Sunday, September 30, 2012

Canada Recruits Spies - via YouTube

The Canadian Security Intelligence Service has released a series of recruitment videos onto YouTube, videos that feature testimonials from real-life spies. 

The clips were posted last week, but released without any publicity...

In the clips, each of which lasts a minute or two, CSIS intelligence officers are shown striding purposefully to urgent (but fictional) assignments, as orchestral music plays and time-lapse video speeds up street scenes. (more) (videos)

Put a GPS in a Candy Bar - Sales Skyrocket

The candy company launched the “We Will Find You” campaign in the United Kingdom where GPS tracking devices were placed inside six candy bars.  

Once the winning candy bar wrapper is opened, the tracking device will go off and Nestle officials will be able to find the exact location of the customer.

“This will alert a secret control room who will scramble a crack team of highly trained individuals,” the commercial states. “They will board a helicopter, find the special bar and give the owner 10,000 pounds ($16,145).”


The six tracking devices will be placed in Kit-Kat, Aero and Yorkie bars in the U.K. (more)

What could possibly go wrong? Hummm... The guys in the warehouse borrow the guard's metal detector and scan pallet-loads of product. 

Seriously, if they have their act together, the bars are not going through the usual distribution chain. They are being placed on the shelf at the very last minute and the camera crew is waiting in the stock room. Brilliant promotion, however.

Saturday, September 29, 2012

Business Espionage: Papal Butler's Trial Begins

The pope's once-trusted butler went on trial Saturday for allegedly stealing papal documents and passing them off to a journalist in the worst security breach of the Vatican's recent history — a case that embarrassed the Vatican and may shed some light on the discreet, internal workings of the papal household... 

Security was relaxed, with the guards at the tribunal entrance mostly concerned that none of the press or public brought in any recording devices: They even checked pens to make sure they couldn't record, and sequestered cell phones into safe boxes. (more)

Friday, September 28, 2012

Mobile malware up 2,180% - Threats to mobile devices rocket and set to rise further.

Between Q1 2011 and Q2 2012 ABI Research found that unique malware variants grew by 2,180 percent reaching 17,439. 

And these threats are set to increase significantly.

"With the increasing popularity of smartphones, mobile threats are on the rise. This has implications for security at the corporate level as well as for individual privacy," says Michela Menting, senior cyber security analyst. 


"The mobile application security market is rife with vendors offering their wares. The priority now for end-users is understanding the issue at hand and finding the right offering that best suits their needs," said Menting. (more) (SpyWarn)

Lawsuit: Failure to Proactively Prevent Spying

A coffee shop staged a failed cover-up after a lawyer planted spy cameras in its restrooms, a class of customers claim in court.

Lead plaintiff Roderick Smith says he discovered a spy camera in the restroom of a Coffee Bean and Tea Leaf in Encino last year, and that personal injury attorney Mark Daniel Wenzel planted another camera a week later.


Corporate owner International Coffee & Tea LLC failed to "proactively prevent" this spying, according to the complaint in Superior Court...

Detectives allegedly identified Wenzel as the culprit because the spy cam's own footage captured him during the installation process.

"The police sent pictures of defendant Wenzel to all the Coffee Bean shops in the area, and weeks later, in or about November of 2011, defendant Wenzel was apprehended by the police on a visit to the Coffee Bean located at the intersection of Woodley and Ventura at 16101 Ventura Boulevard in Encino, California, where another hidden recording device was also uncovered," the complaint says.


Meanwhile Coffee Bean superiors allegedly told staff to keep the incident to themselves. (more)


Dedicated spycam'ers plant multiple devices — in this case, at least three before the case was solved.

All businesses need to "proactively prevent spying" (especially optical spying). Schools, country clubs and companies dealing with the public use our services on a regular basis. Contact us.

Proactive inspections are cheap insurance. Inaction leads to lawsuits and lost customer goodwill.

