Eavesdropping on the Boss: Is it “Cause” to Fire Me?
by Alan L. Sklover
Question: I was put on suspension for sharing information I learned when playfully eavesdropping on my boss. Then I was called at home and terminated. I was told my actions, and the actions of another employee who I shared the information with, did not meet the required level of integrity of the company. At the same time, one employee who is still there goes to strip clubs. Was my firing a wrongful termination?
S.A.M., Houston, TX
Answer: Sorry, but on this issue I have to agree with your employer. Eavesdropping on your boss, even if it’s playful, is not something most any employer would tolerate. If people think their telephone conversations are being listened to, they may be reluctant to use them. If people think their conversations may be repeated, they may not speak openly. And taking precious time at work to do things like this just don’t help anyone. Additionally, the fact that someone else does things that are not proper (either on their own time or on company time) does not in any way excuse or justify your errors. Your conduct would be considered “cause” for firing at almost any employer. My best advice: learn from the mistake. Work is for working; eavesdropping isn’t working, and will get you fired. It’s that simple.
Best, Al Sklover
Sunday, June 8, 2008
SpyCam Story #417 - Illinois' New Law (update)
Original report - "A lawyer in Wheaton (IL) hid his cameras in a roll of toilet paper and a basket of potpourri in the women's restroom."
Update - "A former Wheaton attorney (Jerald Mangan) convicted in 2006 of spying on a female colleague has had his license suspended for another two years after admitting to spying on a neighbor in his apartment complex." (more)
Update - "A former Wheaton attorney (Jerald Mangan) convicted in 2006 of spying on a female colleague has had his license suspended for another two years after admitting to spying on a neighbor in his apartment complex." (more)
"All right, who said, 'Turkey'?"
When we last left Turkey...
• A possible Turkish Watergate scandal.
• “AK Party is eavesdropping” claims the opposition.
• Turkish opposition claims security forces bugged its headquarters.
Now, the rest of the story...
• CHP’s bugging allegations turn into bitter comedy.
When the Vakit daily published details of a private conversation between Sav and a former governor last week, Sav claimed his party's headquarters had been bugged. The CHP backed the allegations, reasoning that there was no other way the daily could have obtained such detailed information about the conversation. The CHP argued that a group close to the government within the police force was gathering intelligence for the ruling party.
In response to the accusations, Vakit said its reporter had called Sav on his cell phone for a statement on the day of the meeting and that Sav simply forgot to end the call on his cell when he received his guest, leaving the phone connected for nearly an hour. Records of the call from Turk Telekom and Sav’s cell phone company, Turkcell, seemed to verify this story, as they both showed a 44-minute connection between a phone at Vakit and Sav’s cell phone...
The secularist media, which had initially supported Sav, started calling for his resignation after it turned out that the Vakit scandal was caused by what they described as “his inability to use a cell phone properly.” (more)
• A possible Turkish Watergate scandal.
• “AK Party is eavesdropping” claims the opposition.
• Turkish opposition claims security forces bugged its headquarters.
Now, the rest of the story...
• CHP’s bugging allegations turn into bitter comedy.
When the Vakit daily published details of a private conversation between Sav and a former governor last week, Sav claimed his party's headquarters had been bugged. The CHP backed the allegations, reasoning that there was no other way the daily could have obtained such detailed information about the conversation. The CHP argued that a group close to the government within the police force was gathering intelligence for the ruling party.
In response to the accusations, Vakit said its reporter had called Sav on his cell phone for a statement on the day of the meeting and that Sav simply forgot to end the call on his cell when he received his guest, leaving the phone connected for nearly an hour. Records of the call from Turk Telekom and Sav’s cell phone company, Turkcell, seemed to verify this story, as they both showed a 44-minute connection between a phone at Vakit and Sav’s cell phone...
The secularist media, which had initially supported Sav, started calling for his resignation after it turned out that the Vakit scandal was caused by what they described as “his inability to use a cell phone properly.” (more)
Saturday, June 7, 2008
SpyCam Story #448 - Premature Ejection
Hong Kong - A suspected Peeping Tom was critically injured after falling 10 floors while allegedly spying on a woman taking a bath in her high-rise Hong Kong flat.
