Wednesday, June 11, 2008

DIY Spy Tip #090 - Free Background Check Aggregator

Snoopstation.com (currently in BETA) is a portal to free web-based public records checking sites in the U.S. - Cool! They are also the entry point to a fee-based investigative service for when public record checks are not enough ...or you don't have the time / patience to DIY.

"Are You Being...

Surveilled Served?"

UK - Customers in shopping centres are having their every move tracked by a new type of surveillance (Path Intelligence) that listens in on the whisperings of their mobile phones.


The technology can tell when people enter a shopping centre, what stores they visit, how long they remain there, and what route they take as they walked around.

The device cannot access personal details about a person’s identity or contacts, but privacy campaigners expressed concern about potential intrusion should the data fall into the wrong hands.

The surveillance mechanism works by monitoring the signals produced by mobile handsets and then locating the phone by triangulation – measuring the phone’s distance from three receivers. (more)

Tuesday, June 10, 2008

SpyCam Story #449 - Deja View

Lawyers Gone Wild
Same trick!
Different country.

(previous report)

Scotland - A shamed solicitor who put a video camera in a ladies' toilet and filmed female staff is facing jail.

Peter Fitzpatrick, 49, from Rutherglen, hid the device in a cardboard box in the toilet at upmarket Stirling law firm Muirhead Buchanan.

The father-of-two, a solicitor for 27 years, was caught when a suspicious secretary noticed a circular hole in the side of the box was pointing straight at the pedestal. (more)

Monday, June 9, 2008

How To Manage Rogue Mobile Devices

A single unsecured smartphone (or laptop) can jeopardize the security of your entire organization.

For those not schooled in the risks, smartphones are the back-door deployment that can provide hackers -- or the competition -- with access to your network.

Imagine...
Jim, your employee, buys a smartphone and loads it up with contracts, sales quotes, pricing schemes, and other information you wouldn't want your competitors or customers to know.

The smartphone falls out of his pocket while he is boarding a plane in a crowded airport. Whoever finds the device will have instant access to all of Jim's emails and your corporate information.

Solution - Do these things...
• Use VPN's
• Block Access to Public Wi-Fi
• Make Strong Passwords Mandatory
• Block Removable Storage
• Educate Employees
• Educate IT
• Encryption is Key
• Better Security Through Software
(here's how)

We can help you identify and locate rogue devices operating in your offices. This is just one of many problems we solve with our Wireless LAN (wi-fi) Security Audit and Compliance Report service.

Expect negative 'feedback' from FBI

Skype, the eBay-owned company, says it is unable to comply with court-authorized wiretap requests.

"...because of Skype's peer-to-peer architecture and encryption techniques, Skype would not be able to comply with such a request," said Jennifer Caukin, Skype's director of corporate communications. (more)

Federal judge reserves decision in alleged school eavesdropping suit

NY - Susan Burgess, a Brockport attorney, and her former client, Carmen Coleman... accusing a school official and a Buffalo attorney for the school district of illegally eavesdropping on their private conversation in a district conference room nearly two years ago....

Named in their suit are the district; its board of education; Kevin Ratcliffe, director of Pupil Services; and Jay Pletcher, the attorney in question, and his law firm...

Burgess and Coleman met at school district offices with Ratcliffe and Pletcher, to discuss the educational needs of Coleman’s son. At one point, Burgess and Coleman asked to speak privately; Ratcliffe and Pletcher left the room.

But, they claim Pletcher called a cell phone and then left it on the table in the conference room so he could listen in from Ratcliffe’s adjoining office, presumably with Ratcliffe, on their private conversation in violation of their civil rights...

To support their claim, Coleman and Burgess say there was a series of subsequent events that led them to believe their conversation had been overheard. It began with Pletcher re-entering the room and removing a cell phone immediately after Coleman asked Burgess about the device lying on the table.

...They expect a decision in six to 10 weeks. (more)

Car mechanic at center of probe into bugging

Ireland - GARDAI (Irish national police) are to review all contracts given to garages which service its fleet after a mechanic, who was returning from a trip to the UK, was found with bugging equipment.

A number of cars, including unmarked vehicles used by detectives, were checked for bugging devices last week after a mechanic who services Garda vehicles was found with the specialist equipment during a routine search at Dublin Port.


A high-level investigation is now under way amid fears that cars used by senior gardai, including Commissioner Fachtna Murphy, could have been bugged and sensitive information leaked to criminals or terrorist organisations.


