Los Angeles - The wiretapping trial of Anthony Pellicano, the accused sleuth to the stars and irrepressible eavesdropper, has offered much fodder for celebrity watchers over its two-month run... the trial, which went to the jury last week, offered arguably more for people who enjoy talk of encryption software, code-wiping booby traps or the low-tech secrets of phone company networks.
Here, through various witnesses, are a few of the disclosures:
• Wiretapping is really, really easy. And not just for the government. Anyone sitting in on the Pellicano trial (and staying awake during the telecom testimony) could walk away ready to intercept phone calls after a quick stop at Radio Shack for less than $50 in equipment... For all his wiretapping prowess, however, Mr. Pellicano could not tap cellphones.
• Phone “sweeps” offer false security. There are many companies that offer wiretap detection services. But these services are meant to pick up devices on the premises of the target. If the tap is elsewhere, they are useless...
• The person who programmed Mr. Pellicano’s wiretap software was a college dropout named Kevin Kachikian... His software incorporated an encryption algorithm, Serpent, that the government’s code-breakers have not been able to crack. Serpent, can be downloaded free...
• Mr. Pellicano bragged about his wiretapping ability and vowed that no one on earth would ever learn of it — proving that a code of silence is not too useful if you never stop blabbing about it. (more)
Monday, May 5, 2008
Sunday, May 4, 2008
Eavesdropping Movie - "Monte Rouge"
Title: Monte RougeWriter/Director: Eduardo del Llano
Time: 15 minutes
Plot: Electronic eavesdropping.
Setting: Cuba.
Humor: Dark, subtle; like Monte Rouge.
"...two plain-clothed security agents knock at the door of a young man, Nicanor O'Donell.
"Good morning, my name is Rodríguez. This is comrade Segura," they tell him. "We're here to install the microphones."
"Our mission is to install microphones in your home to listen directly to the anti-governmental comments you make," the SDE (state security) agent says.
Nicanor can't believe. To him it is a bad dream or a bad joke.
The agents explain that they run a pilot scheme to make their work "more inclusive." No longer will the SDE break in to the houses of suspects to place microphones, they will just knock on the door and ask the house owner to let them install them. All in the name of "more openness."
In exchange they ask that Nicanor accepts the "obvious limitations" of having only two microphones placed in the house (one in the bathroom). And, to ensure that all subversive conversations are held in that place, offering to install a free mini-bar in the bathroom to get guests to go there for these conversations.
In a mild mannered conversation (with some dark undertones), they explain they know all about him: his black market dealings (exchanging a table from a museum with a guard of the museum for a VCR), the conversations he has had with friends in bars, ... The say he was selected for this test program because of his "excellent analysis" that goes beyond "more bitching" (and the fact that he lived close to the station while they had no access to a car).
They also ensure him that the devices are independent of the electricity grid (Cuba is known for its blackouts) as it "hardly would make sense to make eavesdropping dependent of the electricity." The young man is also warned that it is known to them that he also makes some positive comments about Cuba, but that he is to refrain from that "crap" as doesn't interest them and is a waste of their time.
The author stresses that he did not mean to indict Cuba's state security system, he just wanted to create and describe an present absurd Kafkaesque situation. He succeeded.
In Cuba and abroad there is a lot of speculation that del Llano and the other participants in Monte Rouge, could face reprisals for the irreverent clip. Let's hope that the popularity of the clip will protect them."
(en español: video Part 1 video Part 2)
Saturday, May 3, 2008
Spy Agency’s Eavesdropping Rose Last Year
S. Korea - The Broadcasting and Communications Commission (BCC) said Thursday that the number of eavesdropping requests from the spy agency and police last year was the highest since 2004, while the number of cases of e-mail monitoring and caller identification also rose.
Telephone companies allowed the National Intelligence Service (NIS), police officials and prosecutors to tap 1,142 phone calls last year, up from 1,062 cases in 2006. Most of the requests were from the NIS, the spy agency.
The number of caller identification requests from investigation authorities also increased by more than 20 percent to 183,659 cases from 150,743, the BCC said. E-mail monitoring rose 28.9 percent to 326 cases.
