Thursday, October 6, 2011

Too Much Hacking - Based on Too Few Discoveries

The chairman of the House intelligence committee on Tuesday launched a broadside against the Chinese government and its efforts to steal commercial data and other intellectual property online, saying that Beijing's cyber-espionage campaign has “reached an intolerable level” and that the United States and its allies have an “obligation to confront Beijing and demand that they put a stop to this piracy.” Rep. Mike Rogers (R-Mich.) noted that it might seem odd that a lawmaker charged with overseeing the U.S. intelligence community should lament spying by another government. But he said that China's espionage activities now extend beyond the U.S. government and military to include scores of private American companies. (more

Unfortunately, it's never this obvious.
Out of the last 50 forensic investigations that information security company Mandiant has conducted, 48 of the businesses involved didn't know they'd been breached until informed by law enforcement agencies, Mandiant CEO Kevin Mandia told the House Intelligence Committee on Tuesday. (more)

Wednesday, October 5, 2011

We'll miss you Steve

Steve Jobs, the visionary in the black turtleneck who co-founded Apple in a Silicon Valley garage, built it into the world's leading tech company and led a mobile-computing revolution with wildly popular devices such as the iPhone, died Wednesday. He was 56. (more)

"Steve Jobs has been called the Edison of our time." Derek Thompson, Senior Editor - The Atlantic (August 25, 2011)

Autumn in New York city, when the spies bloom...

Even before President Mahmoud Ahmadinejad finished his incendiary rant (last year), U.S. diplomats marched out of the cavernous U.N. hall in protest and were ready with a written statement condemning his comments.

It was as if the U.S. knew exactly what Ahmadinejad intended to say.

The walkout hinted at one of the well-known but seldom spoken truths about the United Nations: The international organization, which was founded in the name of peace and security, is also a hotbed of spying and clandestine operations, where someone might very well be listening to your conversations and monitoring your emails — or perhaps reading your speeches in advance.

The start of the General Assembly each year is the Super Bowl of the U.N. spy games. (more)

Confessions of a domestic spy victim...

"Throughout my 9 year marriage my husband has spied on me using various techniques i.e. putting spyware on my iphone, hiding audio recording devices in my car, putting software on my computers to find out my passwords so that he could read my email. I need to say that I have never cheated on him, never. Every time I find out that he's spied on me we get in a huge fight which results in him promising that he'll never violate my privacy again. But what he does each time is only tell me part of the truth i.e. he says he figured out my iphone password which let him see my texts but in actuality he jailbroke my phone and purchased a spyware package to be able to track my gps, read all my texts, etc. I recently found out, yet again, about more lies and spying. He promises, yet again, to never do this again. What should/can I do? I love him and can definitely understand some of his insecurities (we both suffer from insecurity-I just don't get into his stuff) but I can't handle being lied to and violated. Plus-this type of behavior makes me think that HE'S cheating...you know (and I did also just find out that he has been secretly looking at internet porn and paying for it)? Any advice would be greatly appreciated. I posted this thread here because I DO think that he has a type of "spying addiction". Thanks." (more)

It is easy to believe that spying is an exciting and glamorous business. It is not. For every spy there is a victim, be it a business that loses money and marketplace, or a real person who is crushed by having their privacy and trust abused.

Playground Wiretapping Showdown - No Contest

PA - A Bucks County man who was facing wiretapping charges has made a plea. Nick Scott of Richland Township has pleaded no contest to intercepting communication, and was sentenced to a year of probation. He also can't have any contact with Joe Murgia, the man he was accused of recording a conversation with. Murgia is the Quakertown Public Works Manager. Scott complained to him about conditions at Panther Playground. (more)

Security Director Briefing: Inspecting Aircraft to Detect Electronic Eavesdropping Devices

More and more of our clients are asking me to inspect their corporate aircraft for eavesdropping devices. Trips to closed countries top the list of concerns for many of them.

There has also been a rise in general questions coming from other organizations. They are just beginning to realize the seriousness of this privacy vulnerability.

