Thursday, January 31, 2019

Business Espionage – A Cunning Protection Plan to Protect us and U.S.

We are bombarded with news stories and court trials tornado-ing around Chinese spies. They’re everywhere. Collecting everything. They are such a fixture in and around our hapless businesses that it only seems right to offer them health insurance, a pension plan, cookies and milk.

But wait. Let’s think this through.

Aren’t these the folks who had the secrets of silk stolen from them by Justinian I? Humm, could this be why great neckties are made in Italy, not China? Even their espionage death penalty law couldn’t protect them. Boom! Business espionage devastated their economy.

I also recall a dude from the UK, Robert Fortune, sort of an early 007. He was sent to steal the secrets of tea production from… Have you guessed yet? China! That caper is now know as The Great British Tea Heist. Boom! Business espionage devastated their economy yet again.

Oh, and what about the Chinese secret of making porcelain? A French Catholic priest stole that one. BOOM!! I could go on and on. Gunpowder, paper, etc. Bing! Bam! BOOM! 

Feeling sorry for China yet? Don’t. They are making up for it, right now. The disk drive that just started whirring in your computer… it might be them.

And, don’t think this is just some cosmic Yin and Yang, great mandella, or as we say here in New Jersey, “What goes around, comes around.” No, that explanation is too simplistic, not to mention fatalistic. There is more to this industrial espionage business. The circle is bigger. This is history repeating itself, over and over and over, but I think I have the solution... more

Second Apple Pickin' Spy Caught in Last 6 Months

The United States FBI this week accused a Chinese citizen working for Apple of attempting to steal trade secrets that are related to the company's autonomous vehicle program, reports NBC Bay Area.

Apple launched an investigation into the employee, Jizhong Chen, when another employee spotted him taking photographs "in a sensitive work space." 

 Apple Global Security employees searched his personal computer and found "thousands" of Apple files, including manuals, schematics, photographs, and diagrams. 

Chen had recently applied for a position with a China-based autonomous vehicle company that is a direct Apple competitor. Chen was arrested a day before he was set to fly to China. 
Apple in a statement said that it is working with the authorities."Apple takes confidentiality and the protection of our IP very seriously," the company said in a statement Tuesday. "We are working with authorities on this matter and are referring all questions to the FBI."

This is not the first time an employee has been caught trying to steal secrets from Apple's car team. Back in July, the FBI charged former Apple employee Xiaolang Zhang with theft of trade secrets for stealing hardware and software that included prototypes and detailed prototype requirements. more


Wednesday, January 30, 2019

Tired of Smartphone Security Vulnerabilities? Go Dumb!

Punkt - The MP02 is significantly more complex than the MP01, so we have teamed up with BlackBerry to keep it secure. BlackBerry adds enhanced security to the device at the point of manufacture, which means the MP02 is hardened and highly secure. With BlackBerry’s integrated software components, the MP02 will be built with security from the start so you can trust that your data will be safe. more

The new Nokia 3310 2.4” polarized and curved screen window makes for better readability in sunlight. Remember when you could leave the house without a charger? Well, with the Nokia 3310, you can. It comes with a long-lasting battery, so you can talk all day, or leave the phone on standby for up to a month. When needed, a Micro-USB port makes charging simple. more

The Light Phone 2 is a 4G LTE phone with a beautiful black & white matte display. It's a more reliable, durable, and practical phone than its predecessor. It brings a few essential tools to the Light Phone, like messaging,  an alarm clock, or a ride home, so you can leave behind your smartphone more often... or for good. We call this experience 'going light'. more (An indiegogo project at the moment.)
Another dumb phone, the Alba Flip fits right between the borderline-brain-dead dumbness of the Light Phone and the smarter-than-you’d-think trickery of the Nokia remakes. Plus, it's a flip phone, which you've got to love. The Alba Flip is not designed to be a basic phone. Alba are a brand designed for those who struggle with conventional mobile phones, either through technophobia or because of visual impairments. more (Warning: 2G only which is becoming harder to rely upon as it is phasing out. In the U.S. that means T-Mobile 2G.)