The man was a neighbour of the 28-year-old woman and had apparently scaled the outside of the apartment block to shoot film of her with his mobile phone camera, police said.
The woman screamed for her husband when she spotted the suspect, aged 44, who then slipped and fell, falling 10 storeys to the ground, according to police. (more)
The man was a neighbour of the 28-year-old woman and had apparently scaled the outside of the apartment block to shoot film of her with his mobile phone camera, police said.
The woman screamed for her husband when she spotted the suspect, aged 44, who then slipped and fell, falling 10 storeys to the ground, according to police. (more)
World Spy News Roundup
The world is a busy place when it comes to spying.
Here is the action over the last few weeks...
Australia
• Government email spying plan under criticism.
• Government report... embrace "illegal", "deceptive" and "underhanded" espionage overseas.
Canada
• Was the bedroom of minister's ex really bugged?
China
• China calls computer spying claim ‘totally groundless’.
• Video surveillance equipment will be installed at Beijing schools.
European Union
• In-flight spycams - one in every seat; software analyzes you.
France
• Privy Privacy in Cannes - Madonna's unpaid $93,000 hotel bill over spying camera.
Germany
• Businesses across Germany spy on their workers.
• German spying scandals reawaken dark memories.
• Deutsche Telekom admits bugging phones of top management; then denies that it listened!
• The spying scandal affecting Deutsche Telecom continues to grow.
• Government gives police greater powers to monitor homes, phones and computers.
• Heinz Geyer, deputy head of former East German spy agency, dies.
• Lufthansa admits spying on journalist.
India
• Debate continues: Should Blackberry allow government security to spy on users.
• India practices unacceptably intrusive electronic surveillance.
Israel
• Israel frees Hezbollah spy for soldiers' remains.
Italy
• Ferrari spying may still be an issue.
The Netherlands
• Netherlands banned electronic voting machines; "eavesdropping risk".
Pakistan
• Dueling wiretaps. Battle of the political phone bugs.
Poland
• Lech Walesa angry with President Kaczynski about spying accusations.
• President Kaczynski denies ordering wiretaps on ex-prime minister Kazimierz Marcinkiewicz.
Russia
• Russia to demand Georgia ends spy flights.
Saudi Arabia
• 6 caught selling eavesdropping devices.
Sweden
• Swedish government may soon get power to spy on its citizens.
Taiwan
• National Security Bureau denied wiretapping telephone calls of officials and president.
Turkey
• A possible Turkish Watergate scandal.
• “AK Party is eavesdropping” claims the opposition.
• Turkish opposition claims security forces bugged its headquarters.
Uganda
• MP accuses government of spying on committees.
United Kingdom
• Government refused to investigate BT's covert wiretapping of thousands of customers.
• Councils admit spying on residents.
• Councils admit phone, e-mail spying.
• Bugging epidemic spreads - Vodafone fingered in new spying row.
• Top gadgets for spying on fellow SEO’s.
• Redcar hotel owner set up video camera to spy on couple.
• Government considering interception and data-mining all electronic communications.
United States
• Former S. Korean spy granted asylum. Had divulged illicit wiretapping of mobile phones.
• Court upholds conviction of Cuban spies.
• Study secretly tracked cell phone users outside US.
• Chinese expelled from the US for suspected industrial spying.
• Sheriff's Office disbands tarnished spy squad.
• Gutierrez possible victim of Chinese cyber spying.
• Former police chief accused of illegally bugging his secretary's office has pleaded guilty.
• P.I.'s In HP spying scandal fined.
• Billboards look back. Tiny cameras gather and analyze viewer's faces.
• Woman pleads guilty to aiding Chinese spy.
• Rent-A-Spy - 3/4's of the U.S. intelligence budget now goes to outside contractors.
• Feds encrypt 800,000 laptops; 1.2 million to go.
• Ex-CIA official indicted over agency job for mistress.
• TJX staffer sacked; talked about lax information security.
Venezuela
• Hugo Chavez's move to boost internal spying in Venezuela.
• Chavez spy laws 'creating society of informers'.
