A group of computer security researchers in Israel and Belgium say they've discovered the electronic equivalent of a Slim Jim -- a way to pop the electronic door locks on most cars without ever touching them.
By listening in on the wireless “conversation” between a car and its key, the researchers found they could crack the code that keeps the communication secret. Then they were able to emulate the electronic key and trick the car into unlocking itself.
The research paper, called “How to Steal Cars, (PDF)” was presented at the Crypto 2007 conference at the University of California, Santa Barbara, last week. (more)
Wednesday, August 29, 2007
Electronic Surveillance - "There’s money to be made..."
...And so a new industry was born, known in the trade as ‘Intelligence Support Systems’, complete with its own annual conference. If you’re in Dubai next February, drop by. Since there’s money to be made, panels cover such areas as ‘Electronic Surveillance Cost Recovery Solutions’ and – for the benefit of those who prefer to carry out the intercepts in-house before passing the data on ready-analysed to the relevant government agencies – the key topic of ‘how to transform packet intercept into intelligence’ (more)
Eavesdropping on VoIP Calls—Part 2
In Part 1 of this opus, I (hopefully) painted a scary picture of how easy it is to eavesdrop on VoIP traffic. So what can you to protect your own VoIP traffic? Let's take a look at some of your options.
-- Use Skype
Skype is famous for its excellent call quality and reliability. Its call security is pretty good, and is used on all Skype services—VoIP calls, text chat, and video and file transfers. Skype uses a digital certificate authority and signed certificates, peer authentication, and strong encryption.
-- ZRTP encrypts all VoIP
PGP is the most widely used e-mail encryption software. It now exists in two main forms: a commercial implementation maintained by the PGP Corp., and the free software version, GNU Privacy Guard (GPG). (more)
-- Use Skype
Skype is famous for its excellent call quality and reliability. Its call security is pretty good, and is used on all Skype services—VoIP calls, text chat, and video and file transfers. Skype uses a digital certificate authority and signed certificates, peer authentication, and strong encryption.
-- ZRTP encrypts all VoIP
PGP is the most widely used e-mail encryption software. It now exists in two main forms: a commercial implementation maintained by the PGP Corp., and the free software version, GNU Privacy Guard (GPG). (more)
Goodby, Talking Clock
It's the end of time, at least as far as AT&T is concerned. The brief note in customers' bills hardly does justice to the momentousness of the decision. "Service withdrawal," it blandly declares. "Effective September 2007, Time of Day information service will be discontinued."In the 1930s, an Atlanta company called Audichron devised a system for the time to be provided automatically. Audichron leased its technology to phone companies nationwide, often with sponsorship from local businesses.
Time ladies -- and a few gentlemen -- came and went over the years. Then, in the 1950s, a woman named Mary Moore emerged as the nation's leading time-teller. Her reading of hours, minutes and seconds was delivered in a distinctive if somewhat prissy tone. Moore's odd pronunciation of the numbers 5 ("fiyev") and 9 ("niyun") influenced a generation of operators, much as flying ace Chuck Yeager's West Virginia drawl is said to have been adopted by innumerable airline pilots.
By far the most prominent time lady was Jane Barbe, who succeeded Moore at Audichron in the 1960s. A former big band singer, Barbe (pronounced "Barbie") went on to become the voice of recorded telephone messages in the 1970s and '80s in the United States and elsewhere.
Joanne Daniels started recording the time and other messages for Weatherchron about 25 years ago, and ultimately became the voice Californians hear when they call the service. “I was told at one time that my voice would last until well into the 21st century,” the 65-year-old said. “Now it looks like I’m about to be laid to rest.” (more)
Poland's Eavesdropping Scandal Shuts Down Parliament
The testimony by Poland's Former Minister of Interior about Polish Government use of special services organizations to spy on political opponents has stopped proceedings of the Polish Parliament. And the stoppage may end up being long term. Parliamentary Speaker Ludwig Dorn said if the opposition continues to demand breaks the current session could "go on for months".
Yesterday, during the reading of the secret testimony of Former Minister of Interior Janusz Kaczmarek, Former Minister of Education Roman Giertych exploded when he learned that conversations between him and Former Deputy Prime Minister Andrzej Lepper were recorded and transcripts of their conversations given to Prime Minister Jaroslaw Kaczynski.
Making accusations of a "Polish Watergate", Giertych demanded a delay in Parliamentary proceedings until next Tuesday.