And, the dumbest one I've ever used... The BM70 is the smallest phone which supports 4G network. With built-in Micro SIM card slot, it can store 250 contact numbers. Not only a mini cell phone, also a Bluetooth earphone more (Only $12.99, and yes it really works.) ~Kevin

If you don't go dumb, go smart, and smarter.

Shred Bin Security – Yours Stinks – Fix it for Free

Shred Bin Security — How to upgrade it... probably for free!
If you have a sizable contract with a shredding company, keep reading.
 

The Shred Bin Security Conundrum

Your organization realizes they need help getting rid of their wastepaper. Some of it can be recycled. Easy. There are plenty of recycling companies around. Some of it, however, contains sensitive information that must be destroyed.

So, you contact your local "I-Rip-A-Part" shredding company.

You are offered your choice of two shred bin styles, if you are lucky. The elegant particle board beige box, or the converted garbage can.

Both scream security joke. But hey, they only gave you two choices. So, you take what "I-Rip-A-Part" gives you. After all, it's their business. They know best.

Your employees may not laugh out loud, but they get the message. Management either doesn't know much about shred bin security, or they only care enough to make it look like they are doing their due diligence. The result...

Pretty soon these start popping up.

 

Who's laughing now?
Just the office snoops, competitive intelligence professionals, activists, news media, hackers, etc.

Let me provide some background before providing a workable solution. The crummy shred bin issue is a problem for most U.S. based organizations.

The problem has two roots:
  1. A lack of understanding about information security on the part of the confidential information custodians.
  2. Shredding companies preying on this ignorance to maximize their profits. (Number one allows number two.)
Most shred bins being provided by shredding companies are nothing more than security theater; a mental bandage playing to the threat. They are inexpensive, ineffective, and won't prevent any semi-espionage adept person from taking what's inside. 

Attacks include: unscrewing the cabinet, picking the cheap lock, sticking a $8.00 flexible grabber through the slot, bending the plastic lid back, or pulling the inner liner bag through the slot... more

Inside Information: Email Sales Pitches Some Spies Receive

Only the names have been changed to protect the reticent.

Intercept and capture any phone ANYWHERE in the world... Remotely!

Are your clients looking for a powerful solution to capture all app messages?

Our new monitoring technology for deployment on cellphones is now available.
  • Penetrate cellular defenses
  • Generate effective access to Target devices
  • Perform interception of their data communications
  • Operate in 'new' locations, without requiring any integration
  • Extract data from phones without any user interaction required
Our solution utilizes a new proprietary interception method which remotely captures any target device, irrespective of country or device location.

This advanced method of interception does not require any infrastructure or tactical equipment to gain access to a target’s communication path.

The latest model, Octo+2, can target up to 10 phones at any one time and convert their microphones to a listening post for worldwide audio and video monitoring.

It’s now time to turn on the microphone on your target’s phone so you can listen from any where in the world!
.... Available to authorized agencies only.

Tuesday, January 29, 2019

The Case of the Bumbling Spy

Just the interesting bits...
The case of the bumbling spy is the latest episode involving undercover agents, working for private intelligence firms or other clients, who adopt false identities to dig up compromising information about or elicit embarrassing statements from their targets...

The phenomenon of private spies drew widespread attention in 2017, when Black Cube, an Israeli private intelligence firm, was found to have used undercover agents to approach women who had accused Harvey Weinstein, the Hollywood producer, of sexual misconduct...

At their lunch meeting, he read questions from cue cards of three colors that seemed to be organized by topic, explaining that at his age he needed them to keep the details straight. He held the cards in one hand, while in the other he held and awkwardly pointed a pen that appeared to contain a video recorder, Mr. Scott-Railton said. (John Scott-Railton, a senior researcher at Citizen Lab

In a phone conversation, he had told Mr. Scott-Railton that he had a son about his age. When they met, he said the child was a daughter. more





The point is obvious. Nine out of ten private investigators did not graduate in the top 10% of their class. However, there are plenty out their who did, and they can pretext you and bug your office quicker than a magician can make a coin disappear.

FaceTime Bug Lets Callers Hear You Before You Answer

Users have discovered a bug in Apple's FaceTime video-calling application that allows you to hear audio from a person you're calling before they accept the call—a critical bug that could potentially be used as a tool by malicious users to invade the privacy of others.

