Sunday, June 2, 2013

"Why I secretly recorded Mitch McConnell"

Curtis Morrison speaks out...

"Earlier this year, I secretly made an audio recording of Sen. Mitch McConnell, the most powerful Republican on the planet, at his campaign headquarters in Kentucky. The released portion of the recording clocks in at less than 12 minutes, but those few minutes changed my life.

I leaked the recording to Mother Jones, which published it with a transcript and analysis in April, and over the days that followed, blogs and cable news shows lit up with the revelations from that one meeting. At the time, McConnell was prepping for a race against the actress Ashley Judd — it was “the Whac-a-Mole stage of the campaign,” McConnell said smugly — and the recording captures his team in some Grade-A jackassery, including plans to use Judd’s history of depression against her.

But also up for debate was the the ethics of the audio recording itself. Here’s the latest... [long explanation]

[in a nutshell] Unlike Mitch McConnell, I will not paint myself as a victim... I’m a liberal activist in Kentucky. I’m also a citizen journalist... If given another chance to record him, I’d do it again." (more)


Background:
Campaign Headquarters Bugged - FBI Investigating 
McConnell's Suspected Bugger Has Hand Out
Sen. Mitch McConnell's "Bug" - Recorded Acoustical Leakage

Analysis
Eavesdropping occurs all the time. Only failed attempts become public knowledge. This is one of thoses tip of the iceberg stories. 

Like most of these stories, both sides failed. Morrison for getting caught. McConnell for not taking the proper security measures to assure privacy.

We see the same scenario in the private sector. Smart businesses employ information security measures. Others get their pockets picked, and occassionally, find embarrassing stories about them in the news. ~Kevin

Saturday, June 1, 2013

The Old Conference Call Trick Still Works

MA - Two Plymouth men who allegedly planned to line up professional sports tryouts are facing federal wiretapping charges for taping a phone conversation between two NFL general managers and sold the recording to a sports website.  

Joshua Barber, 20, and Nicholas Kaiser, 20, face up to five years in prison and a $500,000 fine if convicted of secretly recording a conference call they allegedly organized between Buffalo Bills General Manger Buddy Nix and Tampa Bay Buccaneers General Manager Mark Dominik, according to federal procecutors.

The Boston Globe reports that Barber first called Nix posing as Dominik and then called Dominik and used the conference call function to link the calls for the conversation, recorded by Kaiser.

In a roughly six-minute call posted on Deadspin in March, Nix and Dominik discuss potential trades and complain about their lack of a franchise quarterback, according to the Boston Herald. (more)

Eavesdropping on Fire Department No Solution to Burning Ears

NH - A former lieutenant in the Deering Fire Department
who was at the center of a recent hiring controversy has been indicted on a felony charge of wiretapping staff conversations last year, including at least one senior-level meeting.

Stephen Brooks, 39, allegedly placed a recording device inside the Deering Fire Station on or around May 29, 2012, and “recorded a period of time including, but not limited to, a meeting between senior staff of the Fire Department,” according to a direct indictment, issued May 15 by a Hillsborough County grand jury.

Because it is a direct indictment, the case will bypass preliminary hearings and head straight to trial. Brooks has not been arrested, according to Assistant Hillsborough County Attorney Michael Valentine, who is handling the case. Valentine said direct indictments are typical when there has been a previous police investigation.

An arraignment has been scheduled for June 21.

Deering Town Administrator Craig Ohlson said the charge follows a “lengthy” investigation by the state police. He said Brooks, who faces as many as 31∕2 to 7 years in prison and a $4,000 fine if convicted, was fired from the department April 17. It’s unclear whether the termination was directly related to the wiretapping investigation. (more)

Friday, May 31, 2013

On Paranoia...

“You’re just being paranoid.”

It’s a phrase that intimidates, shames, and scares. Too often, it sentences real victims of electronic surveillance to silent suffering. 


It’s also a phrase that can reveal unflattering things about the speaker, who may simply be ignorant, shallow, or mean, and who sometimes shows a strong tendency to avoid reality. The fact is, other people cannot make your problems go away by telling you that they do not exist—and neither can you.
Life has taught all of us some valuable lessons: An ounce of prevention really is worth a pound of cure. Trust your instincts. And that noise you heard coming from your car’s engine yesterday will not go away tomorrow; it will get worse. Ignoring these lessons has a name: The Ostrich Effect.

Granted, some people really do have paranoia problems. But these people usually do not confess to having a specific fear about specific events. They express their concerns in more general terms, such as “They know everything about me” or “It’s been going on for years.” Regardless, these people need kindness and medical help, not name calling.


If thoughts of eavesdropping or business espionage are new to you, and you have a suspect or a motive in mind, pay attention. Your intuition is telling you that something is wrong. Too many “coincidences” have tipped your inner warning scale. Your subconscious alert is sounding a real alarm, just as surely as the smell of smoke reminds you of the food left burning on the stove.

Trust your judgment. Something is wrong. 


Talk to an independent TSCM security consultant. This will be a person who specializes in electronic surveillance detection and business counterespionage. If TSCM is just another menu item and not the specialty of their house, you haven't found the right person. Keep looking. (Try here for business-related issues, or here for strictly personal issues.)

