Saturday, January 9, 2010

Poll - Eavesdropping Law

Question: Which theory of eavesdropping law is better?

60% - One Party Consent... If you are part of a conversation, you can record it.

38% - Two Party Consent... Everyone in the conversation must agree to recording it.

1% - Other... (No reason or comment given.)

For more information on U.S. eavesdropping law... more  more

Friday, January 8, 2010

Leaky Laptops to get Eavesdropping Vaccine

Korea - Beware of what you talk about in front of your computer, as recordings of sensitive business deals could go straight to the ears of rivals or even the government.

The Korea Communications Commission and the Korea Internet and Security Agency said Friday it will draw up security recommendations after local Internet experts found that notebook computers with internal microphones are vulnerable to electronic eavesdropping.

Notebook makers will have to install an external on/off switch, while online security firms develop a defense system against software used to mask recording files. (more)

...and you thought this only happened at dealerships.

NC - Federal authorities are investigating whether the former commissioner of the state Division of Motor Vehicles illegally wiretapped the phone calls of agency employees. 

George Tatum, who resigned in 2007 amid a corruption scandal, had a special telephone in his office that allowed him to listen in on the calls of his subordinates without their knowledge, according to current DMV officials. Greg Lockamy, who retired unexpectedly last year after serving as the agency's internal affairs director, also had a phone set up for secret eavesdropping.

State law forbids intercepting phone calls without a warrant unless at least one person in the conversation knows the monitoring is taking place. (more)

Spy Magic for Kids

Spy secrets...
...magically revealed!
In the real-life world of espionage, spies often call upon the art of magic and illusion to distract the enemy, make evidence disappear, and escape unnoticed. Secret Agent Magician, ‘James Wand,’ demonstrates the art of misdirection, sleight of hand, and other illusions used by skilled spies. This one of a kind performance custom developed especially for the International Spy Museum is guaranteed to fascinate children and adults alike.
Saturday, 30 January; 10:30–11:30 am or 12:30–1:30 pm (more)

Thursday, January 7, 2010

Quote of the Week - On Bug Sweeps

"...if a client thinks they are being 'bugged' at home or work you would be remiss if all you did was 'sweep' the office for listening devices." Ed Stroz, quoted in "Private Investigations in the Information Age" (more)
 

Ed is correct. There are many ways information leaks out and secrets are stolen. A good counterespionage specialist take this into consideration. However, the inspection for electronic surveillance devices comes first. 

Why are sweeps done first?

• Bugging is the easiest intelligence collection technique to discover.
• To eliminate (or prove) bugging before accusing people.

And, why are the most effective sweeps conducted pro-actively?

• Intelligence collection is a leisurely process. Conversations and information are collected – in many ways – long before they are used against you. Until this collected intelligence is used, no harm is done. No losses suffered. Pro-active sweeps detect snooping early – thus, drastically reducing the potential for loss.
• Smart clients don't wait until they "think they are being bugged."
• Losses are always more costly than bug sweeps.

Georgia on my mind...

GA - Former Police Chief Investigated... Troubles continue to mount for former Clayton Police Chief Jeff Turner, who was placed on unpaid administrative leave Tuesday night while officials investigate whether he improperly used surveillance equipment. (more)

GA - A Gwinnett County man faces six felony charges after police say he planted a hidden camera and videotaped his adult stepdaughter in her bedroom. Gwinnett County police arrested 61-year-old Christopher Belcore on Dec. 31. (more)

USB Crypt Stick - Design flaw, or...


...design back door discovered? 
You decide. 
NIST-certified USB Flash drives with hardware encryption cracked

Kingston, SanDisk and Verbatim all sell quite similar USB Flash drives with AES 256-bit hardware encryption that supposedly meet the highest security standards. This is emphasised by the FIPS 140-2 Level 2 certificate issued by the US National Institute of Standards and Technology (NIST), which validates the USB drives for use with sensitive government data. 

Security firm SySS, however, has found that despite this it is relatively easy to access the unencrypted data, even without the required password.

The USB drives in question encrypt the stored data via the practically uncrackable AES 256-bit hardware encryption system. Therefore, the main point of attack for accessing the plain text data stored on the drive is the password entry mechanism. When analysing the relevant Windows program, the SySS security experts found a rather blatant flaw that has quite obviously slipped through testers' nets. During a successful authorisation procedure the program will, irrespective of the password, always send the same character string to the drive after performing various crypto operations – and this is the case for all USB Flash drives of this type.

Cracking the drives is therefore quite simple. (more) (UPDATE)

Wednesday, January 6, 2010

"Don't tape and tell." - Burke's Law

MD - William Burke, a Pocomoke City resident who went on trial today on charges that he illegally recorded a heated conversation with his town's mayor, made a plea agreement and was sentenced to probation before judgment.

Burke entered an Alford plea this afternoon to a misdemeanor wiretapping charge, conceding that prosecutors had enough evidence to obtain a conviction without admitting guilt. He had originally been charged with a felony wiretapping crime.

A Circuit Court judge pronounced Burke guilty of a misdemeanor and sentenced him to probation, but did not hand down any jail time. (more) (Amos Burke) (hum-a-long)

The Year's Most-Hacked Software

At the beginning of this decade, Microsoft represented a cybercriminal's dream target: universally-used software, brimming with bugs ready to be exploited to hijack users' PCs. But as the software giant has slowly cleaned up its security flaws, hackers are looking toward another vendor whose products are nearly as ubiquitous and whose bounty of vulnerabilities are just being discovered: Adobe. (more)

Most Popular Software is Security Software

The number-one most downloaded software of all time on CNET’s Downloads.com website is from AVG Technologies — more than 1.5 million downloads every week and an astonishing 247 million downloads cumulatively since AVG was first offered at the site. (more) (free version)

Note: This is just for the Windows download section of the Web site.

