Monday, December 8, 2008

Controlling Brain Sucking Spiders - DeviceLock

from the manufacturer's website...
"Firewalls and antivirus software are no defense against acts of data theft and corruption from within your organization at local endpoints. You don't have to be an administrator to connect a small digital camera, MP3 player, or flash memory stick to the USB and begin uploading or downloading whatever you want. If you are a system administrator, you know you can't manage such device-level activity via Group Policy.

Using endpoint device security solution called DeviceLock®, network administrators can lock out unauthorized users from USB and FireWire devices, WiFi and Bluetooth adapters, CD-Rom and floppy drives, serial and parallel ports, PDAs and smartphones, local and network printers and many other plug-and-play devices. Once DeviceLock® is installed, administrators can control access to any device, depending on the time of day and day of the week.

For enterprises standardized on software and hardware-based encryption solutions like PGP® Whole Disk Encryption, TrueCrypt and Lexar® SAFE PSD S1100 USB drives, DeviceLock® allows administrators to centrally define and remotely control the encryption policies their employees must follow when using removable devices for storing and retrieving corporate data. For example, certain employees or their groups can be allowed to write to and read from only specifically encrypted USB flash drives, while other users of the corporate network can be permitted to "read only" from non-encrypted removable storage devices but not write to them. (more)

Sunday, December 7, 2008

Bambi... and her spy past...

Did you know...
"The book “Bambi: A Life in the Woods,” on which the Disney movie was based, was translated from German to English by Whittaker Chambers, the famous Soviet spy." (source)

Saturday, December 6, 2008

Facebook Connect, Google Connect...

"Just hours after the launch of Facebook Connect, Google also took the beta tags off its similar Friend Connect venture. Google and Facebook on Thursday announced the availability of competing authentication systems that enable Internet users to sign in to third party Web sites using either their Facebook or Google Account login details." (more)

Coincidence, or espionage?
You decide.

The case of The Peeping Tom Landlord

Remember Tom Daley?
PA - The man prosecutors dubbed the "Peeping Tom Landlord" has pleaded not guilty to charges he used electronic surveillance devices to videotape more than 30 women who lived in his Norristown apartment buildings.

Thomas Daley, 45, of the 1000 block of Spring City Road, Phoenixville, waived his arraignment Thursday in Montgomery County Court and entered not guilty pleas to charges of invasion of privacy, criminal use of a communication facility, tampering with evidence, burglary and violations of wiretap and surveillance laws in connection with his alleged activities at residential buildings he owns in Norristown...

In a criminal complaint filed against Daley, authorities alleged Daley installed hidden cameras and audio equipment in numerous apartments in buildings he owned.

During the investigation, detectives seized numerous boxes of electronic equipment authorities claim Daley used for his secret audio and video recordings. The equipment was allegedly found in his home as well as his apartment buildings.

This equipment included 32 cameras, 14 of which were equipped with an audio components. The tiny cameras were found in multiple locations throughout the apartments, detectives alleged. Some were hidden behind screws in bedroom ceiling fans and others were found behind pinholes in walls, behind faucets in bathtubs and towel racks and behind doorbell chimes, detectives alleged. (more)

Friday, December 5, 2008

MP's office swept for bugging devices (photos)

UK - MP Damian Green has had his Kent home and constituency office swept for bugging devices amid concerns that he may have been monitored as part of the Home Office probe into a series of leaks.

His car, which was impounded by the police, and his Westminster office have also been checked.

The MP made his first public engagement in Ashford on Friday after the week’s extraordinary series of events and the continuation of a major political row about his arrest and raid on his Westminster office.

The shadow immigration minister remained tight-lipped about the police inquiry, saying he was unable to comment because of legal advice...

His agent Gordon Williams said the decision to sweep his home at Charing and his association office in Bethersden was partly aimed at reassuring constituents who may be concerned about confidential information they chose to share with the MP. (more)

SpyCam Story #499 - Is Nothing Sacred?