U.S. Government Surveillance Stats - Up 361%, 2009-2011

U.S. law enforcement surveillance of email and other Internet communication has skyrocketed in the last two years, according to data obtained by the American Civil Liberties Union... 

Early Pen Register
The number of so-called pen register and trap-and-trace orders obtained by federal law enforcement agencies has increased 361 percent between 2009 and 2011, the ACLU said. The U.S. Department of Justice released the data to the ACLU after the civil rights group sued the agency under the Freedom of Information Act. (more)

Outrageous - Anyone else would have landed in prison.

Companies agree to stop spying, taking secret photos on rented home computers
 

The US Federal Trade Commission has reached a settlement with seven computer rental companies and a software firm over what the agency said was flagrant computer spying on customers of the rental stores.

In a statement Wednesday, the FTC said that DesignerWare LLC and seven rent-to-own computer stores agreed to cease using malware-like monitoring software to track rental PCs and from using information gathered by the spying software for debt collection purposes.

According to the FTC, the software captured screenshots of confidential and personal information, logged users' keystrokes, and in some cases took "webcam pictures of people in their homes, all without notice to, or consent from, the consumers."

The settlement stems from what an FTC complaint (PDF link) says was a years-long campaign of electronic spying by PC rent-to-own firms against customers using PC Rental Agent, a remote monitoring application made and marketed by DesignerWare that can disable or remotely wipe a rented computer, but also monitored a user’s online activity and physical location using a feature called "Detective Mode." (more) (sing-a-long)


P.S. It also presented a fake software program registration screen that tricked consumers into providing their personal contact information.

Forensically Find Fake Photos Fast - Further Discussion

As most readers of the Security Scrapbook know, I do not sell products, nor do I profit in any way from items brought to your attention. The sole purpose when mentioning a product is to inform and educate. Sometimes, my readers provide additional insights and information. This helps all of us.

The other day I posted, "Fourandsix Technologies, Inc. has introduced their first product, FourMatch, which instantly distinguishes unmodified digital camera files from those that may have been edited." Wow! Cool stuff. Gimme, gimme.


Reality Check...
While this statement is technically accurate, one reader cautions that the company's other marketing information may lead one to expectations the product can not fulfill.

Read the review by Jim Hoerricks, and the response by Kevin Connor of Fourandsix Technologies, Inc.. Their discussion is very useful and illuminating, especially if you are in need of this technology.

P.S. The answer to the last "What's wrong with this picture?" (Rolling Stones album cover) is... "Former Rolling Stones’ bassist Bill Wyman was digitally removed from the cover..."

Next up...
What's wrong with this picture?

Wednesday, September 26, 2012

(Off topic) The Jetsons Turn 50 - What Became Reality?

FutureWatch
It's hard to believe, but George Jetson, his boy Elroy, daughter Judy, Jane, his wife -- and Astro, everyone's favorite space dog -- are now 50 years old.  


The show was futuristic in its own right: When it bowed in the early 60's, it was the first color show to ever air on ABC. But it was the quirky technological advances that the Hanna Barbera show imagined human beings using -- from robot maids to flying cars -- that really formed the backdrop of the show and kept viewers interested.

In honor of The Jetsons' 50th anniversary, we decided to take a look to see how far we've come. And based on where we are so far, by 2062, the year the show is set in, we may just achieve all that the show's writers envisioned and then some. One thing that's massively important to us today and wasn't reflected that way on the show is our powerful mobile phone technology and the importance to us of how small those devices have become, as well as what they permit -- constant access to the internet (not conceived back then) and a variety of useful apps. (more)


Forensically Find Fake Photos Fast

Fourandsix Technologies, Inc. has introduced their first product, FourMatch, which instantly distinguishes unmodified digital camera files from those that may have been edited. 

Fourandsix Technologies was co-founded last year by Kevin Connor, a 15-year veteran of the Adobe Photoshop team, and Hany Farid, a pioneering scientist in image forensics. Dr. Farid’s extensive research led to the development of FourMatch software, which provides compelling evidence for the authenticity of an image, while also serving as an efficient triage step for identifying photos that may require closer scrutiny.

