Monday, July 19, 2010

When correctly viewed, Everything is lewd. (I could tell you things about Peter Pan, And the Wizard of Oz, there's a dirty old man!)


CA - An Orange County man is expected to enter pleas in federal court to charges he hacked into hundreds of computers to extort sexually explicit videos from women and teenage girls. 

Prosecutors say 31-year-old Luis Mijangos of Santa Ana is due in a Los Angeles courtroom today. A 16-count indictment charges him with conspiracy, mail fraud, aggravated identity theft, extortion, wiretapping and other charges.

Mijangos allegedly tricked about 230 people into downloading a virus that allowed him to take over their personal computers.

Prosecutors say Mijangos looked into computers for sexually explicit pictures, then threatened to e-mail the files to victims' mailing lists to coerce them into sending him videos of them engaged in sex acts. (more) (Smut)

Spies Escaping (shocking)

A Lebanese man suspected of spying for Israel successfully escaped from Lebanon to Israel on Friday by crossing the border near Bint Jbeil, the Lebanese newspaper A-Nahar reported on Sunday. (more)

The alleged paymaster of a Russian spy ring in the United States spoke no more than necessary. He stayed in modest hotels and dressed for the Mediterranean heat: shorts and untucked shirts. He wore spectacles and a clipped mustache. Just another foreign tourist on a budget, it seemed, in a waterfront city in Cyprus where foreign tourists on budgets are a summertime fixture.

To American officials, the man identified as Christopher Robert Metsos is the spy who got away, a footloose operative who funneled money to U.S.-based accomplices, 10 of whom are in custody. Metsos, the FBI says, was a key player in an underworld of coded instructions, false identities, buried banknotes and surreptitious bag swaps.

“If you saw him on the road, you would say, ‘Good morning’ and you would keep walking,” said Michael Papathanasiou, a lawyer who represented Metsos until he jumped bail in Larnaca last week. “There was really nothing strange about him. He was a very normal, usual guy.” (more)

CALEA VoIP Taps In

The FCC has been moving to treat broadband Internet the same as phone services and with those moves, the FBI's wiretapping authority might be becoming more nebulous.

The agency is lobbying the communications commission to make sure its changes in regulation do not hinder the Communications Assistance for Law Enforcement Act which demands that telecom companies allow law enforcement to use wiretaps on phone lines and VoIP calls.

VoIP wiretapping has been challenged in court a few times unsuccessfully, but changes in regulations could hinder wiretap efforts. It seems like at this moment, however, the FCC has no plans to interfere with the wiretapping rules. (more)

Sunday, July 18, 2010

Bizarre Tale of Cop v. Cop

NY - A retired police officer claims that his next-door neighbor, also a cop, stalked and threatened him, falsely accused him of being a pedophile, and illegally wiretapped his computer. He claims that the intrusive cop, Monroe County's first deputy trained in computer forensics at Quantico, Va., was convicted of felony eavesdropping and misdemeanor official misconduct. (long but interesting)

Saturday, July 17, 2010

"Now Hear This!" by Winston Arrington - Available again!

Now Hear This! Electronic Eavesdropping Equipment Designs by Winston Arrington - Sheffield Electronics - 1997 (NOS)
(Click pictures to enlarge.) 
Winston Arrington's electronic eavesdropping and countersurveillance design book is available again. 

Technically excellent, with some very unusual designs, it contains about 125 schematics; all may be built with a moderate level of experience. There is also a (now dated) countermeasures section which was contributed by me.

This book was never easy to purchase. The first printing had to be ordered directly from Winston, himself. This revised and expanded second edition was only sold briefly via the now shuttered Sheffield Electronics website. And, once in a looong while, a used dog-eared copy would show up on eBay to quickly sell in the $50.-$75. range. None have appeared there recently, however.

The picture of Winston's signature is from my copy of the book. Sadly, Winston is no longer with us to sign more of them.

"Now Hear This!" is a collector's item with historical significance, and a lucky find. 

Long out-of-print, and thought to be no longer available, some "new, old stock" copies are available at amazon.com, for the very first time.

It is not known how many copies are available.

Now Hear This! Electronic Eavesdropping Equipment Designs

Thursday, July 15, 2010

10 Years, gone in a flash.

Wales - A reward is being offered for the safe return of a stolen laptop containing 10 years of a company's work.

Thieves broke into DB Liquid Ltd in Ruthin and made off with two laptops. One contained specialised software in which the firm had invested over £250,000. Company director Geoffrey Williams said the programs would be no use to anyone else, but means systems of work spanning 10 years could be lost to the database constructing firm...

“We’d developed a lot of our system software on the laptop which was backed up on a flash drive,” he said. “But unfortunately that was stolen too which means 10 years of work has gone down the drain.

10 years of work and only a flash drive back-up?!?!
The flash drive was stolen, too!?!?
An investment of over £250,000?!?!
"...would be no use to anyone else..." ?!?!
I'm not buying it. 
Are you? 

I wonder who did, and for how much?
Yours truly, Johnny Dollar.

