Monday, May 27, 2013

Where Spy Shops Shop - Know What You Are Up Against

It is amazing just how many spy / eavesdropping gadgets are being sold these days. Some are very clever. Some are very small. All are easily available and affordable. 

For a peek at where Spy Shops shop, visit a Spy Shop Super Distributor. There are many others, but this will give you a good idea of what the average person can buy. 

This is why TSCM (bug sweep) services are so necessary, and worthwhile. ~Kevin

Saturday, May 25, 2013

Laser Beam Eavesdropping - The Trinidad and Tobago Case

Trinidad and Tobago ‎- At the height of the Section 34 controversy, a sophisticated laser spying device was discovered in the Office of the Director of Public Prosecutions (DPP), Roger Gaspard, SC. T&T Guardian (newspaper) investigations revealed the device was detected in November last year inside the conference room of the DPP’s office at the Winsure Building, Richmond Street, Port-of-Spain. Gaspard offered no comment on the matter when contacted by the T&T Guardian on Wednesday. Investigations revealed the device was detected after a search was carried out by both foreign and local information technology (IT) experts on the fifth floor of the building.

The T&T Guardian learned that an invisible infrared beam that is used to transmit conversations was found in the conference room, which is where the DPP normally holds briefings on various high-level cases involving past and former government officials and other matters such as the Calder Hart probe and the Clico enquiry. The conference room is also used when the advice of the DPP is sought by police officers on homicides and other criminal offences. On Monday, Opposition Leader Dr Keith Rowley, during debate of a no-confidence motion laid by him against Prime Minister Kamla Persad-Bissessar and her Government, revealed 31 e-mails, one of which referred to a plan to spy on the DPP during the Section 34 debacle and to offer him a judgeship so as to be able to replace him in the office...

The bug at the DPP’s office was discovered after Gaspard received a tip-off and arranged for his office to be swept for spying and bugging devices by highly-qualified IT experts. The IT experts detected beams that showed a laser was being used to spy on the DPP’s conversations. One of the IT specialists who was part of the exercise revealed, “They detected certain rays that showed a laser was being used to spy on the DPP. “Someone can stay from the Port-of-Spain International Waterfront Centre and once they have a straight line of sight, and using the laser device, the conversations of the DPP can be heard.” The T&T Guardian understands the find sent shockwaves through the DPP’s office and steps have been taken since then to conduct frequent independent security sweeps of the building to ensure it is clean of such devices.

...there have been calls for an independent investigation. (more)


Even though the details are sketchy, I can think of about four good reasons why this particular "find" might be baloney. Laser listening systems have been built and patented, however, physics still makes this type of eavesdropping very difficult in the field. Read up on laser beam eavesdropping here. ~Kevin

Friday, May 24, 2013

NYC Detective Dials "H" for Hacker... or, The Mission Creep

The FBI has arrested a New York City police detective for stealing the login details of at least 30 people (including 21 NYPD employees, 19 of them officers), across 43 email accounts and one cell phone. He did it by hiring a contract hit man, of sorts.

Edwin Vargas allegedly paid $4,050 via PayPal to a hacking-for-hire service between March 2011 and October 2012, according to Preet Bharara, the US Attorney for the Southern District of New York. Once in possession of the user names and passwords for the accounts, he allegedly set about essentially spying on his fellow police officers.

The motivations for the one-man stalking/espionage effort is not yet known, but Vargas, 42, has been charged with one count of conspiracy to commit computer hacking and one count of computer hacking. Each count carries a maximum sentence of one year in prison. (more)

Thursday, May 23, 2013

StopAStalker App ($5.00) - FREE for next 24 Hours

Spybusters Alert: StopAStalker (mentioned here) is FREE until 5/24 at the iTunes store. Normal selling price $5.00.

Monday, May 20, 2013

Every Wonder How Spyware Gets on Phones? Watch the videos...

A smartphone spyware developer has released how-to-install videos for:
Android
iPhone
BlackBerry
Why do I mention it?
So you get a feel for just how quickly it can be done.
Spybusters Tip #342: Password protect your phone. Never let it out of your control. ~Kevin

Sunday, May 19, 2013

Big Data - The End of Privacy. The End of Chance.

FutureWatch - BIG Data Knows All

• "Scientists have figured out that, with the help of our mobile phone geolocation and address book data, they can predict with some certainty where we will be tomorrow or at a certain time a year from now."

• "Some cities even predict the probability of crimes in certain neighborhoods. The method, known as "predictive policing," seems like something straight out of a Hollywood film, and in fact it is. In Steven Spielberg's "Minority Report," perpetrators were arrested for crimes they hadn't even committed yet."

• "Google predicted a wave of flu outbreaks on the basis of user searches."

