"How I lost three fingers making a cupcake bomb in the kitchen of my mom."

British intelligence agents have hacked into the online magazine of the Yemeni branch of Al Qaeda and sabotaged an article on bomb making, a government official said Friday. 

The English-language magazine Inspire had published an article last year titled “Make a Bomb in the Kitchen of Your Mom.” The agents, reportedly working for Britain’s eavesdropping agency, replaced the instructions with a recipe for cupcakes. (more) (cupcake cannon video)

The Future of Warrantless GPS Tracking in Doubt

DE - A criminal case making its way to the Delaware Supreme Court could help define personal privacy and set limits on how far police can go when using electronic surveillance in Delaware and perhaps across the United States.

The American Civil Liberties Union this week filed a brief in Delaware v. Michael D. Holden, urging the state justices to uphold a lower court ruling that essentially bars police from using Global Positioning Systems (GPS) to track people without a court-approved warrant.

Holden, 28 of Newark, was suspected of being a drug dealer and was electronically tracked for more than 20 days by police without a warrant, ending with his arrest after police discovered 10 pounds of marijuana in his vehicle after he visited a suspected drug distribution house. The judge in the case tossed out the drug evidence, ruling that the lengthy warrantless tracking of Holden amounted to an illegal search.

In its brief, the ACLU notes the U.S. Supreme Court has not yet ruled on this issue and legal experts agreed the state case could be part of a growing national debate over the reach of technology versus the boundaries of privacy.

The case will likely turn on the concept of the "reasonable expectation of privacy," said defense attorney and former prosecutor Peter N. Letang. (more)

What Will Anna Chapman Do Next?

Move over, TechCrunch and watch your back, Wired. The voracious self-promotion empire that is Russian spy babe Anna Chapman now claims another conquest. Russia’s sweetheart and America’s favorite deportee is taking over the reins as editor for a small venture capital newspaper.

Yes, hard as it may be to believe, a Putin ally from the intelligences services has found success in Russian business, politics and, now, media. Chapman will take over as editor of the Russian-language Venture Business News, a publication covering the world of venture capital. We’ll also be treated to Anna’s musings on matters economic in a weekly column, Field News. (more)

Anna's interesting time-line, July 2010 until now...

• U.S. sleeper spy who never awoke, was arrested and deported.

• Posed in lingerie for photo shoot.

• Attended a Russian space launch.

• Had a sing-along with Prime Minister Vladimir Putin.

• Nicknamed Agent "90-60-90" by the Russian press, referring to her alleged measurements.

• Attended a political youth rally.

• Attended a meeting of the commission on economic modernization and technological development of the Russian economy.

• Launched a weekly television show called "Mysteries of the World with Anna Chapman."

• Trademarked her name to pimp eight lines of merchandise, including vodka, clothing and watches.

• Assist the Russian space agency in designing a stylish new uniform for its personnel.

• Will run for Parliament in her native Russia. (No word on how this is working out.)

• And now, editor of a newspaper.

So, what have you done since last July?

Slacker Sack becomes Instant Private Meeting

All of us feel the need to make like an ostrich and hide from the world around us now and then. Could this be the answer? Lying somewhere between a travel cushion and a soft bag to put over your head, the OSTRICH is a design concept that aims to provide a portable retreat from any waking daytime environment where the stresses and strains of the day can melt away. (more) (more) 

Not being one to let a bad concept lay an egg, the scientists at the Spybusters Countermeasures Compound put their heads together and created the electronic surveillance resistant Instant Private Meeting.

Corporate Spying: The Next Growth Industry

via economywatch.com...

The corporate spying business is booming. The largest companies around the world are all involved in “competitive intelligence gathering” by highly trained professionals according to PricewaterhouseCoopers.

"Corporations have people trained to obtain raw data from a wide range of sources* and apply traditional intelligence analysis techniques to produce usable information," PwC dispute analysis and investigations director Richard Batten said. (more)

* electronic surveillance, dumspter diving, social engineering, decaying perimeter security measures, lack of (or ignored) information security policies, etc. — All are things a good counterespionage consulting specialist will address for you.

