FutureWatch: Preventing Microphones from Capturing a Target Speaker’s Voice

Over the decades, there have been many attempts at preventing electronic eavesdropping. The most popular methods employ "white noise" sound masking and ultrasonic jamming. These techniques are aimed at nullifying microphones. While these techniques have their pros and cons, they all share one trait. They target all sounds to all microphones in the area. Not helpful if only one person desires privacy while allowing others to continue communicating using their smartphones, Internet-of Things devices, or hearing aids.

The Department of Computer Science and Engineering, Michigan State University is working on a solution...

We propose NEC (Neural Enhanced Cancellation), a defense mechanism, which prevents unauthorized microphones from capturing a target speaker’s voice. Compared with the existing scrambling-based audio cancellation approaches, NEC can selectively remove a target speaker’s voice from a mixed speech without causing interference to others. ...The results show that NEC effectively mutes the target speaker at a microphone without interfering with other users’ normal conversations. more

FutureWatch: An App to Find Wi-Fi Spycams & More

Hidden IoT devices are increasingly being used to snoop on users in hotel rooms or AirBnBs. We envision empowering users entering such unfamiliar environments to identify and locate (e.g., hidden camera behind plants) diverse hidden devices (e.g., cameras, microphones, speakers) using only their personal handhelds.

Imagine a user walking into an unfamiliar environment such as a hotel room or Airbnb. Nowadays, the user has to be wary of wireless Internet-of-Things (IoT) devices being used to spy on them. These devices could be installed by the owner or by a previous guest. This threat is not just hypothetical...

...we want to empower users so that as they enter an unfamiliar space, they can run an app on their personal handheld (e.g., phone or tablet). This app would report a list of detected and identified devices and their corresponding locations. 

“Detect,” here, means knowing that there is some device (i.e., binary notification), “identify” entails knowing what type of device it is (e.g., type=camera), and “localize” entails knowing the device’s location in the physical space (e.g., behind the plants). While cameras in particular are imminent privacy threats, in general we want to detect/identify and localize diverse hidden IoT devices, as these could also be potential threats for tracking users. more

What Can a Private Investigator do for Your Business?

Businesses can go under for several reasons, sometimes they simply aren’t profitable whereas other times something sinister is happening underneath that most business owners aren’t aware of.

Corporate espionage is bigger than you may think and if you have a product or industry secret that your competitors would love to get their hands on then hiring a private detective can help. There are many ways your competitors may use to steal your business data, some of which could be installing malware on your company computers or bugging your office or meeting rooms.

A private detective can be hired to search your business for electronic bugs and get rid of them accordingly. If you think this is a work of fiction and it doesn’t happen you would be mistaken. Bugs are placed in businesses and private residents illegally all of the time. more

Things Often Mistaken for Eavesdropping Bugs

“Is this a bug?” is a question we are often asked.

Usually the answer is, “I understand why you are asking is this a bug. Some bugs do look similar to this. But, here is what you actually found.”

Real electronic eavesdropping devices are getting smaller. So are lots of other little electronic bits which are part of our everyday lives. Distinguishing between the two can be tricky. 

If the object you found makes you think, is this a bug, keep reading. You stand a good chance of finding your answer here...  more

9 Potential Signs of Corporate Espionage

If you suspect that your business has been a target of corporate espionage, it’s essential to take action immediately — from doing an in-house investigation to hiring a private professional. If you see any of the below signs, don’t ignore them, but also take care not to make any unfounded accusations or statements. Keep your thoughts closely held and get the evidence first.

(summary - full text here)
1. Unexplained or sudden changes in practices
2. Changes in business relationships
3. Unusual computer activity
4. Becoming defensive or secretive about work
5. Equipment or files go missing
6. Unexplained drops in sales or profits
7. Employees quitting suddenly
8. Accessing computer files without permission
9. Corporate secrets leaked to the press

Spybuster Tip #823 – Investigative Steps 

1. Hire a competent professional corporate counterespionage consultant. 

2. Have them conduct a Technical Surveillance Countermeasures (TSCM) bug sweep. You need to eliminate the possibility of electronic surveillance before you start accusing people.

