Turkey - There are dead-serious problems concerning the “privacy of personal life and communication” in Ankara at the moment. Video tapes are pouring in as records of private phone conversations, obtained through wiretapping, are making the rounds. Cyber attacks targeting politicians are continuing incessantly. There are as many records that have been obtained illegally as there are records that have been obtained legally and leaked.
Video or audio tapes have both become evidence in court cases and have been used for blackmail. Some of the Nationalist Movement Party, or MHP, candidates have had to resign or withdraw due to sex tapes featuring them.
Since these are cyber attacks, everyone is trying to gain protection either through personal or corporate measures. While jammer-like equipment to stop the transfer of phone and video conversations are being used by political parties, parliamentary deputies are choosing similar equipment sold on the market.
There are concerns about being bugged even in top offices in the capital. (more)
Friday, May 27, 2011
Memorial Day Weekend in the USA
Monday is Memorial Day here in the USA.
"Memorial Day is a United States federal holiday observed on the last Monday of May (May 30 in 2011). Formerly known as Decoration Day, it commemorates men and women who died while in military service to the United States (including its spies). First enacted to honor Union and Confederate soldiers following the American Civil War, it was extended after World War I to honor Americans who have died in all wars." (Wikipedia)
Many countries have national holidays like Memorial Day, and each takes theirs very seriously and solemnly. It is one holiday we wish we didn't have to have.
Confucius never said this, but we all know it is true... "War does not determine who is right; it determines who is left." Maybe this is why it is also a three-day weekend of not just sad reflection and appreciation (in fact, there is never enough of this), but also a time of gathering and camaraderie. ~Kevin
Wednesday, May 25, 2011
Hedge Fund Head Sends Spy into Employees' Personal Life
In late November 2008, Tobin Gover, a top financial mathematician known to his friends as Sam, got a call through to his desk at work in Limassol, Cyprus.
The woman on the line – a new neighbour ... purporting to be Laura Maria van Egmond, scion of Dutch nobility convalescing in Cyprus following a motoring accident – was in fact, Mr Gover claims in a UK court case, “a security consultant involved in covert close protection and undercover investigations ... trained in Israel” and “trained in unarmed combat”...
Ms Van Egmond – who within months went from being a regular yoga-buddy of his wife to a close family friend who spent Christmas with them and would be left alone to look after their infant son – was, in fact, Laura Merts, a Dutch spy, hired by Elena Ambrosiadou, head of Ikos and one of the world’s wealthiest women.
The UK High Court has given judgment in Mr Gover’s favour.
Ms Ambrosiadou filed no defence and has agreed to pay damages.
The accusations levelled against her are now set to reverberate around the hedge fund world. (more)
The woman on the line – a new neighbour ... purporting to be Laura Maria van Egmond, scion of Dutch nobility convalescing in Cyprus following a motoring accident – was in fact, Mr Gover claims in a UK court case, “a security consultant involved in covert close protection and undercover investigations ... trained in Israel” and “trained in unarmed combat”...
Ms Van Egmond – who within months went from being a regular yoga-buddy of his wife to a close family friend who spent Christmas with them and would be left alone to look after their infant son – was, in fact, Laura Merts, a Dutch spy, hired by Elena Ambrosiadou, head of Ikos and one of the world’s wealthiest women.
The UK High Court has given judgment in Mr Gover’s favour.
Ms Ambrosiadou filed no defence and has agreed to pay damages.
The accusations levelled against her are now set to reverberate around the hedge fund world. (more)
ElcomSoft Breaks iPhone Encryption, Offers Forensic Access to File System Dumps
via ElcomSoft...
"Let’s make it very clear: no privacy purist should ever use an iPhone (or any other smartphone, probably). iPhone devices store or cache humungous amounts of information about how, when, and where the device has been used.
The amount of sensitive information collected and stored in Apple smartphones is beyond what had previously been imaginable. Pictures, emails and text messages included deleted ones, calls placed and received are just a few things to mention.
A comprehensive history of user’s locations complete with geographic coordinates and timestamps. Google maps and routes ever accessed.