• "American data specialist Nate Silver predicted the outcome of the last US presidential election well in advance and more precisely than all demographers."

• "TomTom, a Dutch manufacturer of GPS navigation equipment, had sold its data to the Dutch government. It then passed on the data to the police, which used the information to set up speed traps in places where they were most likely to generate revenue -- that is, locations where especially large numbers of TomTom users were speeding."

• "The more data is in circulation and available for analysis, the more likely it is that anonymity becomes "algorithmically impossible," says Princeton computer scientist Arvind Narayanan. In his blog, Narayanan writes that only 33 bits of information are sufficient to identify a person."

• "Is it truly desirable for cultural assets like TV series or music albums to be tailored to our predicted tastes by means of data-driven analyses? What happens to creativity, intuition and the element of surprise in this totally calculated world?"


• "A dominant Big Data giant once inadvertently revealed how overdue a broad social and political debate on the subject is. Google Executive Chairman Eric Schmidt says that in 2010, the company toyed with the idea of predicting stock prices by means of incoming search requests. But, he said, the idea was discarded when Google executives concluded that it was probably illegal. He didn't, however, say that it was impossible." (more)

Saturday, May 18, 2013

Federal 1st Circuit Court of Appeals - Police can't search your cell phone when they arrest you without a warrant.

III. Conclusion
Since the time of its framing, "the central concern underlying the Fourth Amendment" has been ensuring that law enforcement officials do not have "unbridled discretion to rummage at will among a person's private effects." Gant, 556 U.S. at 345; see also Chimel, 395 U.S. at 767-68. Today, many Americans store their most personal "papers" and "effects," U.S. Const. amend. IV, in electronic format on a cell phone, carried on the person. Allowing the police to search that data without a warrant any time they conduct a lawful arrest would, in our view, create "a serious and recurring threat to the privacy of countless individuals." Gant, 556 U.S. at 345; cf. United States v. Jones, 132 S. Ct. 945, 950 (2012) ("At bottom, we must 'assur[e] preservation of that degree of privacy against government that existed when the Fourth Amendment was adopted.'" (quoting Kyllo v. United States, 533 U.S. 27, 34 (2001))). We therefore reverse the denial of Wurie's motion to suppress, vacate his conviction, and remand for further proceedings consistent with this opinion. (more)


Next stop, Supreme Court. ~Kevin

Friday, May 17, 2013

Fight Back Against Stalkers - New iPhone App

Empower yourself to stop being a victim, and take action against a stalker. 

(FREE until 5/24)
Collect information, collate it, and report to authorities in a simple app made for victims of stalking. Made in conjunction with leading criminologists and victim support forums, StopaStalker is your tool to start fighting back.

• Record suspect, vehicle, witness and location details.
• Link to photos in your photo roll, or take photos in-app.
• Record court orders, with iOS calendar reminders.
• Produce PDF reports for authorities, friends and family, and email or AirPrint.
• Backup/Restore from Dropbox so trusted people can access.
• Setup emergency contacts and police numbers to call or SMS from within the app.
• Quick 'Victim Guide' with tips for surviving stalking.


($5.99) (more

Many of the requests for eavesdropping detection help I receive have their roots in stalking and harassment. 

Spybuster Tip #092: If stalking and harassment are part of the problem, a search for bugs and taps is not the best first step. Tie the criminal to the crime first. Collect and document your evidence. Talk to an attorney. Then, look for the surveillance devices.

Your Smartphone - The Quickest Route to Your Bank Account

Many consumers simply don't realize how vulnerable their Androids, iPhones and other devices can be. 

An April study by the Federal Reserve Bank of Atlanta said threats are proliferating, ranging from "phishing" -- where consumers click a phony email or text message and are tricked into handing over personal information -- to consumers' reluctance to use security protections they normally have on home computers, like a password...

Organized crime operations see smartphones as the most vulnerable entry point into the electronic financial system, according to the Federal Reserve...

Vikram Thakur, principal security response manager for security software giant Symantec, said attackers can get complete control of a phone simply by getting people to click on a link. Without actually having the phone in their hands, the hackers can access messages, phone calls and personal information. (more)

Spybusters Tip #734: 
• Password protect your phone. Keep it turned on.
• Don't click on anything 'iffy'.
• Keep Bluetooth and Wi-Fi turned off unless needed.
• Avoid sensitive transaction over public Wi-Fi hot spots.

Bug Eyed Drone Used 368 iPhone 4S Cameras

Everyone marveled when the iPhone 4S came equipped with a full high definition video camera. Little did they know that the race to miniaturize cell phone cameras led to quite possibly the spookiest surveillance camera on earth.

Autonomous Real-Time Ground Ubiquitous Surveillance Imaging System, or ARGUS-IS, which we recently covered, is the result of a low budget and 368 cannibalized cell phone cameras, slammed together to create the largest, finest surveillance camera in the world.

