Thursday, February 28, 2008

Unsecured Wi-Fi Could Compromise Your Identity

CBS3.com - Special Report...
The wireless internet signal you rely on for convenience could be making things easier for internet intruders. Police said hackers could be using your computer to download illegal music, child porn, or even your bank information.


Using a simple can antenna from his car, George Sandford can burglarize homes from hundreds of yards away out in the open and without wearing a mask.

"You can open bank accounts. You get drivers licenses, you can get practically anything you want," Sandford said.

All by using relatively low tech equipment, just about anyone with knowledge can hack into computers using unsecured wireless internet or Wi-Fi signals of unsuspecting people...

"I can build a body of information about you, your back accounts," Sandford said.

Jamie Smith spoke to one unsuspecting resident, "We were able to get onto your internet just a few seconds ago," and Rebecca Hansen of Swarthmore responded, "No."

Rebecca is a client of Tech Guides Incorporated and George Sandford is far from a thief. He is actually Tech Guides' security expert. He sat down and showed Rebecca how to secure her Wi-Fi something everyone should do.

"Not securing your wireless networking is pretty much putting a sign on your house saying 'Hey, we're open,'" Sanford said. Only about half of homes with Wi-Fi are locked. If you don't your computer's connection could be slowed down by others accidentally using your Wi-Fi. (complete story with video)

Directions for securing your Wi-Fi

Global Info Survey - CIO's Get Smart

A growing number of organizations recognize information security can provide more than just protection of corporate assets, with the delivery of IT and operational efficiencies and improving overall business performance emerging as critical objectives. That is the word from Ernst & Young's 10th annual global information security survey. The survey canvassed nearly 1,300 senior executives in more than 50 countries. (more)

Abusive Teacher Caught On Tape

A Houston mother, who said her daughter was well-behaved at home, was worried about what was going on in her child's classroom because the girl had been suspended four times for bad behavior.

Teacher: 'Y'all Are Just Stupid Kids'
So, Diana Mijares decided to secretly bug her daughter's backpack and was shocked to hear what was on the tape.

"It made us concerned," Mijares said on "Good Morning America" today. "It was enough and we needed answers."

Megan Mijares' digital tape recorded mostly mundane moments at Memorial Elementary School's prekindergarten class, but then it captured the teacher yelling at the group of 4- and 5-year-olds. All of it happened without Megan's or her teacher's knowledge.

"You're just a bad kid," the teacher says on the six-hour tape. "You're mean to me, so I get to be mean to you."

The teacher, who was not identified, continues to harshly scold the children.

"You are all just stupid kids. I swear to God," the teacher says. "You are just all stupid kids." (more) (video)

"Grab the binoculars. The girls are headed for the Blue Lagoon!"

Regime revives Fiji spy agency
The interim Cabinet will revive the National Security Council and the Fiji Intelligence Services. A statement from the interim Cabinet said this was a move to combat threats of terrorism against Fiji. (more)

Liechtenstein reveals industrial spying probe

Liechtenstein, focus of international investigations over tax fraud, said on Wednesday a man convicted after stealing data from a Liechtenstein bank was now being investigated for industrial espionage...

"The investigations concern suspicion of spying out business secrets for the benefit of a foreign party," the Office of the Public Prosecutor said in a statement. (more)

German high court conditionally approves government data spying

Germany's Constitutional Court has determined that any data stored or exchanged on PCs is private and protected by the country's constitution -- just not if you're a suspect.

The court determined that data collection directly encroaches on citizens' rights, but that authorities will be allowed to spy on suspicious individuals with high court approval. (more)

2007 Electronic Monitoring & Surveillance Survey:

Over Half of All Employers Combined Fire Workers for E-Mail & Internet Abuse

From e-mail monitoring and Website blocking to phone tapping and GPS tracking, employers increasingly combine technology with policy to manage productivity and minimize litigation, security, and other risks. To motivate compliance with rules and policies, more than one fourth of employers have fired workers for misusing e-mail and nearly one third have fired employees for misusing the Internet, according to the 2007 Electronic Monitoring & Surveillance Survey from American Management Association (AMA) and The ePolicy Institute. (more)

PartnerSpy vs. PartnerSpy

In Scotland, where punches are not pulled, a daily newspaper instructs its readers, "How To Spy On Your Partner." For us, of course, it is a cautionary tale. These tactics may be employed by anyone, against anyone.

Partner vs. Partner is only one of many snoop scenarios. Here are some others:
- Employees vs. Management
- Ambitious Executive vs. Unsuspecting Executive
- Competitor vs. You
- Defendant vs. Plaintiff
- News Media / Protest Groups vs. Your Company

Being aware of 'everyman' spy technology is the first step toward protection. The second step is actively looking. Which, by the way, is what we do best for businesses and governments worldwide.

How To Spy On Your Partner

Feb 27 2008 By Craig McQueen

Lipstick on collars or smelling of a strange perfume used to be how cheating husbands got caught out. But in these days of big divorce settlements, spurned partners are gathering evidence the hi-tech way.