Apple: "We're aware of this issue, and we have identified a fix that will be released in a software update later this week." An hour or two after this post went live, Apple disabled Group FaceTime to mitigate the bug.

The bug requires you to perform a few actions while the phone is ringing, so if the person on the other end picks up quickly, they might not be affected. Knowledge of how to use the bug is already widespread.

The steps include:
  • Tap on a contact on your iPhone to start a FaceTime call with them.
  • Swipe up and tap "Add Person."
  • Instead of adding a new person, enter your own number and add yourself as another participant in the Group FaceTime call. more

Updates: What we have also found is that if the person presses the Power button from the Lock screen, their video is also sent to the caller — unbeknownst to them. In this situation, the receiver can now hear your own audio, but they do not know they are transmitting their audio and video back to you. From their perspective, all they can see is accept and decline. (Another update: It seems there are other ways of triggering the video feed eavesdrop too.) more

Temporary fix. General smartphone security tips.

Friday, January 25, 2019

Hackers Access Family Security Cameras - Then Yell and Curse

WA - If you have security cameras connected to the internet inside your home, you’re going to want to play close attention to this story. A local family says someone hacked their account and watched them for weeks inside their home; even yelling and cursing at their children...

The couple says things got really creepy this week, while Abby and the children sat here in the living room. She says could hear multiple male voices. At first, she thought it was Conrado just checking in via the security cameras.

“And then they started cussing...

Abby wanted proof. “I grabbed a chair and I was doing this, but my face was back here and my hand was right here because I didn’t want to look at them. They were like stop recording us! What the ‘F’ are you doing?...
Abby and Conrado called Auburn Police, who confirm they are investigating. more

Eyeglasses and Earbuds for Real Spies

Misumi Electronics Corp. is a prestigious name in the fields of Spy applications, Surveillance system, Industrial inspection, and Medical application. They specialize in making modules and finished products, including camera modules, transmitters, UVC, USB capture cards and grabbers, and accept customized camera request as well.

The example below shows off the high-resolution of their cameras, including the ability to read computer screens and instantly transmit the video elsewhere. A spy wearing these eyeglasses and earbuds can see in three directions at once, in high-definition, without anyone knowing!

Their tiny, high-quality, HD video cameras have been mass produced for years. Should you come across one, keep searching. There is likely more to find. more
Click to enlarge.

Cybercriminals Home in on Ultra-High Net Worth Individuals

Research shows that better corporate security has resulted in some hackers shifting their sights to the estates and businesses of wealthy families.

Threat intelligence experts and research groups have seen a shift of cybercriminals increasingly targeting ultra-high net worth (UHNW) individuals and their family businesses...

More than half the attacks were viewed as malicious. And, nearly one-third came from an inside threat, such as an employee intentionally leaking confidential information. more

Congratulations to the corporations who have instituted better information security practices. Their elevated security includes periodic checks for electronic surveillance, or Technical Surveillance Countermeasures (TSCM). 

These checks are absolutely necessary at family compounds and home offices. There, guests, staff, and tradespeople have great opportunities to plant audio, video and data electronic surveillance devices.

Wednesday, January 23, 2019

Apple AirPods Live Listen can Eavesdrop

A useful feature of Apple’s wireless AirPods, designed to help hearing impaired, can also be used to engage in eavesdropping...

The feature Live Listen was released with iOS 12, and according to Apple, can be used with AirPods to turn your iPhone iPad, or iPod touch into a microphone - which can then send sound to your AirPods.

“Live Listen can help you hear a conversation in a noisy area or even hear someone speaking across the room,” the website states.

However, as some users have pointed out... 
“If you have AirPods, you can press ‘Live Listen’ to ‘On’ and leave your phone in the room with someone and you can hear what they are saying, thank me later,” one person wrote on Twitter.

People are suggesting it will be a game-changer when it comes to eavesdropping...

Another said: “Literally just bought AirPods to spy on people.more

Australia's New Encryption Law May Rock the World - bad'day mate

A new law in Australia gives law enforcement authorities the power to compel tech-industry giants like Apple to create tools that would circumvent the encryption built into their products.

