Friday, August 28, 2009

Skype Scalper Double-Crosses Swiss Patron

The Swiss creator of a Skype Trojan that can intercept calls made using the VoIP program has released the Trojan's source code online in an attempt to allow for its widespread detection.

In a translated interview with gulli.com, Ruben Unteregger says that with the Trojan's publication, "it will get analysed... signature patterns will be created by antivirus companies, the malware will be detected, blocked and deleted, if it tries to infect a system."

Previous reports from the IDG News Service tied the in-development Skype Trojan to the Swiss Department of the Environment, Transport, Energy and Communications, which reportedly hired Unteregger's company to create the digital wiretap. (more)

Secret Enclosures Made From Everyday Items

Many years ago, I did some work for an odd company in New Mexico; they specialized in building secret enclosures for the government.

Whatever you could dream up they could make. A desk with a hollow leg for an embassy in Romania - no problem. A toothbrush transmitter for a secret agent - no problem. Need a place to hide some microfilm in
a nail file - no problem.

An item like a car could be decked out with 100+ secret compartments for bugs, smuggled manuscripts or a handler's stash of baksheesh.

It was a cool place run by brilliantly deceptive minds. Not open to the public.


You probably don't need that level of deception, but you may need...
A place to: stash some cash, cool your jewels or just hide a spare key.

Visit The International Spy Museum Store.
Here, you can obtain...

Arizona Iced Tea Diversion Safe
Peanut Butter Safe
Dr. Pepper Can Safe
Suave Can Safe
Book Safe
...and more secret safes made from everyday items.

Thursday, August 27, 2009

Eight Million-Dollar Businesses You've Never Heard Of

Ever since taking a part-time job manning surveillance equipment for the Dennisport, MA, police department, Kevin D. Murray has been a spy buster. Businesses and governments hire him to suss out hidden bugs and such, which he does using everything from sensitive thermal-imaging equipment (which picks up the heat given off by any hidden sensors bugs) to just lots of plain old looking around. Murray Associates now handles about 125 cases per year. He claims to have protected "more than $100 trillion worth of information*" in the last three decades. (more)

* Just a rough guess, of course. We used this figure in conjunction
with our recent give-a-way of 100 Trillion dollar bills from Zimbabwe.

If you are a Security Director, CEO, President, Chairman, Chief Legal Counsel, HR director, etc. from a Forbes 1000 company, and would like one of these very rare bank notes (the largest denomination ever printed), just look over our Web site, put us in your Rolodex and let me know. I will make it happen. ~Kevin

Wi-Fi Encryption Cracked in a Minute

Computer scientists in Japan say they've developed a way to break the WPA encryption system used in wireless routers in about one minute.

The attack gives hackers a way to read encrypted traffic sent between computers and certain types of routers that use the WPA (Wi-Fi Protected Access) encryption system. The attack was developed by Toshihiro Ohigashi of Hiroshima University and Masakatu Morii of Kobe University, who plan to discuss
further details at a technical conference set for Sept. 25 in Hiroshima. (more)

"Is nothing sacred?"
When it comes to security, "Nope nothing."

Wednesday, August 26, 2009

"Who is Number One?"

NV - You might have noticed an unuusal sight if you passed by the Reno-Stead Airport recently. The giant white sphere has generated quite a few calls to our newsroom.
So what is it ?


It turns out its a prototype airship being developed by a private company called Sierra Nevada Corporation. Jim McGinley at SNC says the round airship could be used to monitor crowds or border crossings.

McGinley says the airship could be valuable to anyone who desires a persistent surveillance presence in a remote location.

Answer: Rover c.1967
(At least when it comes to surveillance balloons.)

Mass Hack Attack - GSM Cell Phone Eavesdropping

Security researcher Karsten Nohl has issued a hacking challenge that could expose T-Mobile and AT&T cell phone users -- including Gphone and iPhone patrons -- to eavesdropping hacks within six months.

Nohl, a computer science Ph.D/ candidate from the University of Virginia, is calling for the global community of hackers to crack the encryption used on GSM phones. He plans to compile this work into a code book that can be used to decipher encrypted conversations and data that gets transmitted to and from GSM phones.

Nohl’s motive: he wants to compel the telecoms to address a security weakness that has been known for years. (more)

"The machines are starting to talk, Master...

...to each other!"

First the superintendent and the handyman checked the oven from top to bottom. Then they tested the electrical outlet that supplied ignition power for the oven. Everything worked. Finally, they gave their verdict to the tenant, Andrei Melnikov.

It was simply not possible, they said, that his oven, a Magic Chef made by Maytag, had turned itself on full blast, as Mr. Melnikov maintained...

“Maybe the ringing cellphone turned it on,” Mr. Melnikov suggested to the two men.

He laid the phone next to the stove. They dialed it. Suddenly, the electronic control on the stovetop beeped. The digital display changed from a clock to the word “high.” As the phone was ringing, the broiler was heating up. (more, with video)

If you have a Maytag Model CGR1425ADW oven, contact Maytag.

