New Details Support Tor Spying Theory
"You'll recall the story about the Swedish security researcher who stumbled upon unencrypted embassy e-mail traffic that was passing through five Tor exit nodes he set up. ...
TeamFurry researchers decided to examine the configuration of a few Tor exit nodes to see what they might be up to and found some interesting results...
Of course there's no telling who the exit node owners are (bored hackers, industrial spies or intelligence agencies) or what they're doing for sure, but as TeamFurry notes, the configurations sure look suspicious." (more)
Tor is digital 'Hide and Seek'.
Carter would have loved it.
From the BBC...
"French web users caught pirating movies or music could soon be thrown offline.Net firms will monitor what their customers are doing and pass on information about persistent pirates to the new independent body. Those identified will get a warning and then be threatened with either being cut off or suspended if they do not stop illegal file-sharing." (more)
From security pundit, Lauren Weinstein, who puts it a little more bluntly...
"In a breathtaking act of arrogance reminiscent of the heyday of Louis XVI (and likely to trigger similar public reactions among many Internet users, though perhaps unfortunately absent the 'equalizing' influence of la guillotine), the French government and its overseers (the entertainment industry), along with a cowering collection of gutless ISPs, have announced an agreement for ISPs to become the Internet Police Force in France." (more)
Canada - Three directors of the Energy and Utilities Board are leaving the agency rocked by a spying scandal for "personal reasons."John Nichol, Ian Douglas and Graham Lock sat on an EUB panel considering an application for a power line between Calgary and Edmonton. The agency later admitted to hiring private investigators to eavesdrop on landowners opposed to the project. (more)
Diana, Princess of Wales, was so convinced that her telephone calls were being monitored in the months before her death that she changed her numbers regularly, her private secretary said yesterday. (more)
Miscreants are trying to convince email users that their telephone conversations are being recorded in a ruse designed to scare prospective marks into buying bogus security software. Emails promoting the campaign are laced with a new Trojan horse malware.
The Dorf-AH Trojan horse appears as an attachment in emails claiming that the sender is a private detective listening into a recipient's phone calls. This "detective" claims he's prepared to switch sides and reveal who has paid for the surveillance at a later date.
In the meantime, prospective marks are asked to listen to the supposed recording of one of their recent phone calls that comes attached to the email in the form of a password-protected RAR-archived MP3 file. In reality, however, the MP3 file is not an audio file of a telephone conversation or anything else but a malicious executable program that installs malware onto victim's computer. (more)
Hushmail, the web's leading provider of encrypted web mail, updated its explanation of its security model, confirming a THREAT LEVEL report that the company can and will eavesdrop on its users when presented with a court order, even if the targets uses the company's vaunted Java applet that does all the encryption and decryption in a browser. (more)
UK - Detectives involved in the cash for honours inquiry had their telephones tapped to find out whether they were leaking information to the media.The extensive bugging was carried out amid allegations by Sir Gus O’Donnell, the cabinet secretary, that Scotland Yard was leaking information about the progress of the inquiry. (more)
A former Russian frogman has claimed that he killed a famed British diver, who vanished while spying on a Soviet warship more than 50 years ago.Commander Lionel "Buster" Crabb disappeared after the vessel, which had brought Soviet leaders to Britain, docked in Portsmouth harbour in 1956.
Retired sailor Eduard Koltsov told a Russian documentary crew that he cut the Englishman's throat after catching him placing a mine. (more)
Scotland's preparations for the Hampden crunch with Italy were rocked by a sensational spying scandal.
Team boss Alex McLeish had to halt a closed door training session in Dumbarton when he spotted a mysterious onlooker on the roof of a white van using a camera to record his secret tactical workout.
McLeish had earlier been placed on alert by the Daily Record after we received a tip-off that an Italian would be trying to spy on the team at the Strathclyde Homes Stadium.
It was part of a sneaky attempt to uncover his match plan for Saturday's do-or-die European qualifier.