...Increasingly, photographic evidence has been challenged in court as being unreliable. Similarly, media companies have faced embarrassment when running news photos that later were revealed to be falsified. (more)


Really interesting... Their Photo Tampering throughout History page. 
Example...
What's wrong with this picture?

Tuesday, September 25, 2012

Open Your Mouth and You're Nailed

Slate had an interesting article about how law enforcement can identify you via VoiceGrid Nation created by a company called SpeechPro in the United States, but which operates as a “Speech Technology Center” in Russia... 

This image shows how VoiceGrid works and here’s some other info gleaned via their documentation. Voice matching technology can “automatically separate the voices within a two-person dialog and send each voice individually for matching” and is being used as “part of a comprehensive plan to best leverage existing and new audio data.” Even without considering the NSA surveillance via intercepting calls, the whitepaper gives numerous examples of passive sources for voice recognition data that has “already been collected.” These include voicemail, recordings made while speaking to commercial service providers such as banks, cell phone companies, and cable TV companies, as well as 911 calls, suspect interviews and court recordings.

The company’s technology uses three methods for voice matching and an algorithm that automatically compares “voice models against voice recording obtained from different sources such as cell phones, land lines, covert recordings and recorded investigative interviews.” When combined, there is a 90% voice match to identification accuracy within 15 seconds. However, according to VoiceGrid’s “key figures,” it only takes:

· 3 seconds is the minimum required speech pattern for analysis.

· In 5 seconds, it can search/match in 10,000 voice samples.

· 10 seconds is the average time for feature extraction.

· Executes up to 100 simultaneous searches.

· Accommodates up to 1,000 active users.

· Stores up to 2,000,000 samples.


(more)

Monday, September 24, 2012

Thus, making all other PIs reach for a Kleenex®.

Two private investigators claim David Miscavige, the leader of the Church of Scientology, paid them $12million over the course of 24 years to spy on his former rival, along with other enemies.

The top-secret program gave Paul Marrick and Greg Arnold about $500,000 a year and sent them across the world in pursuit of Pat Broeker, who was briefly head of the church before being forced out, the men say. They are now suing the church after the paychecks stopped rolling in. (more)

Spy Rock Explodes Near Nuke Site

A MONITORING device disguised as a rock has been found near an underground Iranian nuclear enrichment plant.

Western intelligence sources told The Sunday Times the device exploded when it was disturbed by Iranian troops.


They tried to move the rock, setting off its self-destruct mechanism. (more)

IT Poobahs... "iPhone now as secure as BlackBerry"

For a long time BlackBerry was the de facto choice for businesses looking for a secure mobile device.

But BlackBerry appears to be losing its security advantage over the iPhone in the eyes of IT leaders, and in doing so giving up its last remaining advantage over Apple handsets in enterprise.

Since the iPhone launched in 2007 Apple has been slowly increasing security of iOS devices: adding 256-bit, hardware-based encryption for data stored on the device, widespread VPN support and limiting access that each app has to files and hardware resources on the phone. That’s in addition to its screening of all software on the app store and centralized control provided by third party mobile device management software. (more)

An App that Zaps Crime?

via the app maker...
"If there’s one thing that scares criminals above all else, it’s a witness to their actions. And that’s exactly why IWITNESS is the perfect crime deterrent.

With IWITNESS on your smartphone:
Record. Capture audio and video of any incident.
Send. Transmit what you’ve captured to a secure server accessible to law enforcement – an action no perpetrator can reverse.
Alert. Automatically call 911. Plus, send your exact location and an instant notification to friends or family members. 


IWITNESS features:
• Audio and video recording
  (Check your local laws about audio recording. You don't want the criminal to sue you.)
• Real-time tracking of location via GPS
• Data sent to a secure off-premises server location
• Automatically dials 911
• Notifies trusted contacts when you feel endangered
• Emits flashing light and sounds an alarm

(Note: This is not a free app.)