Thursday, January 6, 2011

Hannah Montana Hacker Jacked

The 21-year-old hacker who boasted about breaking into Miley Cyrus' Gmail account and posting racy photographs of the teenage star has been arrested in Tennessee on fraud charges.

Joshua Holly, known by his hacker alias TrainReq, got a lot of attention after posting private photos of Cyrus, then just 15. In one photo, Cyrus poses in her underwear and in another she poses, clothed, in the shower. 

In subsequent interviews Holly said that he downloaded the photos from Cyrus' Gmail account. He told Wired that he accessed the Gmail account by tricking a MySpace employee into giving him access to the company's administrative control panel, which included users' passwords. (more)

Wednesday, January 5, 2011

Sienna Miller's Eavesdropper Dropped

Britain's News of the World tabloid has suspended a high-ranking journalist for eavesdropping on the voicemail messages of movie star Sienna Miller, media reports said. (more)

Kevin's FREE Counterespionage Consulting Day


Let's solve some common counterespionage problems...

1. "How can I stop shoulder surfers from reading my computer screen? The polarized screen thing makes me look like a paranoid dork."

Kevin says... Funny you should ask. I recently purchased some computer screen security software for testing, PrivateEyes from Oculis Labs. It works eerily well. All you need is a computer screen with a video camera and Windows. 

During the simple setup, the software learns who you are by looking at your face. From that point on, the screen automatically blurs unless you are looking directly at it. Turn to answer a phone call, or talk to someone nearby – BLURRR goes the screen. 

"What if someone sneaks up behind me?" I hear you say. No problem. When it sees an extra set of eyes – BLURRR.

Pro: The BLURRR effect changes quickly.
Con: Doesn't work as well in a high contrast environment.

PrivateEyes would also make an awesome IT guy gag. "I don't know. Your computer screen looks sharp and clear to me. Maybe you should get your eyes checked."

FREE 30-day trial.


2. "How can I document the identity of who enters my sensitive secure areas like: the executive suite, computer center, phone closets, elevators and boardroom? Card keys and pin codes don't do this. Biometric and CCTV solutions are not always cost-effective."

Kevin says... Consider installing a high-sensitivity digital surveillance camera that can capture high-resolution color images in low light conditions when motion is detected within its field of view. Images are stored on a removable memory card for easy viewing on your computer. The camera can also be started by a door opening or other trigger, and it can be configured to capture images on a time-lapse basis.

'Set and forget’ operation... Most cameras of this type can store up to 65,000 images and will optionally overwrite the oldest images when the memory card is full. (Example)
 

2. "Our corporate aircraft flies internationally and parks unattended for long periods of time. How can I tell if foreign nationals have boarded the plane to plant bugging devices? Murray Associates inspects the plane for us upon return, of course, but can't more can be done?"

Kevin says... Yes. Consider installing a covert digital surveillance camera – similar to the above camera's specs – in the cockpit, and at either end of the passenger compartment. Raw board cameras are small, battery powered (6-9 months!) and can be place covertly behind panels or within normally seen objects. Easy and cost-effective! (Example)



3. We have some remote locations we need to keep an eye on but it is not cost-effective to send a guard unless there is a problem. What can we do?

Kevin says... Send pictures to the guard on his cell phone! Digital surveillance cameras come in a variety of styles including outdoor mounting and solar-powered. Photos may be sent time lapse, upon being triggered by movement or an alarm, or upon demand. The guard is alerted immediately, and only when necessary. (Example)


Full Disclosure: I do not sell security hardware, or accept commissions when a purchase is made. My income comes solely from my clients when they hire me for independent consulting. My recommendations usually come with several security hardware choices. Clients do not need to "mention my name" when they make a purchase.

Bonus... 
Clients know my recommendations are based solely upon their needs. ~Kevin

My thanks to Barry Bouyer, of Moreton Bay Systems Pty Ltd. for the use of his photos.

Tuesday, January 4, 2011

"I'm infested. You know what I mean. I can't nibble on my secretary's ear without everyone knowing. Send them exterminator guys over."

Italy - Rome prosecutors on Monday opened an investigation into the alleged bugging of the home and offices of Northern League leader Umberto Bossi. 

Bossi, who is minister for reforms in Premier Silvio Berlusconi's centre-right government, revealed Monday that bugs had been found in his house and his office at the ministry "a couple of months ago".

The bugs were discovered, he said, by a private firm "we called in when my secretary got suspicious because too many people knew what I'd said to her alone".

The minister, Berlusconi's longtime key ally, said he then called his party colleague, Interior Minister Roberto Maroni, "to send a few guys over" to remove the devices. (more)

"C'est la vie", say the old folks, it goes to show you never can tell.

Back in 2001, European leaders accused the United States government of operating a vast industrial espionage network that was eavesdropping on European businesses and giving trade secrets to American companies.

According to the latest WikiLeaks cable release, they should have been looking internally.

France is the country that conducts the most industrial espionage on other European countries, even ahead of China and Russia, according to leaked U.S. diplomatic cables, reported in a translation by Agence France Presse of Norwegian daily Aftenposten's reporting.

"French espionage is so widespread that the damages (it causes) the German economy are larger as a whole than those caused by China or Russia," an undated note from the U.S. embassy in Berlin said. (more) (sing-a-long)

"Go cheap on the sweep so we can party."

IL - The cash-strapped Chicago Public Schools spent more than $800,000 on items ranging from bug sweeps to alcohol for parties, an inspector general said.

Inspector General James M. Sullivan released a report containing a list of questionable spending under two former board presidents that included $3,000 to sweep offices for eavesdropping devices and $12,624 for holiday parties, the Chicago Sun-Times reported Tuesday.