The delay stops all work of the Parliament. (more)
Yesterday, during the reading of the secret testimony of Former Minister of Interior Janusz Kaczmarek, Former Minister of Education Roman Giertych exploded when he learned that conversations between him and Former Deputy Prime Minister Andrzej Lepper were recorded and transcripts of their conversations given to Prime Minister Jaroslaw Kaczynski.
Making accusations of a "Polish Watergate", Giertych demanded a delay in Parliamentary proceedings until next Tuesday.
The delay stops all work of the Parliament. (more)
SpyCam Story #374 - Porno Prof
'Hidden camera' teacher faces more charges
Australia - Police have laid more charges against Cromer High School teacher, Robert Ian Drummond - accused of secretly filming up the skirt of a teenage girl on Sydney's Northern Beaches. Manly Local Court today heard Drummond faces two new charges of producing and possessing child pornography, which relate to the recording made of the girl. (more)
Australia - Police have laid more charges against Cromer High School teacher, Robert Ian Drummond - accused of secretly filming up the skirt of a teenage girl on Sydney's Northern Beaches. Manly Local Court today heard Drummond faces two new charges of producing and possessing child pornography, which relate to the recording made of the girl. (more)
Point, Click, TAP! - How the FBI does it...
The FBI has quietly built a sophisticated, point-and-click surveillance system that performs instant wiretaps on almost any communications device, according to nearly a thousand pages of restricted documents newly released under the Freedom of Information Act.
The surveillance system, called DCSNet, for Digital Collection System Network, connects FBI wiretapping rooms to switches controlled by traditional land-line operators, internet-telephony providers and cellular companies. It is far more intricately woven into the nation's telecom infrastructure than observers suspected.
...the surveillance systems let FBI agents play back recordings even as they are being captured (like TiVo), create master wiretap files, send digital recordings to translators, track the rough location of targets in real time using cell-tower information, and even stream intercepts outward to mobile surveillance vans. (more)
The surveillance system, called DCSNet, for Digital Collection System Network, connects FBI wiretapping rooms to switches controlled by traditional land-line operators, internet-telephony providers and cellular companies. It is far more intricately woven into the nation's telecom infrastructure than observers suspected.
...the surveillance systems let FBI agents play back recordings even as they are being captured (like TiVo), create master wiretap files, send digital recordings to translators, track the rough location of targets in real time using cell-tower information, and even stream intercepts outward to mobile surveillance vans. (more)
Tuesday, August 28, 2007
Listen to VoIP Phones - Even When On the Hook
Recently disclosed information suggests that it is a relatively simple matter to remotely eavesdrop on a broad range of SIP-enabled devices. For readers who aren't aware of what SIP-enabled devices are, SIP (Session Initiation Protocol) is a protocol that is used by a lot of VoIP software and associated telephone handsets to establish, modify, and control a VoIP connection between two parties.
The research that was published indicates that, for at least one vendor, it is possible to automatically call a SIP device from that vendor and have it silently accept the call, even if it is still on the hook - instantly turning it into a classic bugged phone. Whereas historic telephony bugs needed physical targeting of the line running to a property or place of business, the presence of VoIP in the equation allows bugging from anywhere in the world with equal ability.
Now anyone can do from their armchair what only spies and law enforcement used to be able to do from inside the telephone switch / pit / distribution board, though it's still illegal to do so. (more)
The research that was published indicates that, for at least one vendor, it is possible to automatically call a SIP device from that vendor and have it silently accept the call, even if it is still on the hook - instantly turning it into a classic bugged phone. Whereas historic telephony bugs needed physical targeting of the line running to a property or place of business, the presence of VoIP in the equation allows bugging from anywhere in the world with equal ability.
Now anyone can do from their armchair what only spies and law enforcement used to be able to do from inside the telephone switch / pit / distribution board, though it's still illegal to do so. (more)
Pew! What's that smell? A progressive spying technique?
The head of one of the leading insurers in non-standard, high-risk personal auto insurance apologized on Thursday for some substandard behavior - spying in church on people who had the sued the company.
Progressive Corp Chief Executive Glenn Renwick apologized for the use of private detectives, who went undercover to join an Atlanta church group in order to discredit a couple suing the insurer. (more)
Progressive Corp Chief Executive Glenn Renwick apologized for the use of private detectives, who went undercover to join an Atlanta church group in order to discredit a couple suing the insurer. (more)
Monday, August 27, 2007
Which one is the bug?
Photo #1 is one of these.
Photo #2 is one of these.
