GA - Police say a Loganville man was caught filming up the skirt of a female shopper Sunday at a Home Depot - and that it doesn't appear to be the first time he's done so.
Police have charged Joseph Davidson, 35, with felony eavesdropping for allegedly recording the lewd footage via a palm-size, home video camera concealed in a flower pot. (more)
Friday, May 1, 2009
Thursday, April 30, 2009
Reflect on this... Visual Eavesdropping
I began warning my city clients about visual eavesdropping back in the 1970's. I still do today. My concern then was not computer screens; clients didn't have them.
My concern was lip reading, and it wasn't theoretical. We had a case where this was the method of eavesdropping. The president had a corner office on Park Avenue. Big glass windows. Scores of vantage point offices across the street. We caught them in the act.
The visual eavesdropping info-target is bigger these days. Lip reading concerns have expanded to concerns about: whiteboard / projection / computer screen reading and now... reading the reflections off of shiny objects in the room. ~ Kevin
via Scientific American...
"Through the eyepiece of Michael Backes’s small Celestron telescope, the 18-point letters on the laptop screen at the end of the hall look nearly as clear as if the notebook computer were on my lap.
I do a double take.
Not only is the laptop 10 meters (33 feet) down the corridor, it faces away from the telescope. The image that seems so legible is a reflection off a glass teapot on a nearby table.
In experiments here at his laboratory at Saarland University in Germany, Backes has discovered that an alarmingly wide range of objects can bounce secrets right off our screens and into an eavesdropper’s camera. Spectacles work just fine, as do coffee cups, plastic bottles, metal jewelry—even, in his most recent work, the eyeballs of the computer user. The mere act of viewing information can give it away." (more)
My concern was lip reading, and it wasn't theoretical. We had a case where this was the method of eavesdropping. The president had a corner office on Park Avenue. Big glass windows. Scores of vantage point offices across the street. We caught them in the act.
The visual eavesdropping info-target is bigger these days. Lip reading concerns have expanded to concerns about: whiteboard / projection / computer screen reading and now... reading the reflections off of shiny objects in the room. ~ Kevin
via Scientific American...
"Through the eyepiece of Michael Backes’s small Celestron telescope, the 18-point letters on the laptop screen at the end of the hall look nearly as clear as if the notebook computer were on my lap.
I do a double take.
Not only is the laptop 10 meters (33 feet) down the corridor, it faces away from the telescope. The image that seems so legible is a reflection off a glass teapot on a nearby table.
In experiments here at his laboratory at Saarland University in Germany, Backes has discovered that an alarmingly wide range of objects can bounce secrets right off our screens and into an eavesdropper’s camera. Spectacles work just fine, as do coffee cups, plastic bottles, metal jewelry—even, in his most recent work, the eyeballs of the computer user. The mere act of viewing information can give it away." (more)
Monday, April 27, 2009
"Dude, let's go for a drive!"
"There are going to be thousands of victims." Anthony Muzichenko, the owner of L.A. Management, who lost 25 computers.
CA - In a bold, systematic hit on a landmark Ventura Boulevard office building, burglars stole scores of computers from at least 60 of the 80 businesses there, taking machines containing sensitive legal documents, credit card numbers and the tax information of thousands of people, police said Saturday.
The overnight theft at the Chateau Office Building in Woodland Hills left accountants, a talent agent, property management companies, attorneys and other businesses in the three-story structure scrambling to assess their losses as police scoured the premises... Several concluded that the thieves' target must have been the information contained on their hard drives, not property.
In one office, a pile of hard drives had been stacked in a corner, ready to be hauled out... thieves left a backup drive, positioned atop the server, leading him to believe that the theft was aimed at "the information, definitely. The computers by themselves are not worth much."
One businessman said the credit card numbers of 7,000 clients were stolen. Accountant Richard Levy said his stolen computer held the tax documents of 800 clients. Attorney Marshall Bitkower said only three computers were taken from his office, but "they had all kinds of stuff. Everything: people's names, credit cards, clients, e-mails back and forth -- who knows what."