Furthermore, the actual number of eavesdropping cases can be higher than the released figure since multiple requests on a single case are counted as one, the BCC said. (more)
Telephone companies allowed the National Intelligence Service (NIS), police officials and prosecutors to tap 1,142 phone calls last year, up from 1,062 cases in 2006. Most of the requests were from the NIS, the spy agency.
The number of caller identification requests from investigation authorities also increased by more than 20 percent to 183,659 cases from 150,743, the BCC said. E-mail monitoring rose 28.9 percent to 326 cases.
Furthermore, the actual number of eavesdropping cases can be higher than the released figure since multiple requests on a single case are counted as one, the BCC said. (more)
SpyCam Story #443 - Reality YOU tube
Reporter Tom Regan of ABC News' Atlanta station, WSB-TV, investigated how video cameras may be providing an unwelcome window into your private life.
From a baby's nursery, to a restaurant, to an office, private scenes proved shockingly easy to eavesdrop on with minimal equipment in a recent WSB-TV outing.
Regan's team bought a $100 rearview camera from a local auto parts store, installed it in an S.U.V. and simply drove around. They were amazed by the images picked up by the wireless monitor that came with the rearview camera... (more with video report)
And so, our list of residential snitch devices grows longer...
• 1960's - AM wireless intercom systems.
• 1970's - FM wireless intercom systems.
• 1980's - Cordless telephones.
• 1990's - Wireless audio baby monitors.
• 2000's - Wireless TV baby/security monitors.
What ABC News didn't mention is that professional burglars have taken advantage of these technologies for over 50 years. Their latest tool is a sensitive, compact video scanner.
Friday, May 2, 2008
SpyCam Story #442 - Webcam Hijack Warning
Experts at SophosLabs™, are warning computer users about the importance of properly securing PCs, following news that a man who allegedly used computer malware to prey upon young women has been charged in Canada.
According to media reports, 27-year-old Daniel Lesiewicz has been charged with using spyware to take over the webcams of women as young as 14 and coerced them into posing naked for him. (more)
According to media reports, 27-year-old Daniel Lesiewicz has been charged with using spyware to take over the webcams of women as young as 14 and coerced them into posing naked for him. (more)
PIs and Bug Creators Jailed for Industrial Espionage
An Israeli firm of private investigators has been rapped for using spyware to steal sensitive information.
According to reports, four members of the Israeli Modi'in Ezrahi private investigation company have been sentenced after being found guilty of using a Trojan horse to steal commercial information.
The Trojan, which was designed and marketed by London-based couple Michael and Ruth Haephrati, was said to have been used by a number of different private investigation firms to spy on companies including the HOT cable television group and Rani Rahav PR agency.
Another alleged victim was Champion Motors, which imports Audi and Volkswagen vehicles. (more)
A married couple accused of using computer worms to conduct industrial espionage has received jail terms of four and two years after pleading guilty in an Israeli court.
Ruth Brier-Haephrati, 28, and her husband Michael Haephrati, 44, were also ordered to pay damages of two million shekels (£245,000) to their victims. (more)
According to reports, four members of the Israeli Modi'in Ezrahi private investigation company have been sentenced after being found guilty of using a Trojan horse to steal commercial information.
The Trojan, which was designed and marketed by London-based couple Michael and Ruth Haephrati, was said to have been used by a number of different private investigation firms to spy on companies including the HOT cable television group and Rani Rahav PR agency.
Another alleged victim was Champion Motors, which imports Audi and Volkswagen vehicles. (more)
A married couple accused of using computer worms to conduct industrial espionage has received jail terms of four and two years after pleading guilty in an Israeli court.
Ruth Brier-Haephrati, 28, and her husband Michael Haephrati, 44, were also ordered to pay damages of two million shekels (£245,000) to their victims. (more)
The Essential Guide to VoIP Privacy
What you need to know about protecting the privacy and confidentiality of IP phone calls.