It's One Thing If You Lose Your Wallet...

It's another thing if Google loses it... 

"Your phone will be your wallet." That's what Google's promising with Google Wallet and Google Offers, which'll combine payments and deals in one neat package. And it's a pretty compelling little vision of the future of paying for stuff.

Google Wallet isn't really one thing, so much as a bundle things tied together in one package. It's an Android app. It's a way for you to pay for things with your credit or debit cards, using your phone. It's a coupon collector and loyalty card system. It's another way for merchants to let you pay and offer up deals. It hooks into other Google services, like Shopper (which shows you nearby deals) and Google Offers. And Google is planning for it to eventually store everything you'd keep in a wallet. (more)


It's the future. 
No escaping it. 
Déjà vu time. 
"With new conveniences comes new security vulnerabilities."

Two CyberWar Hacking Stories. Just Coincidence? You decide.

China has admitted for the first time that it had poured massive investment into the formation of a 30-strong commando unit of cyberwarriors - a team supposedly trained to protect the People's Liberation Army from outside assault on its networks.

While the unit, known as the "Blue Army", is nominally defensive, the revelation is likely to confirm the worst fears of governments across the globe who already suspect that their systems and secrets may come under regular and co-ordinated Chinese cyberattack.

In a chilling reminder of China's potential cyberwarfare capabilities, a former PLA general told The Times that the unit had been drawn from an exceptionally deep talent pool. "It is just like ping-pong. We have more people playing it, so we are very good at it," he said. (more)

Lockheed Martin Cyber Attack: Routine, a Warning or a Possible Act of War?

Last Thursday, Reuters ran a story that the US defense firm Lockheed Martin was experiencing a major disruption to its computer systems because of cyber attack.

The Reuters story said that the attack began the weekend before and indicated that it involved the company's SecurID tokens which allow Lockheed's 126,000 employees "... to access Lockheed's internal network from outside its firewall."

As a result of the attack, Lockheed reset all of its employees' passwords.

Thought Wall Stickers:
• "You have no idea how many people are freaked out right now [about the SecurID breach] ... TASC is no longer treating the RSA device as if it were as secure as it was beforehand."

• As one military official in the WSJ article stated it: "If you shut down our power grid, maybe we will put a missile down one of your smokestacks."

A while back, I visited the new Cyber-war exhibit at the Spy Museum in DC. It was about just this sort of thing, and the consequences of remotely destroying electrical generators using code. The outcome is very scary. Glad to see folks waking up and smelling the coffee.

The hackers have done us a favor, this time. ~Kevin

Aerial Espionage is No Longer an Obvious Piper Cub Buzzing Your Plant

Pix4uav provides hands free solutions for UAV imagery. The processing includes the automatic external and internal orientation of the input images, the computation of an orthographic image, its robust geo-referencing and the creation of digital surface models.

This functionality is provided by a fast cloud service, a private server solution that can be placed in your office as well as a light version that can run on your laptop with basic functionality. (more)

In other words... 

Aerial surveillance is now being accomplished in 3D, using stealth model aircraft with a semi-silent electric motor, by a guy working out of the trunk of his car, a mile away. If intelligence can be gleaned about your company, manufacturing processes, work force size, stockpiles, and interior open spaces... you need to think about some countermeasures. Contact a professional counterespionage specialist for assistance.

CONTEST: The Tunny Machine Missing Diagrams Question

(WE HAVE A WINNER. DF from Canada.)

UK - The National Museum of Computing has finished restoring a Tunny machine - a key part of Allied code-cracking during World War II.

Tunny machines helped to unscramble Allied interceptions of the encrypted orders Hitler sent to his generals.

The rebuild was completed even though almost no circuit diagrams or parts of the original machines survived...

The first Tunny machine was built in 1942 by mathematician Bill Tutte. He drew up plans for it after analysing intercepted encrypted radio signals Hitler was sending to the Nazi high command. (more)

CONTEST: What happened to the original circuit diagrams?

PRIZE: First correct answer wins an autographed copy of "Is My Cell Phone Bugged? Everything you need to know to keep your mobile communications private."