Muzichenko, a talent manager, said that when he heard the news he was "very hysterical. I was crying. I have to restore my business." (more)
Moral: Backup and Encrypt.
CA - In a bold, systematic hit on a landmark Ventura Boulevard office building, burglars stole scores of computers from at least 60 of the 80 businesses there, taking machines containing sensitive legal documents, credit card numbers and the tax information of thousands of people, police said Saturday.
The overnight theft at the Chateau Office Building in Woodland Hills left accountants, a talent agent, property management companies, attorneys and other businesses in the three-story structure scrambling to assess their losses as police scoured the premises... Several concluded that the thieves' target must have been the information contained on their hard drives, not property.
In one office, a pile of hard drives had been stacked in a corner, ready to be hauled out... thieves left a backup drive, positioned atop the server, leading him to believe that the theft was aimed at "the information, definitely. The computers by themselves are not worth much."
One businessman said the credit card numbers of 7,000 clients were stolen. Accountant Richard Levy said his stolen computer held the tax documents of 800 clients. Attorney Marshall Bitkower said only three computers were taken from his office, but "they had all kinds of stuff. Everything: people's names, credit cards, clients, e-mails back and forth -- who knows what."
Muzichenko, a talent manager, said that when he heard the news he was "very hysterical. I was crying. I have to restore my business." (more)
Moral: Backup and Encrypt.
History of U.S. Privacy - Ben Franklin's Web Site
via amazon.com...
Ben Franklin's Web Site: Privacy and Curiosity from Plymouth Rock to the Internet
This book explores the hidden niches of American history to discover the tug between Americans' yearning for privacy and their insatiable curiosity.
The book describes Puritan monitoring in Colonial New England, then shows how the attitudes of the founders placed the concept of privacy in the Constitution. This panoramic view continues with the coming of tabloid journalism in the Nineteenth Century, and the reaction to it in the form of a new right - the right to privacy.
The book includes histories of wiretapping, of credit reporting, of sexual practices, of Social Security numbers and ID cards, of modern principles of privacy protection, and of the coming of the Internet and the new challenges to personal privacy it brings. (more)
Ben Franklin's Web Site: Privacy and Curiosity from Plymouth Rock to the Internet
This book explores the hidden niches of American history to discover the tug between Americans' yearning for privacy and their insatiable curiosity.
The book describes Puritan monitoring in Colonial New England, then shows how the attitudes of the founders placed the concept of privacy in the Constitution. This panoramic view continues with the coming of tabloid journalism in the Nineteenth Century, and the reaction to it in the form of a new right - the right to privacy.
The book includes histories of wiretapping, of credit reporting, of sexual practices, of Social Security numbers and ID cards, of modern principles of privacy protection, and of the coming of the Internet and the new challenges to personal privacy it brings. (more)
22 Fired During Illegal Eavesdropping Purge
Colombia’s DAS security service fired 22 detectives, apparently in connection with an investigation into the illegal wiretapping of leading public figures... “When questioned about the reason for the dismissals, spokespeople for the agency said Muñoz affected them making use of the discretionary authority the law gives him, and that there will another purge this Friday.” (more)
UPDATE - Colombia's domestic intelligence agency has fired another 11 people in a scandal over illegal eavesdropping of judges, journalists and politicians.
That brings to 33 the total number of people dismissed from the Department of Administrative Security since the scandal broke in February. (more)
UPDATE - Colombia's domestic intelligence agency has fired another 11 people in a scandal over illegal eavesdropping of judges, journalists and politicians.
That brings to 33 the total number of people dismissed from the Department of Administrative Security since the scandal broke in February. (more)
Saturday, April 25, 2009
Staying Safe Abroad - The Blog, Edward L. Lee II
Last year, I gave all my clients a free copy of Edward L. Lee's book: Staying Safe Abroad: Traveling, Working & Living in a Post-9/11 World Yes, it was that good!
The feedback I received spanned from: "Thank you so much..." to one security director saying, "I am buying copies for all our key executives who travel."
If you travel, or know someone who does, buy the book and get FREE updates by following Staying Safe Abroad - The Blog.
"What makes Ed Lee the big expert?"
