Thursday, November 22, 2012

Defending Privacy at the U.S. Border: A Guide for Travelers Carrying Digital Devices


Thanks to protections enshrined in the U.S. Constitution, the government generally can’t snoop through your laptop for no reason. 

But those privacy protections don’t safeguard travelers at the U.S. border, where the U.S. government can take an electronic device, search through all the files, and keep it for a while for further scrutiny – without any suspicion of wrongdoing whatsoever. (more) (pdf guide)

Wednesday, November 21, 2012

The Wall Street Wiretap Sword Of Damocles

Mark Pomerantz, a former federal prosecutor, says the government wants everybody on Wall Street to believe all their conversations are being taped.

Pomerantz tells MarketWatch that the perception of wiretaps being employed in a widespread way is great for deterrence. However, he said he didn’t think they were being employed extensively by federal prosecutors. (more)

Tuesday, November 20, 2012

Researchers Find iOS is Rich Target for Spying Software

Takeaway: The popularity of Apple devices makes them a prime target for spying programs, malware, and simple thievery.

According to a report in TechWeek Europe, researchers have found that spying programs like SpyEra, SpyBubble and StealthGenie are used by attackers much more heavily on devices running iOS. In two samplings of infected devices, Israeli mobile security company Lacoon found that significantly more iOS devices were being targeted over other mobile operating systems (74 % in one sampling and 52 % in a second sampling).

Attackers are, of course, taking advantage of the relative popularity of Apple devices, and are using the spying programs in highly targeted attacks — for example, against business executives — “to watch over personal and business data, letting the attackers view all the victim’s emails, text messages and geo-location information.” (more)

Friday, November 16, 2012

City Hall Fingered for Eavesdropping - Claims 'Inadvertance'

Chicago City Hall officials violated Illinois' strict eavesdropping law when they ‘inadvertently’ recorded conversations with Chicago Tribune reporters without their consent.

The Tribune sent the city a letter Friday demanding that officials stop secretly recording conversations with reporters. The newspaper also requested copies of the recorded conversations.

“This failure was due to inadvertence – not some practice or plan to record interviews without consent,” City Attorney Stephen Patton stated in a letter responding to the Tribune. (more)

What the Well Dressed Spy Wants for Christmas

Upon first glance, it appears to be a standard pair of cuff links.

However, a covert, hidden handcuff key has been engineered in to the design. This concealed hand cuff key will to open almost all Standard Hand cuffs. It’s also designed to hold your French Cuffs closed. A must have for any international SPY or the average citizen looking for some styling carbon fiber inlaid cuff links that happen to open hand cuffs.

*WARNING: The use of this product may result in you being shot.*


Don’t Break the law. 

You are not Bond'ed. (more) (more weird cufflinks)

Thursday, November 15, 2012

Scientific Breakthrough Gives Paranoids Another Thing to Worry About

Click to enlarge.
A tiny ear-powered device extracts energy from an ear and transmits information wirelessly to a nearby radio. (more)

2012 China Report Released... no surprises.

The U.S.-China Economic and Security Review Commission was created by Congress to report on the national security implications of the bilateral trade and economic relationship between the United States and the People's Republic of China.

"This Report conveys our findings from the past year, along with providing recommendations to Congress about how best to respond to some of the problems we have identified."
2012 REPORT TO CONGRESS
 
Excerpts:

"Travelers to China sometimes report Chinese officials tampering with their electronic devices upon entry or exit. Customs or border enforcement entities may perform or enable such activities."

"Some corporate entities in China may engage in, support, or benefit from cyber espionage. The prevalence of stste-owned or -controlled enterprises in the telecommunications and IT sectorsin China mean that such activities would often constitute state sponsorship."


Just coincidence?
 

Wednesday, November 14, 2012

This Week in Spy News

The chairman of Stow College in Glasgow has resigned after a row over a recorded conversation on a device branded a "spy-pen". (more)
 

Outdated laws have created loopholes that allow government and law enforcement agencies to request information and conduct electronic surveillance without warrants. The piece of legislation at the heart of the issue is the Electronic Communications Privacy Act, passed in 1986. (more)
 

Ex-British spy, turning 90, happily living in Russia... 
The spy, George Blake, betrayed British intelligence starting in the 1950s; he was found out in 1961 and sentenced to 42 years in prison. But he escaped five years later using a rope ladder made of knitting needles, made his way to the Soviet Union and has been living out his last years serenely in a cottage outside Moscow. (more)

Two Simple Spy Tricks That David Petraeus Could Have Used To Hide His Affair...

