A persistent headache for IT administrators dealing with BYOD in the workplace is how to keep sensitive company data safe even as more and more employee-owned devices are allowed into the corporate network.
Fujitsu Laboratories is working on a solution to the problem which its engineers hope to roll out some time this year. (more)
Security Directors: FREE Security White Paper - "Surreptitious Workplace Recording ...and what you can do about it."
Friday, January 25, 2013
Security Director Alert: Free Anti-Theft Tracking for PC & Phone
Prey, an open source, cross-platform anti-theft tracker that lets you keep track of all your devices easily in one place. Whatever your device, chances are Prey has you covered as there are installers available for Windows, Mac, Linux, Ubuntu, Android, and iOS.
Prey is easy to use. First off, you download and install the right version for your hardware. Then, after you've created an account and got it set up the way you want, you can forget about it until the day that your device is lost or stolen.
As soon as you discover that your hardware has been lost or stolen, you can activate prey by logging into your account and select the device 'missing-in-action'. Then, Prey's servers send a signal to the device -- either over the Web or with a text message -- that kicks Prey into action, gathering information such as location, hardware details and network status information. You can also capture screen shots, take pictures with the forward-facing camera, and even lock the system down to prevent further intrusion.
Prey offers a free, unlimited, 3-device account for anyone wanting to give the software a try. There are also premium account options that increase the device limit and add features such as automated deployment and full SSL encryption of all gathered data.
Putting a mechanism in place for recovering your lost or stolen hardware before the worst happens gives you a fighting chance of being able to find your hardware, or at worst, keep your data away from prying eyes. (more)
Note: My testing revealed one possible glitch. If your device does not have GPS capability (laptop, for example), the location being reported may belong to a service provider's IP address. In my case, the local phone company's DSL lines terminate in a town about 30 miles away. Otherwise, the system works great. No reason not to have this capability. ~Kevin
Prey is easy to use. First off, you download and install the right version for your hardware. Then, after you've created an account and got it set up the way you want, you can forget about it until the day that your device is lost or stolen.
As soon as you discover that your hardware has been lost or stolen, you can activate prey by logging into your account and select the device 'missing-in-action'. Then, Prey's servers send a signal to the device -- either over the Web or with a text message -- that kicks Prey into action, gathering information such as location, hardware details and network status information. You can also capture screen shots, take pictures with the forward-facing camera, and even lock the system down to prevent further intrusion.
Prey offers a free, unlimited, 3-device account for anyone wanting to give the software a try. There are also premium account options that increase the device limit and add features such as automated deployment and full SSL encryption of all gathered data.
Putting a mechanism in place for recovering your lost or stolen hardware before the worst happens gives you a fighting chance of being able to find your hardware, or at worst, keep your data away from prying eyes. (more)
Note: My testing revealed one possible glitch. If your device does not have GPS capability (laptop, for example), the location being reported may belong to a service provider's IP address. In my case, the local phone company's DSL lines terminate in a town about 30 miles away. Otherwise, the system works great. No reason not to have this capability. ~Kevin
Today in Telephone History
On Jan. 25, 1915, the inventor of the telephone, Alexander Graham Bell, inaugurated U.S. transcontinental telephone service. (more)
By this time wiretapping was already over 50 years old. ~Kevin
By this time wiretapping was already over 50 years old. ~Kevin
Thursday, January 24, 2013
Flip Phones Keep Japanese Wives from Flipping Out
Japanese philanderers know their weak spot: the smartphone.
Afraid that girlfriends and wives will spot incoming calls from certain secret someones, Lotharios in Japan are sticking with Fujitsu's old "F-Series" flip phones, the Wall Street Journal reports.
The so-called "infidelity phones" can easily be programmed to conceal calls and texts from particular contacts.
Fujitsu has added similar privacy features to its new lineup. Like the F-Series, these phones signal users with little changes of the antenna or battery mark. Only problem: they require a separate app.
US entrepreneur Neal Desai has designed a similar app called Call and Text Eraser that's been downloaded more than 10,000 times—but he cooed when told about the F-Series: "That's more genius than my app," he said. (more)
Afraid that girlfriends and wives will spot incoming calls from certain secret someones, Lotharios in Japan are sticking with Fujitsu's old "F-Series" flip phones, the Wall Street Journal reports.
The so-called "infidelity phones" can easily be programmed to conceal calls and texts from particular contacts.