Ed Lee retired from the US State Department in April 2006, after a career as a special agent, Regional Security Officer, director of training, chief investigator of the Cyprus Missing Persons Program, director of security of the U.S. Agency for International Development and as a senior advisor in the Office of Anti-Terrorism Assistance.
Most of his work now is devoted to educating global companies and governmental entities in how to be successful and keep their people safe abroad.
His career also includes 15 years as an international security consultant; for ten years he served as the security advisor to the Inter-American Development Bank. Additionally, Ed served six years in the Marines before joining the US State Department as a special agent.
"Why the plug?"
I hear you say.
Just a film noir PI's cliche,
"Dead clients don't pay."
The feedback I received spanned from: "Thank you so much..." to one security director saying, "I am buying copies for all our key executives who travel."
If you travel, or know someone who does, buy the book and get FREE updates by following Staying Safe Abroad - The Blog.
"What makes Ed Lee the big expert?"
Ed Lee retired from the US State Department in April 2006, after a career as a special agent, Regional Security Officer, director of training, chief investigator of the Cyprus Missing Persons Program, director of security of the U.S. Agency for International Development and as a senior advisor in the Office of Anti-Terrorism Assistance.
Most of his work now is devoted to educating global companies and governmental entities in how to be successful and keep their people safe abroad.
His career also includes 15 years as an international security consultant; for ten years he served as the security advisor to the Inter-American Development Bank. Additionally, Ed served six years in the Marines before joining the US State Department as a special agent.
"Why the plug?"
I hear you say.
Just a film noir PI's cliche,
"Dead clients don't pay."
Top Seven Emerging Threats to VoIP Services
A clear, lucid article on VoIP security (or, bad stuff that can happen to that fancy new phone on your desk that plugs into the network instead of the old phone jack). Written by one of the many vendors who offer solutions.
Summary:
• VoIP DoS attacks
• Spam over Internet Telephony (SPIT)
• VoIP service theft
• SIP registration hijacking
• Eavesdropping
• VoIP directory harvesting
• Voice Phishing, or Vishing
"WatchGuard advices all businesses using VoIP systems to review their perimeter and VoIP security." (more)
Additional solution vendors:
• Sipera
• Radware
• VoIP Security Buyer's Guide
FREE VoIP security information:
• Mark Collier's VoIP Security Blog
• Blue Box: The VoIP Security Podcast
• Security Considerations for Voice Over IP Systems
Summary:
• VoIP DoS attacks
• Spam over Internet Telephony (SPIT)
• VoIP service theft
• SIP registration hijacking
• Eavesdropping
• VoIP directory harvesting
• Voice Phishing, or Vishing
"WatchGuard advices all businesses using VoIP systems to review their perimeter and VoIP security." (more)
Additional solution vendors:
• Sipera
• Radware
• VoIP Security Buyer's Guide
FREE VoIP security information:
• Mark Collier's VoIP Security Blog
• Blue Box: The VoIP Security Podcast
• Security Considerations for Voice Over IP Systems
Man gets prison for recording anger-management classes
...and is he pissed!
PA - An Allentown man who secretly recorded his court-ordered anger management classes and posted them on YouTube was sentenced to state prison Friday.
Richard P. Mason III told Northampton County Judge Paula Roscioli that he wanted his daughter to see the group therapy sessions, which were ordered as part of his sentence on a terroristic threats charge, said Second Deputy District Attorney William Matz Jr.
Instead, the recordings landed Mason, 41, with a probation violation and a new sentence of 18 to 36 months in state prison on the threats case. Prosecutors are also considering bringing new charges against Mason for violating the state's wiretap law, Matz said.
The case is ''unique,'' Matz said. ''First for me; I think the first for our office.'' (more)
PA - An Allentown man who secretly recorded his court-ordered anger management classes and posted them on YouTube was sentenced to state prison Friday.
Richard P. Mason III told Northampton County Judge Paula Roscioli that he wanted his daughter to see the group therapy sessions, which were ordered as part of his sentence on a terroristic threats charge, said Second Deputy District Attorney William Matz Jr.