Does the head of the world's top spy agency really think he can hide behind a Gmail account and a pseudonym? Apparently so. Even bumbling Boris Badenov from "Rocky and Bullwinkle" would have known better. (more)

The Maryland Transit Administration is bugging buses in Baltimore, and the bugged buses are what’s bugging civil rights advocates. Buses already have cameras, but ten buses now have microphones that are supposed to add to security by recording what’s said between passengers and the drivers. (more)

How to Stop Spies from Digging Up Your Personal Information...

The spies in our lives aren't like the ones in movies—they take the form of a suspicious lover, obsessive coworker, or jealous "friend." While you can't distrust everyone you meet and lead a happy life, you can protect your personal information from falling into the wrong hands. Here's how to guard yourself from spies without slipping into a state of constant paranoia. (more)

The chairman of Pirelli, Marco Tronchetti Provera, will go to trial
over a long-running probe into alleged use of Telecom Italia data to snoop on Italy's elite, a judicial source said on Monday. (
more)

How to Snap Top Secret Photos Without Anyone Noticing...

Ever needed to snap a picture in a quiet building without anyone noticing? Or maybe you need to document misbehavior without getting caught? Taking snapshots on the sly isn't easy, but a few tricks can help you capture a moment without another soul noticing. (more)
 

Steampunk Spy-Fi: Real-life gadgets perfect for a Victorian Era James Bond...
What if the majesty of On Her Majesty's Secret Service was Queen Victoria? (more)

In France, a Mission to Return the Military's Carrier Pigeons to Active Duty...

Grounded After Modern Communication Devices Soared, Birds May Offer Low-Tech Solutions; No Round Trips (more)

Email Security - The Petraeus Case

...via
There's no such thing as a truly 'anonymous' email account, and no matter how much you try to encrypt the contents of the email you are sending, little fragments of data are attached by email servers and messaging companies. It's how email works and it's entirely unavoidable...which first led the FBI on a path that led up to the very door of Petraeus' office door in Langley, Virginia.

Ultimately, only Google had access to the emails. Because it's a private company, it does not fall under the scope of the Fourth Amendment. If the U.S. government or one of its law enforcement agencies wanted to access the private Petraeus email account, it would have to serve up a warrant.

In this case, however, the Foreign Intelligence Services Act (FISA) would not apply. Even the Patriot Act would not necessarily apply in this case, even though it does allow the FBI and other authorized agencies to search email. However, in this case, above all else, the Stored Communications Act does apply -- part of the Electronic Communications Privacy Act.

The act allows for any electronic data to be read if it has been stored for less than 180 days. In this case, the law was specifically designed -- albeit quite some time before email became a mainstream communications medium -- to allow server- or computer-stored data to be accessed by law enforcement.

However, a court order must be issued after the 180 days, and in this case it was...


Once it knew Ms. Broadwell was the sender of the threatening messages, the FBI got a warrant that gave it covert access to the anonymous email account. And that's how they do it. (more)

Saturday, November 10, 2012

Watergate's Next Watergate

A history professor hopes that a federal court's recent order to release long-sealed Watergate documents will shed light on the motivations behind the infamous 1972 scandal and help set an example for how to unseal court records.

Federal District Judge Royce Lamberth in Washington, D.C., on Friday ordered the National Archives and Records Administration to review and release some of the documents within a month. The order came in response to Texas A&M history professor Luke Nichter's 2009 informal request to Lamberth to unseal a trove of documents relating to the 1973 trials of Watergate conspirators G. Gordon Liddy and James McCord.

Nichter's letter said that some of the sealed materials "purportedly will demonstrate that exposing a prostitution ring was the real motivation for the break-in." Liddy had alleged a similar theory in the mid-1990s, although he claimed that motive was unknown to him when he orchestrated the break-in. (more) (previous report)

Get Alerts from your Local Police & 5,000 other Public Safety Agencies

One thing Hurricane Sandy taught us was truth beats rumors. Sign up for the truth... 

