Thursday, August 18, 2011

FutureWatch Prediction Comes True - Tampa Redux

Tampa - "You are only a stranger here once." 

August 2011 - The Tampa Police Department plans to circle its downtown area with surveillance cameras prior to the 2012 Republican National Convention, but Assistant Police Chief Mark Hamlin says the locations will not be disclosed in order to keep potential troublemakers from gaining a tactical advantage. A local political activist has publicly stated he is troubled by this decision.

September 2008 - FutureWatch - Although facial recognition and tracking didn't catch on the first go-around (the Tampa, Florida experiment), it is ripe for a come-back. 5 years from now, this will be commonplace – along with automatic license plate readers and motion-intention evaluators.

August 2003 - It is with sadness we note the demise of our favorite city motto... Tampa - "You're only a stranger here once." Tampa police have scrapped their controversial security camera system that scanned city streets for criminals, citing its failure over two years to recognize anyone wanted by authorities.

History - July 2001 - The Tampa City Council took a fully-informed look at Ybor City's controversial high-tech face-scanning software. When the dust settled, the council split down the middle with a 3-3 vote on whether or not to do away with the face-scanning software.
Tampa Police Radio Room c.1920's

Wednesday, August 17, 2011

News of The World Spying - More Threads

UK - MPs have reignited the News of the World phone-hacking scandal with the publication of new documents which suggest News International was involved in a four-year cover-up.

The Guardian says Rupert Murdoch, James Murdoch and their former editor Andy Coulson "face embarrassing new allegations of dishonesty and cover-up after the publication of an explosive letter written by the News of the World's disgraced royal correspondent, Clive Goodman".

In the article by Nick Davies, who broke the original story, he says Goodman makes the following claims: "that phone hacking was 'widely discussed' at editorial meetings at the paper until Coulson himself banned further references to it; that Coulson offered to let him keep his job if he agreed not to implicate the paper in hacking when he came to court; and that his own hacking was carried out with 'the full knowledge and support' of other senior journalists, whom he named." (more)

News of The World Spying - Like Pulling a Sweater Thread

Revelations that U.K. tabloid journalists may have graduated to hacking computers in addition to mobile phones may form the next scandal facing Rupert Murdoch's News Corp., a U.K. lawmaker investigating privacy violations by the now-defunct News of the World said.

Police and parliament have mostly focused their probes on how journalists illegally accessed the voicemails of celebrities, politicians and crime victims, and who at the company knew about it. More revelations of computer hacking and other forms of spying could emerge, Tom Watson, a Labour Party lawmaker, said yesterday.

My own concerns are that this will lead to other forms of covert surveillance, and I think the next scandal will be computer hacking and we're going to be living with this for weeks and months to come,” said Mr. Watson, who is also a member of the Culture, Media and Sport Committee that is investigating phone hacking. (more)

If you are not one of our clients, you may not know these espionage secrets...  

• When you are a target, you won't be spied upon just using one method – a variety of tactics will be used. 

• The reasons electronic surveillance is investigated first is because it is a common tactic, easy to discover, and must be eliminated before one starts accusing people directly. 

• A successful counterespionage strategy will take all your vulnerabilities, and all their tactics into consideration.

The News of The World case is slowly unraveling into a textbook case of corporate espionage, thus proving the reality of it. This is the tip of the iceberg. Only failed spying becomes headlines.

FutureWatch: Bugs, wiretaps, more bribes, blackmail and sex.

Control Anything Cellular or WiFi in Your Enterprise

AirPatrol Corp. today unveiled ZoneDefense, a new mobile monitoring and policy enforcement technology that lets enterprises support the use of consumer and mobile devices on premises while also ensuring that end users are adhering to company security policies.

 ZoneDefense is a security technology that can detect any mobile device in an enterprise, track its location, check its compliance with company policy and enforce rules based on where the user is located and who is nearby. (more)

In addition to the release of ZoneDefense, AirPatrol issued a new white paper that offers guidelines on implementing wireless security policies. For a free copy, click here.