Lady Gaga meets Mr. Data

The soldier accused of downloading a huge trove of secret data from military computers in Iraq appears to have exploited a loophole in Defense Department security to copy thousands of files onto compact discs over a six-month period. In at least one instance, according to those familiar with the inquiry, the soldier smuggled highly classified data out of his intelligence unit on a disc disguised as a music CD by Lady Gaga. (more)

Spyware on Infected USB Sticks

via Krebsonsecurity.com
Researchers have discovered a sophisticated new strain of malicious software that piggybacks on USB storage devices and leverages what appears to be a previously unknown security vulnerability in the way Microsoft Windows processes shortcut files...

Independent security researcher Frank Boldewin said he had an opportunity to dissect the malware samples, and observed that they appeared to be looking for Siemens WinCC SCADA systems, or machines responsible for controlling the operations of large, distributed systems, such as manufacturing and power plants.

Looks like this malware was made for espionage,” Boldewin said. (more)

The under surveillance comics...

Wednesday, July 14, 2010

Special-Ops vs. Special-Ops

FL - The thieves hit on a weekend when no one was around. The target: a military contractor for the super secret Special Operations Command, the elite commandos who help coordinate the war on terror. The intruders entered through the roof, gaining access to iGov Technologies, which occupies suite 110 in the beige corporate center at 9211 Palm River Road. For the next nine hours, they loaded up more than 3,000 laptop computers and other equipment into two waiting semitrailer trucks. (more

Think your company could withstand an info-theft like this? If not, contact the counterespionage consultant who hosts this Security Scrapbook on their Web site.

Two Polls

This poll reflects the opinions of our Security Scrapbook readers.  

Which privacy invasions concern you the most? 
(Pick three.)

26% - Mobile Phone Spyware
18% - Computer Spyware
14% - Bugging
12% - GPS Tracking
11% - Covert Video (SpyCams)
6% - Wiretapping
6% - Covert Voice Recording
5% - Physical Eavesdropping
1% - Other (unspecified)

The following poll asked about smartphone security concerns. It was independently conducted by one of our Security Scrapbook readers. 

They placed their poll on two very different Web sites; one sports oriented, one more military oriented.

What's your approach to smartphone security? 
(Poll allowed users to check more than one.)
29.3% - I just don't do financial stuff with it.
15.5% - Whatever came with it is good enough. I hope.
13.7% - I added a special security program.
13.7% - OK, but who'd want to hack/eavesdrop on me?
12% - Haven't even thought about it.
10.3% - I double-check all apps before downloading.
5.0% - Not worried - Apple's got my back.

Granted, neither poll is scientifically sound or statistically significant, but the answers are interesting on an informal level. 

Thanks to all who participated. 

If you have any ideas for future Security Scrapbook polls please let me know. ~Kevin

Monday, July 12, 2010

Inception - An Industrial Espionage Dream Job

Inception opens July 16th in theaters and IMAX
Dom Cobb is a skilled thief, the absolute best in the dangerous art of extraction, stealing valuable secrets from deep within the subconscious during the dream state, when the mind is at its most vulnerable. Cobb's rare ability has made him a coveted player in this treacherous new world of corporate espionage... (more) (more)

As we've been saying all along, the final frontier of eavesdropping is mind reading. Think of the movie Inception the same way you think of _this one_ ...just with a shorter flash to bang.

Bluetooth Bites Again

UK - A British woman's lawsuit against her ex-husband claims he bugged her car to record her private conversations during the final months of their marriage.

Baksho Devi Gora of Walsall, England, filed a High Court lawsuit seeking "substantial damages" from ex-husband Harvinder Singh Gora for allegedly violating her privacy by recording private telephone conversations from her car and playing them for family and friends, The Daily Telegraph reported Friday.
They were probably made via a small device secretly attached to the Bluetooth system in Mrs Gora's car in May 2008, said her barrister, Mr Eardley. (more) (how they do it)

Spies Demise

Moscow - The 14 alleged spies deported from Russia and the U.S. remained out of public view over the weekend amid uncertainty over where they had been taken and how they would restart their lives...

Nuclear scientist Igor Sutyagin phoned his family from an unidentified hotel near London, where he is apparently confined by British authorities until a decision is made about whether he will remain in the U.K., his mother said.

The whereabouts of the others, including the 10 Russian agents expelled from the U.S. to Moscow, were unknown. (more)

Quis custodiet ipsos custodes?

via Wired.com...
We’re not sure what’s more humorous: That California Rep. Jane Harman, the ranking member of the House Intelligence Committee, maintains two unencrypted Wi-Fi networks at her residence, or that a consumer group sniffed her unsecured traffic in a bid to convince lawmakers to hold hearings about Google.

A representative for Consumer Watchdog — a group largely funded by legal fees, the Rose Foundation, Streisand Foundation, Tides Foundation and others — parked outside Harman’s and other lawmakers’ Washington-area residences to determine whether they had unsecured Wi-Fi networks that might have been sniffed by Google as part of the internet giant’s Street View and Google Maps program.

The group wants the House Energy and Commerce Committee, of which Harman is also a member, to haul Google executives before it, so they can publicly explain why, for three years, Google was downloading data packets from unencrypted Wi-Fi networks in neighborhoods in dozens of countries.(more)