"This service, NIXLE, delivers trustworthy and important neighborhood level public safety and community event notifications instantly sent to you by cell phone text message, email and web. There is NO spam or advertising and the service is available at no cost.

Register at
www.nixle.com. This service is simple to use, reliable and trusted.

Stay connected to your world, from the public safety alerts that are relevant to you, to the important neighborhood advisories you want to know about and other valuable community information."

More iPhone Security Tips

Important Points
• iPhone / iPad / iPod muggings are common.
• Reduce risk...
-- Minimize usage while in very public places.
-- Use iOS's security features...
---- for tracking a stolen device and remote wiping of data.
---- for preventing thieves from: turning off tracking, accessing data and accounts.
• If theft occurs, go to the police first, not the phone company. 
-- Police will try to track. 
-- Carrier will shut off service.
• Seal the SIM card with serial numbered security tape to detect tampering.

Setting tips via Martin Williams...
1. Select Settings.
2. Click General.
3. Select Restrictions.
4. Set a Restrictions passcode.
5. Click Enable Restrictions.
6. Look for Deleting Apps and toggle the switch from On to Off. This will mean that no one can delete an app such as Find My iPhone without your Restrictions passcode.
7. Scroll down the list of options until you reach the Privacy section, here you’ll find a link to Locations Services, click it.
8. Select Don’t Allow Changes. This will mean it is impossible for a robber to disable the Find My iPhone application from broadcasting your GPS. You will now need manually to approve all new apps to access your location data.
9. Go back to the main Restrictions menu and select Accounts, changing this setting to Don’t Allow Changes. This makes it impossible for a mugger to disconnect your iCloud account that connects to Find My iPhone.
10. If your iPhone is stolen, it is only going to transmit its location for as long as a SIM card is inserted and is active.

Friday, November 9, 2012

Government Strength Mobile Spyware

In the secretive world of surveillance technology, he goes just by his initials: MJM. His mystique is such that other security professionals avoid using wireless Internet near him...

MJM -- Martin J. Muench -- is the developer of Andover, U.K.-based Gamma Group’s FinFisher intrusion software, which he sells to police and spy agencies around the world for monitoring computers and smartphones to intercept Skype calls, peer through Web cameras and record keystrokes...

Of Gamma’s products, FinFisher has become the flashpoint. It represents the leading edge of a largely unregulated trade in cybertools that is transforming surveillance, making it more intrusive as it reaches across borders and spies into peoples’ digital devices, whether in their living rooms or back pockets...

...researchers including Claudio Guarnieri of Boston-based security risk-assessment company Rapid7; Bill Marczak, a computer science doctoral candidate at the University of California Berkeley; and Marquis-Boire, whose day job is working as a security engineer at Google Inc., found computers that appeared to be command servers for FinSpy in at least 15 countries.

They also documented FinSpy’s ability to take over mobile phones -- turning on microphones, tracking locations and monitoring e-mails...



On Oct. 12, U.S. law enforcement officials warned smartphone users to protect themselves against FinFisher, calling it malware, or malicious software.

“FinFisher is a spyware capable of taking over the components of a mobile device,” the Internet Crime Complaint Center, a partnership between the Federal Bureau of Investigation and National White Collar Crime Center, said in a Website alert to the public. “FinFisher can be easily transmitted to a Smartphone when the user visits a specific web link or opens a text message masquerading as a system update.”

FinSpy Mobile can infect almost every kind of device, including Apple Inc.’s iPhones and smartphones running Google’s Android or Microsoft Corp.’s Windows systems, according to a pamphlet Muench provides. (more)

Thursday, November 8, 2012

Meet the Superheroes Fighting for Your Right to Mobile Privacy

Five years into the smartphone era, the threats to user privacy have never been higher.  

The complex and mostly unregulated privacy concerns of the mobile ecosystem have driven many users to take their privacy into their own hands, whether that means deleting apps that ask for too much information or turning off location services.

However, the fight over mobile privacy is just really starting to take shape. We wanted to get a beat on where that fight is now, and about what – if truly anything – privacy advocates think will change the future of mobile towards a more user controlled experience... (more)