Web browsing history and browser cache, screen shots of applications being used, usernames, Web site passwords and the password to iPhone backups made with iTunes software, and just about everything typed on the iPhone is being cached by the device." (more)
Tuesday, May 24, 2011
The Most Secure Mobile Phone OS's - Ranked from Best to Worst
By Drew Turney, ZDNet.com.au
Smartphone security is fraught with peril. So few casual users realise they're carrying a complete personal computer in their pocket — one that's designed to connect to networks and transfer more data than their PC ever does.
Some commentators say that mobile vendors themselves aren't taking security seriously. Electronic Frontier Foundation technology director Chris Palmer, who was also a former Android security framework engineer, said in a January 2011 blog post that mobile systems "lag far behind the established industry standard" for security.
But some might lag farther behind than others. Today, five mobile operating systems dominate the market. We've done the heavy lifting for you by looking at the advantages and disadvantages of each OS, and then ranking the systems from best to worst. (more)
Some commentators say that mobile vendors themselves aren't taking security seriously. Electronic Frontier Foundation technology director Chris Palmer, who was also a former Android security framework engineer, said in a January 2011 blog post that mobile systems "lag far behind the established industry standard" for security.
But some might lag farther behind than others. Today, five mobile operating systems dominate the market. We've done the heavy lifting for you by looking at the advantages and disadvantages of each OS, and then ranking the systems from best to worst. (more)
http://tinyurl.com/The-Best-iOS |
World's Smallest GSM Cell Phone Eavesdropping Bug
from, Is My Cell Phone Bugged?
A cousin to the ZombiePhone is the GSM micro-bug. These are miniaturized cell phones made specifically for covert eavesdropping! Like ZombiePhone bugs but without normal cell phone features, these are tiny, creepy, robotic, cell phone bugs often hidden in such everyday objects as power strips and lighting fixtures.
Their tiny size is possible because they do not have keypads, ringers, displays, or smart-phone features. When called from any other phone, they become eavesdropping bugs automatically.
Shown with wall charger and USB cable. |
Groupe Spécial Mobile (GSM) is the name of the world’s most popular cellular telephone standard. GSM micro-bugs work on this standard, which means they can work in almost anywhere on Earth where there is cellular telephone service. Like normal cell phones whose features are set to Auto-Answer and No Ring, GSM bugs are equally hard to detect because they sleep most of the time. The thing that awakens them is the call from the eavesdropper.
Some models also awaken when they hear sound being made near them. Some awaken when they sense vibration or light. Should you awaken one, it will silently call the eavesdropper.
If you feel you are being eavesdropped on and you are sure your cell phone is free of spyware, a GSM bug may be the culprit.
Bug microphones are much more sensitive than most people realize. The microphones in GSM micro-bugs are very sensitive and can capture sound from large areas like bedrooms, offices, and vehicles. Ideally, bugs are placed as close to the sound source as possible, but the rule of thumb when searching is: If your ear can hear it, so can the bug.
Ever wonder where all these bugs come from? This link is the first step to solving the mystery.
Labels:
advice,
book,
cell phone,
eavesdropping,
GSM,
IMCPB,
privacy,
spybot,
spyware,
wireless
Monday, May 23, 2011
"Is My Cell Phone Bugged?" interview on KZSB – AM 1290
If you are in the Santa Barbara, CA area Tuesday, tune in to KZSB – AM 1290. You will hear Mike Williams interview me about eavesdropping spyware on smartphones and other mobile communications privacy issues. This new book, Is My Cell Phone Bugged? Everything you need to know to keep your mobile communications private is the topic of the interview.
The program starts at 10:00 AM (PST) and will be rebroadcast Tuesday evening at 9:00 PM and again on Saturday at 1:00 PM. The feed is also available at newspress.com. Once the show has been recorded I will post the link. ~Kevin
Extortionography - Turkish Tacky Video Changes the Course of a Nation
Turkey - Just weeks before general elections in Turkey, six leading members of an opposition party were forced to resign from Parliament on Saturday after sexually explicit videos of one of them were posted on the Internet.
The Web site that posted the videos had threatened to release others that it said showed the five other members who resigned.
The resignations could severely weaken the Nationalist Movement Party, the second largest opposition group in Parliament, which is struggling to win the minimum of 10 percent of the vote required to be seated in Parliament.
Four members of Parliament from the same party resigned earlier this month after similar videos were posted on the same Web site.
The Web site, farkliulkuculer.com, has cast itself as part of a breakaway ultranationalist group aiming to cleanse and reform the nationalist movement in Turkey. The site’s administrators are anonymous. (more)
The Web site that posted the videos had threatened to release others that it said showed the five other members who resigned.
