Early 20th Century Phone Privacy Gadgets

Invented in 1921, the Hush-A-Phone was advertised as a “telephone silencer” and a device that “Makes your phone private as a booth.”

It produced the same effect as cupping both your hands around the mouthpiece of the two-pieced candlestick model telephone, with others in the room only hearing a rumbling of indiscernible sounds.

Callers only needed to slide the Hush-A-Phone over the mouthpiece of the phone, place their lips in the circular opening, and speak. The device was simple, easy to use, and it worked.

Yet, the Hush-A-Phone isn’t remembered for its simplicity, or success in creating an artificial cone of silence. Rather, the device is known for waging a war against the telecommunication giant, AT&T—a historic legal battle law experts compare to feuds over today’s open internet. more

Predating the Hush-A-Phone by about 20 years was The Whispering Mouthpiece. ~Kevin

Big Taps in The Big House

Thousands of confidential phone conversations between inmates and their lawyers have been recorded 

by a leading prison phone company that also serves New York City jails — a major data breach exposed by a hacker, according to a report.

The anonymous hacker believes the company, Securus Technologies, is violating prisoners’ constitutional rights by recording privileged conversations, The Intercept reported Wednesday.

Of 70 million phone-call records obtained by The Intercept, 14,000 were for legally protected calls made to prisoners’ attorneys, The Intercept said. more

Security Director Alert - Cisco VoIP Phone Eavesdropping Vulnerability

Cisco is warning customers about several vulnerabilities in some of its IP phones that can allow an attacker to listen in on users’ conversations. The bug affects the Cisco SPA 300 and 500 Series IP phones.

Cisco had confirmed the vulnerabilities, which were discovered by Chris Watts, a researcher at Tech Analysis in Australia, and is working on a new version of the firmware to fix the bugs.

“A vulnerability in the firmware of the Cisco Small Business SPA 300 and 500 series IP phones could allow an unauthenticated, remote attacker to listen to the audio stream of an IP phone,” Cisco said in its advisory.

“The vulnerability is due to improper authentication settings in the default configuration. An attacker could exploit this vulnerability by sending a crafted XML request to the affected device. An exploit could allow the attacker to listen to a remote audio stream or make phone calls remotely.”

...The fix for the bug is not yet available, but Cisco said it is preparing one. more

How the Avaya Phone on Your Desk Can Be Turned Into A Bug

Security researchers have designed a stealthy eavesdropping attack that sounds like it's straight out of a James Bond movie. It starts with a booby-trapped document that compromises an unpatched laser printer, which in turn converts a popular Internet phone into a covert bugging device.

The proof-of-concept attack exploits currently unpatched vulnerabilities in the Avaya one-X 9608, a popular model of phone that uses the Internet rather than a standard phone line to make and receive calls. Researcher Ang Cui, a Ph.D. candidate at Columbia University and chief scientist at Red Balloon Security, declined to provide many details on the vulnerabilities until users have had time to install a patch that Avaya is expected to release soon. He did say the weaknesses allow devices on the same local network to remotely execute code that causes the device to surreptitiously record all sounds within earshot and transmit them to a server controlled by attackers. He demonstrated a similar bugging vulnerability last year in competing Internet phones designed by Cisco Systems, which has since patched the underlying bugs...

The compromise begins with a booby-trapped document that when printed executes malicious code on certain models of HP LaserJet printers that have not been patched against a critical vulnerability. Once compromised, the printers connect to attack servers, creating a means for outside hackers to bypass corporate firewalls. The attackers then use the printers as a proxy to enumerate and connect to other devices in the corporate network.

Once an Avaya 9608 phone is discovered, the attackers can inject code into it that infects its firmware. The compromise, which survives reboots, activates the phone's microphone without turning on any lights or otherwise giving any indication that anything is amiss. The infected phones can be set up to record conversations only after attacker-chosen keywords are detected. Recorded conversations can be sent through a corporate network onto the open Internet, but the malware also has a secondary method for exfiltration that bypasses any devices that block suspicious network traffic. In the event that such devices are detected, the malware can turn a phone's circuit board into a radio transmitter that sends the recorded conversations to a receiver that's anywhere from several inches to 50 feet away, depending on environmental variables.
 