Fujitsu has added similar privacy features to its new lineup. Like the F-Series, these phones signal users with little changes of the antenna or battery mark. Only problem: they require a separate app.
US entrepreneur Neal Desai has designed a similar app called Call and Text Eraser that's been downloaded more than 10,000 times—but he cooed when told about the F-Series: "That's more genius than my app," he said. (more)
If a tree falls in the forest, and nobody hears it...
Trees in Brazil’s Amazon rainforest are being fitted with mobile phones in an attempt to tackle illegal logging and deforestation.
Devices smaller than a pack of cards are being attached to the trees in protected areas to alert officials once they are cut down and the logs are transported.
Location data is sent from sensors once the logs are within 20 miles of a mobile phone network to allow Brazil’s environment agency to stop the sale of illegal timber. The technology, called Invisible Tracck, which is being piloted by Dutch digital security company Gemalto, has a battery life of up to a year and has been designed to withstand the Amazonian climate. (more)
Devices smaller than a pack of cards are being attached to the trees in protected areas to alert officials once they are cut down and the logs are transported.
Location data is sent from sensors once the logs are within 20 miles of a mobile phone network to allow Brazil’s environment agency to stop the sale of illegal timber. The technology, called Invisible Tracck, which is being piloted by Dutch digital security company Gemalto, has a battery life of up to a year and has been designed to withstand the Amazonian climate. (more)
Labels:
cell phone,
Hack,
miscellaneous,
nature,
product,
sabotage,
spybot,
surveillance,
wireless
Wednesday, January 23, 2013
Audio Steganography - SkyDe, as in Skype Hide
Those awkward silences during phone calls can communicate a lot. Especially if you're sending hidden messages during them.
Computer scientists at the Warsaw University of Technology have come up with a way to secretly send nearly 2000 bits of encrypted data per second during a typical Skype conversation by exploiting the peculiarities of how Skype packages up voice data. They reported their findings this week...
First the researchers noted that even when there's silence in a Skype call, the software is still generating and sending packets of audio data. After analyzing Skype calls, they found that they could reliably identify those silence packets, because they were only about half the size of packets containing voices. SkyDe (for Skype Hide) encrypts your hidden message, grabs a certain portion of outgoing silence packets, and stuffs the encrypted message into them. (more)
Important point: Conventional steganography hides data within photos and pictures. Downside... Your hidden message may languish on servers in multiple places for a long time, where it could eventually be discovered. Sky-De reduces this vulnerability. ~Kevin
Computer scientists at the Warsaw University of Technology have come up with a way to secretly send nearly 2000 bits of encrypted data per second during a typical Skype conversation by exploiting the peculiarities of how Skype packages up voice data. They reported their findings this week...
First the researchers noted that even when there's silence in a Skype call, the software is still generating and sending packets of audio data. After analyzing Skype calls, they found that they could reliably identify those silence packets, because they were only about half the size of packets containing voices. SkyDe (for Skype Hide) encrypts your hidden message, grabs a certain portion of outgoing silence packets, and stuffs the encrypted message into them. (more)
Important point: Conventional steganography hides data within photos and pictures. Downside... Your hidden message may languish on servers in multiple places for a long time, where it could eventually be discovered. Sky-De reduces this vulnerability. ~Kevin
Who Is Tracking You On-Line - Infographic
How do the digital detectives on the net snare you?
This infographic makes the mysterious, fathomable...
This infographic makes the mysterious, fathomable...
See the full graphic here.
Need an "I'm not here" outfit to go with the Mysterian glasses?
Unmanned aerial vehicles (UAVs or "drones") are fast becoming an ever-present eye in the sky, potentially granting governments greater strike and surveillance capabilities than even Orwell’s fictional Big Brother could hope to wield. In response, NYC artist Adam Harvey has created a series of garments which claim to reduce the effectiveness of UAVs.
Harvey’s garments include an anti-drone hoodie and scarf, which are designed to block the thermal imaging cameras used by many airborne drones. The designer also created a burqa which appears to function in much the same way.
Harvey is currently selling the designs, and would-be shoppers can pick up an anti-drone hoodie for £315 (or around US$500).
The Stealth Wear collection is on display in the UK at Primitive London until January 31. (more)
Harvey’s garments include an anti-drone hoodie and scarf, which are designed to block the thermal imaging cameras used by many airborne drones. The designer also created a burqa which appears to function in much the same way.