3. Follow your consultant's advice about how to proceed. The investigative process will be customized from this point on.

Professional Dealing With Illegal Electronic Surveillance

Not so long ago surveillance has been considered a government or spy agency priority. However a lot has changed.  

The rapid research and development in information technologies and electronic devices, along with their shrinkage in size has made surveillance obtainable to each of us. All you have to do is Google for GSM tracker, spy camera, hidden voice recorder. Don’t be surprised to see hundreds of thousands or even millions of espionage gear offers... 

Detecting the bugging devices is not an easy and simple work. The term describing this type of activity is TSCM which is the abbreviation of Technical Surveillance Counter Measures. TSCM survey is a service provided by qualified personnel to detect the presence of technical surveillance devices and hazards and to identify technical security weaknesses that could aid in the conduct of a technical penetration of the surveyed facility. 

A TSCM survey normally consists of a thorough visual, electronic and physical inspection inside and outside of the surveyed facility. In conducting surveillance protection one has to be familiar with the tapping methods; hardware and software products; engineering solutions used for this purpose as well as their unmasking signs. Without this knowledge it is not possible to detect a well hidden bug. more

The Government Will Pay for Your Bug Sweep... if you're an Australian

Domestic violence survivors to get government support to scan for spyware and hidden cameras.

Mobile phones will be checked for spyware and homes will be swept for cameras under a government plan to expand support for people who have experienced abuse by a current or former partner...

Nearly $55m will be invested in a program that provides technology checks to ensure people who have experienced domestic violence are not subjected to further abuse.

It includes checking a person's phone and computer to see if any GPS tracking programs or bugs have been installed, as well as searching for cameras hidden in toys, vents or lights in homes. more

Don't live in Australia? Want to check for spycams yourself? Learn how to do it.

Spybuster Tip # 712: How to Thwart Off-Site Meeting Spies

The National Executive Council of the Academic Staff Union of Universities, on Sunday, changed the venue of the meeting... A reliable source said the venue was changed due to the fear of bugging of the auditorium by secret agents of the Nigerian government. more

GSM Eavesdropping Bugs: A Recent Find in a Corporate Office

While on lockdown, businesses and individuals must think about their unoccupied premises and possessions. Now that we are coming out of this lockdown and going back to work, Gurpreet Thathy and Mike Moran give their thoughts and go through a recent case with a client last week...

Mike and his team conducted a ‘sweep’ of the offices in conjunction with our Cyber Audit. We identified a GSM eavesdropping device planted within a boardroom during the critical areas’ in-depth physical and electronic search. This device was cunningly disguised as a 3-way extension adapter which was fully operational.

A closer examination of the adapter revealed a SIM card and a microphone connected. The client was immediately informed, and as per our standard operating procedure (SOPs), the device was isolated from the infrastructure, bagged, tagged, and handed over to our internal forensic team to investigate.

The forensic investigation of the SIM card revealed dialled and received calls. more

What is a GSM Bug?  When was the last time your organization conducted an inspection for one?

Ex ‘Walked In’ on Man Retrieving Spy Tapes

Australia - A man allegedly hired to spy on the model ex-girlfriend of Ultra Tune mogul Sean Buckley was “caught red-handed” with listening devices inside the victim’s home, a court has heard.

Mr Buckley, 61, appeared in an online hearing in Melbourne Magistrates Court on Monday facing multiple assault and stalking charges levelled against him by his ex-bikini model girlfriend Jennifer Cruz Cole.

The court heard Ms Cole walked in on Buckley’s co-accused, Wade D’Andrea, who was attempting to retrieve listening devices installed in her home...

There are further claims he later hired two others to plant listening devices inside her apartment and car. more

Ms. Cole was lucky.
#1 She caught the bugger in the act.
#2 She didn't get injured by doing so.
People in high profile legal cases, and corporate executives, are advised to have professional Technical Surveillance Countermeasures (TSCM) inspections conducted on a regular basis.