• Update! Chavez changes his mind. No new spy law.
Here is the action over the last few weeks...
Australia
• Government email spying plan under criticism.
• Government report... embrace "illegal", "deceptive" and "underhanded" espionage overseas.
Canada
• Was the bedroom of minister's ex really bugged?
China
• China calls computer spying claim ‘totally groundless’.
• Video surveillance equipment will be installed at Beijing schools.
European Union
• In-flight spycams - one in every seat; software analyzes you.
France
• Privy Privacy in Cannes - Madonna's unpaid $93,000 hotel bill over spying camera.
Germany
• Businesses across Germany spy on their workers.
• German spying scandals reawaken dark memories.
• Deutsche Telekom admits bugging phones of top management; then denies that it listened!
• The spying scandal affecting Deutsche Telecom continues to grow.
• Government gives police greater powers to monitor homes, phones and computers.
• Heinz Geyer, deputy head of former East German spy agency, dies.
• Lufthansa admits spying on journalist.
India
• Debate continues: Should Blackberry allow government security to spy on users.
• India practices unacceptably intrusive electronic surveillance.
Israel
• Israel frees Hezbollah spy for soldiers' remains.
Italy
• Ferrari spying may still be an issue.
The Netherlands
• Netherlands banned electronic voting machines; "eavesdropping risk".
Pakistan
• Dueling wiretaps. Battle of the political phone bugs.
Poland
• Lech Walesa angry with President Kaczynski about spying accusations.
• President Kaczynski denies ordering wiretaps on ex-prime minister Kazimierz Marcinkiewicz.
Russia
• Russia to demand Georgia ends spy flights.
Saudi Arabia
• 6 caught selling eavesdropping devices.
Sweden
• Swedish government may soon get power to spy on its citizens.
Taiwan
• National Security Bureau denied wiretapping telephone calls of officials and president.
Turkey
• A possible Turkish Watergate scandal.
• “AK Party is eavesdropping” claims the opposition.
• Turkish opposition claims security forces bugged its headquarters.
Uganda
• MP accuses government of spying on committees.
United Kingdom
• Government refused to investigate BT's covert wiretapping of thousands of customers.
• Councils admit spying on residents.
• Councils admit phone, e-mail spying.
• Bugging epidemic spreads - Vodafone fingered in new spying row.
• Top gadgets for spying on fellow SEO’s.
• Redcar hotel owner set up video camera to spy on couple.
• Government considering interception and data-mining all electronic communications.
United States
• Former S. Korean spy granted asylum. Had divulged illicit wiretapping of mobile phones.
• Court upholds conviction of Cuban spies.
• Study secretly tracked cell phone users outside US.
• Chinese expelled from the US for suspected industrial spying.
• Sheriff's Office disbands tarnished spy squad.
• Gutierrez possible victim of Chinese cyber spying.
• Former police chief accused of illegally bugging his secretary's office has pleaded guilty.
• P.I.'s In HP spying scandal fined.
• Billboards look back. Tiny cameras gather and analyze viewer's faces.
• Woman pleads guilty to aiding Chinese spy.
• Rent-A-Spy - 3/4's of the U.S. intelligence budget now goes to outside contractors.
• Feds encrypt 800,000 laptops; 1.2 million to go.
• Ex-CIA official indicted over agency job for mistress.
• TJX staffer sacked; talked about lax information security.
Venezuela
• Hugo Chavez's move to boost internal spying in Venezuela.
• Chavez spy laws 'creating society of informers'.
• Update! Chavez changes his mind. No new spy law.
Friday, June 6, 2008
New Bug Hides In USB Cable
A normal USB 2.0 cable?Acts like a normal USB cable.
But, U BS and this SOB will UHF it up to several hundred feet away! UBF'ed.
A wired wireless eavesdropping device. Weird.
This bug is just one of scores of Internet-available eavesdropping devices. Bugs bugging businesses - happens every day.
So, who cleans up these problems?
SOP... US.
Monday, June 2, 2008
Reverse Phone Detective
"Find out the owner of any cell phone or unlisted number. Results include name, current address, carrier, and location details when available. Your search is 100% confidential."But, guess what!