Click to enlarge |
The Stealth Wear collection is on display in the UK at Primitive London until January 31. (more)
The Mysterians and Question Mark...or viceversa?
Worried about all those security cameras tracking your every move? Try rocking one of these visors and enjoy anonymity once again.
At least that's what Isao Echizen from Japan's National Institute of Informatics is trying to achieve with the Privacy Visor (PDF).
Developed with Seiichi Gohshi of Kogakuin University, the visor has a near-infrared light source that messes up cameras but doesn't affect the wearer's vision, according to the institute.
They're hardly fashionable, but the lights create noise that prevents computer vision algorithms from extracting the features needed to recognize a face. (more) (get the t-shirt) (sing-a-long)
At least that's what Isao Echizen from Japan's National Institute of Informatics is trying to achieve with the Privacy Visor (PDF).
Developed with Seiichi Gohshi of Kogakuin University, the visor has a near-infrared light source that messes up cameras but doesn't affect the wearer's vision, according to the institute.
They're hardly fashionable, but the lights create noise that prevents computer vision algorithms from extracting the features needed to recognize a face. (more) (get the t-shirt) (sing-a-long)
Sunday, January 20, 2013
Mr. Kiss Kiss Bang Bang and other Cold War Spy Toys
via one of our Blue Blazer irregulars... (thanks!)
From Russian photoblog PhotoShtab.ru comes these great pictures of Cold War-era miniature gadgets that KGB spies and others used to monitor, smuggle, and kill (via RussiaEnglish).
Seeing as we have just seen the new adaptation of John Le Carre's Tinker Tailor Soldier Spy, these photos are a another great reminder of how paranoid and insane that whole 'Cold War' period was. (many more gadgets)
P.S. If you like seeing Cold War spy tools, your really need The Ultimate Spy Book, by historian H. Keith Melton. It is loaded with large glossy photos of the CIA's Greatest Hits, and the fascinating history of spies and their gadgets.
From Russian photoblog PhotoShtab.ru comes these great pictures of Cold War-era miniature gadgets that KGB spies and others used to monitor, smuggle, and kill (via RussiaEnglish).
Seeing as we have just seen the new adaptation of John Le Carre's Tinker Tailor Soldier Spy, these photos are a another great reminder of how paranoid and insane that whole 'Cold War' period was. (many more gadgets)
P.S. If you like seeing Cold War spy tools, your really need The Ultimate Spy Book, by historian H. Keith Melton. It is loaded with large glossy photos of the CIA's Greatest Hits, and the fascinating history of spies and their gadgets.
Labels:
CIA,
espionage,
government,
Hack,
historical,
KGB,
MI6,
OSS,
weird
Saturday, January 19, 2013
Foreign and Economic Espionage Penalty Enhancement Act of 2012 vs. My Baloney Meter
On January 14, 2013, President Obama signed the Foreign and Economic Espionage Penalty Enhancement Act of 2012.
The Act enhances the penalties for certain violations of the Economic Espionage Act.
The purpose of the Act was to amend title 18, United States Code, to provide for increased penalties for foreign and economic espionage.
Under the Act, the upper limit of penalties for individual offenses of Section 1831(a) are increased from $500,000 to $5,000,000 and the upper limit for corporate offenses of Section 1831(b) are increased from $10,000,000 to the greater of $10,000,000 or 3 times the value of the stolen trade secret to the organization, including expenses for research and design and other costs of reproducing the trade secret that the organization has thereby avoided. (more)
Why this approach alone has never worked, and what will work...
"A Cunning Plan to Protect U.S. from Business Espionage"
The Act enhances the penalties for certain violations of the Economic Espionage Act.
The purpose of the Act was to amend title 18, United States Code, to provide for increased penalties for foreign and economic espionage.
Under the Act, the upper limit of penalties for individual offenses of Section 1831(a) are increased from $500,000 to $5,000,000 and the upper limit for corporate offenses of Section 1831(b) are increased from $10,000,000 to the greater of $10,000,000 or 3 times the value of the stolen trade secret to the organization, including expenses for research and design and other costs of reproducing the trade secret that the organization has thereby avoided. (more)
Why this approach alone has never worked, and what will work...