People generally assume that their private phone calls are just that: private. VoIP users, however, shouldn't take privacy for granted. (neither group should)
The problem with most VoIP calls is that they travel over the Internet, a very public network. This means that calls are vulnerable to snooping at various points throughout their journey. And even private-network VoIP calls can be tapped if access can be gained to the physical wiring.
As a result, business competitors, employees, criminal gangs, tech hobbyists and just plain snoops can all listen in to a business's outgoing and incoming VoIP calls. All that's needed is a packet-sniffing program, easily downloaded from the Internet, and perhaps a tiny piece of hardware to tap into a physical wire undetectably.
But the news isn't all bad. Methods and systems are available to safeguard VoIP traffic... (more)
People generally assume that their private phone calls are just that: private. VoIP users, however, shouldn't take privacy for granted. (neither group should)
The problem with most VoIP calls is that they travel over the Internet, a very public network. This means that calls are vulnerable to snooping at various points throughout their journey. And even private-network VoIP calls can be tapped if access can be gained to the physical wiring.
As a result, business competitors, employees, criminal gangs, tech hobbyists and just plain snoops can all listen in to a business's outgoing and incoming VoIP calls. All that's needed is a packet-sniffing program, easily downloaded from the Internet, and perhaps a tiny piece of hardware to tap into a physical wire undetectably.
But the news isn't all bad. Methods and systems are available to safeguard VoIP traffic... (more)
CBS 46 Investigates: Cell Phone Spying
New cell phone “spyware” has made it easy for just about anyone to bug your phone and uncover details of your private life, communications experts say.
The “spyware," marketed to suspicious spouses, parents and employers, can turn just about any cell phone into a high-tech spying device.
A quick search on the Internet reveals dozens of "spy phone" programs ranging from $4 to $400. Some “spyware” works on Bluetooth technology, while others require a download onto a "smart" phone, like a Blackberry or Web-based device. CBS 46 Investigative Reporter Wendy Saltzman tested Flexispy, high-end software that experts say allows people to eavesdrop on calls, download e-mails, and even track a person's GPS location at the touch of a button. (more) (video) (similar subject, different source)
The “spyware," marketed to suspicious spouses, parents and employers, can turn just about any cell phone into a high-tech spying device.
A quick search on the Internet reveals dozens of "spy phone" programs ranging from $4 to $400. Some “spyware” works on Bluetooth technology, while others require a download onto a "smart" phone, like a Blackberry or Web-based device. CBS 46 Investigative Reporter Wendy Saltzman tested Flexispy, high-end software that experts say allows people to eavesdrop on calls, download e-mails, and even track a person's GPS location at the touch of a button. (more) (video) (similar subject, different source)
Hairdresser Makes Man Harried
Can you solve this mystery?
Police in Germany helped a man solve a mystery that had been bugging him for over two years. The phone would ring and the man did not recognize the number so he had the number blocked.
After paying to have the number blocked for a while he stopped paying for the blocking service and the mystery started all over again. (answer)
Police in Germany helped a man solve a mystery that had been bugging him for over two years. The phone would ring and the man did not recognize the number so he had the number blocked.
After paying to have the number blocked for a while he stopped paying for the blocking service and the mystery started all over again. (answer)
Court-Approved Wiretapping Rose 14% in '07
Last year might have been a rough year for U.S. home prices, but growth in government wiretaps remained healthy, with the eavesdropping sector posting a 14% increase in court orders compared to 2006.In 2007, judges approved 4,578 state and federal wiretaps, as compared to 4,015 in 2006, according to two new reports on criminal and intelligence wiretaps.
State investigators are increasingly turning to wiretaps, according to newly released statistics. State police applied for 27% more wiretaps in 2007 than in 2006, with 94% of them targeting cell phones, according to figures released by the U.S. Courts' administrator.
In 2007, state judges approved 1,751 criminal wiretap applications, without turning any of them down, according to the report (.pdf). That's a near-three fold increase in state wiretaps since 1997. (more)
Thursday, May 1, 2008
Porsche CEO Eavesdropping Case (update)
The well-respected Strafor (a private strategic intelligence analysis service) today characterized the eavesdropping of Porsche CEO, Wendelin Wiedeking, this way...