The larger point is that bugs in electronics firmware are notoriously easy to exploit, as a small sample of recent stories shows. Even if a target isn't using the phones or printers featured in the demonstration, chances are good that the target is using some constellation of devices that are susceptible to remote hijacking. And besides, many organizations fail to apply firmware updates, so even if a patch has been released, there's a good chance that it will never get installed on many vulnerable devices. (more)

Security Director Alert: Make sure software patching is a priority on the IT department's list. Start with this list for HP printers.

10 Most Audacious Eavesdropping Plots

Operation Ivy Bells
At the height of the cold war, the National Security Agency, CIA and the US Navy collaborated to tap into underwater communication lines used by the Soviet Union. 

Operation Stopwatch
This joint operation between the CIA and the British Secret Intelligence Service was again an attempt to tap into communications by the Soviet Military.

The Cambridge Spies
Rather than relying on modern eavesdropping, this operation used old fashioned infiltration.

Click to enlarge.

The Gunman Project
During 1976, the KGB managed to install miniaturized eavesdropping equipment and transmitters inside 16 IBM Selectric Typewriters used by staff at the US embassy in Moscow and consulate in Leningrad. 

The Bundesnachrichtendienst Trojan Horse Affair
Germany may have been the victim off NSA eavesdropping, but its own Federal Intelligence Service, the Bundesnachrichtendienst, has also engaged in such activities.

The MI6 Spy Rock
In a modern version of the dead letter drop, British spies working out of the embassy in Russia used a transmitter concealed in an artificial rock to pass classified data. 

Acoustic Kitty
Acoustic Kitty was a top secret 1960s CIA project attempting to use cats in spy missions, intended to spy on the Kremlin and Soviet embassies. (more)

Moles in Berlin

In 1956, American and British agents tunneled into East German territory in order to tap a telephone line. This allowed them to eavesdrop on important conversations between Red Army leaders and the KGB. A segment of the tunnel can now be visited. (more)

U2
An international diplomatic crisis erupted in May 1960 when the Union of Soviet Socialist Republics (USSR) shot down an American U-2 spy plane in Soviet air space and captured its pilot, Francis Gary Powers. Confronted with the evidence of his nation's espionage, President Dwight D. Eisenhower was forced to admit to the Soviets that the U.S. Central Intelligence Agency (CIA) had been flying spy missions over the USSR for several years. (more)

Animal Spies
A former CIA trainer reveals, the U.S. government deployed nonhuman operatives—ravens, pigeons, even cats—to spy on cold war adversaries. “We never found an animal we could not train.” (more)

Wiretapping Sparks Naked Protest

FEMEN activists shed clothes in front of Ukrainian embassy in Berlin...

Ukraine based feminist movement group, FEMEN has said that they are moving their office out of Ukraine's capital, Kiev after their telephone calls were wiretapped. 

A day prior, the police had alleged that a cache of illegal weapons were discovered from their headquarters.
The group is said to be moving out because of security concerns. The FEMEN group has said that the wiretapping incident has made the place impossible to work. (more)

Imagine what would happen if they were really bugged.

Wiretap Evidence Included in SAC Capital Case

The evidence of insider trading at SAC Capital Advisors LP includes court-authorized wiretaps, a U.S. prosecutor said at the $14 billion hedge fund’s arraignment in federal court in Manhattan.

“The discovery will be voluminous, including a large number of electronic recordings, including electronic messages, instant messages, court-authorized wiretaps and consensual recordings,” Assistant U.S. Attorney Antonia Apps told U.S. District Judge Laura Taylor Swain yesterday about the pretrial evidence-gathering process. “In short, a tremendous volume.” (more)

Obama: 'Nobody Is Listening to Your Telephone Calls'

President Barack Obama on Friday defended his administration's vast collection of emails and telephone records, saying the programs help prevent terrorist attacks while imposing only "modest encroachments" on people's privacy...

