Monday, March 13, 2017

Another Leak of Security Clearance Files (WTF?!?!)

via zdnet.com...
An unsecured backup drive has exposed thousands of US Air Force documents, including highly sensitive personnel files on senior and high-ranking officers.

Security researchers found that the gigabytes of files were accessible to anyone because the internet-connected backup drive was not password protected.

The files, reviewed by ZDNet, contained a range of personal information, such as names and addresses, ranks, and Social Security numbers of more than 4,000 officers. Another file lists the security clearance levels of hundreds of other officers, some of whom possess "top secret" clearance, and access to sensitive compartmented information and codeword-level clearance.

Phone numbers and contact information of staff and their spouses, as well as other sensitive and private personal information, were found in several other spreadsheets.

The drive is understood to belong to a lieutenant colonel... more

The device has since been taken offline and it is unclear if anyone other than members of the MacKeeper Research Team had access to the files or how long they were available. more

Enough is enough!!! 
Make information security a top priority, wherever you work, right now! 
(My security clearance info was stolen during the OMB hack of 2015. I'm still pissed.) ~Kevin

Anti-Surveillance Sunglasses – Q Would Be Proud

via... digitaltrends.com
...there’s a new set of spectacles on Kickstarter that might help you bamboozle even the most sophisticated facial recognition tech.

The Eko shades, as they’re called, are rimmed with a type of retro-reflective material that bounces light back to exactly where it came from. Most surfaces reflect light by diffusing or scattering it in all directions, but this material is specially designed to reflect light back at the exact same angle as it arrived.

If caught in flash photography, retro-reflective material will send most of the light back to the camera’s sensor. This will put the dynamic range of the camera’s sensor to the test, and likely result in an image that’s underexposed for everything but the rims of your glasses.

Of course, this won’t help much for any camera that doesn’t require a flash, but it’s still a pretty interesting concept. more

...and the DIY hat to go with them!
1937 prototype anti-mind control device.
(Ok, who said, "Too late. She has already lost hers.")

Friday, March 10, 2017

Hotel Spying Fears

Last week, New York’s famed Waldorf Astoria hotel closed for two years of renovations amid ongoing concerns that the Chinese government could be spying on guests. 

For decades, US government officials stayed at the hotel during the United Nations General Assembly. But in 2015, after the Waldorf was sold to the Chinese Anbang Insurance Group Ltd, President Obama and State Department officials moved elsewhere, citing security concerns.

Last month, New York Post gossip columnist Cindy Adams speculated that the reason for the renovations is that the hotel “is getting hardwired”...

Worries about espionage could lead not just political officials but also business executives to steer clear of properties owned by Anbang and other foreign companies. It’s common knowledge that governments —including the US, France and China — spy on foreign businesses. more

Extra Credit Reading: Who's Watching You In Your Hotel Room? ...and more


Education.

One New Solution to the USB Port Vulnerability

The USG is a small, portable hardware USB firewall that isolates a potentially harmful device from your computer. It's designed to prevent malicious USB sticks and devices laden with malware from infecting your computer...

The problem is that most computers automatically trust every USB device that's plugged in, which means malicious code can run without warning.

It's not just computers: Cars, cash registers, and some ATMs also come with USB ports (desk phones and printcenters, too), all of which can be vulnerable to cyberattacks from a single USB stick.

While the USG will protect against low-level USB attacks, it won't protect against malware stored on the flash drive itself.

Fisk explained on his Github page, where the code is available, that the project is "particularly useful for individuals and organizations that face advanced threats including corporate espionage or state sponsored attacks." more

Toshiba Nixes Foxconn - Business Espionage Fears

Taiwan’s Foxconn, the world’s largest contract electronics maker, is not a favored bidder for Toshiba memory chip business because it is too close to China.

Apparently the Japanese government has told Tosh that flogging its flash business to China would be opposed because it means the transference of key technology.

Foxconn has plants in China, and the Japanese fear that putting the tech close to the Chinese would result in the tech leaking out due to industrial espionage and internal corruption. more

Tuesday, March 7, 2017

Consumer Reports Adds Privacy to its Checklists

Consumer Reports announced Monday it would begin considering data security in its comprehensive product reviews. 