CONTEST Alert

Another Security Scrapbook Contest is coming. 
(Hey, it has been a while.)

Here, Tuesday, May 31 at 12:01 PM, New York City time.

The first correct answer wins.

(This pre-contest announcement is made to give everyone who is interested 24-hours notice to get to the starting line at the same time.)

Hold on to Your Wallet - Here Comes Google

"Your phone will be your wallet." That's what Google's promising with Google Wallet and Google Offers, which'll combine payments and deals in one neat package. And it's a pretty compelling little vision of the future of paying for stuff. (What could possibly go wrong?)

Google Wallet isn't really one thing, so much as a bundle things tied together in one package. It's an Android app. It's a way for you to pay for things with your credit or debit cards, using your phone. It's a coupon collector and loyalty card system. It's another way for merchants to let you pay and offer up deals. It hooks into other Google services, like Shopper (which shows you nearby deals) and Google Offers. And Google is planning for it to eventually store everything you'd keep in a wallet.

The core payment technology uses wireless NFC and more specifically, MasterCard's PayPass system, so you'll be able to use it anywhere that's hooked up with PayPass, which is at a lot of retailers already. (more)

FutureWatch: Your phone becomes your electronic ID and Passport. 

Hey, why are we still calling this do-it-all device a phone, anyway? 


Probably the same reason we still say "dialing the phone" when the dial is long gone, and "the phone is ringing" when a Lady Gaga singtone is belting out the request to connect.

On the plus side, "Hello, Central!" finally exited the lexicon, and "It's your nickle" rates made a come back.

Man Hacks 100+ Webcams and Makes Blackmail Videos

Many computers sold these days come with web cameras built right in. You may never use it, but hackers can spy on you and record things going on inside your home and even use it to blackmail you.

Watch Brian Mylar's Report 

The FBI recently arrested Luis Mijangos for hacking into more than 100 homes by turning on the webcams in their home computers. "In some cases, he was able to turn on the web cameras that were on people's computers and, just by dumb luck, happen to catch them walking naked across the room," said an unidentified spokesman for the FBI.

 

Then, in a "sextortion" plot, Mijangos emailed those people and threatened to release the video unless they made more sexual videos. He also posed as the victims' boyfriend, asking women to send sexually explicit photos and videos and he told the FBI he's part of a big hacking group. (more)

Tip: Cover the camera when not in use.

And on his farm he had a cow, E-I-E-I-O With a "moo-moo" here and a... You're under arrest!

Iowa is on the verge of becoming the first state to criminalize recording sights and sounds at farms without permission from owners.

The hot-button issue surfaced in the waning days of the legislative session and pits environment and animal rights groups against farmers and agribusiness.

On one side are activists who surreptitiously record how animals are raised or slaughtered. On the other, owners who don't want what they see as interference.

The activists maintain their actions are protected under the First Amendment. Farmers counter the acts represent an invasion of privacy intentionally designed to damage their industry. (more)

Yipes Skypes! VoIP Phone Encryption - Busted.

A team of researchers and linguists have found a fatal flaw in supposedly encrypted internet phone calls that allow them to eavesdrop on conversations.

University of North Carolina scientists took a novel approach to 'listening in' on voice-over-internet-protocol (VoIP) conversations by analysing the 'encrypted' data packets used to transmit people's conversations.

VOIP services such as Skype transmit speech over the internet by encoding and the encrypting the conversation into individual data packets.

According to The New Scientist, Linguists noticed the size of each packet mirrored the composition of the original speech itself - allowing them to reconstruct words and phrases from the original voice.

By splitting the packet sequences into phonemes - the smallest sounds that make up a language - linguists were able to reconstruct the data into discernible words. (more)

Just for fun... The world's best web store display!

I love great promotion. A Dutch department store has the most clever home page I have ever seen. If you don't laugh, I'll return double the money you spent for your Security Scrapbook subscription.

What does this have to do with spying?

Tip: Humor is a great diversion and ice breaker. In this case, your resistance to buying products is eroded and your loyalty to a particular store is being reinforced. Spies use the same techniques when social engineering their marks. Be sensitive to this red flag. ~Kevin