Tuesday, October 12, 2010

Time to Recycle the Quote of the Century

“The growing use of the electric automobile, with its many advantages of simplicity, ease of operation and noiselessness, has resulted in a demand for some means of conveniently charging the batteries.” — GE Bulletin No. 4772, September 1910.

Monday, October 11, 2010

SpyCam Story #585 - "Purely Platonic, your Honor."

GA - A man was arrested Friday for using his cell phone to take video of a woman in a dressing room.
According to a report released Saturday by the Athens-Clarke County Police Department, Vicente Bautista, 26 of Greensboro, Ga. was in the dressing area of the Plato's Closet located at 196 Alps Road shortly before noon. Police said he put his cell phone under the divider to tape a 36-year-old woman as she tried on clothes. (more)

Business Espionage - Bratz v. Barbie

Mattel Inc will answer accusations it spied on rival toymakers by infiltrating their private showrooms around the globe, after a U.S. court denied its motion to dismiss claims filed by rival MGA.

In an escalation of a long-running battle over MGA's popular "Bratz" dolls, MGA Entertainment Inc accused Mattel of gaining entry to toy fairs with false credentials to steal trade secrets. It says Mattel then concealed evidence about these activities, according to court filings.

MGA has accused Mattel employees of gaining access to private showrooms of toy makers -- including Hasbro Inc, Lego and Sony Corp -- armed with fake business cards and spy cameras, to steal price lists and other sensitive information. (more)

Legal Phone Taps Vulnerable to DOS Attacks

Researchers at the University of Pennsylvania say they've discovered a way to circumvent the networking technology used by law enforcement to tap phone lines in the U.S.

The flaws they've found "represent a serious threat to the accuracy and completeness of wiretap records used for both criminal investigation and as evidence in trial," the researchers say in their paper, set to be presented Thursday at a computer security conference in Chicago.

Following up on earlier work on evading analog wiretap devices called loop extenders, the Penn researchers took a deep look at the newer technical standards used to enable wiretapping on telecommunication switches. They found that while these newer devices probably don't suffer from many of the bugs they'd found in the loop extender world, they do introduce new flaws. In fact, wiretaps could probably be rendered useless if the connection between the switches and law enforcement are overwhelmed with useless data, something known as a denial of service (DOS) attack. (more)

Business Espionage - This Zeus is no Cretan

The Zeus banking Trojan could be a useful tool in corporate espionage...

Zeus typically steals online banking credentials and then uses that information to move money out of internet accounts. In the past year, however, Gary Warner, director of research in computer forensics with the University of Alabama, who has been closely monitoring the various criminal groups that use Zeus, has seen some hackers also try to figure out what companies their victims work for...

"They want to know where you work," he said. "Your computer may be worth exploring more deeply because it may provide a gateway to the organisation."

That's worrying because Zeus could be a very powerful tool for stealing corporate secrets. It lets the criminals remotely control their victims' computers, scanning files and logging passwords and keystrokes. With Zeus, hackers can even tunnel through their victim's computer to break into corporate systems. (more)

Saturday, October 9, 2010

Espionage Life in the Fast lane

Luxury car manufacturer Porsche has banned employees from using Internet sites such as Facebook, Google Mail or Ebay during office hours, for fear of industrial spying, German media reported on Saturday. Corporate security chief Rainer Benne told business weekly Wirtschaftswoche that the company feared information could be leaked via social networking site Facebook in particular.

The magazine reported that foreign intelligence agencies systematically used Facebook to contact company insiders and win their trust in order to obtain information.

Roughly a quarter of Porsche's 13,000 global employees use Facebook and other social networking sites, Wirtschaftswoche reported. (more)

Espionage Research Institute - Day 2

Attending and presenting at the annual ERI meeting means telling clients we will be unavailable for a few days. They understand once I tell them what goes on behind these closed doors. The information I gather directly benefits them. If you think any of this can help you, give me a call and I will brief you in greater detail.

This is what I heard today...

• Need to track down Cellular, Wi-Fi or Bluetooth signals?
Berkerley Varitronics RF Detection Products probably has just the little handheld instrument you need. Each instrument, with its own weird name (Yellowjacket, Swarm, Mantis, WatchHound, etc.) handles a very specific chore. You only buy what you need. That keeps the costs down. Need a special enclosure, like hiding their contraband cell phone detector in a water bottle, or secreting an antenna in a pocket pen? No problem. Very cool Jersey engineering dudes.