Tuesday, August 25, 2009

SpyCam Story #550 - Take the Poll

Plug "SpyCam" into Google and you get about 2,020,000 hits!
Not bad for a word that is not even in dictionary.com

Whole Web sites are devoted to selling them.
spycameras.com
my-spycam.com
spycamwarehouse.com

SpyCams are selling... BIGTIME.
• Many Web sites offer "How to spycam" instructions.
• A few offer "How spycams are detected" information.
• Some spycam videos get posted on the Internet.
(NSFW)

...and once in while, we read about some inept TVpeepcreep who gets caught and prosecuted.

Given what you now know, what do you think the ratio is between the people who get caught spycam'ing ...and the people who do it but never get caught?
Let us know via our anonymous on-line Poll, in the right column.


If you have ever been the victim of a spycam please tell us about it in the Other: section of the Poll.

Poll Results - Info at Work


The valuable information I handle at work is...
Not protected. 17%

Somewhat protected. 46%
Adequately protected. 21%
Over protected. 13%

Other 4%


According to this unscientific sampling, the employers of 79% of our respondents could use some help. ~Kevin

New Wireless LAN Vulnerability Identified

AirMagnet Inc., a security, performance and compliance solutions for wireless LANs, today announced that its AirMagnet Intrusion Research Team has uncovered a new wireless vulnerability and potential exploit associated with Cisco wireless LAN infrastructure.

The vulnerability involves Cisco's Over-the-Air-Provisioning (OTAP) feature found in its wireless access points (APs). The potential exploit, dubbed SkyJack by AirMagnet, creates a situation whereby control of a Cisco AP can be obtained, whether intentionally or unintentionally, to gain access to a customer's wireless LAN. (more)

Solution: Disable the OTAP feature until a fix is released. ~Kevin
Extra Credit Reading: Understanding Over-the-Air Provisioning (OTAP)

Meanwhile, back in Washington...

A proposed plan to reorganize the U.S. National Institute of Standards and Technology's (NIST's) IT Laboratory would close the Computer Security Division and distribute its resources and functions throughout the lab, despite objections from former officials and warnings that the move would be a backwards step for security. (more)

SpyCam Story #549 - The Boyfriend

MI - A man accused of using hidden cameras to videotape a teen in her bedroom could avoid a prison term.

Brain J. Nowak on Monday pleaded no contest to knowingly possessing child sexually abusive material and installing an eavesdropping device. In return, Bay County prosecutors agreed not to pursue charges of using a computer to create child sexually abusive material and manufacturing an eavesdropping device.

Investigators claim from January through March, Nowak spied on his then-girlfriend's 15-year-old daughter. He installed hidden cameras on a toilet tank in the bathroom and in an air duct in the girl's bedroom. The mother found the tapes stored in a file on her computer. (more)

Sunday, August 23, 2009

Business Espionage - Bugging at Feed the Children


Oklahoma City police have begun an investigation at Feed The Children after a private investigator found evidence three offices had been illegally bugged.


The investigator "found remnants of wiretapping devices above the ceilings” during an almost six-hour sweep Wednesday evening of the charity’s Oklahoma City headquarters, according to a police report.

Officials with the charity would not identify what three offices were bugged.
The Christian relief organization is widely known because of its heart-wrenching televised appeals for funds to feed starving children. It claims to raise more than $1 billion in donations a year. The charity has been in turmoil for months because of a lawsuit over who was in charge there. (more)

Pimp My Pipe ...or... Who's Stringing Who Along?

Scientists have perfected a new technology that can transform a fibre optic cable into a highly sensitive microphone capable of detecting a single footstep from up to 40km away.

Guards at listening posts protecting remote sensitive sites from attackers such as terrorists or environmental saboteurs can eavesdrop across huge tracts of territory using the new system which has been created to beef up security around national borders, railway networks, airports and vital oil and gas pipelines.

Devised by QinetiQ, the privatised Defence Evaluation and Research Agency (DERA), the technology piggybacks on the existing fibre optic communication cable network, millions of miles of which have been laid across.

At present, the microphones are not able to pick up the sound of human speech. right:] (more)

Mason & Hanger and two other companies had similar products about 15 years ago. It had a switchable filter (10 Hz to 1 kHz / no filtering) and a headphone jack.

French Spy Escapes from Dubai

Herve Jaubert, a former French spy, dressed in scuba diving gear and covered up like an Arab woman to flee from threatened torture... As befits a former French naval officer and spy, he had made immaculate preparations for his escape from the United Arab Emirates.

The night before, he claims he had donned wetsuit and scuba diving gear, which had smuggled to him from France in pieces. He dressed himself in women's clothes, and covered himself with a black abaya, the all-enveloping burka-like robe worn to preserve modesty in the Gulf.


Not a small man, he shuffled awkwardly out of the hotel where he was staying under an assumed name, made his way to the seafront and slipped in.


From there, he swam underwater to the nearby coastguard station, on a remote outpost of the emirate of Fujairah, where he cut the fuel lines on a police patrol boat. He knew it was the only one in the area, and the coast would now be clear.


On his dinghy the next day... (
more) Yes, the story gets better.