It is understood that a man employed by a company which won a contract to service garda cars was stopped with the equipment during a search at Dublin Port. (more)

Sunday, June 8, 2008

Eavesdropping, worth repeating...

Eavesdropping on the Boss: Is it “Cause” to Fire Me?
by Alan L. Sklover
Question: I was put on suspension for sharing information I learned when playfully eavesdropping on my boss. Then I was called at home and terminated. I was told my actions, and the actions of another employee who I shared the information with, did not meet the required level of integrity of the company. At the same time, one employee who is still there goes to strip clubs. Was my firing a wrongful termination?
S.A.M., Houston, TX

Answer: Sorry, but on this issue I have to agree with your employer. Eavesdropping on your boss, even if it’s playful, is not something most any employer would tolerate. If people think their telephone conversations are being listened to, they may be reluctant to use them. If people think their conversations may be repeated, they may not speak openly. And taking precious time at work to do things like this just don’t help anyone. Additionally, the fact that someone else does things that are not proper (either on their own time or on company time) does not in any way excuse or justify your errors. Your conduct would be considered “cause” for firing at almost any employer. My best advice: learn from the mistake. Work is for working; eavesdropping isn’t working, and will get you fired. It’s that simple.
Best, Al Sklover

SpyCam Story #417 - Illinois' New Law (update)

Original report - "A lawyer in Wheaton (IL) hid his cameras in a roll of toilet paper and a basket of potpourri in the women's restroom."

Update - "A former Wheaton attorney (Jerald Mangan) convicted in 2006 of spying on a female colleague has had his license suspended for another two years after admitting to spying on a neighbor in his apartment complex." (more)

"All right, who said, 'Turkey'?"

When we last left Turkey...
• A possible Turkish Watergate scandal.
• “AK Party is eavesdropping” claims the opposition.
• Turkish opposition claims security forces bugged its headquarters.

Now, the rest of the story...
• CHP’s bugging allegations turn into bitter comedy.
When the Vakit daily published details of a private conversation between Sav and a former governor last week, Sav claimed his party's headquarters had been bugged. The CHP backed the allegations, reasoning that there was no other way the daily could have obtained such detailed information about the conversation. The CHP argued that a group close to the government within the police force was gathering intelligence for the ruling party.

In response to the accusations, Vakit said its reporter had called Sav on his cell phone for a statement on the day of the meeting and that Sav simply forgot to end the call on his cell when he received his guest, leaving the phone connected for nearly an hour. Records of the call from Turk Telekom and Sav’s cell phone company, Turkcell, seemed to verify this story, as they both showed a 44-minute connection between a phone at Vakit and Sav’s cell phone...

The secularist media, which had initially supported Sav, started calling for his resignation after it turned out that the Vakit scandal was caused by what they described as “his inability to use a cell phone properly.” (more)

Saturday, June 7, 2008

SpyCam Story #448 - Premature Ejection

Hong Kong - A suspected Peeping Tom was critically injured after falling 10 floors while allegedly spying on a woman taking a bath in her high-rise Hong Kong flat.

The man was a neighbour of the 28-year-old woman and had apparently scaled the outside of the apartment block to shoot film of her with his mobile phone camera, police said.

The woman screamed for her husband when she spotted the suspect, aged 44, who then slipped and fell, falling 10 storeys to the ground, according to police. (more)

World Spy News Roundup

The world is a busy place when it comes to spying.
Here is the action over the last few weeks...

Australia
• Government email spying plan under criticism.
• Government report... embrace "illegal", "deceptive" and "underhanded" espionage overseas.

Canada
• Was the bedroom of minister's ex really bugged?

China
• China calls computer spying claim ‘totally groundless’.
Video surveillance equipment will be installed at Beijing schools.

European Union
• In-flight spycams - one in every seat; software analyzes you.

France
Privy Privacy in Cannes - Madonna's unpaid $93,000 hotel bill over spying camera.

Germany
• Businesses across Germany spy on their workers.
• German spying scandals reawaken dark memories.
• Deutsche Telekom admits bugging phones of top management; then denies that it listened!
• The spying scandal affecting Deutsche Telecom continues to grow.
• Government gives police greater powers to monitor homes, phones and computers.
• Heinz Geyer, deputy head of former East German spy agency, dies.
• Lufthansa admits spying on journalist.