FutureWatch - Spycam Detection using Phone Time-of-Flight Sensors

via theregister.com
"Sriram Sami, Bangjie Sun, and Sean Rui Xiang Tan, from National University of Singapore, and Jun Han from Yonsei University, describe how this might be done in a paper [PDF] titled "LAPD: Hidden Spy Camera Detection using Smartphone Time-of-Flight Sensors"... 

...smartphones are commonplace these days, so adding an app like LAPD is likely to be more convenient than carrying a dedicated bug or signal detector at all times. LAPD's goal is to be accessible, usable, and accurate, and to judge by the results reported in the paper, it hits those marks...

"The 'attackers' have all the power to place hidden cameras anywhere, and the public is, in contrast, generally defenseless," he explained. "That's why we're doing this work, and why we hope hidden camera detection can become more commonplace." Sami said he intends to release the source code for LAPD but has to coordinate that with his colleagues." more

Entry Level TSCM Tech Job Posting (UK)

Technical Surveillance Counter Measures (TSCM) Engineer
UK Ministry of Defence Tarrant Rawston, England, United Kingdom

About the job

This role is within the Technical Surveillance Counter Measures (TSCM) team, part of the Spectrum team within Operations, Defence Digital. We are looking for people who will be able to assist with conducting TSCM Assessments which are technical and physical counter surveillance assessments with highly sophisticated equipment for the detection of concealed devices and identification of security vulnerabilities within offices, building infrastructure, furniture and office equipment. This is to reduce the MOD’s exposure to eavesdropping and information exploitation.

Responsibilities

You will be part of a small team conducting TSCM activities to protect, detect and respond to the technical exploitation of the MOD’s facilities by a range of threats including adversaries and insider threats to prevent unwanted exposure to Defence sensitive information.

Key Responsibilities

• Assist in the scoping and planning tasks as appropriately to conduct the task effectively.
• As a team member, assist with conducting Technical Surveillance Counter Measures (TSCM) Assessments of areas as tasked.
• Assist with the completion of reports on tasks that identify the activities undertaken in a timely manner.
• Manage the equipment holdings of the section, ensuring all equipment is working correctly, calibrated, packed and ready to deploy on trial at short notice.
• Support the C2 Senior TSCM Engineer in the output of TSCM tasks as appropriate.
  

This job will involve significant travel away from home, at locations both in the UK and abroad but this is expected to be no more than 2 weeks at a time, and no more than 16 weeks per year.  more

 

PS - This is an unusual and interesting career. Rarely is an entry level position offered. 

Eavesdropping on TSCM Expert Chris Browning

PODCAST - This week we are eavesdropping on TSCM expert Chris Browning. Mr. Browning is a highly skilled and experienced 8-year veteran instructor with the prestigious Research Electronics International (REI)...

Chris Browning is a graduate of the FBI National Academy and spent two decades in law enforcement... He studied TSCM at REI for 4 years and has been an instructor there for the last 8 years. 

Enjoy eavesdropping on TSCM expert Chris Browning and I as we discuss this specialized skill. This episode is sponsored in part by the Investigators Toolbox, the #1 online resource community for private investigators. more

Pegasus Spyware Update: How to Check Your iPhone

If you’re concerned about recent reports of the Pegasus spyware reportedly installed by the Israeli NSO Group to hack journalists and world leaders, there’s a tool to check if it’s hidden on your iPhone. But you probably have nothing to worry about...