A 'Full Report' will cost you $14.95
A One-year Membership will cost you $39.95
Want to make sure no one can look up your number?
Want to opt out?
You guessed it!
That will cost you $4.95 :)
(more)
Bluetooth Bites
Bluetooth eavesdropping, and related security/privacy issues, are covered here on a regular basis. The following are from the new, and worth repeating, files...Car Whisperer
"Once the connection has been successfully established, the carwhisperer binary starts sending audio to, and recording audio from the headset. This allows attackers to inject audio data into the car. This could be fake traffic announcements or nice words. Attackers are also able to eavesdrop conversations among people sitting in the car."
Blooover II"Blooover II is the successor of the very popular application Blooover (Blooover is a tool that is intended to serve as an audit tool that people can use to check whether their phones and phones of friends and employees are vulnerable). After 150000 downloads of Blooover within the year 2005 (since the initial release in at 21c3 in December 2004), a new version of this mobile phone auditing tool is on its ready."
"Besides the BlueBug attack, (Exploiting this loophole allows the unauthorized downloading phone books and call lists, the sending and reading of SMS messages from the attacked phone and many more things.) Blooover II supports the HeloMoto attack (which is quite close to the BlueBug attack), the BlueSnarf and the sending of malformed objects via OBEX." (more)
Friday, May 30, 2008
Corporate Security Directors. Make your job easier.
Get your employees to love you.Distribute this NEW book...
"Staying Safe Abroad."
Ed Lee, a retired U.S. diplomat and Federal agent, spent most of his years in the U.S. State Department as a Regional Security Officer (RSO) in Asia, Latin America and the Middle East, where he successfully kept diplomats, their families and U.S. interests safe from terrorism and crime.
In 2002, Ed returned to the State Department as a senior advisor to help institute post-9/11 anti-terrorism strategies, retiring again in 2006. He then formed Sleeping Bear Risk Solutions, which provides investigative, emergency planning and staff security services. He also regularly delivers speeches on terrorism and international security to corporate and governmental audiences. (ISBN: 978-0-9815605-0-2, 360 Pages, $22.95)
Staying Safe Abroad: Traveling, Working & Living in a Post-9/11 World "is the best book yet on travel security. This book is one that should be read and kept in every traveler’s briefcase for reference.” — John L. Makowski, Director - Global Security, Briggs & Stratton Corporation
"Every person who travels, whether abroad or domestically, should own this book." — Martha Miller, Ph.D., Cross Cultural Trainer to U.S. Diplomats and Multinational Executives
P.S. - Employees... A free copy of this should accompany the plane ticket whenever your employer sends you abroad. Ask your Security / Personnel / Travel Department Director for a copy. It's the least they could do for you. If all else fails, buy it yourself.
Available from Amazon.com
or Sleeping Bear Risk Solutions
If you are my client, I'll buy it for you!
Contact me for a free copy. ~Kevin
Saturday, May 24, 2008
Victorian SpyCam Project - Finally Completed!
Preceded by a great rumbling, the giant auger burst the bounds of earth – New York and London were connected, as planned!Hardly anyone knows that a secret tunnel runs deep beneath the Atlantic Ocean.
This past week, more than a century after it was begun, the tunnel has finally been completed.
An extraordinary optical device called a Telectroscope has been installed at both ends which miraculously allows people to see right through the Earth from London to New York
and vice versa.
"...the Trans-Atlantic Telectroscope...started out as a dream project of the eccentric Victorian engineering entrepreneur Alexander Stanhope St. George.
Some called it a "folly." Others said, "shear madness." Even the greatest visionary of the age, Sir Arthur Conan Doyle, blustered, "But, I was just kidding!"
The nay-sayers were correct. The spycam tunnel – a camera just a little too obscura – failed.But now, after all these years, the tunnel has been fitted with a giant "electronic telescope" and state-of-the-art technology, by his great-grandson!
The present-day Mr. St. George, resurrected the project and developed the Telectroscope after discovering his great-grandfather's dusty notes and diaries in an attic.