Attached to a predator drone, the camera records approximately 1 trillion gigabytes of information in a single day. (more)

Cautionary Tale - Employees Bug Boss for Promotions

China - Three public officers, who allegedly placed hidden cameras in a Party chief's office and then tried to blackmail him, have been held for illegal wiretapping and photographing in Huaihua City in central China's Hunan Province...

Prosecutors said the trio plotted to secretly videotape violations by Hu Jiawu, the local Party chief, and blackmail him for promotions, when they dined in early February 2012. They installed spy gadgets on a water dispenser, replacing the previous dispenser in Hu's office. Between March and October 2012, Li illegally monitored Hu and stored the footages in a removable disk, Southern Metropolis Daily reported yesterday.
Li and Yang again sneaked into Hu's office during the National Day holidays in 2012 and returned the original water dispenser. After Li edited the video, he showed it to Hu on October 17 and threatened to expose him if he did not promote them. (more)


Don't think this couldn't happen to you. This is one reason why periodic inspections for electronic surveillance devices (known as TSCM) are a standard business practice.

Thursday, May 16, 2013

Retailers sniffing cell phone Wi-Fi signals at the mall... and future uses.

Technology that allows retailers to track the movement of shoppers by harvesting Wi-Fi signals within their stores is spreading rapidly. 

Giant U.S. retailers including Nordstrom and Home Depot are already using it, as does one of the most popular malls in Singapore. Indeed, Euclid Analytics, one of the better-known companies selling the technology, boasts that it has tracked some 50 million devices in 4,000 locations. (more)

Also, check out Y-Find and TheRetailHQ.

So who cares if Home Depot knows what aisle you are in?

Think ahead...

"We are excited to be working with YFind to help them realize their vision of creating Location-Intelligent cities..." Pete Bonee, Partner at Innosight Ventures


Cities!?!?  
WTF? 
Oh, right. 
The government marketplace is huge, worldwide even.

Spybuster Tip # 845 - Don't Plug Your iPhone/Pad into Hotel Docking Stations

“Apple accessories, especially dock stations and alarm clocks become more and more popular. Nowadays, it is common to find such devices in hotel rooms,” wrote French security consultant and pentester Mathieu Renard. But can we really trust them? What if an alarm clock could silently jailbreak your iDevice while you sleep? “Wake up, Neo,” warned Renard. “Your phone got pwnd!”

At Hackito Ergo Sum 2013, an international security and hacking conference recently held in Paris, Renard presented iPown: Hacking Apple accessories to pwn iDevices. He started by looking at what an attacker would consider to be the most interesting Apple services before describing “how they can be exploited in order to retrieve confidential information or to deploy the evasi0n jailbreak.” (more)

Especially true when visiting countries with reputations for spying on foreign visitors. ~Kevin

Tuesday, May 14, 2013

Big Week for Spy News - Seems Everyone is Being Caught

A U.S. diplomat disguised in a blond wig was caught trying to recruit a Russian counterintelligence officer in Moscow, Russia's security services announced Tuesday, claiming the American was a CIA officer. (more)

In an outraged letter to U.S. Attorney General (AG) Eric Holder, the Associated Press, one of the nation's largest news organizations, accuses the U.S. Department of Justice (DOJ) of a potentially serious violation of freedom of the press.
According to the letter from Gary Pruitt, records from 20 phone lines -- including personal phones of AP editors/columnists and AP business phone numbers in New York; Hartford, Connecticut; and Washington -- were subpoenaed in a "massive and unprecedented" attempt to monitor on the press. (more)

In a new twist of the Bloomberg spying scandal
a former company employee has revealed journalists allegedly spied on the Federal Reserve chairman Ben Bernanke and former Treasury Secretary Tim Geithner through the news terminals. (more)

Designed to steal intellectual property, cyber espionage and attacks increased 42 percent
in 2012 compared to the prior year, reveals a new report entitled, 'Internet Security Threat Report' (ISTR) of Symantec Corporation (more)

Top IRS Officials Knew of Tea Party Spying Months Before Denial (more)

Private Investigators Convene in Atlantic City Next Month

On June 26th, private investigators from across the country will be on their way to Atlantic City for the East Coast Super Conference, presented by PI Magazine and hosted by the New Jersey Licenced Private Investigators Association (NJLPIA). 

The conference includes 17 presentations from guest speakers Diane Dimond, Joe Pistone, F. Lee Bailey, and more, including a presentation on the real undercover life of Donnie Brasco. A full exhibitor hall and many activities for attendees and their families will be available. Located at the Tropicana Casino and Resort, the conference will also have door prizes, including 1 week in Aruba! (more) (video)