The resignations could severely weaken the Nationalist Movement Party, the second largest opposition group in Parliament, which is struggling to win the minimum of 10 percent of the vote required to be seated in Parliament.
Four members of Parliament from the same party resigned earlier this month after similar videos were posted on the same Web site.
The Web site, farkliulkuculer.com, has cast itself as part of a breakaway ultranationalist group aiming to cleanse and reform the nationalist movement in Turkey. The site’s administrators are anonymous. (more)
Sunday, May 22, 2011
Snidley Whiplash Visits the Home Security Store... by "Bob"
I know some pretty interesting people. Very talented. Very sharp. Very imaginative. I received the following from one of them this week. We'll call him "Bob". Bob's thought process is part Carnegie Mellon University's Computer Emergency Response Team (CERT) and part Snidely Whiplash. Enjoy... (emphasis below is mine)
"For about a year now I’ve been building this new office/shop/garage at my place. Being the engineer I am at heart I prewired it for video surveillance and alarm.
I found an online reseller with good prices and I purchased all the alarm components from them. www.homesecuritystore.com I installed each switch or sensor as a separate zone so later I can use this system as a whole house monitoring platform.
I decided it is time to add the video. They had good prices and I bought close to $2000 worth of quality cameras and a 16 Channel DVR.
Last weekend I started to bench test it and get familiar before I commit the installation. I noticed the box was repackaged.
Then I noticed it is still full of video. It was installed at a restaurant and then returned. Not sure if the restaurant did it themselves or they had a security professional help. In any case they gave me their weeks’ worth of video. Moreover Homesecuritystore.com didn’t verify the contents and in turn sold it to me.
I was hoping to find some incriminating footage or something to brag about. Fortunately for them it was pretty benign stuff.
Then I started to think of the possibilities of what could have happened and decided to write to them regarding their security practices.
See attached. I was surprised they just sent me a misspelled apology and are sending me a new unit. Totally dismissing my attempt to point out to them the underlying problem here.
I’m going to do a threat assessment of the linux kernel in this unit when I get a chance. These cheap DVR boxes with Dynamic DNS and internet reachability are a whole new potential platform for a hacker. A modern day Trojan horse even.
Take the following scenario for a moment:
1. I buy one of these units (or 100 each from a different internet vendor)
2. Change the linux kernel to add a few tools and backdoor username/passwords and maybe even a phone home daemon. Phone home would need to be a secure tunnel and internet proxy aware. So spoof the proxy on port 80 with ssl traffic embedded. Also use tools like Wireshark/tshark, or one of my all-time favorites:
3. Return it to the vendor for a full refund.
4. In turn they sell the units to John Q Public or better yet a customer with other units already on premise just waiting to be exploited.
5. It gets installed and finds a routed path to the internet and updates its DNS record location dynamically.
6. Meanwhile back at the black hats cave: We see the DNS entries for these devices show up and / or our phone home packets arrived at home. The latter is riskier because it gives a deterministic home location, for that we run our APP in the cloud to obfuscate our location.
7. Login and start monitoring, gather content and exploit the target. Granted step 7 here is dependent on something good happening. I would beg to guess every video surveillance installation at one point in time or another captures illicit/illegal activity or some sort of blackmail material content.
8. The black hat could now also secure shell into the DVR over the phone home tunnel and use it as a spring board to then perform vulnerability scans internal to the video network thus finding other DVRs, IP cameras, and other trusted behind the firewall type devices. Once accessed install similar tool sets, rinse and repeat for all reachable devices.
9. Lastly a coordinated attack. You locate physical assets to steal. At a coordinated time perform a denial of service internal to their network and take out the security infrastructure. Use tools like NetCat or simple packet capture replays with tshark to confuse the lan devices and potentially crash them if not just deafen their abilities to report. ARP storms are great for this. Actually once an inventory of devise is determined fingerprint scan each and look for known vulnerabilities for those devie’s kernels. Move in and out all the while the systems are incapacitated. Ideally you want to have the devices perform self remediation on their own, avoid forcing a hang condition and do not require reboots for remediation to hide the existence that anything happened adding to the confusion of what happened and how.
Not far fetched to believe. And all from a simple buy and return to the store type activity.