The tunnel entrances were reopened beside Tower Bridge in London and Brooklyn Bridge in New York.
Needless to say, many are excited at the prospects of "seeing" friends and relatives across the Atlantic. Imagine standing 3,460 miles away from your loved one and peep into the telescope to see them."
Humbug or Amazing?You decide...
On view until June 15th.
UPDATE...06/01/08 0253HRS EST COUNTERMEASURE'S COMPOUND SURVEILLANCE CHOPPER PHOTO - ANALYSIS: USA SIGHTING CONFIRMED
DOUBLE UPDATE...
60/01/08 0023HRS GMT WHITEROCK DEFENCE SURVEILLANCE PHOTO - ANALYSIS: UK SIGHTING CONFIRMED
Tuesday, May 20, 2008
Before you upgrade your iPhone next month...
Scary stuff in the news...
"iPhones sold as refurbished units may contain personal data from their previous owners that, with a little leg-work, is readily accessible by new owners. These data include email, images, contacts and more. ...performing a “Restore” operation on the iPhone does not delete personal data from the device. Such information remains intact on the device after a restore, making the process unsuitable as a preparatory measure for iPhone resale or service. Apparently, Apple’s refurbishing procedure also does not delete the personal data.
There currently exits no viable, publicly available method for erasing personal data on the iPhone. Erasing your content and settings has no effect on whether a subsequent owner can recover personal information." (source)
Kevin's Reality Check
1. Go into Settings > General > Reset
2. Hit "Erase all Content and Settings."
This will keep your info from most people, but not forensic types with toolkits. They can access what doesn't get erased - the application screenshots. Screenshots are taken every time the Home button is pressed. Reason: to generate the zoom effect for the next time an application is accessed.
Still paranoid?
• Make new screenshots after you erase all content.
Still paranoid?
• Search the net for info on reformatting the phone's NAND.
"iPhones sold as refurbished units may contain personal data from their previous owners that, with a little leg-work, is readily accessible by new owners. These data include email, images, contacts and more. ...performing a “Restore” operation on the iPhone does not delete personal data from the device. Such information remains intact on the device after a restore, making the process unsuitable as a preparatory measure for iPhone resale or service. Apparently, Apple’s refurbishing procedure also does not delete the personal data.
There currently exits no viable, publicly available method for erasing personal data on the iPhone. Erasing your content and settings has no effect on whether a subsequent owner can recover personal information." (source)
Kevin's Reality Check
1. Go into Settings > General > Reset
2. Hit "Erase all Content and Settings."
This will keep your info from most people, but not forensic types with toolkits. They can access what doesn't get erased - the application screenshots. Screenshots are taken every time the Home button is pressed. Reason: to generate the zoom effect for the next time an application is accessed.
Still paranoid?
• Make new screenshots after you erase all content.
Still paranoid?
• Search the net for info on reformatting the phone's NAND.
Spook Vault Stuff - Data Loss via Optoanalysis
Researchers have developed two new techniques for stealing data from a computer that use some unlikely hacking tools: cameras and telescopes.
In two separate pieces of research, teams at the University of California, Santa Barbara, and at Saarland University in Saarbrucken, Germany, describe attacks that seem ripped from the pages of spy novels. In Saarbrucken, the researchers have read computer screens from their tiny reflections on everyday objects such as glasses, teapots, and even the human eye. The UC team has worked out a way to analyze a video of hands typing on a keyboard in order to guess what was being written. (more)
Wannaknowhowitisidone?
Reflections.
Observations.
In two separate pieces of research, teams at the University of California, Santa Barbara, and at Saarland University in Saarbrucken, Germany, describe attacks that seem ripped from the pages of spy novels. In Saarbrucken, the researchers have read computer screens from their tiny reflections on everyday objects such as glasses, teapots, and even the human eye. The UC team has worked out a way to analyze a video of hands typing on a keyboard in order to guess what was being written. (more)
Wannaknowhowitisidone?
Reflections.
Observations.
Q&A Time - Radio Frequency (RF) Blocking
From a professional colleague...
Q. "I would like to know if there is any security film that can be applied to windows to help block RF emissions. I have heard of curtains that are made for purpose? not sure though? Any ideas would be appreciated. Thanks."
