Thursday, April 12, 2012

Teen Taps Top Cops

A teenager eavesdropped on highly-sensitive police counter-terror conversations after bypassing technology from the 1980s, hackers have claimed.

The leader of an anarchist group known as Team Poison said it was "easy" to drop "a 24-hour phone bomb" on elite security officers...

Is that, at, at, at you Bryce?
In another recording officers appear to be discussing counter-terror operations while Team Poison listens in. The group - which uses the Twitter name @_TeaMp0isoN - claimed the calls were made to MI6 - but it is understood they were in fact picked up by the Metropolitan Police's counter-terrorism command.

Trick, reportedly a 17-year-old who launched Team Poison in 2010, emailed the Press Association, saying the group bypassed outdated technology to compromise a server from Malaysia to record conversations. He wrote: "Yes, it was easy :)"

Trick said: "The phone denial of service was done via a custom script for Asterisk which was installed on an overseas server. The conversation was tapped into via a private phreaking method, their phone system is old and we found a way to get in via basic but private phreaking technique." (more)

Privacy Journal 2012 Privacy Law Compilation Updated

With a surge in the final days of the 2011 session, the California legislature enacted several new privacy protections that clearly keep the state at the top of the privacy-protecting states in the U.S., according to a new survey of the states by Privacy Journal.

The monthly newsletter reports on new privacy laws enacted by states and Congress each year. The information is available in its Compilation of State and FederalPrivacy Laws, updated yearly. (more)

Two Cell Phone Eavesdropping Attacks Reported

 • Security firm Cryptography Research showed how it's possible to eavesdrop on any smartphone or tablet PC as it is being used to make a purchase, conduct online banking or access a company's virtual private network.

• Researchers at security firm McAfee, a division of chipmaker Intel, highlighted several ways to remotely hack into Apple iOS, the operating system for iPads and iPhones.

McAfee's research team remotely activated microphones on a variety of test devices and recorded conversations taking place nearby. They also showed that it's possible to steal secret keys and passwords, and pilfer sensitive data, including call histories, e-mail and text messages.

"This can be done with absolutely no indication to the device user," says Ryan Permeh, McAfee's principal security architect. (more)


Monday, April 9, 2012

IKEA Apologizes to Workers for Spying

 The management of IKEA in France, where workers have sued the company for allegedly spying on employees, admitted that activities contravening its ethical standards had taken place and pledged to put a stop to them. (more)

SpyCam Story #658 - This Week in SpyCam News

SpyCam stories have become commonplace and the techniques used, repetitive. We continue to keep lose track of the subject for statistical purposes, but won't bore you with the details. Only links to the stories will be supplied unless there is something useful to be learned.

Friday, April 6, 2012

UK - Sky News, a 24-hour news channel in the U.K., twice authorized its reporters to hack into emails of suspected criminals but said the actions were "editorially justified" and in "the public interest."

The disclosure adds to the intensified scrutinty of British reporting tactics. Sky News is a unit of British Sky Broadcasting Group PLC, which itself is 39.1%-owned by News Corp., whose U.K. newspapers have been at the center of a storm over reporting methods. (more)

Wheelchair Bug Saves Disabled Child from Cruel Teachers

Two Alabama teachers were caught cruelly taunting and abusing a 10-year-old boy who has celebral palsy after the boy’s mother attached an audio recorder to his wheelchair.

The shocking recording captures two voices chiding Jose Salinas for his ‘disgusting’ drooling and reveals he was left alone with no instruction for long periods of time...

Determined to be sure of what was happening herself she attached a bugging device to Jose’s wheelchair and left it recording over three days. The recording revealed that her son was being cruelly taunted about his disability and ignored for the majority of the day with no-one giving him instruction.

She played the tapes to the school board and the teachers were placed on administrative leave... But within days the teachers were returned to their positions so Salinas and other parents took their children out of the school in protest.

Feeling that ‘nobody was listening’ Salinas took the recordings to her local newspaper and the teachers were placed on leave once again. (more) (audio)

The Woman Who Bugged Her Ex-Boyfriend's Car - Case Closed

WI - Charges are settled for a local woman accused of bugging her ex-boyfriend's car so she could keep tabs on him. 

Jamie Mesang was accused of duct-taping a digital tape recorder underneath a car seat that belonged to her ex. Police say he became suspicious when Mesang started sending text-messages to him about his whereabouts. Eventually he searched his car and found the device, which was recording at that time. 

On Wednesday, Mesang entered a guilty plea. She also admitted she posted a female rival's picture and contact information on a website which led to that woman getting calls from men seeking sexual relationships. But prosecutors agreed to recommend dismissal of the felonies in one year if Mesang stays out of trouble during that time. (more)

Gordon Ramsay's Phone Calls Believed Bugged Not Hacked

UK - Gordon Ramsay was plunged into a sex tape nightmare last night. Self-proclaimed “professional mistress” Sarah Symonds says detectives probing phone hacking found “very sensitive tapes” of her with the TV cook.

The blonde, who claims she had a seven-year fling with Gordon Ramsay, believes an audio sex tape was among a stash of evidence seized by officers probing investigators for the defunct News Of The World.

Sarah, 41, feared the tape was the result of “bugging’” rather than hacking – which has led to scores of celebrities pocketing damages from the tabloid’s publishers News Corp. (more)

Thursday, April 5, 2012

Espionage Outrage Reaches the Boiling Point ...and a solution.