"Bob, you got me thinking. All these items are made in China, right? Isn't itpossible likely that secret code has already been planted in them for future use?"
On another subject:
Do you recall a police movie (maybe Beverly hill cop) where the cop submits into evidence a large permanent magnet and it takes out the surv. video evidence. Well take that same concept to data tape backups.
I recently toured an Iron Mountain Magnet tape vault and observed them picking and putting tapes in and out for customers. Much to my dismay not all customers co-locate their tapes next to their own. Many of the tapes are slotted into the next available slot intermingling them with other customer’s tapes.
They don’t even screen the boxes coming in and out for high levels of magnetic flux. So a passive magnet weighing similar to the tape that gets checked in and out over a long period of time could potentially be creating small magnet grenades to the data nearby. To be a bit more sexy make that an active magnetic device with a motion trigger. Wait for no movement with a 3d accelerometer also sense that it is not lying flat in the original box but upright as if it is in the library. I mocked up this accelerometer algorithm in a two chip device using a basic stamp.
Allow it to ‘Wake up’ and generate as large of an oscillating magnetic flux as possible and expend the batteries. If movement is sensed have it go dormant again. Cycle these rogue tapes in and out rapidly over time. To target an attack request your own tape vault location and try to steer it near your competitors location or just carpet bomb the library with multiple devices over time. Not as affective but very destructive in nature. Evil isn’t it.
Not that I would never ever do such a thing or advocate or assist anyone in this behavior. But, I can think of it and other ways to thwart simple best practices.
Just like when I was in college and I came up with the idea to use an IR laser to take out a security camera by shifting its AGC and blacking out the picture. Later in life I saw this applied in a movie. I was like HEY I thought of that a long time ago. The cameras I bought for my place have the Sony chip in them that knows how to black out bright objects selectively within the ccd field of view. Thus obsoleting this vulnerability a bit.
Well thank for your time. My mind wandered with possibilities when I realized I have that other customers video content handed to me.
Have a great day."
As you can see, "Bob" is smarter and more clever than I am. That's why I love hanging out with the "Bob's" of the world. Now I know what "Bob" knows... and now, so do you. ~Kevin
Are you thinking, "Gee, I wish I knew who this "Bob" guy was. I have a security consulting project for him. Does he do freelance work?"
I don't know. You'll have to ask him. His name is Bob Blair and he is an engineer in Massachusetts.
"For about a year now I’ve been building this new office/shop/garage at my place. Being the engineer I am at heart I prewired it for video surveillance and alarm.
I found an online reseller with good prices and I purchased all the alarm components from them. www.homesecuritystore.com I installed each switch or sensor as a separate zone so later I can use this system as a whole house monitoring platform.
I decided it is time to add the video. They had good prices and I bought close to $2000 worth of quality cameras and a 16 Channel DVR.
Last weekend I started to bench test it and get familiar before I commit the installation. I noticed the box was repackaged.
Then I noticed it is still full of video. It was installed at a restaurant and then returned. Not sure if the restaurant did it themselves or they had a security professional help. In any case they gave me their weeks’ worth of video. Moreover Homesecuritystore.com didn’t verify the contents and in turn sold it to me.
I was hoping to find some incriminating footage or something to brag about. Fortunately for them it was pretty benign stuff.
Then I started to think of the possibilities of what could have happened and decided to write to them regarding their security practices.
See attached. I was surprised they just sent me a misspelled apology and are sending me a new unit. Totally dismissing my attempt to point out to them the underlying problem here.
I’m going to do a threat assessment of the linux kernel in this unit when I get a chance. These cheap DVR boxes with Dynamic DNS and internet reachability are a whole new potential platform for a hacker. A modern day Trojan horse even.
Take the following scenario for a moment:
1. I buy one of these units (or 100 each from a different internet vendor)
2. Change the linux kernel to add a few tools and backdoor username/passwords and maybe even a phone home daemon. Phone home would need to be a secure tunnel and internet proxy aware. So spoof the proxy on port 80 with ssl traffic embedded. Also use tools like Wireshark/tshark, or one of my all-time favorites:
3. Return it to the vendor for a full refund.
4. In turn they sell the units to John Q Public or better yet a customer with other units already on premise just waiting to be exploited.