The law, the Telecommunications and Other Legislation Amendment (Assistance and Access) Act 2018, applies only to tech products used or sold in Australia. But its impact could be global: If Apple were to build a so-called back door for iPhones sold in Australia, the authorities in other countries, including the United States, could force the company to use that same tool to assist their investigations. more

Pinkerton Detectives Still Exist

The security agents, who gained fame as Old West law enforcers, are still around—and they’re not happy about being antagonists in ‘Red Dead Redemption II’

Pinkerton’s National Detective Agency, formed in the 1800s to help law enforcement track down criminals, once sparred with the outlaw Jesse James. It later became entangled in the notorious labor disputes of industrial America.

In the hit videogame “Red Dead Redemption II,” players belong to a gang of bandits in the Old West in 1899 who spend a good deal of time offing Pinkerton agents, known simply as Pinkertons.

The plot twist comes in real life: Pinkerton still exists today as Pinkerton Consulting & Investigations Inc., a specialist in corporate security and risk management—and it’s tired of being the bad guy.

Pinkerton, now owned by the Swedish security firm Securitas AB, hoped a letter sent last month to Take-Two Interactive Software Inc. would persuade the game publisher to do right by the Pinkerton name. The letter included a demand for compensation in the form of a lump sum or “an appreciable percentage of each game sold.” more

To anyone who worked with me at Pinkertons, always feel free to say hello.

Tuesday, January 22, 2019

Tony Mendez - CIA Hero - Dead at 78

Mr. Mendez’s artistic skills, which included hand-eye coordination that enabled him to look at something and copy it precisely, suited the agency’s need for a counterfeiter and forger.

And so began a career that in time would lead Mr. Mendez, who died on Saturday at 78, to orchestrate one of the most audacious covert operations in C.I.A. history: the rescue of six American diplomats from a tumultuous Iran after Islamic militants had stormed the United States Embassy in Tehran on Nov. 4, 1979. The militants held 52 Americans hostage for 444 days, a humiliating foreign policy debacle that would severely undermine Jimmy Carter’s presidency.

The operation, which took place in January 1980, was kept secret until 1997. It was celebrated in a heart-pounding movie, “Argo,” released in 2012, with Ben Affleck (who also directed) portraying Mr. Mendez. The movie won three Oscars, including for best picture, though some critics took it to task for underplaying the vital role of the Canadians in the operation and for inventing certain scenes, such as a chase on an airport tarmac at the end. more

Monday, January 21, 2019

This Month in Video Voyeurism

The following are some of the cases reported by the news media during the last 30 days. Consider them to be the failures. The tip of the iceberg. The people who got caught. Most people don't get caught.

They are posted here periodically to raise awareness of the magnitude of the problem, and the variety of places where this occurs. Fortunately, anyone with a little awareness training can protect themselves.

NY - A former New York nanny is fighting back after she says she was surreptitiously recorded in a bathroom owned by a powerful and well-connected couple, the New York Post reports. Vanessa Rivas alleges she found a spycam inside the guest bathroom of the apartment where she used to work as a nanny, a place where she often showered.

UK - Airbnb guest finds surveillance camera inside his rented apartment but is told he ‘consented’ to it as it appeared in photos of the property...According to Airbnb's Terms and Conditions, a surveillance device must be disclosed. more

UK - A former footballer has been charged with five counts of voyeurism and arson...cameras were allegedly found in the female staff changing room at HMP YOI Portland where Browne worked as a guard and fitness instructor. Further voyeurism charges have since been brought against Browne relating to incidents in Weymouth, Dorchester and Poole. more

OR - An Oregon State University employee is facing criminal charges...after being accused of videotaping several unsuspecting men inside the stall in a Valley Library restroom. more

OH - A man secretly recorded a woman showering in a Norwood home, according to court records...He allegedly attempted to hide a cell phone that was recording in a wopse of towels in a bathroom. "The recording device captured the victim in a state of nudity as well as the identity of Anthony McDaniel placing the device and attempting to hide it," police records state. It is unclear how the phone was discovered. more

