Monday, September 13, 2010
"And, the Number One reason to buy your tickets from your friendly neighborhood scalper is..."
...the personal details of some 250,000 fans who bought tickets to the 2006 World Cup in Germany through official Fédération Internationale de Football Association (FIFA) ticket outlets have been stolen and then sold off for some £500,000. The information not only contains financial information on ticket holders, but their passport details. A criminal investigation has been launched... (more)
Quantum Cryptography's Day Off
LAST MONTH
A team of 15 Chinese researchers from Tsinghua University in Beijing and the Hefei National Laboratory for Physical Sciences... quantum technologies have wide-ranging applications for the fields of cryptography, remote sensing and secure satellite communications. In the near future, the results from this experiment will be used to send encrypted messages that cannot be cracked or intercepted, and securely connect networks, even in remote areas, with no wired infrastructure, even incorporating satellites and submarines into the link. (more)
THIS MONTH
Norwegian computer scientists have perfected a laser-based attack against quantum cryptography systems that allows them to eavesdrop on communications without revealing their presence. (more)
"Life moves pretty fast. If you don't stop and look around once in a while, you could miss it." ~ F.B.
A team of 15 Chinese researchers from Tsinghua University in Beijing and the Hefei National Laboratory for Physical Sciences... quantum technologies have wide-ranging applications for the fields of cryptography, remote sensing and secure satellite communications. In the near future, the results from this experiment will be used to send encrypted messages that cannot be cracked or intercepted, and securely connect networks, even in remote areas, with no wired infrastructure, even incorporating satellites and submarines into the link. (more)
THIS MONTH
Norwegian computer scientists have perfected a laser-based attack against quantum cryptography systems that allows them to eavesdrop on communications without revealing their presence. (more)
Contest Answer
The cypher comes from Edgar Allen Poe's short story "The Gold Bug."
Set on Sullivan's Island, South Carolina, the plot follows William Legrand, who was recently bitten by a gold-colored bug. His servant Jupiter fears him to be going insane and goes to Legrand's friend, an unnamed narrator who agrees to visit his old friend. Legrand pulls the other two into an adventure after deciphering a secret message that will lead to a buried treasure.
The coded message reads, "A good glass in the bishop's hostel in the devil's seat forty-one degrees and thirteen minutes northeast and by north main branch seventh limb east side shoot from the left eye of the death's-head a bee-line from the tree through the shot fifty feet out."After decoding Captain Kidd's message about where the buried treasure was hidden the main character, William Legrand, explains to his companion how he figured out what the bishop's hostel was...
"It left me also in the dark," replied Legrand, "for a few days; during which I made diligent inquiry, in the neighborhood of Sullivan's Island, for any building which went by the name of the 'Bishop's Hotel'; for, of course, I dropped the obsolete word 'hostel.' Gaining no information on the subject, I was on the point of extending my sphere of search, and proceeding in a more systematic manner, when, one morning, it entered into my head, quite suddenly, that this 'Bishop's Hostel' might have some reference to an old family, of the name of Bessop, which, time out of mind, had held possession of an ancient manor-house, about four miles to the northward of the island. I accordingly went over to the plantation, and re-instituted my inquiries among the older negroes of the place. At length one of the most aged of the women said that she had heard of such a place as Bessop's Castle, and thought that she could guide me to it, but that it was not a castle, nor a tavern, but a high rock." (more)
Sunday, September 12, 2010
Contest Clue
It could be said that this message was: written by two people (The author of the story and, by extension, one of the characters referenced in the story.); then decoded by two people (Again, the author and the character in the story who decoded the message); that three people were involved in these endeavors (The author, Character 1 and Character 2; and, none of these people ever met each other.
Even decoded, the message is mysterious. A place mentioned (a hostel), assumed to be a structure, turns out to be something quite different. What was it?
The answer, Monday, September 13, 2010 at noon (EDT).
Saturday, September 11, 2010
Spybusters Contest - Level: Difficult
It could be said that this message was: written by two people; then decoded by two people; that three people were involved in these endeavors; and, none of these people ever met each other. Even decoded, the message is mysterious. A place mentioned, assumed to be a structure, turns out to be something quite different. What was it?
Click here to send me your answer.
(Enter your e-mail address, the rest is optional.)
The first three correct answers win.
If necessary, a clue will be posted tomorrow.
Friday, September 10, 2010
Chameleon™ & PrivateEye™ - Two Cool Security Products
Now you can blind shoulder surfers with these two very cool computer security products. Very innovative. Very clever. Very secure.