"When it comes to telephone calls, nobody is listening to your telephone calls," the president said. 

 Mr. Obama made clear that his own views of such intelligence-gathering efforts have evolved since he was a candidate for the presidency in 2008. He suggested he is now more comfortable with the "trade-offs" involved in guarding against terrorism. (more)

Government Surveillance Ratchets Up

The Obama administration, resolving years of internal debate, is on the verge of backing a Federal Bureau of Investigation plan for a sweeping overhaul of surveillance laws that would make it easier to wiretap people who communicate using the Internet rather than by traditional phone services, according to officials familiar with the deliberations. (more)

Meanwhile...

Is the government recording and listening to your every phone call and probing every email for dangerous ideas? 

Probably—if certain insiders are to be believed. According to one former FBI agent, the US government may indeed keep a massive database where all domestic communications are recorded and stored....

From CNN interview transcripts:
 
(Ex-FBI) CLEMENTE: …We certainly have ways in national security investigations to find out exactly what was said in that conversation. 

(CNN) BURNETT: So they can actually get that? We can know what people are saying, that is incredible. 

(Ex-FBI) CLEMENTE: …Welcome to America. All of that stuff is being captured as we speak whether we know it or like it or not. (more)
And, where would you store all that chit-chat?

"The Utah Data Center, code-named Bumblehive, is the first Intelligence Community Comprehensive National Cyber-security Initiative (IC CNCI) data center designed to support the Intelligence Community's efforts to monitor, strengthen and protect the nation... NSA is the executive agent for the Office of the Director of National Intelligence (ODNI) and will be the lead agency at the center." (more)

The heavily fortified $2 billion center should be up and running in September 2013. Flowing through its servers and routers and stored in near-bottomless databases will be all forms of communication, including the complete contents of private emails, cell phone calls, and Google searches, as well as all sorts of personal data trails—parking receipts, travel itineraries, bookstore purchases, and other digital “pocket litter.” (more)

How to Have Safe Specs - Just Say No

Amidst rising concerns about cyber spying and a House Intelligence Committee report last October, Sprint and Softbank have said they will not use any equipment from China-based Huawei Technologies.

The two companies are preparing for a merger, which is being overseen by the US government. The government has asked only to be informed when these two companies buy new equipment and where they buy it.

Mike Rogers, a Michigan Republican who leads the House Intelligence Committee, has confirmed these two companies have made this pledge.

“I … was assured they would not integrate Huawei into the Sprint network and would take mitigation efforts to replace Huawei equipment in the Clearwire network,” said Rogers in a statement on Thursday. (more)

FutureWatch Update - Skype Tapping

When we last left Skype...

Was Skype reworked by Microsoft to make it easier to wiretap?

Hey kids, we bought and fixed Skype just for you!

In today's episode... 

Since its acquisition of Skype in May 2011, Microsoft has added a legitimate monitoring technology to Skype, says Maksim Emm, Executive Director of Peak Systems. Now any user can be switched to a special mode in which encryption keys will be generated on a server rather than the user's phone or computer.

Access to the server allows Skype calls or conversations to be tapped. Microsoft has been providing this technology to security services across the world, including Russia.

Group-IB CEO Ilya Sachkov said that the security services have been able to monitor the conversations and location of Skype users for a couple of years now.

"This is exactly why our staff are not allowed to discuss business on Skype," he said. (more)

Security Director Tip of the Month - More Secure Conferencing Calling

Over the years, you have read many posts here about organizations being victimized by eavesdroppers on their conference calls. I am expecting you will see fewer in years to come...

CrowdCall, a specialized conference-calling app available for iOS and Android smartphones and the web. 

Instead of scheduling a dial-in line, e-mailing all parties involved and then hoping everyone calls at the appointed time, CrowdCall's interface lets users choose up to 20 participants from their contacts list and LinkedIn connections and dial them immediately (assuming the contacts have added their phone number to their LinkedIn profiles). When participants answer, they simply push "1" to enter the conference--they don't even need to have the app to participate.