UK - Britain's Parliament has approved a law that will make it illegal to take so-called "upskirting" photos...Gina Martin, 26, campaigned to ban upskirting after she chased down a man who had placed a phone between her legs and taken a picture while she was at a crowded music festival in London's Hyde Park in 2017. more

AR - A man has been found guilty of video voyeurism in Washington County Circuit Court...found guilty on multiple counts of video voyeurism and was sentenced to four years in prison, and two years suspended...Godfirnon hid an iPhone with the "Pocket Spy" app enabled in a restroom where he was installing light fixtures. more

S. Korea - A four-year jail sentence given to the co-founder of a South Korean porn website that hosted thousands of videos of women filmed secretly was criticized by campaigners on Thursday for being too light to be a deterrent. more

AR - The Benton Police Department arrested 28-year-old Matthew McCoy, of Rison, without incident Monday, on 30 counts of video voyeurism and two counts of computer child pornography.
All charges stem from a camera discovered in a restroom at a Benton residence. more

WA - A former volunteer coach and athletic director at the Puget Sound Adventist Academy has been sentenced to 10 months in jail after he pleaded guilty to voyeurism...students who were using an athletic department tablet found a video of two female students changing into the basketball uniforms, police said...The volunteer coach was identified because he also recorded himself and could be seen adjusting the camera angle and turning the video on and off. more

UT - Foster parent charged with 100 counts...state police first became aware of the situation and ordered a search warrant after one of the foster children, a 15-year-old, called his sister and told her he found a digital camera device hidden inside a candle holder in the bathroom he showered in. more

Ireland - One of the first sex offenders to be detected in Northern Ireland by the National Crime Agency has appeared in court charged with breaching the terms of a Sexual Offenses Prevention Order...The voyeurism matters came to light when Dynes was caught on his own recording equipment while installing it in a bedroom, which then filmed a female carrying out private act. more

Canada - Former teacher and voyeuristic vice-principal Brent Hachborn’s teaching licence has been revoked by the Ontario College of Teachers. Hachborn, who was convicted of nine counts of voyeurism after it was learned he had been hiding cameras in the false ceiling of a school bathroom... more

KY - A man is accused of spying on a woman and recording her as she was getting out of the shower...According to his arrest citation, Sales-Molina hid a cell phone in a laundry basket. The phone recorded the woman in the nude after she had taken a shower. more

OH - Cleveland County man accused of filming girls on his boat is expected in court Friday...Detectives said Hillard chiseled a hole at the bottom of the door to sneak in a camera to watch... more

NM - Santos Leon-Pereira was sentenced 94 days in jail for placing recording devices in dressing rooms at stores at Coronado Center...According to court documents, two phones were found in a dressing room at Forever 21, both with the video cameras rolling. more

KY - An Owensboro electrician is accused of voyeurism. Officers were notified on Tuesday of a small camera and memory card installed inside a home where Ryan Lloyd had been working.
The victim told police that Lloyd was doing electrical work in their bathroom...The victim found the camera earlier this week...The memory card obtained nude images of the victim's daughter. more

IN - A Gary middle school employee was fired Monday after he was arrested and charged with child pornography and voyeurism...police said the suspect's statements led them to obtain a search warrant for Saldana's home where authorities found photographs, video files, a hidden pinhole camera and photo negatives they said Saldana appeared to be burning when they arrived Saturday. more 

 

Questions We Get - Cell Phone Location Data

"I want to know is whether your location can be tracked if your location based services are turned off?" - from an attorney who reported on the selling of cell phone location data to bounty hunters. more

Good question. The answer is yes.

The information the phone companies are selling is gathered from the phone's administration communications with the cell sites, "Hi. I'm here. I can accept a call." The signal is picked up from multiple cell sites and is evaluated to determine which site is receiving the strongest signal.

Location is determined by triangulation. While not precise, it can get you into the neighborhood.

If they were using the phone's GPS-based location services the location accuracy would be within a few yards. ~Kevin

Friday, January 18, 2019

Counterespionage Checklist: How to Be Safe on the Internet

An open source checklist of resources designed to improve your online privacy and security. Check things off to keep track as you go. more  Scott Adams

Thursday, January 17, 2019

CIA Spy Tool Kit (Preparation H suggested)

The CIA Rectal Tool Kit

The Weed of Crime Bears Bitter Fruits - The Worldwide Huawei Wows

Federal prosecutors are pursuing a criminal investigation of China’s Huawei Technologies Co. for allegedly stealing trade secrets from U.S. business partners, including technology used by T-Mobile US Inc. to test smartphones, according to people familiar with the matter.  