...called the continuing, rampant cybertheft “the greatest transfer of wealth in history.” (bio)
---
Shawn Henry, (FBI) 
...current public and private approach to fending off hackers is "unsustainable.'' Computer criminals are simply too talented and defensive measures too weak to stop them, he said. (bio)
---
Richard A. Clark, (presidential advisor) 
"Yet the same Congress that has heard all of this disturbing testimony is mired in disagreements about a proposed cybersecurity bill that does little to address the problem of Chinese cyberespionage." (bio)
---

Letter to the Editor - The New York Times

Dear Editor,

Richard A. Clarke’s op-ed piece, “How China Steals Our Secrets,” (4/2/12) states the current business espionage problem perfectly, but we need a solution. Consider this...

The Chinese secrets of: silk and tea production; making porcelain, gunpowder and paper, could not survive Western espionage attacks – not even when protected with death penalties. Espionage killed their economy, and the damage lasted for centuries. Obviously, competitive advantages are also National Interest Assets.

The one-sided, punish-the-spy security model, still being used today, never worked. We need to make it two-sided. There must be a proactive legal responsibility to protect.

The solution... Corporate caretakers must be held accountable for protecting their valuables; our national treasures. We need a law creating business counterespionage security standards, with penalties for inadequate protection. We already
successfully employ the same concept with medical and financial record privacy.

Kevin D. Murray
Spybusters, LLC
---

A cybersecurity law alone will not stop spying. 
If implemented, it will force an increase in traditional spy techniques, such as: bugging, wiretapping, physical intrusions and social engineering. (Remember, computer data is available elsewhere long before it is computerized.) 

Protecting our competitive advantages requires a holistic approach; a National Interest Assets law which would also...

• Protect the entire intellectual property timeline, from brainstorming and initial discussions, to the final product or business strategy. 

• Impose a responsibility of due care upon the creators and holders competitive advantage information.

• Specify compliance requirements aimed at countering traditional business espionage practices. Technical Surveillance Countermeasures Inspections (TSCM / bug sweeps), information-security audits, and information-security compliance procedures; safeguards which can be easily mandated and monitored.

This is a no-brainer, Congress.

The cost of keeping National Interest Assets safe is infinitesimal compared to current losses (not to mention the long-term effects). Just ask the Chinese.
~Kevin

Ambassador to Russsia Thinks Cell Phone is Monitored (well, duh)

The Obama administration has complained to Russia about harassment of its outspoken ambassador in Moscow, who has confronted television news crews and taken to social media to raise suspicions that his cell phone and email were being hacked.

Michael McFaul, who has been a frequent target of criticism by state media, seemed to have relished the attention, at least at first. And he may have become a bigger target by taking to Twitter to muse about the alleged surveillance, admitting to learning on the job, correcting his "bad Russian" and engaging in exchanges with a person whose Twitter account was "prostitutkamila."

"There's been a number of incidents since his arrival there that have caused us to have some concerns about his security and safety," State Department spokesman Mark Toner said Friday. "So as we would in following normal protocol, we've raised that with the government of Russia." (more)

Pop Quiz: Should government ambassadors be Tweeting?

Mission Creeps - Cop Tickets via Safety CCTV

Australia - A parking inspector ... has been using a network of security cameras to book drivers. The council says more than 150 tickets were issued in just over a fortnight using the CitySafe CCTV system... But Ipswich Mayor Paul Pisasale says as soon as he heard it was happening he acted. He has decided to not only waive the fines but send a letter of apology as well. (more)

Monday, April 2, 2012

Phones & Polls - Time for the Mexican Tap Dance

The frequency in Mexico of wiretapping politicians' telephones and leaking what's said would make even a British tabloid editor envious. The compressed, three-month presidential campaign leading to July 1 doesn't kick off till Friday, yet already a wiretap scandal is unfolding.

Political commentator Raymundo Riva Palacio calls the drumbeat of leaked wiretaps a "perverse factor in Mexican politics."

In the latest case, the ruling party's candidate, allegedly speaking to an aide on the phone, mocks two top functionaries in her party, among them President Felipe Calderon's highly influential security chief, for her suspicion that they listen in on calls.

In this instance, as in nearly every case of apparent illegal eavesdropping, politicians have greeted the leak with condemnations and demands for a criminal probe. But no successful prosecutions for illegal wiretapping have occurred in recent years. (more)

...thus giving new meaning to 'a back door friend'.

According to Richard Clarke—who warned everyone about a 'spectacular' Al Qaeda attack before 9/11—all electronics made in China could contain back doors that would allow Chinese hackers to spy and attack anyone they want.

He claims that these traps may be hidden in every device, from your iPhone and Android phones to every iPad, laptop and computer. Even your TVs or anything else made in China. His claims sound may sound preposterous, but he claims the evidence is strong:

I'm about to say something that people think is an exaggeration, but I think the evidence is pretty strong. Every major company in the United States has already been penetrated by China. 

Clarke also believes that Chinese hackers have sneaked into the mainframes of companies like Microsoft, Cisco or Boeing, stealing their research and development secrets. He claims that Chinese companies are using these secrets to leapfrog over their Western competition. This claim is not that crazy: only two years ago Google experienced and denounced such an attack. (more) (sing-a-long)

Email Bugging Scandal in New Zealand

New Zealand - Online security has been tightened at ACC after some claimants bugged emails to see what case managers were doing.

Bronwyn Pullar, the woman at the centre of the ACC security scandal, has revealed she used email tracking software to get updates of activity with her file - a detail already revealed by Michelle Boag to ACC minister Judith Collins. (more)