Daily Record photographer Phil Dye was also on the lookout for suspicious characters. "This really was a quite extraordinary set of events. It was like something out of Austin Powers. (more)
The Justice Department has reopened an inquiry into the Bush administration's domestic eavesdropping program after its investigators received security clearances that President Bush once blocked. (more)
A federal appeals court in San Francisco today handed a major victory to the Bush administration, ruling that a lawsuit challenging the government's warrantless wiretapping program could not go forward because of the "state secrets" privilege. (more)
OPEC SUMMIT Blunder lets media eavesdrop on ministers' meeting...
A blunder by organisers at an OPEC summit in Riyadh enabled journalists to watch a highly sensitive meeting of the foreign, finance and oil ministers from the 12 member countries of the cartel.The gathering, during which the ministers discussed the agenda for a two-day summit of heads of state starting Saturday, was broadcast on close-circuit television in the media room for about 30 minutes.It featured highly sensitive comments by the foreign ministers of Iran and US-ally Saudi Arabia, who differed sharply over whether to include an expression of concern over the falling US dollar in the summit's final declaration. (more)
Charles A. Sennewald, CMC, CPP, CPO, is the author of Effective Security Management. He has a genius for turning difficult into easy!
Here is his tip for disciplining subordinates...
Torture as Part of the Disciplinary Process
To discipline a subordinate is deemed by many a supervisor and manager as a personal ordeal or a form of torture. “Torture” in terms of being obliged to confront and criticize the performance, or lack of performance, of a fellow employee. We agonize over sitting down face-to-face to deal with the problem. Not a pleasant task! No one wants to do it.
BUT WAIT! We can take the torture out of the process if we understand three simple principles:
1. The word discipline is derived from the Latin discipulus which means learning. The word disciple comes from the same root, hence the disciples of Christ were students, hence discipline really means a learning process, not a punitive action.
2. This learning process, really a form of training, corrects, molds or strengthens an employee in the interests of achieving departmental or organizational goals.
3. Thus the effective disciplinary process condemns the wrongful act, not the employee, i.e. you’re okay but what you did is not okay. By focusing on the conduct and performance rather than the personality the whole process takes on a constructive dimension which is easy to handle and is acceptable by all.
Adios Torture.
Muchas gracias, Chuck!
The Scare... (from noheat.com)
"Its always been assumed that with some amount of hacking your simple phone can help locate you through GPS and help big brother zero in on your activities. ...watch the video and you will see a security consultant undress your iPhone so far even it blushes.
He even illustrates how a simple iPhone can record phone conversations, browsing habits, email, and even record the rooms ambient noises when it appears to be off.
Suddenly every office meeting is subject to recording, the arguments with your wife are fair game, and every word you utter could be recorded and used against you."
The Consultant Explains the Techie Stuff...
(Rik Farrow, UNIX specialist and consultant from Sedona, AZ)
Back to Reality...
"...Apple (which declined to comment), in its latest patch, inoculated the iPhone against the Metasploit that Farrow used." (more)
• 'Smart' phones intrinsically have bugging buddy capabilities.
• We're mere keystrokes away from the next eavesdropping hack.
• Protection requires detection.
UK - A newly-appointed top British intelligence advisor raised eyebrows Friday after colourful and indiscreet details of his personal life were revealed -- on his own website.
Alex Allan's website gives details including his home address and his wife's mobile phone number.
Allan was appointed Thursday as chairman of the Joint Intelligence Committee, the body which provides senior ministers with the latest assessments from Britain's security services.
...on his website 56-year-old Allan details his love for the cult US band The Grateful Dead and reveals a picture of his former self in 1969 with microphone hair, flares and Paisley-print cravate strumming on a guitar.
And like a sketch from the hit British comedy series Monthy Python's Flying Circus, he is also pictured in a pinstripe suit and bowler hat, windsailing to work on the River Thames past parliament during a train strike in the 1980s.
The Daily Telegraph quoted one unnamed senior security official as saying the personal information and photos contained on the site was "a very serious breach". (more) (update)