Their questions range from:
• "How is an inspection performed?"
• "Is scheduling and doing an inspection a difficult process?"
• "I am preparing a presentation for management and need a few more specific reasons to inspect. What do you suggest?"
to
• "We sometimes park in a semi-public hanger [or an untrusted foreign airport]. Do you have any suggestions?"

Sometimes I am out traveling and unavailable to answer questions. This prompted me to create a general briefing sheet for security directors who call me. It provides some instant answers my staff can send via email. 

If you have corporate jets or helicopters to protect, please feel free to help yourself to a copy of my briefing. No sign-in required. Just download the pdf file. When you decide to conduct your inspections, please give me a call (908-832-7900). ~Kevin


Monday, October 3, 2011

Kenya Intelligence Service Wants What Everyone Else Has

Here's a quaint notion... 

Tourist testing indigenous eavesdropping device.
Kenya - Imagine living in a country where Government operatives eavesdrop into your telephone calls at will. (Hard to imagine a country where they can't.) They listen to your intimate chat with a friend and snoop into a briefing with your boss.

Intelligence officers raid your home without a warrant, perform searches, cart away items and plant eavesdropping devices.

Scary as it may seem, this could become reality if the National Security Intelligence Service (NSIS) has its way. (more)

Movie Review - The Man Nobody Knew

William Colby was, frankly, a nerd—but a nerd with a mission. He was a lifelong spy, or, perhaps more properly, a spymaster, who rose through the ranks of the CIA to become its director and something of a martyr to the cause of not letting the right hand know what the left hand was doing. 

His son, Carl Colby, has now made a fascinating documentary that seeks to unravel the mysteries of, as his title would have it, “The Man Nobody Knew.” Good luck with that. You leave the film knowing next to nothing about the man, but with the suspicion that he was a psychopath of secrecy, a man devoted to his job, of course, but essentially friendless and utterly detached from normal human feelings. (more) (trailer)

Rowan Atkinson back as spoof spy Johnny English

Rowan Atkinson is back as bumbling spy Johnny English in the sequel to his 2003 hit... In Johnny English Reborn, "the improbable secret agent" is called back into action when his superiors learn the Chinese premier's life is in danger... Early reviews have been mixed to poor, according to critic tracker rottentomatoes.com. (more)

Hiker's Lawyer Now Barred from Leaving Iran

The defence lawyer for two Americans released by Iran after more than two years in jail on spying charges has been barred from leaving the country, a judiciary official told the ISNA news agency on Monday.

Masoud Shafie represented Josh Fattal and Shane Bauer who were arrested on the Iraqi border in 2009 where they said they were hiking. Convicted of espionage in August and sentenced to eight years in prison, they were released two weeks ago and went home after Oman paid bail of $1 million. (more)

Security Alert: HTC - Heartbreaking Technical Compromise

In news that will no doubt be of great concern to owners of HTC smartphones, a security team is claiming to have uncovered a "massive security vulnerability" in HTC Android devices that allows any application with Internet access to gain access to private data, including user accounts, email addresses, GPS location, text message data and phone numbers. 

The vulnerability is said to affect HTC smartphones running the latest version of HTC's software, including the EVO 3D, EVO 4G, Thunderbolt, and others. (more)

Sunday, October 2, 2011

Cyber Spying on Estranged Wife

PA - Jay Anthony Ciccarone, 39, was charged Monday night with unlawful use of a computer and related offenses for allegedly installing "Web Watcher," a spyware package, on the victim's computer, said Tredyffrin Township police.

Police said the investigation began a year ago when the woman, who was in the midst of divorce proceedings with Ciccarone, contacted police because he appeared to be monitoring her daily activities.