The rest of the day, ERI members taught what they know... 

• Protecting Your Computer Network - Dr. Gordon Mitchell
• Laser Eavesdropping Techniques - Dr. Gordon Mitchell
• Alternative Power Sources for the Eavesdropper - Mark Clayton
• Android App Vulnerabilities - Charles Patterson
• 4G LTE Cellular Network - Russ VasDias
• Covert Store and Burst Digital Stereo Bug - Vicente Garcia
• Display of most of the TSCM instrumentation designed and built by Glenn Whidden (with commentary by Glenn). Instrumentation provided by J.D. LeaSure.
• Discussions about topics for next year's meetings.

The discussions continue tomorrow.

Thank you to our client family for adjusting your schedules to allow us time to attend this important meeting in Washington, DC. Tomorrow we are back on the road again completing visits this month to Virginia, Maryland, Ohio, Philadelphia, Anchorage, Boston, New York City, New Jersey and Illinois. ~ Kevin D. Murray
Kevin's Security Scrapbook is prepared fresh almost daily for the clients and friends of Murray Associates - Eavesdropping Detection and Counterespionage Consulting for Business and Government

Snuggly the Security Bear

A few posts ago, it was noted that the FBI is echoing the desires of several countries around the world about having backdoor keys to all communications encryption schemes. BlackBerry, Skype, etc. are seeing the beginning of the end of their privacy advantage. 

Some countries threatened to outright ban encryption they can't crack, but how can this concept be sold to the U.S. Congress? 

Political cartoonist Mark Fiore thinks he knows how it should be done. Pop over to his site for a few words (and an evil giggle) from his Snuggly the Security Bear.

Friday, October 8, 2010

Espionage Research Institute - Day 1

Attending and presenting at the annual ERI meeting means telling clients we will be unavailable for a few days. They understand once I tell them what goes on behind these closed doors. The information I gather directly benefits them. If you think any of this can help you, give me a call and I will brief you in greater detail.

This is what I heard today...

Need to make sure the people outside of your room can't overhear you?
Dynasound to the rescue. As they say, "These are not your father's white noise generators." Made to be un-filterable, this white noise is injected directly into construction materials (as opposed to vibrated in with old piezo-electric transducers). The benefit... walls, windows, ceilings and floors transmit the sound outward. People in the room can hardly hear it. Bonus... Need a temporary solution (as in a hotel) or need to move the permanent installation? No problem. The new transducers are easy to move.

• Want to have 24/7 monitoring of an area for certain types of bugging devices?
Global TSCM Group has an answer. Their multi-faceted monitoring system may be monitored anywhere via the Internet. It may not be the total answer, but it helps when securing Boardrooms and creating secure conference rooms.

• Need to control Wi-Fi and cell phone usage in your building?
AirPatrol can do it. Once their system is installed, you will know where every rogue laptop, unauthorized Wi-Fi appearance point and cell phone is... within six feet of its exact location, plotted on a computer map. Also, monitorable via the Internet. (PS - There is a whole lot more their system does. Visit their web site.)

Ok... Lunch break.

• Need portable secure storage for cell phones and tablets when everyone enters the top secret meeting? Hey, you never know whose cell phone is infected with spyware, turning their phone into a bugging device. Vector Technologies has the answer, and if the answer doesn't suit you, talk to them. They will make whatever you need. Bonus... It won't look like an old pirate's chest. They make really nice looking stuff with pneumatic lids! Independent testing labs certify effectiveness. Call 540-872-0444.

The rest of the afternoon, ERI members taught what they know...
• "Finds in the Computer World" - Dr. Gordon Mitchell
• "Access Control / Physical Security" - Mark Clayton
• "Building and Using a UV LED Light Source" - Dr. Gordon Mitchell
• "Adventures with Software Defined Radio" - Kevin D. Murray

More tomorrow...
(MJD, DC can be fun. Make the TSCM hajj next year.)

Thus spiking battery sales for adult toys...