"The aggressor’s tactics were amateur."
Given the target – Mr. Wiedeking – and business climate around Porsche, it is unlikely amateurs would be involved. This is a high-stakes assignment. Professionals only.
Think like a professional eavesdropper. "I know they are going to look. I'll plant something they can find fairly easily; a trophy for the sweepers, a little confusing, with no clear culprit, amateurish, but plausible.
Result...
Triumphant, the TSCM team waves their 'find' and goes for a beer.
The real bugs/taps are planted deeper – much deeper.
But wait... This half-baked story should never have hit the press. Something smells.
Porsche went from 0 to 60 in filing their police complaint.
Normally, corporate eavesdropping finds are kept quiet and investigated further. When enough evidence is gathered to actually prove something, the police might be called. Publicity undermines stockholder confidence.
Amateur? Yes. But, is it the eavesdropper who should wear that moniker? If what appeared in the press is really the truth, characterize the handling of the case as amateur.
Other possibilities...
• Porsche planted the eavesdropping device themselves. A PR stunt – thinking it would somehow enhance their business bargaining position.
• The baby monitor bug was planted by the TSCM technicians to make themselves look good. (When a TSCM team presents evidence of bugs they should also volunteer for polygraph testing. My guess is they won't.)
The rest of Strafor's Porsche bugging analysis is accurate...
"The use of a security contractor to employ technical security countermeasures (TSCMs)* was not only a smart move by Wiederking in 2007 (a previous eavesdropping problem), but a wise decision for other players in today’s corporate environment. Industrial espionage is a common occurrence in the modern business world."
Espionage is foreseeable.
When was the last time you checked for bugs? ~Kevin
* This should read, "technical surveillance countermeasures (TSCM)"
"The aggressor’s tactics were amateur."
Given the target – Mr. Wiedeking – and business climate around Porsche, it is unlikely amateurs would be involved. This is a high-stakes assignment. Professionals only.
Think like a professional eavesdropper. "I know they are going to look. I'll plant something they can find fairly easily; a trophy for the sweepers, a little confusing, with no clear culprit, amateurish, but plausible.
Result...
Triumphant, the TSCM team waves their 'find' and goes for a beer.
The real bugs/taps are planted deeper – much deeper.
But wait... This half-baked story should never have hit the press. Something smells.
Porsche went from 0 to 60 in filing their police complaint.
Normally, corporate eavesdropping finds are kept quiet and investigated further. When enough evidence is gathered to actually prove something, the police might be called. Publicity undermines stockholder confidence.
Amateur? Yes. But, is it the eavesdropper who should wear that moniker? If what appeared in the press is really the truth, characterize the handling of the case as amateur.
Other possibilities...
• Porsche planted the eavesdropping device themselves. A PR stunt – thinking it would somehow enhance their business bargaining position.
• The baby monitor bug was planted by the TSCM technicians to make themselves look good. (When a TSCM team presents evidence of bugs they should also volunteer for polygraph testing. My guess is they won't.)
The rest of Strafor's Porsche bugging analysis is accurate...
"The use of a security contractor to employ technical security countermeasures (TSCMs)* was not only a smart move by Wiederking in 2007 (a previous eavesdropping problem), but a wise decision for other players in today’s corporate environment. Industrial espionage is a common occurrence in the modern business world."
Espionage is foreseeable.
When was the last time you checked for bugs? ~Kevin
* This should read, "technical surveillance countermeasures (TSCM)"
Wednesday, April 30, 2008
Wanted: Surveillance Camera Monitors
Washington - The D.C. government plans to begin centralized monitoring of about 5,000 security cameras it maintains throughout the city, giving emergency-management officials a broad look into schools, public housing and other sites.The city says the system will save money and provide 24-hour monitoring, rather than the sporadic attention in the current patchwork of camera systems. But civil liberties advocates expressed alarm.
"Having it all together in one place brings us one step closer to the kind of scary movie scenario where they can track somebody moving across the city," said Art Spitzer, legal director of the American Civil Liberties Union for the Washington area.