By the way, there is also hope on the horizon for people with real paranoia problems....
"Results of a preliminary trial, announced today at the Wellcome Trust in London, demonstrated how people with schizophrenia could overcome their auditory hallucinations by conversing with an avatar representation of the voice in their head.


At the start of the trial, 16 people with schizophrenia created an on-screen avatar that best matched what they imagined the voice in their head to look like – much like a police photo-fit. They then chose a male or female voice closely resembling the one they hear.

By conversing with a therapist via the avatar, the volunteers reported reduced levels of distress and higher self-esteem. Three people stopped hearing the hallucinatory voice altogether – including one who had lived with it for 16 years." (more)

Wednesday, May 29, 2013

Australia IT Security - More Godfather logic?

Chinese hackers have stolen top-secret blueprints to Australia's new intelligence agency headquarters, a report said Tuesday, but Foreign Minister Bob Carr insisted ties with Beijing would not be hurt.

The Australian Broadcasting Corporation said the documents taken in the cyber hit included cabling layouts for the huge building's security and communications systems, its floor plan, and its server locations. (more)


One can only hope these were the honeypot version of the plans.

How to Stop The China IT Leach Syndrome – Two Ideas

IDEA #1
If the US wishes to stop Chinese economic cyber-espionage, it will need to increase the costs and reduce the benefits to China of such activities. US government actions are important, but the key players in this game sit in the private sector. A true public-private partnership is needed.

The threat of Chinese cyberspying to US businesses is clear. A report released last week by the Commission on the Theft of American Intellectual Property states that: “China is two-thirds of the intellectual property theft problem, and we are at a point where it is robbing us of innovation to bolster their own industry, at a cost of millions of jobs.”
(more)

With President Obama preparing for a first meeting with China’s new president, a commission led by two former senior officials in his administration will recommend a series of steps that could significantly raise the cost to China of the theft of American industrial secrets. If milder measures failed, the commission said, the United States should consider giving companies the right to retaliate against cyberattackers with counterstrikes of their own. (more)

IDEA #2
Espionage Outrage Reaches the Boiling Point ...and a solution. (more)

Please pick either one, or both, Congress—before it is too late. ~Kevin

U.S. IT Security - Schizophrenia, Bipolar Disorder or Godfather logic?

The Chinese government has been conducting a broad, sustained, and disciplined campaign of cyberattacks against U.S. government agencies, critical infrastructure, private companies, and news organizations.

The public version of a study prepared for the Pentagon by the Defense Science Board now says that Chinese government hackers have also been able to penetrate the computer networks of all the major U.S. defense contractors, stealing the designs and specifications of the most advanced weapon system in the U.S. arsenal, and gaining insights into broad technologies on which U.S. military advances are based. (more)

and then we have...
 
White House National Security Adviser Thomas Donilon called Tuesday for strengthening U.S. military ties with China, despite growing tensions between the two over Beijing’s state-sponsored hacking and maritime territorial claims.

Donilon pushed for increased military cooperation in peacekeeping, fighting piracy and disaster relief.

An essential part of building a new model for relations between great powers is ensuring we have a healthy, stable and reliable military-to-military relationship,” Mr. Donilon said in brief comments to reporters, Reuters reported. (more)
 

...keep your friends close, but your enemies closer?

Tuesday, May 28, 2013

The Other Train Spotters and the Drones Who Will Catch Them

Germany - Small drones could soon be spying on vandals under plans announced by Germany's national railway company Deutsche Bahn. The idea is to use airborne infrared cameras to film people spraying graffiti and then use the images as evidence in court.

The drones can fly at altitudes of up to 150 metres and travel at up to 54 kilometres per hour.

Deutsche Bahn said it suffered property damage worth 7.6 million euros ($10 million) from people spray-painting its carriages last year.


The rail operator said it would only use the drones over its own depots, not in public areas, in line with German anti-surveillance laws. (more)

Better idea... Take high resolution photos of the best graffiti, make 1:1 prints and sell them at art galleries around the world—"Authentic Deutsche Bahn Train Art". ~Kevin

Australia - Report on Smartphone Spyware & Hacking

"It's a terrifying prospect, but the era of smart-phones is leaving us more vulnerable to having their phones bugged than ever before..." 

Monday, May 27, 2013

Where Spy Shops Shop - Know What You Are Up Against

It is amazing just how many spy / eavesdropping gadgets are being sold these days. Some are very clever. Some are very small. All are easily available and affordable. 

For a peek at where Spy Shops shop, visit a Spy Shop Super Distributor. There are many others, but this will give you a good idea of what the average person can buy. 

This is why TSCM (bug sweep) services are so necessary, and worthwhile. ~Kevin

Saturday, May 25, 2013

Laser Beam Eavesdropping - The Trinidad and Tobago Case

Trinidad and Tobago ‎- At the height of the Section 34 controversy, a sophisticated laser spying device was discovered in the Office of the Director of Public Prosecutions (DPP), Roger Gaspard, SC. T&T Guardian (newspaper) investigations revealed the device was detected in November last year inside the conference room of the DPP’s office at the Winsure Building, Richmond Street, Port-of-Spain. Gaspard offered no comment on the matter when contacted by the T&T Guardian on Wednesday. Investigations revealed the device was detected after a search was carried out by both foreign and local information technology (IT) experts on the fifth floor of the building.