Back in 2007, when the Dutch government announced that all 7 million homes in the Netherlands would be equipped with smart meters by 2013, it anticipated little resistance. After all, who wouldn’t welcome a device that could save both energy and money? But consumers worried that such intelligent monitoring devices, which transmit power-usage information to the utility as frequently as every 15 minutes, would make them vulnerable to thieves, annoying marketers, and police investigations. They spoke out so strongly against these ”espionage meters” that the government made them optional...

Of more than 9000 consumers polled in 17 countries, about one-third said they would be discouraged from using energy-management programs, such as smart metering, if it gave utilities greater access to data about their personal energy use...

It all sounds less paranoid when you consider that each appliance—the refrigerator, kettle, toaster, washing machine—has its own energy fingerprint, or ”appliance load signature,” that a smart meter can read. Anyone who gets hold of this data gets a glimpse of exactly what appliances you use and how often you use them. (more)

The Dregs of the Data Mine - Reality TV?

"300" writer Michael Gordon has sold a spooky surveillance project to NBC. The idea was spawned by the controversial U.S electronic eavesdropping apparatus ECHELON, a program that supposedly captures virtually all data signals for analysis at a central hub in West Virginia.

These millions of video, audio and data files are then disseminated to various federal and local law enforcement agencies for further investigation.

Now here's the twist from the show's logline: "There is, however, less than 1% of the data that nobody wants to touch. These are the classified video files that seem to have captured the unexplainable."

The show will center on a fictional team called G.H.O.S.T. (Global Hierarchical Observation Strategy Taskforce) whose assignment it is to investigate this paranormal data. (more)

Thursday, October 7, 2010

Business Espionage - Selling Out

An Akamai Technologies Inc. employee was arrested and charged Wednesday with allegedly providing confidential business information over an 18-month period to a person he believed to be an agent of a foreign government.

Elliot Doxer, 42 years old, was charged in a complaint with one count of wire fraud, according to the Justice Department. The complaint alleges that on June 22, 2006, Mr. Doxer, of Brookline, Mass., sent an email to a foreign country's consulate in Boston stating that he was willing to provide any information that he had access to that might help the country.

It is alleged that in later communications, Mr. Doxer said his chief desire "was to help our homeland and our war against our enemies." He also allegedly asked for $3,000 in light of the risks he was taking.

The unnamed foreign government cooperated with the U.S. in the investigation. A Justice Department spokeswoman wasn't immediately available to comment. (more)

Wednesday, October 6, 2010

Business Espionage in Tasmania?

Tasmania, Australia - An overnight break-in in which burglars ransacked Aurora Energy's Hobart head office has puzzled police and company chiefs.

Only the second-floor commercial section of Aurora was targeted by the thieves, who cracked a secret safe and stole a small sum of cash.

Computers were accessed and documents strewn across the office...

Police have not ruled out corporate espionage as a possible reason for the break-in, which occurred either late on Monday night or in the early hours of yesterday...

Professor John McFarlane, from the Australian National University's Centre for Excellence in Policing and Security, said yesterday industrial espionage was not uncommon in the business world. "There have been very few prosecutions in Australia for this sort of activity, but that doesn't mean it isn't happening," Prof McFarlane said. (more)

Spy Rule-Book Update

The US Army updated its 17-year-old rule book on espionage to specifically require that troops alert authorities if they suspect classified leaks to the media.

The revision seems aimed at the service’s WikiLeaks debacle. Earlier this year, an Army intelligence analyst was charged with providing a classified video to WikiLeaks, an anti-war organisation that describes itself as a government whistleblower. (more)

Tuesday, October 5, 2010

Bugs in the Coffin

Canada - At the time of his kidnapping by the FLQ, Pierre Laporte was being monitored by the police as part of a probe into the Montreal Mafia that went as far as planting a microphone in his coffin after his murder, according to stunning revelations by a retired Sûreté du Québec wiretapping expert.

Claude Lavallée, who pioneered wiretapping techniques in Quebec in the late 1960s, said in a book to be released Wednesday (Révélations d’un espion de la SQ / Revelations of an SQ Spy - ISBN 13: 9782761927048) that the murder of the Liberal minister in October 1970 by the Front de Libération du Québec put an end to the investigation.

The author even claims that wiretaps caught a leading organized crime figure offering the Mafia’s help in finding Mr. Laporte before he was killed. (more)

Note to D.R.: Please start your book.