Disclosure: I use AirPatrol technology in my counterespionage inspections, but do not profit in any way by bringing their products to your attention.

"Page Eight" - Modern Intelligence Practices Scrutinized

Canada - Spies and assassins will get moviegoers' adrenaline pumping at the Toronto International Film Festival this year...

The 10-day festival opens on September 8 and will close with David Hare's "Page Eight", a contemporary spy film that casts a critical eye on modern intelligence practices. (more) (synopsis)

Monday, August 15, 2011

Eavesdropping History - NEW Nixon Bugs

One morning in early March 1971, Army counterintelligence agent Dave Mann was going through the overnight files when his eyes landed on something unexpected: a report that a routine, nighttime sweep for bugs along the Pentagon’s power-packed E-Ring had found unexplained – and unencrypted — signals emanating from offices in the Joint Chiefs of Staff.

Someone, it seemed, was eavesdropping on the top brass.


Mann was no stranger to bugs. It was a busy time for eavesdroppers and bug-finders, starting with the constant Spy vs. Spy games with Russian spies. But the Nixon years, he and everyone else would soon discover, had extended such clandestine ops into new territory: bugging not just the Democrats, but people within its own ranks. Eventually, most of the Watergate-era eavesdropping schemes were revealed to the public, including the bombshell that Nixon was bugging himself. But the bugs Dave Mann discovered in the E-Ring in March 1971 — and another batch like it — have remained buried all these years. Until now. (more)

Security Director Alert - Another Name for your Rolodex... Data Killers

Why would anyone want to shred a smartphone...twice?  

Well, if they wanted to be sure that all of their private information wouldn't fall into the wrong hands; they might shred it or burn it or both! Who would blame them when Wikileaks and identity theft stories dominate the news headlines? From corporate espionage to bored hackers, it seems someone is always after someone else's data! How does one keep private, corporate or government information from becoming public knowledge?

Recently a large federal agency that had upgraded their enterprise-wide smartphones wanted to have the old phones destroyed. The security officer responsible for the destruction of these smartphones took the smartphones to an un-knowledgeable electronics recycling company who shredded the phones. Unfortunately that company didn't have the specialized equipment to shred them small enough and the officer found several intact SIM cards in a pile of shredded residue. Luckily he found the un-shredded cards before the Inspector General found them! (more)

As you can see, not all shredding companies are created equal. Data Killers is the destruction arm of Turtle Wings, Inc., an ISO certified, woman-owned, HUBZoned company holding multiple GSA contracts. These folks claim they can get it done right the first time:
Elizabeth Wilmot, President
301-583-8399
1-877-KILLS-DATA
info@DATAKILLERS.com

Cell Phone Eavesdropping Alert - Android Trojan Snoop

A nasty Android Trojan capable of stealing text messages and eavesdropping on conversations has, like all movie monsters worth their weight, morphed into an even more dangerous opponent. The security firm CA Technologies detected a piece of Android malware that hid in corrupt apps and recorded and stored users' conversations on the targeted devices, which could then be uploaded to remote servers.

"Before answering the call, it puts the phone on silent mode to prevent the affected user from hearing it. It also hides the dial pad and sets the current screen to display the home page. During testing, after the malware answered the phone, the screen went blank," Trend Micro wrote on its blog.

TIP: The auto-answering feature only targets Android's running version 2.2, not the new version 2.3; to update your operating system, go to the "Settings" tab under "Menu." (more)

Sunday, August 14, 2011

Tap Tap Revolution - The Smartphone Spyware Version

The slight movements of your smartphone every time you tap on the touchscreen could be giving away what you are typing.

Eavesdropping on a computer user's keyboard input is called keylogging...

Keylogging is much harder to pull off on smartphones because most mobile operating systems allow only whatever app is on screen to access what you are typing, says security researcher Hao Chen of the University of California, Davis.