D.C. police will continue to watch their 73 surveillance cameras in high-crime neighborhoods, Darrell Darnell, head of the D.C. Homeland Security and Emergency Management Agency, said yesterday. But his agency will set up a center to monitor an array of other closed-circuit TV cameras, including nearly 3,500 inside D.C. public schools, 131 used by the Department of Transportation and 720 used by the D.C. Housing Authority. (more)
The Headline Evil Word You Can Prevent
April 22, 2008 - "Sanford Hospital tightens security after baby taken"
The good news...
The child was rescued a short time later by a police officer who stopped a Chevy Blazer on Interstate 4 (more)
The bad news...
Most corporations are hedging their bets that the word "after" will not appear in a headline about their security efforts.
In the corporate world, stealing intellectual property is the real-life equivalent of a baby – the corporation's baby. The baby who is to be nurtured into the company's future.
Now is the time to tighten security;
• while it is inexpensive to do,
• while your stockholder good-will is high,
• while you still have a job.
1. Work with your Legal Department to upgrade and keep current: non-disclosure agreements, non-compete contracts, and pro-active programs to detect and deter eavesdropping and espionage.
2. Work with your IT department on: password protection, encryption, wireless LAN security audit and compliance surveys, and employee education.
3. Keep current with intellectual property threats.
Read the news.
Offer the boss proof!
You need funding to prevent eavesdropping and espionage problems.
P.S. Problems do happen...
• Recent Problem #1
• Recent Problem #2
• Recent Problem #3
• Recent Problem #4
• Recent Problem #5
• Recent Problem #6
• Recent Problem #7
• Recent Problem #8
• Recent Problem #9
• Recent Problem #10
And all this was just April's news!
Is it any wonder that this Hot Boardroom Topic was also in April's news?
~Kevin
The good news...
The child was rescued a short time later by a police officer who stopped a Chevy Blazer on Interstate 4 (more)
The bad news...
Most corporations are hedging their bets that the word "after" will not appear in a headline about their security efforts.
In the corporate world, stealing intellectual property is the real-life equivalent of a baby – the corporation's baby. The baby who is to be nurtured into the company's future.
Now is the time to tighten security;
• while it is inexpensive to do,
• while your stockholder good-will is high,
• while you still have a job.
1. Work with your Legal Department to upgrade and keep current: non-disclosure agreements, non-compete contracts, and pro-active programs to detect and deter eavesdropping and espionage.
2. Work with your IT department on: password protection, encryption, wireless LAN security audit and compliance surveys, and employee education.
3. Keep current with intellectual property threats.
Read the news.
Offer the boss proof!
You need funding to prevent eavesdropping and espionage problems.
P.S. Problems do happen...
• Recent Problem #1
• Recent Problem #2
• Recent Problem #3
• Recent Problem #4
• Recent Problem #5
• Recent Problem #6
• Recent Problem #7
• Recent Problem #8
• Recent Problem #9
• Recent Problem #10
And all this was just April's news!
Is it any wonder that this Hot Boardroom Topic was also in April's news?
~Kevin
Wiretap Laws Morph With Technology
Excellent article detailing how legal wiretapping in the United States was forced to grow with technology.In the old days, everyone was linked to a lug nut... (everyone's telephone) ended up in the basement of the telephone company's switching station. There, the wire emerged, pegged to a rack by a single copper lug nut. Acres of racks lined the walls, each holding rows and columns of lug nuts and their wires, neatly stacked atop each other...
And then it all went sideways.
At the same time that the phone companies were preparing for the transition to digital, the use of cellphones -- which were inherently harder to tap because they used phone lines differently than analog devices -- mushroomed. ...Electronic surveillance, once such a dependable, relatively easy craft, was becoming inordinately difficult. (more)
Tuesday, April 29, 2008
"...thus proving they could keep a secret, for decades."
Japan - The Ministry of Internal Affairs and Communications' regional information policy office has decided to warn local governments about using analog cordless phones after it was learned that people could listen in on calls with commercially available receivers. (more)
Subscribe to:
Posts (Atom)