A. Their are all sorts of RF shielding materials on the market: window film, speciality glass, screening, wallpaper, paint, gaskets, curtains, beanies, etc. Each item, by itself, is not a very effective solution. Used in conjunction with one another, RF may be attenuated to a point where it solves a particular problem. The attenuation will not be 100% unless one constructs a fully shielded room (Faraday cage). In government circles these specially built rooms are called Sensitive Compartmentalized Information Facility, otherwise known as a SCIF. Even then, the slightest crack or deformed door gasket will allow RF in/out.
100% shielding becomes problematic when the application is eavesdropping countermeasures. Shielded rooms are ugly and expensive, and other methods are not 100% effective. In counterespionage and TSCM, the information is either protected, or it is not protected.
Q. "I would like to know if there is any security film that can be applied to windows to help block RF emissions. I have heard of curtains that are made for purpose? not sure though? Any ideas would be appreciated. Thanks."
A. Their are all sorts of RF shielding materials on the market: window film, speciality glass, screening, wallpaper, paint, gaskets, curtains, beanies, etc. Each item, by itself, is not a very effective solution. Used in conjunction with one another, RF may be attenuated to a point where it solves a particular problem. The attenuation will not be 100% unless one constructs a fully shielded room (Faraday cage). In government circles these specially built rooms are called Sensitive Compartmentalized Information Facility, otherwise known as a SCIF. Even then, the slightest crack or deformed door gasket will allow RF in/out.
100% shielding becomes problematic when the application is eavesdropping countermeasures. Shielded rooms are ugly and expensive, and other methods are not 100% effective. In counterespionage and TSCM, the information is either protected, or it is not protected.
Monday, May 19, 2008
Blindsided
What do you think?• Disrepair breeds disrespect.
• Focus on the expected, and the unexpected.
• Like deer, security would do well to look up.
• Kilroy had kids.
Chlorine for stagnant security thinking...
Our roof artist might have spent their time entering the building, planting bugs or stealing documents, instead of graciously exposing a security vulnerability.
Time to shake it up. Make sure 80% of your security budget isn't protecting 20% of your company's value.
The value ratio in many companies is more like 20% physical assets, 80% intellectual assets. Many security budgets protect in the opposite direction – which is like looking in the wrong direction.
(photo courtesy of spiggycat)
Sunday, May 18, 2008
Alert - Throw These Bums Out!
The FM analog wireless presenter's microphone – one of the Top 5 corporate eavesdropping threats. Why? No secret. Radio waves travel. A quarter mile is the advertised standard. Interception of an FM analog signal is easy. Safer solutions exist. Throw these bums out.
Bum Two..
Any meeting planner who still uses FM analog wireless microphones for your sensitive presentations or meetings. Educate them. Give them a chance to change. If they don't, your sensitive meetings become Town Hall Meetings. Throw these bums out.
Bum Three...
Any security director or security consultant who does not point out the dangers of FM analog wireless microphones. They have an obligation to stand up to meeting planners and AV crews. They have an obligation to recommend one of the several, more secure, options available. If they don't. Throw these bums out.
Bum Four...
These days, any AV production company that doesn't invest in digital, encrypted wireless microphones for their clients is stupidly cheap. For years, they hid behind excuses like "digital technology is not reliable enough," and "it lacks fidelity." Those days are over.
You pay these guys hundreds of thousands each year to produce your corporate events. The least they can do is update their equipment (a one-time investment).
They KNOW they are leaking your sensitive/secret information when they
continue to use FM analog wireless microphones. Not upgrading to secure communications is negligence on their part. Demand secure wireless microphones, or... throw these bums out.Bum Five...
YOU. If you are not part of the solution, as of this moment you are now part of the problem.
The New Wireless Mics Can Make Your Meetings More Secure.
Some even have encryption capabilities!
• Lectrosonics (...and an Encryption White Paper)
• Zaxcom
• Mipro ACT-82
• Telex SAFE-1000
Infrared Choices...
• Glonetic Audio
• PA-System
• Azden
Subscribe to:
Posts (Atom)