"A Cunning Plan to Protect U.S. from Business Espionage"
Book: Britian's Brilliant Bugs Bomb Nazis
Historian Helen Fry, who has written a book called The M Room: Secret Listeners who bugged the Nazis., says the information gleaned by the eavesdropping of the German generals was vitally important to the war effort - so much so that it was given an unlimited budget by the government.
She believes what was learned by the M room operations was as significant as the code-breaking work being done at Bletchley Park.
"British intelligence got the most amazing stuff in bugging the conversations. Churchill said of Trent Park that it afforded a unique insight into the psyche of the enemy. It enabled us to understand the mind-set of the enemy as well as learn military secrets. "If it wasn't for this bugging operation, we may well have not won the war." (more)
Click to enlarge. |
She believes what was learned by the M room operations was as significant as the code-breaking work being done at Bletchley Park.
"British intelligence got the most amazing stuff in bugging the conversations. Churchill said of Trent Park that it afforded a unique insight into the psyche of the enemy. It enabled us to understand the mind-set of the enemy as well as learn military secrets. "If it wasn't for this bugging operation, we may well have not won the war." (more)
Thursday, January 17, 2013
Man Sends His Computer Security Token to China...
...so he can outsource his job!
A security audit of a US critical infrastructure company last year revealed that its star developer had outsourced his own job to a Chinese subcontractor and was spending all his work time playing around on the internet.
Verizon investigators found that he had hired a software consultancy in Shenyang to do his programming work for him, and had FedExed them his two-factor authentication token so they could log into his account. He was paying them a fifth of his six-figure salary to do the work and spent the rest of his time on other activities...
Further investigation found that the enterprising Bob had actually taken jobs with other firms and had outsourced that work too, netting him hundreds of thousands of dollars in profit as well as lots of time to hang around on internet messaging boards and checking for a new Detective Mittens video. (more)
A security audit of a US critical infrastructure company last year revealed that its star developer had outsourced his own job to a Chinese subcontractor and was spending all his work time playing around on the internet.
Verizon investigators found that he had hired a software consultancy in Shenyang to do his programming work for him, and had FedExed them his two-factor authentication token so they could log into his account. He was paying them a fifth of his six-figure salary to do the work and spent the rest of his time on other activities...
Further investigation found that the enterprising Bob had actually taken jobs with other firms and had outsourced that work too, netting him hundreds of thousands of dollars in profit as well as lots of time to hang around on internet messaging boards and checking for a new Detective Mittens video. (more)
The Suspected Fly on the Wall was a Horse
Not a horse-fly, a real horse.
My friend and colleague, Tim Johnson, relates thetail tale...
"I was contacted to do a debugging sweep of a company executive area and an executive residence in a midwestern state. Having concluded the examination of the offices without finding anything I proceeded to the residence where I repeated the process.
During the radio frequency examination I detected a radio frequency that I noted for additional analysis. In doing a further examination of the signal it was determined to be originating from outside the residence. This was done by moving my receiver to different locations and checking the signal strength.
There was a barn located in the general direction of the signal path so I went out and did a further check." (more)
(Foal Alert Transmitter)
My friend and colleague, Tim Johnson, relates the
"I was contacted to do a debugging sweep of a company executive area and an executive residence in a midwestern state. Having concluded the examination of the offices without finding anything I proceeded to the residence where I repeated the process.
During the radio frequency examination I detected a radio frequency that I noted for additional analysis. In doing a further examination of the signal it was determined to be originating from outside the residence. This was done by moving my receiver to different locations and checking the signal strength.
There was a barn located in the general direction of the signal path so I went out and did a further check." (more)
(Foal Alert Transmitter)
Wednesday, January 16, 2013
What Happens When You Lose A Cell Phone?
Vodaphone wondered too...
In The Lost Phone Experiment, Vodaphone planted 100 phones throughout the Netherlands, and tracked their fortunes via a web site.
They came up with some interesting data about how many are returned, where they traveled to, what they were used for, and by who. Open the site up using Chrome and hit "Translate" so you can read it in English. (more)
Spoiler Alert: About 30% were returned to their owners.
In The Lost Phone Experiment, Vodaphone planted 100 phones throughout the Netherlands, and tracked their fortunes via a web site.
They came up with some interesting data about how many are returned, where they traveled to, what they were used for, and by who. Open the site up using Chrome and hit "Translate" so you can read it in English. (more)
Spoiler Alert: About 30% were returned to their owners.
Subscribe to:
Posts (Atom)