Plug Bugs Are Heard Around the World
• GSM SIM card inside enables dial in from anywhere in the world
• Listen to conversations from a distance
• Looks like a standard 3-way adaptor plug
"Using the GSM network we can convert any normal 3-way plug into a sophisticated listening device. The plug can be used in your own home or office to gather audio intelligence from across the globe.
Cleverly constructed inside is a GSM SIM card combined with a powerful Knowles microphone which will silently open the connection when you dial in from anywhere in the world, thus allowing you to listen to the surrounding sounds and conversations.
The plug is NOT a working model and can be used to monitor a particular area for periods of audio surveillance.
Note: This unit can be used legally within the EU."
Don't let the foreign look of this bug fool you. It can be built into any type of electrical connector, power strip, radio, TV, lamp, clock, computer, coffee pot or anything which has a source of power.
Video spying tells tale:
Pets let loose when owners are out!
Ever wonder what your pets do when they are home alone?
Jamie Skeate did more than just wonder. The 27-year-old from St. Cloud, Minn., and her husband videotaped her dogs, Bosco, a Great Dane, and Lily, a greyhound.
"Sometimes we would come home and their toys would be all over the house, and my husband and I would joke that it looked like they had had a party," she says. (more)
Ever wonder what your pets do when they are home alone?
Jamie Skeate did more than just wonder. The 27-year-old from St. Cloud, Minn., and her husband videotaped her dogs, Bosco, a Great Dane, and Lily, a greyhound.
"Sometimes we would come home and their toys would be all over the house, and my husband and I would joke that it looked like they had had a party," she says. (more)
Life Imitates Art... Linkletter
...from an Arizonia college newspaper...
"If you like Overheard on Campus, do your part to keep this space filled by submitting the products of your eavesdropping today!
The Arizona Daily Wildcat is proud to feature "Overheard on Campus," where private conversations become public hilarity.
Got a good one? E-mail it to campus@wildcat.arizona.edu. Be sure to include your name, year and major with your submission." (more)
"If you like Overheard on Campus, do your part to keep this space filled by submitting the products of your eavesdropping today!
The Arizona Daily Wildcat is proud to feature "Overheard on Campus," where private conversations become public hilarity.
Got a good one? E-mail it to campus@wildcat.arizona.edu. Be sure to include your name, year and major with your submission." (more)
*** Security Alert *** Video Phone Eavesdropping and Denial of Service Vulnerability
A vulnerability has been reported in the Grandstream GXV3000 IP Video Phone, which can be exploited by malicious people to cause a DoS (Denial of Service) and eavesdrop with vulnerable devices.The vulnerability is caused due to an unspecified error in the SIP stack and can be exploited to set the phone to an inconsistent state by sending an "INVITE" and a "183 Session Progress" message sequence. This allows an attacker to eavesdrop with the device and also disables it to hang up.
The vulnerability is reported in firmware version 1.0.1.7. Other versions may also be affected.
Solution: Reportedly fixed in version 1.0.1.12. Contact the vendor for more information.
Sunday, August 26, 2007
NYC Sightseeing (in reverse)
Surveillance Camera Outdoor Walking Tour: The Lower East Side New York City - A fascinating look at how often you are being taped during your daily jaunt through the city. Taking this guided stroll throug the Lower East Side you'll marvel at the electronic observation of your path. (more) (more)
Chinese spying on German government computers
Numerous computers of the German government are infected by Chinese espionage programs, the weekly Der Spiegel news magazine said in a report to hit the newsstands on Sunday.
Chinese cyber spies snooped reportedly on computers in the chancellery, the foreign and economic ministry as well as the research ministry. According to the Verfassungschutz, the Chinese hackers are believed to be linked to China's People's Army.
Reacting to the report, the Chinese embassy in Berlin dismissed it as "irresponsible speculation without any basis of proof".
Chancellor Angela Merkel was due to embark on Sunday on a one-week visit to China and Japan.
The German media has repeatedly reported on extensive Chinese economic espionage inside Germany. (more)
Chinese cyber spies snooped reportedly on computers in the chancellery, the foreign and economic ministry as well as the research ministry. According to the Verfassungschutz, the Chinese hackers are believed to be linked to China's People's Army.
Reacting to the report, the Chinese embassy in Berlin dismissed it as "irresponsible speculation without any basis of proof".
Chancellor Angela Merkel was due to embark on Sunday on a one-week visit to China and Japan.
The German media has repeatedly reported on extensive Chinese economic espionage inside Germany. (more)
Subscribe to:
Posts (Atom)