PrivateEye™ is active display security software that responds conveniently and automatically to a user. PrivateEye presents a normal clear screen when the user is present and looking at the display, but when the user’s attention moves away from the display the software immediately blurs the screen. Similarly, if PrivateEye detects an eavesdropper it can automatically blur the screen. The solution also includes a facial recognition engine. PrivateEye requires only a standard webcam. (video).
Chameleon™ is a software and hardware solution from Oculis Labs that addresses the unique security challenge of protecting sensitive and classified materials while it is being displayed on computer screens. The solution protects displayed information against over-the-shoulder eavesdroppers, video recorders, remote electronic surveillance, and TEMPEST style threats. Using a patent-pending, gaze contingent, secure content rendering system, the software allows a trusted user to read a screen normally, but no one else can.
If you agree that this techonolgy is too cool, take a moment and help these folks win the "Hottest Tech in Town" Award. (vote here)
Thursday, September 9, 2010
Contest Alert
I received a friendly tap on the shoulder reminding me that it has been a while since our last Security Scrapbook contest.
Previous contest winners know the prizes are worthy of the effort. The contests are also fun and sometimes educational. Be sure to give it a try.
The next contest will be posted on Saturday, September 11 at noon (12:01 PM EDT).
The challenge level for this contest question will be Difficult.The first three correct answers received via our web site's contact form win (the URL will be posted with the contest). Good luck! ~ Kevin
The challenge level for this contest question will be Difficult.The first three correct answers received via our web site's contact form win (the URL will be posted with the contest). Good luck! ~ Kevin
William Gibson & Fashion's Industrial Espionage
Q. You make fashion seem mysterious, even a little ominous.
A. The sinister aspect of it in the book doesn’t derive from people wanting to cloth themselves in garments they feel will make them more desirable or distinguish them socially. Part of it comes from the real, observed, war-like seriousness with which the fashion industry largely proceeds. It’s not a friendly, feminine sort of thing. It’s deadly serious. Billions of dollars ride on it. There’s a great deal of industrial espionage going on. It’s a harsh, harsh business. (more)
WIlliam Gibson being interviewed about his new book Zero History
.
.
X-ray vans that can see through walls-and clothes-hits America's streets.
Nervous yet?
AS&E's vans can be driven past stationary vehicles to scan their contents or parked to see the innards of passing cars and trucks.
Privacy-conscious travelers may cringe to think of the full-body scanners finding their way into dozens of airport checkpoints around the country. Most likely aren't aware that the same technology, capable of seeing through walls and clothes, has also been rolling out on U.S. streets.
American Science & Engineering , a company based in Billerica, Mass., has sold U.S. and foreign government agencies more than 500 backscatter X-ray scanners mounted in vans that can be driven past neighboring vehicles or cargo containers to snoop into their contents...
The Z Backscatter Vans, or ZBVs, as the company calls them, send a narrow stream of X-rays off and through nearby objects and read which ones bounce back. Absorbed rays indicate dense material such as steel. Scattered rays show less-dense objects that can include explosives, drugs or human bodies...
AS&E's vans can be driven past stationary vehicles to scan their contents or parked to see the innards of passing cars and trucks.
Privacy-conscious travelers may cringe to think of the full-body scanners finding their way into dozens of airport checkpoints around the country. Most likely aren't aware that the same technology, capable of seeing through walls and clothes, has also been rolling out on U.S. streets.
American Science & Engineering , a company based in Billerica, Mass., has sold U.S. and foreign government agencies more than 500 backscatter X-ray scanners mounted in vans that can be driven past neighboring vehicles or cargo containers to snoop into their contents...
The Z Backscatter Vans, or ZBVs, as the company calls them, send a narrow stream of X-rays off and through nearby objects and read which ones bounce back. Absorbed rays indicate dense material such as steel. Scattered rays show less-dense objects that can include explosives, drugs or human bodies...
The company, which calls the ZBV its flagship product, sold 89 of the vehicles in the 15 months ending in June at $850,000 apiece... (more)
MI6 Spy uses Son of Sam Defense
It was the “voices” in his head which made Daniel Houghton do it, according to his legal team.
He offered to hand over sensitive computer files containing information about intelligence collection and MI6 staff lists to agents from the Netherlands, the Old Bailey heard.
The judge said he did not know whether it was true, as Houghton claimed, that he was hearing voices that told him to do it but said he was a "strange young man." (more) (Son of Sam)
Squawk Box Eavesdropping - $500. Fine...
...what a hoot!