However, Chen and his colleague Liang Cai have got around that hurdle and created a keylogger that runs on Android smartphones. It uses the phone's motion sensors to detect vibrations from tapping the screen. Since mobile operating systems do not treat the motion-sensor output as private or in need of protection, it presents a target for hackers wanting to create an innocent-looking app that secretly monitors phone users. (more)

Can Ya Catch My Cheating Spouse? In Kenya Ya Can - Bugging cell phones is apparently legal there!?!?

Kenya - Are you suspicious your lover, spouse, children, employees or business partner could be hiding something? Relax. A solution is finally here.

All you need is a high-end wap-enabled mobile phone, which you will present as a gift to your partner, whom you want to investigate.

Charles Chepkonga, the director of IT company, Smuffet Outsourcing, says with Sh15,000, he could install a software that could help you get a copy of all SMS, call log, location of the phone and all the names saved in the phonebook.

"The phone does not need to be expensive. We have done with phones worth as low as Sh8,000," he says.

Dubbed Mobispy, the software will send information to a preset email address managed by the buyer.

"Let’s say your husband tells you he is working late within the central business district but you doubt. All you will need to do is log in to the email and trace the location of the phone. Unless he left it in the office, you can know his location because it gives a radius of 10m," said Chepkonga. The IT expert says the technology can also be used to keep track on the location of students who lie they are in libraries or by managers who suspects their employees could be sabotaging the company by giving out classified information.

"The most popular reasons for using this application are finding out if your partner is cheating on you, keeping an eye on your children or teens, protecting your old parents, and using it to ensure your employees are doing what they are expected," said Chepkonga.

He says he started offering the service two months ago and has so far done more than 20 mobile phones bought by suspecting partners.

"We have also had innumerable enquiries from many people but who would want to remain anonymous," he said.

He said the idea came up as a result of the many attempts by Kenyans to bust their cheating partners. (more)

You'll Look So Dorky Nobody Will Think You Are a Spy

Real spy gear disguised as a kid's toy - with NIGHT VISION!

The SpyNet Night Vision Mission Video Watch's secret... It looks like a children's toy, but is a whole lot more. Let's run through the features... sound recorder, video recorder, still picture cam (with time lapse) - check, check, and check. Downloadable spy missions, games, and apps. Check. And, it tells time, too! 

If you really need to go covert, there is the Snake Cam Add-On. It plugs into the watch and lets you look around corners (or hide it in your sleeve and have it peek out a button whole).

Modes:
Time Mode
Alarm Mode
Timer Mode
Stop Watch Mode
Video Recorder Mode - preview or super-spy mode (watch face just shows time)
Audio Recorder Mode - wave form preview or super-spy mode (watch face just shows time)
Still Picture Recorder Mode - still image (again, with preview or without) or time lapse mode (5 seconds, 10 seconds, 30 seconds, 1 minute, 5 minutes, 10 minutes)
Secrets Mode
Missions Mode - downloadable from SpyNet HQ
Games Mode
Spy Apps Mode
Playback Mode
Capacity: Up to 20 mins of video; over 4 hours of audio; up to 2000 pics!
Snake Cam Add-On: Allows you to record pics/video around corners or hides in a button hole for super covert missions (unable to film using night vision, however). Can also be used as a plug and play USB webcam.
Watch Includes: Watch (duh), USB connector, and instructions.
Dimensions: Watch - 2.5" x 2.25" x 1" (watch body) - 1.4" TFT display.
Snake Cam - bendy part: 20"; overall length: 38" 

Why do I mention it?

So you'll know what you're up against, or the holidays are coming.
...Keep an eye out for the snake coming over the cubicle wall.

Staying Safe Abroad - The Blog, Edward L. Lee II

In 2008, I gave all my clients a free copy of Edward L. Lee's book: Staying Safe Abroad: Traveling, Working & Living in a Post-9/11 World Yes, it was that good!