...one feature in particular makes it attractive to small businesses. Because the call originator controls invitations, unauthorized participants can't use dial-in information to access the call, providing a measure of security when discussing sensitive information. (more)

Criminals Spy Ops in Mexico

via a Blue Blaze irregular...
"I thought this might interest you. The Mexican drug cartels continue to exploit and develop their SIGINT capabilities. The criminals who specialize in surveillance against the police are called "Hawks" or "Falcons" and generally perform both physical surveillance of patrol units and radio monitoring. This particular group was arrested for monitoring police radio calls and giving gang members early warning of significant movement and potential raids in Veracruz." (more)

More background...
"Years ago I was hearing some RUMINT that a major European communication company (that also supplies the US Military) was selling high tech radio equipment to Mexican drug cartels." (more) (more)

Skype Plebes Petition Redmond Patricians

A coalition of activists, privacy organizations, journalists, and others have called upon Microsoft to be more forthright about when, why, and to whom it discloses information about Skype users and their communications.

In an open letter published on Thursday, the group argues that Redmond's statements about the confidentiality of Skype conversations have been "persistently unclear and confusing," casting the security and privacy of the Skype platform in doubt...

The group claims that both Microsoft and Skype have refused to answer questions about what kinds of user data the service retains, whether it discloses such data to governments, and whether Skype conversations can be intercepted. (more)

"more forthright" 
"in doubt" 
Please.

The original Skype-in-the-wild was viewed as high security privacy tool. Guess who didn't like that. Guess why Skype was "bought" in from the wild and given adult supervision. (Think Spypke.)

Post de facto petitioning is painful to watch. If you want privacy, you need to start much earlier in the game. It begins with self-reliance.  

Example: You don't see smart corporations sitting around waiting for 'the government' or some free software to protect their information. No, they take proactive measures like TSCM and IT security. They don't wait and whine later.

Yet Another Teleconference Eavesdrop (with recommendations)

Alaska’s largest statewide commercial fishing trade association announced (it will) request Alaska authorities to investigate what they say was unauthorized eavesdropping of their United Fishermen of Alaska private teleconference by the Kenai River Sportfishing Association's office.

According to UFA Interim President Bruce Wallace, on January 17, 2013 the United Fishermen of Alaska, representing 34 member organizations, held a private teleconference. 

In addition to 25 UFA Board members, UFA alleges an individual or individuals at the offices of the Kenai River Sportfishing Association (KRSA) was also on the line during the private teleconference.

This allegation was later confirmed by the teleconference vendor, who provided a phone log, which included a phone number registered to the Kenai River Sportfishing Association (KRSA) office. KRSA is not affiliated with UFA in any way. (more) (REAL Spy Fishing)

A reminder to our clients, and a free sample for potential clients...

Murray's Teleconferencing Checklist

Passcodes...
     • Change all current passcodes, now.
     • Prohibit employees from mass e-mailing or posting passcodes.
 
Switch to a conference call system with accountability features...
     • each participant is given a unique passcode,
     • the passcode is changed for each new conference call,
     • only the pre-authorized number of callers may be admitted,
     • and a record of all call participants is available to the call leader.
 

Today in Telephone History

On Jan. 25, 1915, the inventor of the telephone, Alexander Graham Bell, inaugurated U.S. transcontinental telephone service. (more)

By this time wiretapping was already over 50 years old. ~Kevin

Audio Steganography - SkyDe, as in Skype Hide

Those awkward silences during phone calls can communicate a lot. Especially if you're sending hidden messages during them. 

Computer scientists at the Warsaw University of Technology have come up with a way to secretly send nearly 2000 bits of encrypted data per second during a typical Skype conversation by exploiting the peculiarities of how Skype packages up voice data. They reported their findings this week...