NY - A former Smith Barney broker was sentenced to no jail time on Wednesday after he cooperated with federal prosecutors in a probe into an alleged scheme to misuse brokerage-firm "squawk" boxes. (Also called "hoot n holler" and "shout down" boxes, these are always-on intercom systems used at financial trading firms. Sending broadcasts from these devices to unauthorized persons is illegal eavesdropping.)
NY - A former Smith Barney broker was sentenced to no jail time on Wednesday after he cooperated with federal prosecutors in a probe into an alleged scheme to misuse brokerage-firm "squawk" boxes. (Also called "hoot n holler" and "shout down" boxes, these are always-on intercom systems used at financial trading firms. Sending broadcasts from these devices to unauthorized persons is illegal eavesdropping.)
He now works as a car salesman, was ordered to pay a $500 fine by U.S. District Judge I. Leo Glasser in Brooklyn, but the judge imposed no jail term.
The 48 year old pleaded guilty in 2005 to conspiracy to commit securities fraud. He didn't testify at trial, but provided information that prosecutors said led to the conviction of six people last year, including three former supervisors at defunct day-trading firm A.B. Watley Inc.
Prosecutors from the U.S. Attorney's office in Brooklyn had alleged that he placed an open telephone line next to his squawk box for lengthy periods, allowing day traders at A.B. Watley to secretly eavesdrop on block orders by institutional clients. He received cash bribes in return, prosecutors said. (more) (technical details)
Busman's Holiday
(sing-a-long) During the past decade, a New York man stole more than 150 buses from an unsecured Trailway bus depot in Hoboken New Jersey; the doors were open, the key were left in the ignition, and he just drove off the lot, using the coaches for everything from fast-food runs to jaunts to North Carolina; he was finally collared last week after he stole a bus, drove to Manhattan, and took a group of flight attendants to Kennedy Airport.
Police Commissioner Raymond Kelly wants NYPD to look into lax security at a New Jersey depot from which bus-thief Darius McCollum stole more than a hundred buses. (more)
Attention security vendors who sell password access key pads. Opportunity honking.
Wednesday, September 8, 2010
iPhone Spy Stick - DIY forensics, or worse?
Recover DELETED iPhone Text Messages, Map Searches, Hidden Contacts, & More
Quickly and Easily Download Even Deleted Information from an iPhone
The iPhone Spy Data Recovery Stick is the ultimate iPhone recovery tool for anyone who wants to capture deleted information from any iPhone (running iOS to 3.x). The iPhone Spy Data Recovery Stick makes it easy to recover deleted text messages, contacts, call and web history, as well as photos, voice memos and calendar appointments -- giving you a unique look into exactly what the user has been searching for, who they’ve been talking to, and even the types of pictures they’ve taken. With features like saved map search history, web searches, and text messages, the iPhone Data Recovery Stick is the only tool you need to catch a cheating spouse, monitor your kids, iPhone recovery or backup your own iPhone data.
Features:
Get access to deleted information
Download text messages and view calls made
Recover deleted contacts and calendar items
View pictures and other multimedia
Get access to map history to see locations searched on the iPhone’s map with exact GPS coordinates
Get access to notes, voice memos, multimedia files, and dynamic text data
Downloading data is as simple as attaching the iPhone and iPhone Data Recovery Stick to a computer and pressing start
iPhone information is saved on any computer and can be moved to other drives as a regular file
Looks like an ordinary USB flash drive
iPhone recovery Stick allows you to recover data from your iPhone you thought was lost forever
Popular Uses:
Catch a cheating spouse
Monitor your kids iPhone text messaging and Internet use
Check on employees using company issues iPhones
Restore deleted files
Includes:
iPhone Spy Data Recovery Stick
USB cable for iPhone
(more)
Why do I mention it?
So you will know what you are up against.
P.S. It only works on the older versions of the software (for now).
Tuesday, September 7, 2010
Business Espionage - A Spy Comes Clean
South Africa - A corporate spy (Briel) has admitted in sensational court papers that he illegally tapped telephones at the behest, he says, of Investec bank.
"I always wore my Telkom overalls, as then no one queried what I was doing." ~ Briel
In his affidavit, Briel makes some devastating claims.
Briel worked for Associated Intelligence Networks (AIN) run by Warren Goldblatt, which has since morphed into Specialised Services Group, and says he received his instructions in the Investec case from former Recce Johann Rademeyer.
Briel says "Goldblatt told me that he had a big job to do in Cape Town. He mentioned that it was for Investec, and that there were bad people in their company that they wished to monitor."
He says he posed as a Telkom technician to install phone taps at Investec, as well as at private residences in Hout Bay, and a company premises near the Protea Hotel at the Waterfront.