Consumer Reports will use new standards to evaluate the quality of "internet of things" gadgets based criteria such as how secure products are and what sorts of disclosures are made when a device is collecting your data. The goal: For consumers to feel safer, and to not have to worry about the real threat of (for example) hackers taking over their baby monitor. more

Electronic Surveillance: Trust Your Instincts - Don't Wait 10 Years

A Craig, Iowa man will spend up to ten years behind bars for spying on a family in their home over the course of a decade. A judge sentenced 67-year-old James Grasz on five charges including sexual exploitation of a minor, and invasion of privacy.

Prosecutors say Grasz videotaped adults, and juveniles, in various states of nudity, without their consent, for ten years, or more. Authorities started investigating, last March, after a woman complained that she felt like she was being spied onmore

Pole Cam Issue Flagged as Possible Spy Tool

Pakistan has raised concerns that India’s tallest ever flag, which can be seen from Lahore, could be used for “spying”.

India erected a 110 metre (360 feet) high flag at the Attari Border in the northern state of Punjab, prompting Pakistan to accuse its neighbour of violating international treaties.

Pakistan has complained to the Border Security Force and raised suspicions that hidden cameras may be installed on the flag pole for spying purposes. more

High Flying Corporate Espionage Lawsuit

Panasonic Avionics plans to seek immediate dismissal of a lawsuit filed by software company CoKinetic Systems, which claims PAC employed unlawful means to monopolize the market for IFE software and media services on the IFE hardware it supplied to airlines...

The firm’s suit, filed in the US District Court for the Southern District of New York, alleges that Panasonic Avionics willfully violated open source licensing requirements, breached contractual obligations to CoKinetic, abused FAA regulatory processes, conducted corporate espionage, and defamed CoKinetic and sabotaged its products...

Separately, Panasonic Corp on 2 February revealed in a stock exchange filing that the DOJ and SEC are probing PAC’s sales activities, and said it had begun talks with authorities to try to resolve the matter... PAC’s CEO and CFO departed the company last month. more

Thursday, March 2, 2017

Spycam News: A Darwin Award to Another Spy Who Shot Himself

OH - Judge Robert Peeler sentenced a former Deerfield Township maintenance man to four years in prison, for putting hidden cameras in women's apartments. 

Gerald Rowe will also have to register as a Tier 1 sex offender. Rowe worked at the Steeplechase Apartments in Deerfield Township. A woman called police after finding one of his hidden cameras in the vent of her bathroom in May 2016, according to Prosecutor David Fornshell.

Warren County Sheriff's Office detectives found videos from four other apartments from February through May.

Rowe mounted the cameras to get video of the women undressed. One of the videos shows Rowe's face while installing the camera. more

FutureWatch: Cheap, difficult to detect, short-range, long-term bugs.

Researchers at the University of Washington (UW) have pioneered a technique where everyday objects can be embedded with transmitters that piggyback ambient FM signals to send data to nearby smartphones and radios using almost no power. 

The technique makes used of backscattering, which is the reflection of waves, particles, or signals back in the direction they came from. The system uses a low-power reflector to encode specific audio or data on top of reflected signals from an existing FM broadcast, with the data sent on an adjacent band so as not to interrupt any current radio transmissions.

The key benefit of the technology is that it has an extraordinarily low level of power consumption, meaning that it can easily be incorporated into everyday objects at a low cost...



The antennas are made of thin copper tape and can be simply embedded into objects like advertising posters or articles of clothing. Initial demonstrations of the technique showed the total power consumption of a transmitter embedded into a poster to be as little as 11 microwatts – an output that could run uninterrupted off a small coin-cell battery for two years...

The UW team has produced two working proof-of-concept prototypes demonstrating the technology. The first was dubbed a "singing poster" that transmitted portions of a band's music to a smartphone up to 12 ft (3.6 m) away, or a car up to 60 ft (18 m) away more

FutureWatch: Cheap, difficult to detect, short-range, long-term bugs. The traditional police "wire" invisibly woven into undercover investigators' clothing.  ~Kevin