The investigation grew in part out of civil lawsuits against Huawei, including one in which a Seattle jury found Huawei liable for misappropriating robotic technology from T-Mobile’s Bellevue, Wash., lab...

On Wednesday, a bipartisan group of congressional lawmakers introduced legislation that would ban the export of U.S. components to Chinese telecommunications companies that are in violation of U.S. export-control or sanctions laws. Backers said the bill was aimed at Huawei and ZTE Corp...

Last month, Canadian authorities arrested Huawei Chief Financial Officer Meng Wanzhou at the request of U.S. authorities...

In another development, Polish authorities last week arrested Huawei executive Wang Weijing and charged him with conducting espionage on behalf of the Chinese government. more

Wednesday, January 16, 2019

Court: Authorities Can't Force Technology Unlocks with Biometric Features

A judge in California ruled Thursday that U.S. authorities cannot force people to unlock technology via fingerprint or facial recognition, even with a search warrant.

Magistrate Judge Kandis Westmore, of the U.S. District Court for the Northern District of California, made the ruling as investigators tried to access someone's property in Oakland.... (however)

The judge in her ruling stated the request was "overbroad" because it was "neither limited to a particular person nor a particular device." The request could be resubmitted if authorities specify particular people whose devices they'd like to unlock. more

Early Documented Case of Video Voyeurism

The first telescoped PoV close-up in film: As Seen Through a Telescope by George Albert Smith uses an iris'ed close-up to give the impression of filming through a telescope, thus giving the viewer the point of view of the main character. There is also a voyeuristic element as the lead (and each of us) witnesses a bit of naughty action...

Friday, January 11, 2019

Police Surveillance "in an unobtrusive manner, with a sleek, yet friendly look."

Florida law prohibits police departments from using drones to surveil citizens. So Miami Beach cops instead got a small blimp...


(City Manager Jimmy Morales) Morales' letter admits cops bought the "tethered" surveillance balloon to get around the state's ban on police drone surveillance. (The ban, passed in 2015, was dubbed the Freedom From Unwanted Surveillance Act.)...

Morales opines that the small dirigible "provided an ideal vantage point in an unobtrusive manner, with a sleek, yet friendly look." more

New Year’s Resolutions for Your Intellectual Property

by Bryan K. Wheelock - Harness, Dickey & Pierce, PLC 
Its the start of a new year, and here are ten things that you should consider doing to enhance your intellectual property in 2019... more

Number 3 is... "Take secrecy seriously. Trade secret protection depends upon whether steps, reasonable under the circumstances, have been taken to protect the secrecy of the subject matter."

The other numbers offer sage advice as well. ~Kevin

Wednesday, January 9, 2019

Your Tax Dollars at Work - An NSA Freebee!

The US National Security Agency will release a free reverse engineering tool at the upcoming RSA security conference that will be held at the start of March, in San Francisco.

The software's name is GHIDRA and in technical terms, is a disassembler, a piece of software that breaks down executable files into assembly code that can then be analyzed by humans.

The NSA developed GHIDRA at the start of the 2000s, and for the past few years, it's been sharing it with other US government agencies that have cyber teams who need to look at the inner workings of malware strains or suspicious software...

In total, the NSA has open-sourced 32 projects as part of its Technology Transfer Program (TTP) so far, and has most recently even opened an official GitHub account. more

Ding-Dong - Security Cam Man Calling - Weird

CA - Security camera captures prowler getting his licks in.

Click to enlarge.
In ‘weirdest’ case, police say man spent hours near door of home in Salinas... they said spent hours licking the button on an intercom speaker at a home in Salinas, CA...according to Miguel Cabrera, a spokesman for the Salinas Police Department.

Police said the long night of odd behavior began about 2 a.m., when he approached the house and stared straight into the camera of the home’s doorbell surveillance system.