In court papers, the Chaits say one of the places Briel tapped phones was the offices of their company, Fairweather Trust, which was developing the Victoria Junction Hotel in Cape Town at the time.
"Detailed information regarding the telephone tapping of (our) offices ... have enabled us to physically locate and recover equipment used in the tapping, which in due course will be provided in evidence," the Chaits say in papers.
The Chaits are furious - particularly because their property business was competing with Investec's own property business.
But Investec's Nobrega...described Briel's claim as an "overzealous expansion of the true facts in order to extort a settlement from Investec Bank." (more)
"I always wore my Telkom overalls, as then no one queried what I was doing." ~ Briel
In his affidavit, Briel makes some devastating claims.
Briel worked for Associated Intelligence Networks (AIN) run by Warren Goldblatt, which has since morphed into Specialised Services Group, and says he received his instructions in the Investec case from former Recce Johann Rademeyer.
Briel says "Goldblatt told me that he had a big job to do in Cape Town. He mentioned that it was for Investec, and that there were bad people in their company that they wished to monitor."
He says he posed as a Telkom technician to install phone taps at Investec, as well as at private residences in Hout Bay, and a company premises near the Protea Hotel at the Waterfront.
In court papers, the Chaits say one of the places Briel tapped phones was the offices of their company, Fairweather Trust, which was developing the Victoria Junction Hotel in Cape Town at the time.
"Detailed information regarding the telephone tapping of (our) offices ... have enabled us to physically locate and recover equipment used in the tapping, which in due course will be provided in evidence," the Chaits say in papers.
The Chaits are furious - particularly because their property business was competing with Investec's own property business.
But Investec's Nobrega...described Briel's claim as an "overzealous expansion of the true facts in order to extort a settlement from Investec Bank." (more)
Substitute the word SPY for FRAUD
Special note to corporate security directors: This Certified Fraud Examiners survey is excellent. The findings parallel my internal corporate counterespionage experiences, another form of fraud... with much larger monetary losses. Swap a few words. Expand your thinking. Learn where to look. Become a wiser counsellor for your company.
Afraud spy suspect might not be easy to pick out of a crowd -- or from a rap sheet.
The averagefraud spy perpetrator has no prior fraud spy charges or convictions, according to new research by the Association of Certified Fraud Examiners (ACFE), the world's largest provider of anti-fraud spy training and education. The offender is commonly between the age of 31-45, and somewhat more likely to be male than female.
More insights gleaned from the study help fill out the profile, however. Behavioral red flags, tenure at an organization, position and educational background are all criteria examined in the ACFE's 2010 Report to the Nations on Occupational Fraud & Abuse. The Report is drawn from a survey of Certified Fraud Examiners (CFEs) who investigated fraud cases between January 2008 and December 2009.
Here are some of the key findings
about fraud perpetrators
in the 84-page Report:
High-level perpetrators cause the greatest damage to their organizations.Frauds Spying committed by owners/executives were more than three times as costly as frauds spying committed by managers, and more than nine times as costly as employee frauds spying. Executive-level frauds spying also took much longer to detect.
Fraud offenders Spies were likely to be found in one of six departments. More than 80% of the frauds spying in the study were committed by individuals in accounting, operations, sales, executive/upper management, customer service or purchasing.
More than half of all cases in the study were committed by individuals between the ages of 31 and 45. Generally speaking, median losses tended to rise with the age of the perpetrator.
Most of thefraudsters spies in the study had never been previously charged or convicted for a fraud-related spying-related offense. Only seven percent of the perpetrators had been previously convicted of a fraud spying offense. This finding is consistent with prior ACFE studies.
Fraud perpetrators Spies often display warning signs that they are engaging in illicit activity. The most common behavioral red flags displayed by the perpetrators in our study were living beyond their means (43% of cases) and experiencing financial difficulties (36% of cases). (more)
A
The average
More insights gleaned from the study help fill out the profile, however. Behavioral red flags, tenure at an organization, position and educational background are all criteria examined in the ACFE's 2010 Report to the Nations on Occupational Fraud & Abuse. The Report is drawn from a survey of Certified Fraud Examiners (CFEs) who investigated fraud cases between January 2008 and December 2009.
Here are some of the key findings
about fraud perpetrators
in the 84-page Report:
High-level perpetrators cause the greatest damage to their organizations.
More than half of all cases in the study were committed by individuals between the ages of 31 and 45. Generally speaking, median losses tended to rise with the age of the perpetrator.
Most of the
Subscribe to:
Posts (Atom)