have only just been revealed as their case comes to court. more

But wait! 
There's more!
This isn't the first time a Russian samovar has been accused of being a bug. 
Check this out.  ~Kevin

Wednesday, October 5, 2016

Business Espionage: Houston Fortune 500 Energy Company Invaded Twice

The Federal Bureau of Investigation says it is looking into the theft of intellectual property from a Fortune 500 company in Houston’s energy corridor.

The company has asked to not be identified for security reasons, but the FBI wants to know why the man took several items from the business during its off-hours last year.

The man was caught on camera during the theft and during another burglary attempt at the same company.

According to the FBI, at approximately 3 a.m. on June 25 the burglar gained unauthorized access into the building through a defective door. After spending a couple of hours inside, the man exited with property belonging to the company and its employees.

On Dec. 30, the same man attempted to enter the same Fortune 500 Company. This time, the man was unable to get into the secure area of the building. He stole a security radio from a desk in the lobby on his way out. more

As IT security becomes better, intrusion, theft and the planting of bugging devices will increase. Conduct periodic technical surveillance countermeasures (TSCM) to reduce opportunities and risk. Read the Facilities Management article,  How to Handle Counterespionage to learn how. ~Kevin