Arroyo hung out in the doorway for more than two hours...the man lay down in front of the door for 20 minutes before springing back up...Afterward, he stood with his back to the camera, appearing to urinate into a planter by the home’s front door, authorities said.

Arroyo also disconnected an extension cord that powered the home’s Christmas lights and walked off with it. Hence the potential petty theft charge, Cabrera said.  “It’s probably the weirdest [case] I’ve heard in many years.” more

Security Awareness Report for Executives

What can executives do to create or enhance environments to enable awareness programs to succeed?

The first of its kind, the SANS Security Awareness Executive Report draws data from the 2018 Security Awareness Report to reveal a detailed analysis of what drives a thriving awareness program. more

Who Are You...Online - Become an OSINT Awesome and Find Out

We are going to show you how to research yourself and discover what information is publicly known about you...

You will not find all the information on a single website. Instead you start with one website, learn some details, then use those details to search on and learn from other sites. Then you combine and compare results to create a profile or dossier of your subject. 
A good place to start is with search engines such as Google, Bing, or DuckDuckGo. Each of these have indexed different information about you...

Start by typing your name in quotes, but after that expand your search...

Examples include:
“FirstName LastName” > What information can I find online about this person
“Firstname Lastname@” > Find possible email addresses associated with this person
“Firstname lastname” filetype:doc > Any word documents that contain this person’s name
more
sing-a-long

Tuesday, January 8, 2019

Judge Nails Husband for Spyware and Eavesdropping on Wife's Calls ...with her attorney ...twice!

A federal judge has levied sanctions on a tobacco heiress’ estranged husband for destroying evidence related to spyware that he secretly installed on his wife’s phone and used to listen in on her calls, including conversations she had with her attorney. 

It was the second time that a judge has hit Crocker Coulson, who is locked in a bitter divorce with Anne Resnik in state court, with spoliation sanctions for destroying evidence of bugging Resnik’s phone. more

Last year...
A man locked in bitter divorce proceedings with a tobacco heiress was caught bugging his wife’s phone and listening in to her conversations with her attorney, an infraction that a Brooklyn judge said should cost him any claim on the family’s wealth. more

The Panopticon Express Doesn't Stop Here

The warnings sound like the plot of a Hollywood spy thriller...

The Chinese hide malware in a Metro rail car’s security camera system that allows surveillance of Pentagon or White House officials as they ride the Blue Line — sending images back to Beijing.

Or sensors on the train secretly record the officials’ conversations. Or a flaw in the software that controls the train — inserted during the manufacturing process — allows it to be hacked by foreign agents or terrorists to cause a crash.  

Congress, the Pentagon and industry experts have taken the warnings seriously, and now Metro will do the same. more

Panopticon is a type of institutional building and a system of control designed ... in the late 18th century. The scheme of the design is to allow all (pan-) inmates of an institution to be observed (-opticon) by a single watchman without the inmates being able to tell whether or not they are being watched.

The Shady Middlemen Who Sell Your Location... in real time.

If you want to follow someone in realtime, you don't need to shell out to shady data-brokers like Securus (which use a marketing company that exploits a privacy law loophole to obtain phone location data).

There are a whole constellation of location data resellers who will do business with anyone, regardless of the notional privacy protections they promise the carriers they'll put in place.

Notably, these resellers do business with bail bondsmen and bounty hunters, who can, for a few dollars, locate any phone on the major carriers' networks.

The carriers were mired in scandal over the Securus affair last year, and pledged to clean up their act (T-Mobile CEO John Legere tweeted "I’ve personally evaluated this issue & have pledged that @tmobile will not sell customer location data to shady middlemen"). They have not. more

Mystery ‘Sonic Attack’ on U.S. Diplomats in Cuba Was Really Crickets

Fake news? You decide.
Diplomatic officials may have been targeted with an unknown weapon in Havana. But a recording of one “sonic attack” actually is the singing of a very loud cricket, a new analysis concludes.

In November 2016, American diplomats in Cuba complained of persistent, high-pitched sounds followed by a range of symptoms, including headaches, nausea and hearing loss.
Exams of nearly two dozen of them eventually revealed signs of concussions or other brain injuries, and speculation about the cause turned to weapons that blast sound or microwaves...