One US firm has produced a SIM card reader that opens text messages AFTER they've been deleted - and that's just the tip of the iceberg. Other surveillance gadgets used today would look at home in spy films. They're legal and freely available from websites spystoreuk.com, spycatcheronline.co.uk and brickhousesecurity.com

Here are a few of the best: (described in detail here)
- HIDDEN CAMERAS
- MOBILE PHONE TRACKING
- WIRELESS BUGS
- PHONE RECORDERS
- GPS TRACKING
- COMPUTER KEY LOGGING
- THE TEDDY CAM
- INTERCEPTOR SOFTWARE
- VEHICLE TRACKING

Wednesday, February 27, 2008

SpyCam Story #436 - SpyCam Goes to School

from "blammocamo"...
"I 'hid' my camera and caught some clips of what people were doing during spare period." (boring video) (many many more boring videos)

We've come a long way from the days of Alan Funt. SpyCam'ing is an acknowledged worldwide pass-time. One second you are anonymous, the next second your are a star on youtube.com. Laws are always about 10-years behind the technology. Look for spycams to make some creative legislation.

In the meantime, at least take some steps to protect your workplace and the intellectual property kept there.

Ideas...
- Establish security policy which includes videography.
- Conduct periodic sweeps for video bugging devices.
- Learn to recognize the spycamer's tricks. (1) (2) (3), for example.

FREE Password Cracker

Here is how it works in geek-speak...
RainbowCrack is a general propose implementation of Philippe Oechslin's faster time-memory trade-off technique. In short, the RainbowCrack tool is a hash cracker. A traditional brute force cracker try all possible plaintexts one by one in cracking time. It is time consuming to break complex password in this way. The idea of time-memory trade-off is to do all cracking time computation in advance and store the result in files so called "rainbow table". It does take a long time to precompute the tables. But once the one time precomputation is finished, a time-memory trade-off cracker can be hundreds of times faster than a brute force cracker, with the help of precomputed tables.

Bottom line...
Your cat's name never was a good password anyway. Change it. (help)

National Lottery operator employee spied on rivals

UK - A manager at Camelot, the national lottery operator, used false identities to gather intelligence on rival companies, according to an official investigation.

Alexia Latham, a media relations manager, used three aliases to glean information over a 10-month period as Camelot fought off competitors to win a lucrative 10-year licence...

Camelot, which has run the UK lottery since it started in 1994, was awarded a new 10-year licence by the NLC last August.

Following a close competition, the company beat off a rival bid from Sugal & Damani, which runs state lotteries in India. The new licence will begin in February next year. (more)

Turn your iPhone sideways, and "Open Channel D"

The Incredible World of SPY-Fi: Wild and Crazy Spy Gadgets, Props, and Artifacts from TV and the Movies
by Danny Biederman


from Publishers weekly...
Even people who aren’t big spy movie fans know that James Bond gets to play with some great gadgets. The same goes for the casts of Mission: Impossible, The Man from U.N.C.L.E. and I Spy.

Biederman has been immersed in the spy world, at least as Hollywood depicts it, from the time of his youth in the 1960s, when he was introduced to a world of "spies, gadgets, adventure, and beautiful women—everything that a ten-year-old boy could possibly want."

Since then he has collected over 4,000 props from various sets, amassing such an impressive trove that in 2000 the CIA asked him to exhibit it at its headquarters.

This book tells the story of each TV series and movie through Biederman’s props, which range from the coat hook used in U.N.C.L.E. to open a secret passageway, to the gold sofa that adorned James West’s private railroad car in The Wild Wild West.

Executive Briefing - "Wiretapping Made Easy"

from forbes.com...
Silently tapping into a private cellphone conversation is no longer a high-tech trick reserved for spies and the FBI. Thanks to the work of two young cyber-security researchers, cellular snooping may soon be affordable enough for your next-door neighbor.


In a presentation Wednesday at the Black Hat security conference in Washington, D.C., David Hulton and Steve Muller demonstrated a new technique for cracking the encryption used to prevent eavesdropping on global system for mobile communications (GSM) cellular signals, the type of radio frequency coding used by major cellular service providers including AT&T (nyse: T - news - people ), Cingular and T-Mobile. Combined with a radio receiver, the pair say their technique allows an eavesdropper to record a conversation on these networks from miles away and decode it in about half an hour with just $1,000 in computer storage and processing equipment...

Who will be the customers for their innovative espionage technique?
Hulton and Muller say they aren't sure yet. (more)

SpyCam Story #435 - Bottoms Up

UK - A council worker has been arrested on suspicion of spying on women in the toilets at Coventry's historic Council House. The arrest came after police were called in following a complaint by a victim. There are fears that a man may have somehow concealed himself underneath the floorboards of the toilets and filmed unsuspecting victims on his mobile phone. (more)

Industrial Espionage in Brazil

Brazil - Brazilian police said on Tuesday they were treating the theft of strategic data from Brazil's state-run energy giant Petrobras as a case of industrial espionage.

Petrobras confirmed last Thursday that four laptops and two RAM memory chips were stolen in late January from a transport container owned by the U.S. oil-field service company Halliburton, a longtime Petrobras business partner.

The data came from a drilling ship in the Santos basin, where a huge new oil reserve was recently discovered. The find could make Brazil one of the world's major oil producers...

Caetano confirmed it was not the first case of data robbery from Petrobras. The company reported similar cases to police about a year ago but said they did not involve important information.

He faulted the security in the latest case. (more)