TN - A Bartlett church is now at the center of a police investigation. Bartlett Police say a man planted a camera in the women's restroom. They say it happened at "That Church," located at 6001 Bartlett Center Drive...

"His whole goal was to get video of her, because he was in love with her and she didn't want anything to do with him," says Youth Pastor Corey Force. Force says a church member hid a camera in two of the women's restrooms to videotape a woman he had a crush on...

Eyewitness News was told the camera was found in a plant on top of the toilet. Force says the tapings took place on Thursday's during youth services. (more)

GPS Real-Time Tracking Goes Prime Time

Think GPS tracking devices are just sinister spy shop gadgets used by: police, sleazy private investigators and insecure spouses? Think again.
GPS is now a respectable, 'helpful technology' with product names like: "Car & Family Locator", "Dog Locator" and "Universal Locator". Yup, hit the net, find: Poochy, Chevy, Mommy and your school backpack – possibly with Bobby or Janey strapped to it.

No need to slink into the former adult-book-store-turned-spy-shop. Radio Shack, Target and many other main-stream stores are now selling GPS trackers to everyone
. Zoombak (product)

Take the Security Director's News Poll

(Go here to actually contribute to the Poll)
These are the questions (my answers in red)...
What do you consider the biggest security risk for your company in 2009?

• Terrorism
• Workplace violence
• Intellectual property theft

Has your perceived risk for 2009 changed during the past year?
• Yes
• No

Do you feel you can adequately prepare for and prevent this risk?
• Yes.
• No. Why not?

Comments: Historically, security budgets have been skewed toward protecting physical assets. The value of most organizations, however, lies in their intellectual property assets. It is common to see budgets split 80%/20% when it should be the other way around.

Times are changing. Savvy security directors now understand intellectual property theft is a daily threat with very high-value consequences. Terrorism, workplace violence and general property protection problems tend to be sporadic and unpredictable; usually with a much lower dollar-value consequence.

The word among many of my clients is, "Let's put the money where it will do the most good." They are doing this by realigning budgets to match the real risks.

Paying attention to intellectual property theft is the new trend. Programs being instituted include:
• better management of information storage,
• eavesdropping and espionage detection audits,
• wireless LAN security auditing and compliance evaluations,
• employee education,
• workplace safeguards like... proper document disposal, and implementing the security features on computers and hard-drive based document printing stations.


The nice part – given the current economic situation – is that these changes do not increase the budget. They just make better use of it.
---
Take the Poll.
See how others feel.

Kevin

SpyCam Story #498 - ICU takes on a new meaning

Rob Spence looks you straight in the eye when he talks. So it's a little unnerving to imagine that soon one of his hazel-green eyes will have a tiny wireless video camera in it that records your every move.

The eye he's considering replacing is not a working one -- it's a prosthetic eye he's worn for several years. Spence, a 36-year-old Canadian filmmaker, is not content with having one blind eye. He wants a wireless video camera inside his prosthetic, giving him the ability to make movies wherever he is, all the time, just by looking around.

"If you lose your eye and have a hole in your head, then why not stick a camera in there?" he asks. (more) (video of operation yuck factor 10)

Foreign spy ring uncovered in Canada

Canada - Federal agents say they have infiltrated a foreign spy ring that illegally exported sensitive goods from Canada while engaging in tens of millions of dollars worth of financial transactions...

Senator Colin Kenny, who chairs a committee on national security, said foreign espionage is a big concern for him and other officials. "We've been very concerned, particularly about the Chinese," he said. (more)

Thursday, December 4, 2008

I Hate to Ruin Your Day, But SpyOn is Here...

SpyOn Voice is a Microsoft Windows application suitable for Win 95, XP and Vista.

SpyOn Voice is undetectable.