The feedback I received spanned from: "Thank you so much..." to one security director saying, "I am buying copies for all our key executives who travel."


If you travel, or know someone who does, buy the book and get FREE updates by following Staying Safe Abroad - The Blog.

"What makes Ed Lee the big expert?"
Ed Lee retired from the US State Department in April 2006, after a career as a special agent, Regional Security Officer, director of training, chief investigator of the Cyprus Missing Persons Program, director of security of the U.S. Agency for International Development and as a senior advisor in the Office of Anti-Terrorism Assistance.


Most of his work now is devoted to educating global companies and governmental entities in how to be successful and keep their people safe abroad.

His career also includes 15 years as an international security consultant; for ten years he served as the security advisor to the Inter-American Development Bank. Additionally, Ed served six years in the Marines before joining the US State Department as a special agent.

"Why the plug?"
I hear you say.
Just a film noir PI's cliche, "Dead clients don't pay."

Saturday, August 13, 2011

Privacy Journal - Keep Abreast of Privacy Issues and Laws

The Compilation of State and Federal Privacy Laws is now available in different formats. This book cites and describes more than 600 state and federal laws affecting the confidentiality of personal information and electronic surveillance. The laws are listed by state, grouped in categories like medical, credit, financial, security breaches, tracking technologies, employment, government, school records, Social Security numbers, marketing, telephone privacy and many more. Canadian laws are also included.

The Consumer's Handheld Guide to Privacy Protection, an abridged, consolidated version for use on handheld devices. Lawyers and other professionals are finding this handy for searching privacy laws while out of the office, in conferences, in court, on the street.

P.S. Would you like a free sample copy of Privacy Journal monthly newsletter? Contact: Lee Shoreham, Assistant to the Publisher, PRIVACY JOURNAL, PO Box 28577, Providence, RI  02908  Phone: 401-274-7861  Fax: 401-274-4747  orders@privacyjournal.net

Friday, August 12, 2011

Tips to Protect Your Voice Mail from Hacking

via Forbes...
While there’s been extensive coverage of the News Corp. phone hacking cases during the past few weeks, nobody has really addressed two relevant elements of the story: the legal liability (both criminal and civil) for such conduct and the underlying problem which allowed the media to gain access to confidential information: the insecurity of most voice mail systems...

Personal actions

• Do not use default passwords;
Use more than a four digit PIN, and make them random. Do not use your date of birth, year of birth, or set the digits in ascending or descending order;
Make sure your carrier requires the use of a PIN every time you access your voice mail;
Have your carrier require a special password to access information about your account;
Demand that your carrier immediately notify you of any attempt to improperly access your account via email or SMS;
Ask your carrier to block multiple invalid PIN attempts on your account, which will then requires a call to customer service to reset it;
Delete sensitive message once you retrieve them, and do not store them in the system any longer than necessary. Remember, there is no way to determine who has accessed your account or listened to your messages;
Check the settings on your system to determine if messages are being forwarded to numbers you do not recognize;
Use the most complicated password that is possible to set up, and change it frequently. (more)

USA Today - "Don't bank on your phone to evade virus"

Trojans can enter a smartphone in many devious ways. All you have to do is click on a link or attachment that contains the virus, and within seconds it can secretly seize control of the phone. That link might be a tinyurl in Twitter. The attachment could be a vCard, the standard format for sending a business card to a phone.

Or you could be accessing a website in a cafe. At Wi-Fi hotspots, fraudsters create bogus gateways, known as "evil twins", to which the latest mobile phones will automatically connect. Once a connection is established, all the information passing through the gateway can be read directly or decrypted, allowing fraudsters to harvest user names, passwords and messages.

Until now, these attacks have been rare. But experts say that's just because smartphones are still taking off. "We're walking into a minefield," said Mr Fidgen, who has been warning about the risks of mobile banking for several months, "but nobody's bloody listening". (more)