While the Windows crowd is wringing their hands, the most popular software in the Mac section is fun stuff!

LimeWire lets users share and search for all types of computer files, including movies, pictures, games, and text documents. Other features include the ability to preview files while downloading, advanced techniques for locating rare files, and an extremely intuitive user interface. (Mac Section)

SpyCam Story #565 - FCC Crackdown

FCC Cracks Down on Illegal Wireless SpyCams. Nooo, not all spycams, just some wireless ones broadcasting on unapproved frequencies...
Federal Communications Commission DA 09-2623 January 6, 2010 SCS Enterprises Inc. d/b/a Spy Camera Specialists, Inc. Re: File No. EB-08-SE-142 Dear Mr. Lee: This is an official CITATION, issued to SCS Enterprises, Inc., d/b/a Spy Camera Specialists, Inc. (“Spy Camera”), pursuant to Section 503(b)(5) of the Communications Act of 1934, as amended (“Act”), for marketing unauthorized radio frequency devices in the United States in violation of Section 302(b) of the Act, and Sections 2.803 and 15.205(a) of the Commission’s Rules (“Rules”). As explained below, future violations of the Commission’s rules in this regard may subject your company to monetary forfeitures.

In March 2008, the Spectrum Enforcement Division of the Enforcement Bureau (“Division”) received a complaint alleging that Spy Camera was marketing unauthorized wireless video transmitters that operate in the 1.08, 1.12, 1.16 and 1.2 GHz bands. We initiated an investigation and on May 13, 2008, we sent a Letter of Inquiry (“LOI”) to Spy Camera.

In your June 9, 2008 response to our LOI, you admit marketing wireless video transmitters beginning in early 2006 on your web site, www.spycameras.com, to end users and resellers. You admit that these wireless video transmitters all operate on 1.2 GHz, which is a restricted frequency band under 15.205(a) of the Rules. You also state that you were surprised to learn that these devices could not be marketed in the United States, and upon receipt of our LOI, immediately returned all the 1.2 GHz transmitters in stock to your supplier and ceased. (more) One down, dozens to go.
Clients... Yes we regularly check these frequencies (and other off-beat frequencies) for wireless spycams when we conduct your inspections. ~Kevin

Karsten Nohl showed how easy it is to eavesdrop on GSM-based cell phones

This week brought some bad news for mobile phone users. German security expert Karsten Nohl showed how easy it is to eavesdrop on GSM-based (Global System for Mobile Communications) cell phones, including those used by AT&T and T-Mobile customers in the U.S.
Q: What does this mean for users of GSM phones? What is the real-world threat?
Nohl: Cell phone calls can be intercepted--not just since this week, but more cheaply every month. Sensitive information, say, from politicians, can be overheard from, say, foreign embassies. Others willing to cross the line into illegality and listen in on a call could be industry spies or even private snoops. (more)

Saturday, January 2, 2010

Where do pets go? GPS surveillance knows.


To track his wandering cat, Mark Spezio rigged up a cat collar with a lightweight GPS logger. Here's what he discovered about KooKoo's secret habits... (video)



Wednesday, December 30, 2009

Dude, ThinkGeek.com ...$22.99 (since 2008)

Japanese researchers said Monday they had developed a "hummingbird robot" that can flutter around freely in mid-air with rapid wing movements. 

The robot, a similar size to a real hummingbird, is equipped with a micro motor and four wings that can flap 30 times per second, said Hiroshi Liu, the researcher at Chiba University east of Tokyo.

"The next step is to make it hover to stay at one point in mid-air," Liu said, adding that he also plans to equip it with a micro camera by March 2011.

The robot, whose development cost has topped 200 million yen (2.1 million dollars), may be used to help rescue people trapped in destroyed buildings, search for criminals or even operate as a probe vehicle on Mars, he said. (more)

Meanwhile, over at ThinkGeek.com...
The Black Stealth features 3-channels, allowing it to go up and down, rotate right and left and move forwards and backwards. Unlike most of the small 2-Channel copters on the market which are always moving forward with somewhat twitchy controls, the Black Stealth is a breath of fresh air. You can actually fly it where you want it to go, it's fairly rugged... and surprisingly it's probably the easiest to fly small copter we've ever taken to the office airspace. (more) (video)

FutureWatch... FleaBots!
Tiny robots the size of a flea could one day be mass-produced, churned out in swarms and programmed for a variety of applications, such as surveillance, micromanufacturing, medicine, cleaning, and more... In the future, the researchers hope to move from building academic prototypes to manufacturing the robot on a commercial basis, which is necessary for overcoming some of the technical issues.

By mass-producing swarms of robots, the loss of some robotic units will be negligible in terms of cost, functionality, and time, yet still achieve a high level of performance. Currently, the researchers hope to find funding to reach these goals. (Ask Mr. Liu how he did it.) (more) (Future flea powder.)

SpyKids... The Cell Phone

from the AT&T Web site...
"AT&T FamilyMap provides peace of mind by being able to conveniently locate a family member from your wireless phone or PC and know that your family's information is secure and private. First 30 DAYS FREE! At the end of the free 30 days, you will automatically be subscribed and charged $9.99 per month thereafter to locate up to two family members or $14.99 per month thereafter to locate up to five family members unless you cancel service." (more)