The T&T Guardian learned that an invisible infrared beam that is used to transmit conversations was found in the conference room, which is where the DPP normally holds briefings on various high-level cases involving past and former government officials and other matters such as the Calder Hart probe and the Clico enquiry. The conference room is also used when the advice of the DPP is sought by police officers on homicides and other criminal offences. On Monday, Opposition Leader Dr Keith Rowley, during debate of a no-confidence motion laid by him against Prime Minister Kamla Persad-Bissessar and her Government, revealed 31 e-mails, one of which referred to a plan to spy on the DPP during the Section 34 debacle and to offer him a judgeship so as to be able to replace him in the office...

The bug at the DPP’s office was discovered after Gaspard received a tip-off and arranged for his office to be swept for spying and bugging devices by highly-qualified IT experts. The IT experts detected beams that showed a laser was being used to spy on the DPP’s conversations. One of the IT specialists who was part of the exercise revealed, “They detected certain rays that showed a laser was being used to spy on the DPP. “Someone can stay from the Port-of-Spain International Waterfront Centre and once they have a straight line of sight, and using the laser device, the conversations of the DPP can be heard.” The T&T Guardian understands the find sent shockwaves through the DPP’s office and steps have been taken since then to conduct frequent independent security sweeps of the building to ensure it is clean of such devices.

...there have been calls for an independent investigation. (more)


Even though the details are sketchy, I can think of about four good reasons why this particular "find" might be baloney. Laser listening systems have been built and patented, however, physics still makes this type of eavesdropping very difficult in the field. Read up on laser beam eavesdropping here. ~Kevin

Friday, May 24, 2013

NYC Detective Dials "H" for Hacker... or, The Mission Creep

The FBI has arrested a New York City police detective for stealing the login details of at least 30 people (including 21 NYPD employees, 19 of them officers), across 43 email accounts and one cell phone. He did it by hiring a contract hit man, of sorts.

Edwin Vargas allegedly paid $4,050 via PayPal to a hacking-for-hire service between March 2011 and October 2012, according to Preet Bharara, the US Attorney for the Southern District of New York. Once in possession of the user names and passwords for the accounts, he allegedly set about essentially spying on his fellow police officers.

The motivations for the one-man stalking/espionage effort is not yet known, but Vargas, 42, has been charged with one count of conspiracy to commit computer hacking and one count of computer hacking. Each count carries a maximum sentence of one year in prison. (more)

Thursday, May 23, 2013

StopAStalker App ($5.00) - FREE for next 24 Hours

Spybusters Alert: StopAStalker (mentioned here) is FREE until 5/24 at the iTunes store. Normal selling price $5.00.

Monday, May 20, 2013

Every Wonder How Spyware Gets on Phones? Watch the videos...

A smartphone spyware developer has released how-to-install videos for:
Android
iPhone
BlackBerry
Why do I mention it?
So you get a feel for just how quickly it can be done.
Spybusters Tip #342: Password protect your phone. Never let it out of your control. ~Kevin

Sunday, May 19, 2013

Big Data - The End of Privacy. The End of Chance.

FutureWatch - BIG Data Knows All

• "Scientists have figured out that, with the help of our mobile phone geolocation and address book data, they can predict with some certainty where we will be tomorrow or at a certain time a year from now."

• "Some cities even predict the probability of crimes in certain neighborhoods. The method, known as "predictive policing," seems like something straight out of a Hollywood film, and in fact it is. In Steven Spielberg's "Minority Report," perpetrators were arrested for crimes they hadn't even committed yet."

• "Google predicted a wave of flu outbreaks on the basis of user searches."

• "American data specialist Nate Silver predicted the outcome of the last US presidential election well in advance and more precisely than all demographers."

• "TomTom, a Dutch manufacturer of GPS navigation equipment, had sold its data to the Dutch government. It then passed on the data to the police, which used the information to set up speed traps in places where they were most likely to generate revenue -- that is, locations where especially large numbers of TomTom users were speeding."

• "The more data is in circulation and available for analysis, the more likely it is that anonymity becomes "algorithmically impossible," says Princeton computer scientist Arvind Narayanan. In his blog, Narayanan writes that only 33 bits of information are sufficient to identify a person."

• "Is it truly desirable for cultural assets like TV series or music albums to be tailored to our predicted tastes by means of data-driven analyses? What happens to creativity, intuition and the element of surprise in this totally calculated world?"


• "A dominant Big Data giant once inadvertently revealed how overdue a broad social and political debate on the subject is. Google Executive Chairman Eric Schmidt says that in 2010, the company toyed with the idea of predicting stock prices by means of incoming search requests. But, he said, the idea was discarded when Google executives concluded that it was probably illegal. He didn't, however, say that it was impossible." (more)