Instead, the recordings landed Mason, 41, with a probation violation and a new sentence of 18 to 36 months in state prison on the threats case. Prosecutors are also considering bringing new charges against Mason for violating the state's wiretap law, Matz said.
The case is ''unique,'' Matz said. ''First for me; I think the first for our office.'' (more)
Friday, April 24, 2009
Lost Laptop Cost Survey
A single lost or stolen laptop costs a business an average of nearly $50,000. At least, that's the word from an Intel-sponsored study by the Ponemon Institute.
That figure is based on Ponemon's recent voluntary survey of 28 US companies reporting 138 separate cases of missing laptops.
Value of missing kit was mathmagically calculated by factoring laptop replacement, data breach cost, loss of productivity, investigation cost, and other variables.
The value of a lost lappy to a firm cost an average of $49,246, according to Ponemon. Minimum damage calculated in the survey was about $1,200, and the maximum reported value was just short of a cool $1m.
By far, the cost of a data breach was found to be the most expensive part of losing a lappy, eating up about 80 per cent of the total average cost to a company. (more) (survey)
That figure is based on Ponemon's recent voluntary survey of 28 US companies reporting 138 separate cases of missing laptops.
Value of missing kit was mathmagically calculated by factoring laptop replacement, data breach cost, loss of productivity, investigation cost, and other variables.
The value of a lost lappy to a firm cost an average of $49,246, according to Ponemon. Minimum damage calculated in the survey was about $1,200, and the maximum reported value was just short of a cool $1m.
By far, the cost of a data breach was found to be the most expensive part of losing a lappy, eating up about 80 per cent of the total average cost to a company. (more) (survey)
Laser Beam-ers on the loose...
Turkey - Eleven vehicles with laser eavesdropping systems were the sources for the wiretapping records that were recently broadcast by the media, daily HĂĽrriyet reported yesterday.
"Two of these vehicles are at the disposal of a team that is under the authority of the Prime Ministry," said CHP deputy Ahmet Ersin, who is also a member of the Parliamentary Wiretapping Subcommittee.
Laser eavesdropping technology enables conversations to be taped without the need to install bugs on targets’ communication devices.
Ä°zmir deputy Ersin said, "I learned that the vehicles were imported from Canada and Israel in 2005, but could not get the addresses of where these vehicles were delivered." (more)
"Two of these vehicles are at the disposal of a team that is under the authority of the Prime Ministry," said CHP deputy Ahmet Ersin, who is also a member of the Parliamentary Wiretapping Subcommittee.
Laser eavesdropping technology enables conversations to be taped without the need to install bugs on targets’ communication devices.
Ä°zmir deputy Ersin said, "I learned that the vehicles were imported from Canada and Israel in 2005, but could not get the addresses of where these vehicles were delivered." (more)
Thursday, April 23, 2009
Did you learn about wiretapping in 8th Grade?
Students seem riveted (yawn)...
TEACHER: You’re gonna look at— The words of the week for week five are wiretapping, source, suspicious, notwithstanding, which is a tough word to use in a sentence, and eliminate, okay? (video)
Too bad. Illegal electronic surveillance is an important topic. Teacher, Chris Buttimer, is raising an issue that was glossed over in schools when Nixon was on the hot seat; thus history repeated.
TEACHER: You’re gonna look at— The words of the week for week five are wiretapping, source, suspicious, notwithstanding, which is a tough word to use in a sentence, and eliminate, okay? (video)
Too bad. Illegal electronic surveillance is an important topic. Teacher, Chris Buttimer, is raising an issue that was glossed over in schools when Nixon was on the hot seat; thus history repeated.
Did Corporate Spying Doom Denizen Hotels?
via Deidre Woollard, Luxist.com...
It looks like corporate espionage has sunk the fledgling Denizen Hotels brand. Hilton Hotel Corp. has announced that it has received a federal grand jury subpoena for documents regarding two former employees of Starwood hotels who switched camps and brought their trade secrets with them.