The person you are spying on will not notice the bug has been installed and will be able to use their PC normally. The SpyOn Voice bug can be installed on many PC’s in the network. The SpyOn Monitor allows you to connect up and listen to any bugged PC. SpyOn Voice allows you to record vital and sensitive conversations for later playback. These recording can be used for analysis or as evidence material.


SpyOn Voice is easy to use – if you can handle a mobile phone you can handle SpyOn Voice. (
more)

SpyCam Story #497 - Ming (no relation) Pinged

Singapore - A woman was about to undress when she spotted something on top of a bathroom cabinet in a Choa Chu Kang flat last December. When the 31-year-old, who had been renting a room in the unit, took a closer look, she discovered a pinhole-camera, hidden among some buckets on top of the cabinet...

A length of wire attached to the camera led to the master bedroom where it was linked to a computer. The woman immediately told her six other room-mates about her discovery and confronted private school student Toh Tong Ming, 26, who slept in the bedroom. She later made a police report. It is not known how long Toh had been living in the flat, which is owned by his uncle.

Yesterday, he was sentenced in a district court to three weeks' jail for insulting the modesty of the tenant. (more)

'Pop Goes the Weasel' Wiretap Murder Mystery

Two Pennsylvania siblings have been accused of illegally spying on their father before his murder last winter—a case that remains unsolved—because they thought he was cheating on their mother.

While investigating the homicide, state police learned that Ingle's two adult children had been intercepting their father's e-mails in an attempt to prove his infidelity, according to arrest affidavits.

Parth Ingle, 22, and his sister Avnee Ingle, 25, both of Pottstown, were charged this week with 117 counts of unlawful use of a computer and 117 counts of illegal wiretapping. They were freed on bail. (more)

Things Your Sweep Team Should Look Into...

What is that other phone jack really connected to?

A hidden USB memory stick, perhaps?
A GSM Bug?
A microphone?

What is that USB connector on the UPS power strip really connected to?

A GSM Bug?!
A hard drive?!?!
A SpyCam?

If your sweep team is not disassembling these common ports, they are not finding these common covert data vaults and bugs.
Time for a clean sweep? Call me.
~Kevin

Employee Spying - A Cautionary Tale - "Loaded?"

When most people think of eavesdropping, wiretapping and espionage in the workplace, they think outsiders: economic spying conducted by countries, other businesses, freelance spies, etc.

Not so.
Over the past 30+ years, working with businesses and government agencies of all types, here is what I have found... about 50% of these problems are internal: employee vs. employee, labor vs. management (and vice versa), employee vs. external auditors, rogue employees, undercover spy employees, etc..

The following news item provides an example of internal intrigue worthy of a textbook chapter. It is also another very good reason to inspect for covert bugs, voice recorders and wiretaps on a regular basis.


WI - City of Pewaukee Police Chief Gary Bach alleged Wednesday that several officers in his department secretly recorded conversations with him as part of a conspiracy to get him fired...

Bach's allegation came just days before he is to face a disciplinary hearing before the City of Pewaukee's Police and Fire Commission that could lead to his firing...

Lt. John Kopatich, who testified Wednesday that he secretly recorded conversations with Bach...

Testimony elicited throughout the day showed that officers were so distrustful of Bach - and Bach of them - that they all secretly recorded each other.

Kopatich told Davis that he recorded Bach on a number of occasions without Bach's knowledge beginning in 2005. Kopatich said he made the recordings because he wanted proof in case Bach told him to do something and then later denied it...

Bach began recording other officers about the time an investigation was launched into his conduct after a female officer filed a complaint in December 2006 alleging that he used inappropriate language when referring to her, according to testimony.

Capt. Dan Meister testified that Bach also instructed him in January 2007 to begin recording conversations with officers. The chief had a secret code that he used to make sure both had their recorders running, Meister testified. The chief would say, "I'm loaded. Make sure you're loaded," Meister testified. (more)

Internal spying can inflict just as much damage and expense as external spying. Inspecting regularly is both smart and cost-effective. (Learn more about Eavesdropping Detection Audits)