Saturday, May 15, 2010

SmartWater - "I've been slimed!"

Here is a theft deterrent idea... 
What if you could spray your valuables with an invisible DNA-like identifier, unique to you. What if this brilliant agua could also be used to link a suspect to the scene of the crime. What if this water could only be seen using ultra-violet light. You would probably say, "That's smart water." (knock, knock) Excuse me. (whisper, whisper)

Right, well then... apparently this has already been done.

"SmartWater delivers proven crime reduction strategies customised to the needs of your business. Widely used within intelligence-led policing operations, and proven to deter criminals on a sustained basis, SmartWater is now available to the commercial sector." (video)

Friday, May 14, 2010

Security Clearance - What you 'need to know'

FREE
Security Clearance Handbook
All you need to know to get cleared or stay cleared!

The shortage of IT professionals holding security clearances grows rapidly. To really accelerate your career you need to maintain or obtain a security clearance. To help you, the University of Fairfax has assembled a comprehensive handbook with 100's of facts and FAQs. The topics covered by this handbook include:
- How to obtain your security clearance.
- How to reactivate your inactive clearance.
- Who may or may not be eligible for a clearance.
- What can prevent you from getting a clearance.
- How long it can take to get a clearance.
- PLUS MUCH MORE! 

Tuesday, May 11, 2010

Can a Tin Foil Hat Protect Your Crazy Brain?

Mrfixitrick demonstrates the Faraday effect of a tinfoil hat by blocking the EMP (Electro-Magnetic Pulse) from a typical wireless modem. (video)
No word yet on whether the Bowler or Pork Pie style works best. Personally, I would opt for a Sandy Becker Hambone Pith Helmet.

A New Windows Virus (that nothing can stop?!?!)

via zdnet.com...
Are you a Windows user? Do you make sure that your antivirus program is updated regularly? Do you feel safe? You shouldn’t! Read on to find out why …

Security researchers at Matousec.com have come up with an ingenious attack that can bypass every Windows security product tested and allow malicious code to make its way to your system.

Yes, you read that right - every Windows security product tested. And the list is both huge and sobering... (more)

What Does a Spy Look Like?

"In the world of espionage, an umbrella is a pistol, a pen a microphone and that quiet kid at Starbucks a KGB informant. Nothing is what it seems. Inviting the public to look through the eyes of a spy and question the seemingly normal world around them, Red Tettemer created a provocative piece of interactive media. As pedestrians pass the unit, it detects their motion and transforms the clean-cut gentleman into three elaborate disguises: a longhaired drifter, an Indian woman and a well-aged senior citizen." Visit the International Spy Musuem (more)

What it takes to be a TSCM tech for a U.S. government contractor...

"The candidate will assist in all aspects of of TSCM management that involves technical security (including TEMPEST) entailing new construction, modification, accreditation, re-accreditation, withdrawal and advice and assistance (SAV). The candidate will help schedule and perform TSCM evaluations and security staff visits of facilities locate CONUS/OCONUS, provide comprehensive, risk-based technical security advice, guidance, and general security support to program offices and contractor facility security offices. The candidate will prepare written correspondence to include facility file reports, cable messages, approvals, status/technical briefs and inspections reports, SAV reports, maintain databases; which includes entering new data and correspondence and quality controlling file records. Conduct analysis of complex technical, surveillance, counter surveillance, surveillance detection or other technical vulnerabilities. Provide technical support to projects in areas such as training, logistics, acquisition and technical counterintelligence investigations. Assists in developing and monitoring project tasks and schedules. Maintain a thorough knowledge of all technical security governing directives.

The candidate must be a graduate of the Interagency Training Center for TSCM and an EXPERT in two of the following areas: a) Counterintelligence , b) Automated Information Systems, c) Lock and Key Control Systems, d) Access Control Systems, g) TEMPEST, h) DoD SCIF construction standards.

Experience using a variety of ADP systems that include Microsoft Office applications (e.g. Word, Excel, Outlook, PowerPoint). Requires a Bachelors degree and 10-12 years experience." (more)

I believe subjecting people to PowerPoint goes against the Geneva Convention. P.S. The job requires 75% travel.

Monday, May 10, 2010

It Didn't Start With Nixon

UK - MI5 used hidden electronic surveillance equipment to secretly monitor 10 Downing Street, the Cabinet and at least five Prime Ministers...

The extraordinary disclosure comes despite a succession of parliamentary statements that no such bugging ever took place.

...top-secret files held by the Security Service show it installed electronic listening devices in three highly sensitive areas of No10 – the Cabinet Room, the Waiting Room and the Prime Minister’s study.

It means that for nearly 15 years, all Cabinet meetings, the offices of senior officials and all visitors to the Prime Minister – including foreign leaders – were being bugged... 

[Harold] Wilson hired private security firms to sweep his office for listening devices and was said to have pointed out electric light fittings to Downing Street visitors, indicating that they might be bugged. (more)

SpyCam Story #578 - The Case of the Silent H

UK - A university lecturer planted a camera in a bathroom air freshener so he could spy on students as they showered.