But if you’re concerned, there’s a way to test whether your iPhone has been targeted. It’s not an easy test, mind you, but if you’re using a Mac or Linux PC and have backed up your iPhone using it, Amnesty International’s the Mobile Verification Toolkit will be able to detect whether your phone has the Pegasus spyware installed on it. The tool, which TechCrunch tested, works using the macOS Terminal app and searches your latest iPhone backup on your Mac, “is not a refined and polished user experience and requires some basic knowledge of how to navigate the terminal.” You’ll need to install libusb as well as Python 3 using Homebrew. (You can learn more about the installation here.) TechCrunch says the check only takes “about a minute or two to run” once it’s been set up. more

Weird Science - Windows that Prevent and Facilitate Eavesdropping (you decide)

C-Bond Systems (the “Company” or “C-Bond”) (OTC: CBNT), a nanotechnology solutions company, announced today that it has received a purchase order for $220,000 to install specialty defense window film for a government customer.

Radio frequency defense film, also known as RF attenuation window film or anti-eavesdropping film, protects homes or workplaces against radio frequencies and electromagnetic radiation. The RF film that the customer requires meets strict security requirements for facilities handling classified or other sensitive information. The government customer has requested to remain anonymous for security reasons. more 

We've been down this road before, in 2007 and 2009.

•••

Listening & Anti-Eavesdropping Device
(18 years ago this month)
Abstract
A method and apparatus for transmitting information from a conversation in a room to a remote listener comprising selecting a structure (101) in the room which is capable of supporting vibration, selecting an electromechanical force transducer (90) which has an intended operative frequency range and comprises a resonant element (84, 86) having a frequency distribution of modes in the operative frequency range, mounting the transducer (90) to the structure (101) using coupling means (68) whereby the transducer excites vibration in the structure, positioning a sensor to detect vibration in the structure (101), determining information from the detected vibration and transmitting said information to a remote listener. There is also provided an anti-eavesdropping system which is the reverse of the method and apparatus according to the first and second aspects of the invention. (self-licking ice cream cone) more

FutureWatch - Super Microphones Coming to Eavesdropping Devices and...

... more mundane items like smart speakers and cell phones...  

 A KAIST research team ... has developed a bioinspired flexible piezoelectric acoustic sensor with multi-resonant ultrathin piezoelectric membrane mimicking the basilar membrane of the human cochlea. The flexible acoustic sensor has been miniaturized ... is ready for accurate and far-distant voice detection. more

Yet Another Spycam in a Smoke Detector Story

Rob Riggle’s divorce from his wife, Tiffany, after 21 years of marriage has taken a dramatic, new turn after the actor accused her of hacking his Apple account, taking $28,000 from his home office, and spying on him with a hidden camera... 

The actor says he began to grow suspicious that he was being watched after he noticed that his estranged wife somehow knew about private conversations he’d had in his home office either with or about his girlfriend and assistant...

In response the actor decided in April to have his home swept for devices that might be spying on him, claiming to have found a camera hidden in one of his smoke detectors. He says the camera had a memory card with more than 10,000 videos stored on it. He believes the camera was installed in August 2020 and had likely been watching him ever since. The actor claims that one of those videos shows Tiffany standing on a ladder installing the spy camera...

Riggle has been granted a temporary restraining order against his ex, and another hearing is set for July regarding his request to have all of the footage obtained from the hidden camera analyzed by a forensic expert. more

New X-Ray Inspection and Analysis Service Detects Eavesdropping Devices Secreted in Everyday Objects

Click to enlarge.

Planting bugs, spy cameras, and other illegal surveillance devices is easy. Most come pre-disguised as fully functional everyday objects. They are being built into wall clocks, power strips, USB chargers, and even desktop calculators, for example.

Competent Technical Surveillance Countermeasures (TSCM) consultants have a variety of very effective ways to detect electronic surveillance devices. But, when the stakes are high enough—and the opposition is sophisticated enough—a Murray Associates TSCM X-ray deep clean is the logical option. This new service offers the most assurance that room objects are not bugged. 

------

Kevin D. Murray, Director, relates an interesting cautionary tale, “There are also times when a TSCM X-ray deep clean is just smart due diligence. The classic example of a lack of due diligence is the KGB bugging of American typewriters during the Cold War.”