First the researchers noted that even when there's silence in a Skype call, the software is still generating and sending packets of audio data. After analyzing Skype calls, they found that they could reliably identify those silence packets, because they were only about half the size of packets containing voices. SkyDe (for Skype Hide) encrypts your hidden message, grabs a certain portion of outgoing silence packets, and stuffs the encrypted message into them. (more)

Important point: Conventional steganography hides data within photos and pictures. Downside... Your hidden message may languish on servers in multiple places for a long time, where it could eventually be discovered. Sky-De reduces this vulnerability. ~Kevin

Security Director Alert - VoIP Phone Eavesdropping

Murray Associates warns clients that VoIP phones are inherently less secure than the older style phones. It is one reason they advise disconnecting phones in meeting rooms until they are needed. 

Ang Cui, through his extensive research, has moved this threat from theoretical to very real. 

For in-depth information we recommend viewing his presentation. (video)

High-tech telephones common on many workplace desks in the U.S. can be hacked and turned into eavesdropping devices, researchers at Columbia University have discovered.

The hack, demonstrated for NBC News, allows the researchers to turn on a telephone's microphone and listen in on conversations from anywhere around the globe. The only requirement, they say, is an Internet connection.

Doctoral candidate Ang Cui and Columbia Professor Sal Stolfo, who discovered the flaw while working on a grant from the U.S. Defense Department, say they can remotely order a hacked telephone to do anything they want and use software to hide their tracks. For example, they said they could turn on a webcam on a phone equipped with one or instruct the phone's LED light to stay dark when the phone's microphone has been turned on, so an eavesdropping subject wouldn’t be alerted that their phone has been hacked. (more)

Chinese Communications Equipment Maker ZTE Cuts Connection with Surveillance Equipment Maker ZTEsec

Chinese telecoms kit maker ZTE has sold its majority stake in ZTE Special Equipment (ZTEsec) – a company that sells surveillance systems.

The under-fire Shenzhen-based firm said in a little-publicized filing with the Hong Kong Stock Exchange at the end of September that it would “dispose of its 68 per cent equity interests” in ZTEsec. (more)

Apparently not in time to impress Congress. (pdf of report)

Silent Circle Has Launched - An Affordable Secure Communications Package

Their opening salvo...
"We want to fight for your right to privacy. We are pushing back against the tide of surveillance. We don’t like oppressive regimes, indiscriminate wiretapping, big brother, data criminals, intellectual property theft, identity thieves or governments that persecute their citizens for saying or writing their opinions." — Silent Circle

Services:
• Silent Phone
• Silent Text (with a self-destructing feature)
• Silent Eyes (video call encryption)
• Silent Mail (coming soon)
All sold together as Silent Suite for $20.00 per month.


Coming Soon...
"Worldwide Secure Communications with the Secure Business Package brings together the entire Silent Circle suite of products. Not only is this an Encrypted Secure Calling Plan – it's also extremely cost effective compared to today's un-secure VoIP calling plans. The average large domestic carrier basic cell phone plan is about $40 a month with low minutes, low data and un-secure calls. With our Secure Business Package you can have peace of mind that you are communicating securely without worrying about your minutes. In today's market, unlimited calling and data plans with the major cell carriers cost over $120 a month – with our Secure Business Package at $49 per month, on top of a basic carrier plan of around $40 per month, is still much cheaper than today's unlimited carrier plans – and it's SECURE."

ENTERPRISE SOLUTIONS
"In today’s highly-connected International business realm, even small to moderate sized businesses have international employees, offices and partners. Silent Circle was developed and designed to help stop the theft of personal and corporate Intellectual Property, to defeat a critical piece of the Bring Your Own Device (BYOD) issue and to provide a true commercial Software-as-a-Service model for secure communications."

FutureWatch: Like the telephone itself, having one is useless, having two useful. Having millions of subscribers makes it an imperative.

If and when this product scales up, will there be any reason to communicate insecurely? Will the word wiretap join the lexicon graveyard along with galoshes, spitoon and fedora? The answer may depend upon two live-wire words... government regulation. 

For now, anyway, this is great progress. ~Kevin