Starwood has sued Hilton saying that Hilton used privileged information in the development of the Denizen brand. The employees, Ross Klein and Amar Lalvani have been placed on paid administrative leave pending review. The Denizen Hotel website is down and Hilton has announced that the development of the brand has been "temporarily suspended." Will the brand be resurrected after the case sorts itself out? My guess is that Hilton will rebrand the hotels as something else. (more)
It looks like corporate espionage has sunk the fledgling Denizen Hotels brand. Hilton Hotel Corp. has announced that it has received a federal grand jury subpoena for documents regarding two former employees of Starwood hotels who switched camps and brought their trade secrets with them.
Starwood has sued Hilton saying that Hilton used privileged information in the development of the Denizen brand. The employees, Ross Klein and Amar Lalvani have been placed on paid administrative leave pending review. The Denizen Hotel website is down and Hilton has announced that the development of the brand has been "temporarily suspended." Will the brand be resurrected after the case sorts itself out? My guess is that Hilton will rebrand the hotels as something else. (more)
Business Espionage - Patent Theft Costs (update)
The Australian Commonwealth Scientific and Industrial Research Organisation (CSIRO) will use the money won from a Wi-Fi technology patent battle to fund further research.
Legal action in the United States between the CSIRO and a number of global computing giants came to an end today, with the last of 14 companies opting for confidential settlements with the scientific agency. (more)
Conclusion: Business espionage is a big BIG gamble. Obtaining justice after the fact is expensive, for all parties. This is a rare case. The good guys won. To add insult to injury, the bad guys are paying for research which will be used against them in the future. Sweet. Most often, however, the spies are allowed to win. Sour. Who "allows" them to win? Corporate victims who never bothered to look for evidence of spies in their midst. Not looking? Get help.
Legal action in the United States between the CSIRO and a number of global computing giants came to an end today, with the last of 14 companies opting for confidential settlements with the scientific agency. (more)
Conclusion: Business espionage is a big BIG gamble. Obtaining justice after the fact is expensive, for all parties. This is a rare case. The good guys won. To add insult to injury, the bad guys are paying for research which will be used against them in the future. Sweet. Most often, however, the spies are allowed to win. Sour. Who "allows" them to win? Corporate victims who never bothered to look for evidence of spies in their midst. Not looking? Get help.
Security Alert - Adobe Acrobat Reader
via Erik Larkin, pcworld.com...
The popular Adobe Reader is a favorite target of online crooks, according to Mikko Hypponen, chief research officer with antivirus company F-Secure. And for better security you should ditch Reader and go with a free alternative...
Poisoned PDFs are also often used as part of a customized, targeted attack, he says, when they're sent to a specifically selected recipient attached to a well-crafted e-mail. (more)
Look for FREE alternate readers at pdfreaders.org
The popular Adobe Reader is a favorite target of online crooks, according to Mikko Hypponen, chief research officer with antivirus company F-Secure. And for better security you should ditch Reader and go with a free alternative...
Poisoned PDFs are also often used as part of a customized, targeted attack, he says, when they're sent to a specifically selected recipient attached to a well-crafted e-mail. (more)
Look for FREE alternate readers at pdfreaders.org
Councilman found guilty in spying case
SC - A former South Carolina county councilman has been found guilty of using spyware to scan another county employee's computer and e-mails.
Attorneys for former Greenville County Councilman Tony Trout said he'll likely appeal the conviction. He faces up to 16 years in prison when he is sentenced later...
Federal prosecutors said Trout used monitoring software to access County Administrator Joe Kernell's computer, took private e-mails and posted them on a Web site.
Trout was convicted of illegally accessing a computer, destroying records and intentionally intercepting and disclosing electronic communications. (more)
Attorneys for former Greenville County Councilman Tony Trout said he'll likely appeal the conviction. He faces up to 16 years in prison when he is sentenced later...
Federal prosecutors said Trout used monitoring software to access County Administrator Joe Kernell's computer, took private e-mails and posted them on a Web site.
Trout was convicted of illegally accessing a computer, destroying records and intentionally intercepting and disclosing electronic communications. (more)
Labels:
amateur,
computer,
data,
employee,
espionage,
government,
Hack,
leaks,
spyware,
wiretapping
Subscribe to:
Posts (Atom)