India
• Debate continues: Should Blackberry allow government security to spy on users.
• India practices unacceptably intrusive electronic surveillance.

Israel
• Israel frees Hezbollah spy for soldiers' remains.

Italy
Ferrari spying may still be an issue.

The Netherlands
• Netherlands banned electronic voting machines; "
eavesdropping risk".

Pakistan
Dueling wiretaps. Battle of the political phone bugs.

Poland
Lech Walesa angry with President Kaczynski about spying accusations.
• President Kaczynski denies ordering wiretaps on ex-prime minister Kazimierz Marcinkiewicz.

Russia
• Russia to demand Georgia ends spy flights.

Saudi Arabia
• 6 caught selling eavesdropping devices.

Sweden
• Swedish government may soon get power to spy on its citizens.

Taiwan
• National Security Bureau denied wiretapping telephone calls of officials and president.

Turkey
• A possible Turkish Watergate scandal.
• “AK Party is eavesdropping” claims the opposition.
• Turkish opposition claims security forces bugged its headquarters.

Uganda
• MP accuses government of spying on committees.

United Kingdom
• Government refused to investigate BT's covert wiretapping of thousands of customers.
• Cou
ncils admit spying on residents.
• Councils admit phone, e-mail spying.
• Bugging epidemic spreads - Vodafone fingered in new spying row.

• Top gadgets for spying on fellow SEO’s.
• Redcar hotel owner set up video camera to spy on couple.
• Government considering interception and data-mining all electronic communications.

United States
• Former S. Korean spy granted asylum. Had divulged illicit wiretapping of mobile phones.
• Court upholds conviction of Cuban spies.
• Study secretly tracked cell phone users outside US.
• Chinese expelled from the US for suspected industrial spying.
• Sheriff's Office disbands tarnished spy squad.
• Gutierrez possible victim of Chinese cyber spying.
• Former police chief accused of illegally bugging his secretary's office has pleaded guilty.
• P.I.'s In HP spying scandal fined.
• Billboards look back. Tiny cameras gather and analyze viewer's faces.
• Woman pleads guilty to aiding Chinese spy.
Rent-A-Spy - 3/4's of the U.S. intelligence budget now goes to outside contractors.
• Feds encrypt 800,000 laptops; 1.2 million to go.
• Ex-CIA official indicted over agency job for mistress.
• TJX staffer sacked; talked about lax information security.

Venezuela
• Hugo Chavez's move to boost internal spying in Venezuela.
• Chavez spy laws 'creating society of informers'.
Update! Chavez changes his mind. No new spy law.

Friday, June 6, 2008

New Bug Hides In USB Cable

A normal USB 2.0 cable?
Acts like a normal USB cable.
But, U BS and this SOB will UHF it up to several hundred feet away! UBF'ed.

A wired wireless eavesdropping device. Weird.

This bug is just one of scores of Internet-available eavesdropping devices. Bugs bugging businesses - happens every day.

So, who cleans up these problems?
SOP... US.

Monday, June 2, 2008

Reverse Phone Detective

"Find out the owner of any cell phone or unlisted number. Results include name, current address, carrier, and location details when available. Your search is 100% confidential."

But, guess what!

A 'Full Report' will cost you $14.95
A One-year Membership will cost you $39.95

Want to make sure no one can look up your number?
Want to opt out?
You guessed it!
That will cost you $4.95 :)
(more)

Bluetooth Bites

Bluetooth eavesdropping, and related security/privacy issues, are covered here on a regular basis. The following are from the new, and worth repeating, files...

Car Whisperer
"Once the connection has been successfully established, the carwhisperer binary starts sending audio to, and recording audio from the headset. This allows attackers to inject audio data into the car. This could be fake traffic announcements or nice words. Attackers are also able to eavesdrop conversations among people sitting in the car."

Blooover II
"Blooover II is the successor of the very popular application Blooover (Blooover is a tool that is intended to serve as an audit tool that people can use to check whether their phones and phones of friends and employees are vulnerable). After 150000 downloads of Blooover within the year 2005 (since the initial release in at 21c3 in December 2004), a new version of this mobile phone auditing tool is on its ready."

"Besides the BlueBug attack, (Exploiting this loophole allows the unauthorized downloading phone books and call lists, the sending and reading of SMS messages from the attacked phone and many more things.) Blooover II supports the HeloMoto attack (which is quite close to the BlueBug attack), the BlueSnarf and the sending of malformed objects via OBEX." (more)