5. It gets installed and finds a routed path to the internet and updates its DNS record location dynamically.
6. Meanwhile back at the black hats cave: We see the DNS entries for these devices show up and / or our phone home packets arrived at home. The latter is riskier because it gives a deterministic home location, for that we run our APP in the cloud to obfuscate our location.
7. Login and start monitoring, gather content and exploit the target. Granted step 7 here is dependent on something good happening. I would beg to guess every video surveillance installation at one point in time or another captures illicit/illegal activity or some sort of blackmail material content.
8. The black hat could now also secure shell into the DVR over the phone home tunnel and use it as a spring board to then perform vulnerability scans internal to the video network thus finding other DVRs, IP cameras, and other trusted behind the firewall type devices. Once accessed install similar tool sets, rinse and repeat for all reachable devices.
9. Lastly a coordinated attack. You locate physical assets to steal. At a coordinated time perform a denial of service internal to their network and take out the security infrastructure. Use tools like NetCat or simple packet capture replays with tshark to confuse the lan devices and potentially crash them if not just deafen their abilities to report. ARP storms are great for this. Actually once an inventory of devise is determined fingerprint scan each and look for known vulnerabilities for those devie’s kernels. Move in and out all the while the systems are incapacitated. Ideally you want to have the devices perform self remediation on their own, avoid forcing a hang condition and do not require reboots for remediation to hide the existence that anything happened adding to the confusion of what happened and how.
Not far fetched to believe. And all from a simple buy and return to the store type activity.
"Bob, you got me thinking. All these items are made in China, right? Isn't it
On another subject:
Do you recall a police movie (maybe Beverly hill cop) where the cop submits into evidence a large permanent magnet and it takes out the surv. video evidence. Well take that same concept to data tape backups.
I recently toured an Iron Mountain Magnet tape vault and observed them picking and putting tapes in and out for customers. Much to my dismay not all customers co-locate their tapes next to their own. Many of the tapes are slotted into the next available slot intermingling them with other customer’s tapes.
They don’t even screen the boxes coming in and out for high levels of magnetic flux. So a passive magnet weighing similar to the tape that gets checked in and out over a long period of time could potentially be creating small magnet grenades to the data nearby. To be a bit more sexy make that an active magnetic device with a motion trigger. Wait for no movement with a 3d accelerometer also sense that it is not lying flat in the original box but upright as if it is in the library. I mocked up this accelerometer algorithm in a two chip device using a basic stamp.
Allow it to ‘Wake up’ and generate as large of an oscillating magnetic flux as possible and expend the batteries. If movement is sensed have it go dormant again. Cycle these rogue tapes in and out rapidly over time. To target an attack request your own tape vault location and try to steer it near your competitors location or just carpet bomb the library with multiple devices over time. Not as affective but very destructive in nature. Evil isn’t it.
Not that I would never ever do such a thing or advocate or assist anyone in this behavior. But, I can think of it and other ways to thwart simple best practices.
Just like when I was in college and I came up with the idea to use an IR laser to take out a security camera by shifting its AGC and blacking out the picture. Later in life I saw this applied in a movie. I was like HEY I thought of that a long time ago. The cameras I bought for my place have the Sony chip in them that knows how to black out bright objects selectively within the ccd field of view. Thus obsoleting this vulnerability a bit.
Well thank for your time. My mind wandered with possibilities when I realized I have that other customers video content handed to me.
Have a great day."
Are you thinking, "Gee, I wish I knew who this "Bob" guy was. I have a security consulting project for him. Does he do freelance work?"
I don't know. You'll have to ask him. His name is Bob Blair and he is an engineer in Massachusetts.
Saturday, May 21, 2011
China is listening, and wants to listen in more places.
Wikileaks documents revealed that China had approached the newly independent East Timor in 2007, and offered large amounts of foreign aid, and other considerations (bribes), for permission to build a radar and electronic eavesdropping base there... China is listening, and wants to listen in more places. (more)
Sound familiar?
q.v. - Zimbabwe
SpyCam Apps and Gadgets - The Evaporation of Privacy
The smartphone spycam app market is booming. Recording gadgets are being built into everything (see previous story). You can no longer count on someone looking obvious while taking photos, recording movies or just recording sound.
Tip: Be like the CIA. If you care about your privacy and/or the confidentiality of your surroundings, don't allow any type of foreign electronics into the area.