A forensic examination of the computer revealed the presence of the spying program, which "works by recording all manner of activity on the computer, including keystroke logging, capturing email and internet activity," the criminal complaint said. (more)

This Week in World Spy News

Egypt - A Jordanian telecommunications engineer, who is on trial in Egypt on charges of spying for Israel, pleaded not guilty on Sunday. (more)

Pakistan - A blindfolded man stands on explosives, trembling as he confesses to spying for the CIA in Pakistan. Armed men in black balaclavas slowly back away. Then he is blown up. One of his executioners -- members of an elite militant hit squad -- zooms a camera in on his severed head and body parts for a video later distributed in street markets as a warning. (more)

Taiwan - Allegations of spying against National Police University associate professor Wu Chang-yu are only the tip of the iceberg, members of the Falun Gong movement said on Saturday. Wu, who teaches Chinese political history, was arraigned for questioning on Thursday on charges of allegedly spying for China and passing information to Chinese officials about Chinese dissidents, pro-Tibetan activists and the Falun Gong movement in Taiwan. (more)

UK - New Home Office rules asking academic staff at British universities to keep a tab on students from India and other non-EU countries have sparked off concern that lecturers have been turned into "spies and spooks". (more)

USA - A Greenville, NY man faces two to six years in state prison when sentenced in Orange County Court next month for videotaping neighbors without their knowledge. Angelo DeMaria, 24, pled guilty Friday to 24 counts of felony second-degree unlawful surveillance. He was arrested last April after a neighbor spotted him on the roof of her garage. She called state police, who caught him with a video camera. (more)

USA - U.S. prosecutors are charging a former guard at a U.S. consulate in China with attempting to communicate national defense information to Chinese officials. Bryan Underwood has been indicted for trying to pass on photographs and other sensitive information to representatives of the Chinese government between March and August of this year. The Associated Press reports Justice Department officials say during that period Underwood was a contract guard at a consulate under construction in Guangzhou in southern China. (more)

Hezbollah has detained four of its own members on charges of spying for Israel while a fifth has fled, the London-based daily Asharq Alawsat reported last weekend. (more)

Lebanon has arrested three people suspected of spying for Israel and trespassing, the London-based al-Hayat newspaper reported Tuesday. (more)

Saturday, October 1, 2011

Police Lose GPS in Ohio

Although the US Supreme Court is expected to settle the issue of GPS tracking of motorists soon, a three-judge panel of the Ohio Court of Appeals, Fifth District ruled 2-1 earlier this month against the warrantless use of the technology. 

The majority's decision was likely designed to influence the deliberations of the higher courts. On November 8, the US Supreme Court will hear oral arguments in the GPS case US v. Jones. The Ohio Supreme Court is also considering Ohio v. Johnson in which the Twelfth District appellate court upheld warrantless spying.

The present case began on January 14, 2010, when Franklin County Sheriff's Department Corporal Richard Minerd's investigation of a burglary brought him to a white Honda Civic in an apartment complex. Minerd slapped a battery-powered GPS tracking unit under the bumper that allowed real-time tracking of the vehicle's location, speed and direction of travel. Minerd did not seek a search warrant before acting.

Nine days later, the Civic appeared at the location of a robbery, and Minerd was able to follow the car back to the home of David L. White, who was caught with the stolen property. The Fifth District considered the question of whether it is ever acceptable for government agents to attach such devices to privately owned vehicles without a warrant. (more)


Note: This case affects law enforcement use, not use by private citizens.

Friday, September 30, 2011

When Brain Sucking Smartphone Spiders Meet Badges

You may have heard about the Cellebrite cell phone extraction device (UFED) in the news lately. It gives law enforcement officials the ability to access all the information on your cell phone within a few short minutes.

When it became known that Michigan State Police had been using the tool to access cell phones during traffic stops, it raised concern with the ACLU... You'd be surprised to see just how much data today's smartphones can store -- and police can access...

What's up for grabs?

"...all of our contacts, call logs, voicemails, text messages (deleted ones too), all our notes, recent map searches, Facebook contacts, all locations (WiFi and Cellular), and current and deleted photos." (more)

Tip: You can give up your phone voluntarily, or hold out for a search warrant.