On Friday, two scientists presented evidence that those sounds were not so mysterious after all.

They were made by crickets, the researchers concluded. more

Fact: Buddy Holly released chirping crickets in 1957, and died about two years later. Just coincidence? You decide.

Saturday, January 5, 2019

Protecting Trade Secrets in Court Requires Special Security, Like TSCM

Federal prosecutors said a Chinese national employed by an Oklahoma petroleum company has been charged with stealing trade secrets.

Authorities said Hongjin Tan, 35, is accused of stealing trade secrets from his unnamed U.S.-based employer that operates a research facility in the Tulsa area.

An affidavit filed by the FBI alleges that Tan stole trade secrets about an unidentified product worth between $1.4 and $1.8 billion to his employer to benefit a Chinese company where Tan had been offered work. more

Gal Shpantzer, SANS NewsBites news editor notes... "Have you discussed the concept of trade secrets with your legal counsel? Trade secrets are only legally protected if you secure them in a certain manner, above and beyond normal confidential data. www.justice.gov: Reporting Intellectual Property Crime: A Guide for Victims of Copyright Infringement, Trademark Counterfeiting, and Trade Secret Theft (PDF)

Judge: "When did you last check for bugs?"
TSCM - Technical Surveillance Countermeasures

Friday, January 4, 2019

If Spies Rip You Off Due to Your Own Gross Negligence

S. Korea - The government decided to increase penalties against those who illegally transfer technology.

Under the currently law, the penalty for committing espionage involving core national technologies is a maximum of 15 years in jail. The government plans to change the duration to at least three years, with no limits...
Information security gross negligence. (Murray Associates case history photo)
Regardless of whether the offense was intentional or the result of gross negligence, the guilty party will have to pay treble damages, while the government will seize all gains realized from the illegal transfer. more
 ...very similar to a cunning plan for the United States, first proposed in 2012.

Practice Saying, "Yes Master"...like you really mean it!

ROBOTS spying on your social media profiles could stop you from getting your dream job.

Recruitment AI used by companies to pick out applicants scans your posts for signs you might not be right for the role.

Known as DeepSense, the tool assesses your personality based on your online activity – even if you haven't applied for the role and don't know you're being assessed. The language you use, your photos, how often you post and more is merged into a data profile that tells recruiters your interests, teamwork skills, how extroverted or introverted you are, and even your emotional stability. more


Interesting Trends in Counterespionage

 
A new year with new awareness, or just practitioners tuning up their websites?

Security Ponder - How Big is Your Digital Footprint?

2019 may be the year you consider smaller shoes...
Those of us at a certain age grew up in a simpler time. Email was largely unheard of. There was no social media, no Facebook, Twitter or Instagram. There was no e-commerce, no Amazon, Alibaba or Taobao. No online banking. No online dating. Credit card transactions were processed manually. Local businesses accepted personal checks.

In short, there really wasn’t any such thing as a “digital footprint,” where personal information resides virtually, in an electronic ether, potentially available for anyone to see.

But over the last two decades, we’ve moved more and more of our lives into that realm. And almost as soon as we began, people attempted to gain inappropriate access to information of all kinds...

Will we have to change our standards... Time will tell. But there’s no denying our expanding digital footprints are changing the nature of both personal and organizational security.

Monitoring and managing our online personas has become an essential task...  more  sing-a-long

Tuesday, January 1, 2019

Happy New Year! It's 1984 ...in 2019

Students at more than 10 schools in Guizhou Province, one of China’s poorest provinces, and the neighboring Guangxi region are now required to wear “intelligent uniforms,” which are embedded with electronic chips that track their movements.

The uniforms allow school officials, teachers, and parents to keep track of the exact times that students leave or enter the school, Lin Zongwu, principal of the No. 11 School of Renhuai in Guizhou Province, told the state-run newspaper Global Times on Dec. 20.

If students skip school without permission, an alarm will be triggered.

If students try to game the system by swapping uniforms, an alarm also will sound, as facial-recognition equipment stationed at the school entrance can match a student’s face with the chip embedded in the uniform. more

FutureWatch: Chips embedded in the students.