Popular Mechanics explains… “The Cold War spy drama that played out between the U.S. and the Soviet Union was the source of much ingenious spy technology. One of the most ingenious devices fielded by both sides was a typewriter designed to spy on the user, quietly transmitting its keystrokes to KGB listeners. The technology was an early form of keylogging but done entirely through hardware—not PC software.”

A total of 16 bugged typewriters were used at the U.S. Moscow embassy for over eight years before discovery. Had a TSCM X-ray inspection been conducted before the typewriters were installed, no secrets would have been lost.

Keep the KGB typewriters in mind when bringing in a new phone system, keyboards, mice or other office items. This is the ideal time to sneak a bug in, and for a TSCM X-ray deep clean.

------

Murray Associates TSCM can economically inspect all your new arrivals at one time, at your location, or ours. And, discretely security seal your items at no extra charge—before you start using them.

When should a TSCM X-ray inspection be conducted?

• When the stakes are high.
• When the opposition is formidable.
• When the areas being inspected with regular TSCM methods are especially sensitive.
• Whenever you bring new tech into the workplace en masse. New desk phones, new computer equipment, new gifts, for example.
  

How often should an a TSCM X-ray deep clean be conducted?

• Once per year during the quarterly, proactive TSCM inspections. (Quarterly inspections are the norm for most businesses.)
• Whenever there are active suspicions of illegal electronic surveillance.
• Upon the discovery of a listening device or other suspicious object.


Counterespionage Tip: If one bug is discovered, keep searching. Professionals will plant multiple devices, with one being easy to find. Their strategy… to thwart further searching by inexperienced TSCM technicians.

Types of X-ray analysis services offered:

• On-site, when we are conducting a Technical Surveillance Countermeasures (TSCM) inspection for you.
• On-site, to inspect multiple new items entering your environment, such as new telephones, keyboards, computer mice, etc.
• Objects may also be mailed to the Murray Associates TSCM lab for X-ray analysis. Contact them directly for details.

Full Press Release
 

TSCM History - 17 Years Ago Today - Sergio (Sarge) Borquez

via Rick Hoffmann...

   I am sorry to report the passing of Sergio (Sarge) Borquez at
approximately 4:30 a.m. on April 20, 2004.  Sarge died of heart failure.

   For those who did not have the pleasure of knowing him, Sarge was one of
the early TSCM professionals.  He joined the Drug Enforcement Agency
shortly after separating from the U.S. Army where he served with the 101st
Airborne (if I recall correctly) during the Korean Conflict.  While with
the DEA he studied technical surveillance and became a specialist.  At one
time Sarge was in charge of providing technical surveillance in the 7
western states.  He was also responsible for installing the DEA's very
first wiretap.  There is a photo of Sarge climbing a telephone pole to
reach the ready access boot to install the tap.  It is a terrific picture.

   Sarge was a humble man who did not discuss his exploits with many
people.  I am privileged to have known him, and to have benefited by his
instruction.  He will be missed  by all who knew him. 

Privoro Launches Audio Masking Chamber & RF Shield for Mobile Devices

(Press release) 
Privoro, today revealed its latest product, Vault, a first-of-its-kind defense against remote data capture. The Vault case is a two-in-one portable Faraday enclosure and audio masking chamber for smartphones, providing unsurpassed protection against not only wireless attacks and location tracking but also eavesdropping and spying.

Vault eliminates smartphone signals more effectively than portable, fabric-based Faraday products, delivering a minimum of 100 dB of radio frequency (RF) attenuation – 10 billion times signal reduction. When a smartphone is placed in the Vault case, the smartphone can no longer be reached via cellular, WiFi, Bluetooth, near-field communication (NFC) and radio-frequency identification (RFID).

In addition to RF shielding, Vault's user-controlled audio masking prevents the extraction of intelligible speech up to voice levels of 90 dBA through independent noise signals. Users will have the assurance that conversations in the vicinity of Vault cannot be deliberately captured by bad actors through the enclosed smartphone's cameras and microphones.

Privoro developed Vault to meet the requirements of nation-state customers seeking to tackle the long-standing unique and critical security risks that mobile devices pose. more