Paul Hwang, who has taught and studied at Oxford, Cambridge and Harvard, hid the digital camera in the house he was renting out to six women.

Yesterday the 33-year-old's illustrious teaching career was in ruins after he pleaded guilty to voyeurism. (more)

Police Chief Sentenced for Bugging

MN - The former police chief of Gaylord was sentenced Monday on one charge of misconduct of a public official, for an alleged "bugging" scheme. 
 
Dale Lee Roiger, 60, was sentenced to a stay of imposition for one year and was placed on probation. As part of his probation, Roiger must complete 15 days of electronic home monitoring, 15 days of community service and pay a fine of $835, among other conditions.

Roiger was accused of having one of his officers secretly plant a digital recorder to see if City Council members were meeting illegally at the Chamber of Commerce office. (more)

SpyCam Story #577 - Turkish Delights

Mission Impossible? 
You decide.
The leader of Turkey’s main opposition party has resigned after the release of grainy video footage purporting to show him having an affair with one of his MPs.

The nine minutes and 23 seconds of silent footage, seemingly shot with a hidden camera, allegedly shows Deniz Baykal, 71, veteran leader of the opposition Republican People’s Party (CHP) and Nesrin Baytok, 50, his former private secretary and now a CHP deputy, speaking in the presence of another man in one clip, and getting dressed alone in a bedroom in another.

Mr Baykal claimed he was a victim of a government-orchestrated plot...
"This is not a sex tape, this is a conspiracy," he said. "If this has a price, and that price is the resignation from CHP leadership, I am ready to pay it. My resignation does not mean running away, or giving in. On the contrary, it means that I'm fighting it." (huh?) (more) (more)

Trend: Executive and high profile clients are requesting us to inspect hotel rooms and private aircraft more often these days. Calls from politicians might be next.

Sunday, May 9, 2010

Encryption Can't Stop The Wiretapping Boom

As encryption technologies have outpaced the mathematical methods of breaking crypto schemes, law enforcement has feared for years that scrambled messages between evildoers (or law-breaking activists) would thwart their snooping. But it seems that either lawbreakers aren't using encryption, or those privacy tools simply don't work...the number of cases in which law enforcement encountered encryption as a barrier: one.

According to the courts, only one wiretapping case in the entire country encountered encryption last year, and in that single case, whatever privacy tools were used don't seemed to have posed much of a hurdle to eavedroppers. "In 2009, encryption was encountered during one state wiretap, but did not prevent officials from obtaining the plain text of the communications," reads the report. (more) (annual wiretap report)


The information security consultant's delimena: How to convince business executives to use encryption when even the criminals can't be bothered with it?

Saturday, May 8, 2010

...and you thought volcanic ash was wild.

From the FutureWatch department...
In the 1990s, a researcher named Kris Pister dreamed up a wild future in which people would sprinkle the Earth with countless tiny sensors, no larger than grains of rice.

These "smart dust" particles, as he called them, would monitor everything, acting like electronic nerve endings for the planet. Fitted with computing power, sensing equipment, wireless radios and long battery life, the smart dust would make observations and relay mountains of real-time data about people, cities and the natural environment.

Now, a version of Pister's smart dust fantasy is starting to become reality... (not rice-sized yet, however)

The latest news comes from the computer and printing company Hewlett-Packard, which recently announced it's working on a project it calls the "Central Nervous System for the Earth." In coming years, the company plans to deploy a trillion sensors all over the planet. (more)

From our "never give a sucker an even break" files.

A businessman who supplied the Botswana Police Service (BPS) with spying equipment to eavesdrop on the cell phone and electronic mail conversations of all citizens without a search warrant, intends suing the government after the Police failed to pay him.

...it appeared that the transaction went sour when the equipment did not perform as the Police expected. The system was to detect all cell phone conversations without being detected by the service providers. It emerged that the system could only detect calls from only one of the three mobile operators and was unable to detect calls from the other two, thus failing the test. (more)
Moral: "You can't cheat an honest man."

Michelin Spy Re-tired

Marwan Arbache, a former Michelin executive, has been found guilty of trying to sell industrial secrets to the company’s main competitor Bridgestone. 

What particularly seems to have grieved Michelin, which already has a well-deserved reputation for stringent security surrounding its industrial secrets, is the fact that their former employee was trying to sell secrets relating to what the AFP news agency called “new tyre manufacturing techniques for heavy transport designed to improve durability.” (more)

How Do They Do It - Codebreaking

Seattle startup Pico Computing squeezes a cryptographic supercomputer into a breadbox...

...Not every customer has the know-how or the motivation to coax FPGAs into those cryptographical feats. But the three-letter agencies that buy Pico's code-breaking systems have both, and Pico offers them versions aimed at breaking everything from the Wireless Protected Access protocol used in Wi-Fi signals to the Filevault encryption found on Mac computers. (more)