A source familiar with the sweep said it occurred in July 2009, the same month that the board and board president were subpoenaed as part of a federal probe into admissions at elite Chicago public schools. (more)

Polar Bear TSCM vs. BBC SpyCams

via engadget.com...
Iceberg Cam, Snowball Cam, Blizzard Cam and Drift Cam were the arctic photographer's best friends -- high-tech spy robot cameras designed to resist cold and traverse sub-zero terrain. Then they got crushed to death by giant polar bears while attempting to make friends. Seriously, that's the basic gist of Polar Bear: Spy on the Ice, a new BBC documentary which began airing last week, and which just so happens to be narrated by David Tennant. (more) (video) (video)

Next out of the lab... DNA stealing mosquitos!

A vulture tagged by scientists at Tel Aviv University has strayed into Saudi Arabian territory, where it was promptly arrested on suspicion of being a Mossad spy, Israeli and Saudi media reported Tuesday.

The bird was found in a rural area of the country wearing a transmitter and a leg bracelet bearing the words "Tel Aviv University", according to the reports, which surfaced first in the Israeli daily Ma'ariv.

Although these tags indicate that the bird was part of a long-term research project into migration patters, residents and local reporters told Saudi Arabia's Al-Weeam newspaper that the matter seemed to be a "Zionist plot."

The accusations went viral, with hundreds of posts on Arabic-language websites and forums claiming that the "Zionists" had trained these birds for espionage.

The Sinai regional governor last month suggested that a shark that killed and maimed tourists on its Red Sea port may have been intentionally released by Israeli agents in order to sabotage the country's tourist industry. (more)

Keeping the nation safe ...ish.

Canada’s National Intelligence Security Agency (NISA) has a team of competently incompetent agents trying to keep the country safe and (accidentally) succeeding. Fortunately, this is all a fictional premise for the new action-comedy series, InSecurity, bowing tonight on CBC.

InSecurity is mix of 24 without Jack Bauer; CSI minus the science; and James Bond — if James Bond were Mr. Bean.

It’s a comedy relevant to our post-9/11 world of high alerts, terrorist plots and attacks, controversial airport-security measures and overall anxiety. (more) (video about their spy gadgets)

FutureWatch - Somewhere in the United States another TV comedy is in gestation. Terminal Security Service Airpatrol (TSSA). Oh, oh. Red flag. When the grounds of public opinion shift, the results first materialize as satire. Time to review the mission plans? 

Just A Modest Proposal to Dr. Strangelove. ~Kevin

Monday, January 3, 2011

Friday, December 31, 2010

Hedgers Hedging Bets Teach Lessons

The arrests of three technology company workers who allegedly sold secrets about Apple Inc., Dell Inc. and Advanced Micro Devices Inc. signal the U.S. may be closing in on the hedge funds that paid for their expertise.

The men, who worked at AMD, Flextronics International Ltd. and Taiwan Semiconductor Manufacturing Co., were arrested yesterday on securities fraud and conspiracy charges for a scheme that Manhattan U.S. Attorney Preet Bharara said operated from 2008 to early 2010...

A corrupt network of insiders at some of the world’s leading technology companies served as so-called consultants who sold out their employers by stealing and then peddling their valuable inside information,” Bharara said in a statement yesterday. (more)

The Lessons...
As in the real spy world, the people who eavesdrop and steal your intellectual property will most likely be agents – a layer of insulation between you and the people who will ultimately use your information against you. This allows your enemy a degree of plausible deniability if their operations are exposed.

Pro-active countermeasures work.
Don't wait. Start the New Year right. Add a counterespionage strategy to your corporate security program. I would be pleased to assist you.

Happy New Year!
 Kevin

"Here's you hat. What's your worry?"

Clothes Hook SpyCam 
and Recorder 
with Motion Detection!

from the creepy minds at Brando.com
for only $36.00

Why do I mention it?
So you will know what you're up against.

Ready for the rest of their creepy spy tools?
(141 in all) Click here.

aka Mr. Paul Poltergeist

UK - Authorities allege a Midland parolee hid a baby monitor under a dresser in his neighbor’s bedroom in order to spy on the couple.

Paul A. Rivard is charged with second-degree home invasion, larceny in a building, eavesdropping and aggravated stalking, according to reports.

Investigators also allege Rivard, 36, burned and buried clothing belonging to the neighbors, broke furniture and re-arranged items inside the house, according to reports. (more)

Pssst... Talk to the Chaos Computer Club

Botswana - The spying GSM equipment that was purchased by the government is lying idle since the government could not use it on private conversations by members of the public because cellular phone providers have upgraded their systems.

This was revealed at the Lobatse High Court before Chief Justice Maruping Dibotelo after the company that had supplied the equipment, Dukef Holdings, took the Botswana Police Service to court over the failure to pay US$1,529,000 for breach of contract. (more)

Cell Phone Eavesdropping on the Cheap

Speaking at the Chaos Computer Club (CCC) Congress in Berlin on Tuesday, a pair of researchers demonstrated a start-to-finish means of eavesdropping on encrypted GSM cellphone calls and text messages, using only four sub-$15 telephones as network “sniffers,” a laptop computer, and a variety of open source software.

While such capabilities have long been available to law enforcement with the resources to buy a powerful network-sniffing device for more than $50,000 (remember The Wire?), the pieced-together hack takes advantage of security flaws and shortcuts in the GSM network operators’ technology and operations to put the power within the reach of almost any motivated tech-savvy programmer. (more)