Tip: Be like the CIA. If you care about your privacy and/or the confidentiality of your surroundings, don't allow any type of foreign electronics into the area.
An android app from one seller's web page...
The silent spy camera. Take pictures quickly and silently with a mini preview display overlay for ultimate discretion. Have you ever wanted to take a picture but didn't want to use the noisy and conspicuous built-in Android camera app? Taking a picture of a questionable practice at work, a restaurant worker mishandling food, a camera-shy family member, or maybe your secret crush?
Secret Spy Cam is for you!
- 3 discreet preview sizes
- Runs as an overlay over any other app
- Single-tap picture taking
- Single-tap quick app exit
- No shutter sound while still allowing your phone to ring for incoming calls
- User manual available from the app's menu (more)
Examples of video from a high definition spycam sunglasses, key fobs, etc. (video) (video) (video)
Secret Spy Cam is for you!
- 3 discreet preview sizes
- Runs as an overlay over any other app
- Single-tap picture taking
- Single-tap quick app exit
- No shutter sound while still allowing your phone to ring for incoming calls
- User manual available from the app's menu (more)
Examples of video from a high definition spycam sunglasses, key fobs, etc. (video) (video) (video)
Labels:
amateur,
App,
cell phone,
eavesdropping,
product,
spybot,
spycam,
spyware,
Tips
SpyCam Story #610 - Starbuck's Naked Shot
Police said Friday they are still looking for dozens of victims recorded by a hidden camera found in a women's restroom at a Glendora Starbucks.
William Zafra Velasco, 25, allegedly used a plastic coat hanger spycam to record at least 45 women, said Glendora Police Chief Rob Castro. Some of those victims were juveniles, said Castro.
The device has a tiny camera hole atop the hanger, with two holes for audio and a USB hookup in the back. It is similar to the spycam seen here. (more)
Friday, May 20, 2011
Book—Compilation of State and Federal Privacy Laws—Now available in different formats.
The information in the Compilation of State and Federal Privacy Laws is now available in different formats.
This book cites and describes more than 600 state and federal laws affecting the confidentiality of personal information and electronic surveillance.
The laws are listed by state, grouped in categories like medical, credit, financial, security breaches, tracking technologies, employment, government, school records, Social Security numbers, marketing, telephone privacy and many more. Canadian laws too. (more) (Privacy Journal web site)
Android Malware Jumps 400 Percent as All Mobile Threats Rise
Mobile security is the new malware battlefield as attackers take advantage of users who don’t think their smartphones can get compromised.
Cyber-attackers are gunning for Google’s Android as they take advantage of a user base that is “unaware, disinterested or uneducated” in mobile security, according to a recent research report.
Malware developers are increasingly focusing on mobile devices, and Android malware has surged 400 percent since summer 2010, according to the Malicious Mobile Threats Report 2010/2011 released May 11. The increase in malware is a result of users not being concerned about security, large number of downloads from unknown sources and the lack of mobile security software, according to the Juniper Networks Global Threat Center, which compiled the report. (more)
Thursday, May 19, 2011
A Day at The International Spy Museum
If you have never been there, you "need to know" this... This is not some cheesy tourist trap one might find in Orlando. It is a quality museum in the finest sense of the word. The exhibits are first class, very educational, imaginative and entertaining—hard to do all in one shot, but they do it.
Visiting Washington, DC is always a compromise. There are so many great things to see and do. Do as many as you can, but save room for dessert. Visit the Spy Museum. It is history at its most relevant.
The newest exhibit – Cyber War – actually leaves people (me included) with a feeling of terror in the pit of the stomach. Yes, it is that well done. No, you won't like the feeling. I won't spoil it for you, but... think about what would happen if electricity were no longer available. All it might take are a few keystrokes.
"Aurora Experiment. In the Spy Museum’s new gallery dedicated to Cyber War, Weapons of Mass Disruption, video of an experiment conducted for the Department of Homeland Security depicts a simulated cyber attack on a generator control station. The simulation led to the generator’s destruction, demonstrating the all-too-real infrastructure vulnerabilities of the U.S power grid. On loan from four of the lead engineers who created and carried out the Aurora experiment, the Museum is pleased to display parts of the disabled generator."
As I was saying, they make espionage relevant. (more)
Subscribe to:
Posts (Atom)