Monday, October 28, 2013

Do You Have an IT Spy Guy?

Two tales to get you thinking...

Old tech equipment rarely dies, it just finds a new home -- and sometimes, that home is with your IT employees... The problem with taking equipment bound for the scrap heap or the recycling bin is that it often still contains sensitive data, which if lost could result in massive liability for the company that owns the equipment. Think... It is more than just theft, much more.

"There are no secrets for IT," says Pierluigi Stella, CTO for managed security service provider Network Box USA. "I can run a sniffer on my firewall and see every single packet that comes in and out of a specific computer. I can see what people write in their messages, where they go to on the Internet, what they post on Facebook. In fact, only ethics keep IT people from misusing and abusing this power. Think of it as having a mini-NSA in your office." Also think... "The scariest thing is that the same people who present the greatest risk are often the very people who approve access."
(more)


Saturday, October 26, 2013

Business Espionage in America - We Lose More Than We Take in Taxes

The United States has known for sometime that it has been victimized by economic espionage mounted by other countries, especially China and Russia. According to a counterintelligence expert hired by companies to help them counter this threat, the toll for these crimes is far, far higher than what has been officially reported.

Economic espionage represents “the greatest transfer of wealth in history,” said General Keith Alexander, NSA director and commander of U.S. Cyber Command, at the American Enterprise Institute in 2012...

Due to the nature of the business, it is often difficult to place solid numbers on the cost of economic espionage. To protect their investors, companies rarely want to announce breaches by spies or hackers to the public, and government agents often find gathering enough evidence to charge an insider with espionage difficult.

The lack of transparency on economic espionage makes it a difficult problem to tackle.

The FBI estimates that economic espionage costs the U.S. $13 billion a year, yet their numbers are based only on current FBI cases where spies have been caught and charged. It does not include the majority of theft that was not reported, or the scale of breaches that are unknown to the companies...

During his speech, General Alexander said investigations by the FBI and other agencies find that for every company that detects a cyberattack there are 100 others that are unknowingly being hacked...

Nonetheless, U.S. companies are still largely on their own when it comes to defending against economic espionage, and the threat is very real. When the “Economic Espionage Penalty Enhancement Act of 2011″ was passed, former U.S. Senator Herb Kohl said in a press release “As much as 80 percent of the assets of today’s companies are intangible trade secrets.” (more)


You don't have to be on your own. Help is available. Call me.

Ankle Bracelets Have Criminals Bugged

Ankle bracelets featuring GPS tracking technology can do more than allow authorities to follow the whereabouts of criminals ordered to wear them. They also can be used to eavesdrop on conversations without the wearer knowing what’s going on.

In Puerto Rico, defense lawyer Fermín L. Arraiza-Navas learned about the bracelet’s expanded surveillance capabilities after meeting with clients fitted with the technology. He told the Puerto Rico Center for Investigative Reporting (CPIPR) that clients noticed the bracelets would vibrate when having conversations with lawyers and others.

One client said authorities spoke to him through a hidden phone feature included in the bracelets, which are manufactured by a Utah-based company, SecureAlert. (more)

Friday, October 25, 2013

A Brilliant Halloween Costume, More LED Fun, and a tip of the tin foil hat to the ultimate paranoid!

It's Friday. 
Oddball time!


Weekend Electronics Project
Extreme LED Throwies
Click to enlarge.
LED throwies are cheery glow-dots you can make in seconds from simple components and stick to any ferro-magnetic surface. But that’s just the beginning — click link to learn how to hack and modify them. Easy to make!

...and an anti-NSA home... (just kidding)

Encryption Infographic

Every wonder how good your encryption is?

Wednesday, October 23, 2013

Citing "Terrifying" Surveillance Tactics, Yet Another U.S. Privacy Service Shuts Down

Yet another American Internet privacy service has bitten the dust, prompted by fears about broad government surveillance demands.

San Francisco-based CryptoSeal, a provider of virtual private networks that can be used to browse the Internet anonymously, has closed its doors to users of its private VPN service. 

In a statement posted online, CryptoSeal announced that a key factor in the closure was the government’s recently revealed attempt to force email provider Lavabit to turn over its private encryption keys. Lavabit shut down in August as part of an effort to resist a surveillance demand believed to involve NSA whistle-blower Edward Snowden, who was a Lavabit customer. Lavabit was ordered to turn over its master encryption keys in a way that could have potentially compromised thousands of users’ private data. (more)

Court Rules: NO GPS for LEOs w/o CO

A federal appeals court has ruled that law enforcement officials must obtain a warrant before attaching a GPS unit to a suspect’s car and tracking them... 

“Today’s decision is a victory for all Americans because it ensures that the police cannot use powerful tracking technology without court supervision and a good reason to believe it will turn up evidence of wrongdoing,” American Civil Liberties Union attorney Catherine Crump said in a statement. “These protections are important because where people go reveals a great deal about them, from who their friends are, where they visit the doctor and where they choose to worship.”

The three-judge panel determined that installing GPS technology was a violation of the Fourth Amendment to the US constitution, which prohibits unreasonable searches and seizures. The judges’ final decision said the actions of the police were “highly disconcerting.” (more)

Rental Company Settles Spyware Case

The Federal Trade Commission says Atlanta-based furniture renter Aaron's Inc. has agreed to a settlement over allegations that it helped place spyware on computers that secretly monitored consumers by taking webcam pictures of them in their homes.

The FTC said in a Tuesday news release that Aaron's will be prohibited from using spyware that captures screenshots or activates the camera on a consumer's computer, except to provide requested technical support.

Aaron's officials previously blamed individual franchisees for the spyware. But the FTC said Aaron's knowingly played a direct role in the use of the spyware. (more)

No Jail for Skype Sex Scandal Cadets

Australia - The two men at the centre of the Australian Defence Force Academy Skype scandal have avoided jail time.

Daniel McDonald, 21, secretly filmed himself having sex with a female cadet and streamed it live to Dylan Deblaquiere, 21, in a nearby dorm room at ADFA in Canberra in 2011.

Earlier this year a jury found the pair guilty of sending offensive material over the internet without consent. McDonald was also found guilty of an act of indecency.

In sentencing today in the ACT Supreme Court, Acting Justice John Nield rejected jail time... Instead he handed McDonald two 12-month good behaviour bonds, to be served concurrently, and Deblaquiere a single 12-month good behaviour bond. He warned they will go to jail if they breach their orders... "General deterrence has been achieved," he said...


The Department of Defence has confirmed it will take action in relation to McDonald. (more)

Tuesday, October 22, 2013

Bugging Boss for a Raise Lands Three Employees in Jail

China - Three public officials were each sentenced to 20 months in jail for illegally wiretapping a county Communist Party chief of central China's Hunan Province, according to a local court ruling on Tuesday.
 
Li Yi, an official with the supervision office of the Mayang Miao Autonomous County Committee of the Communist Party of China (CPC), Yang Fan, a Mayang court officer and Liu Yang, a police officer, were guilty of illegal wiretapping and secretly filming a county Party chief, according to the ruling of the district people's court of Hecheng, Huaihua City, which administers Mayang County.

They were guilty of placing hidden cameras in the office of Hu Jiawu, secretary of the CPC Mayang Miao Autonomous County Committee, spying on Hu and storing video footage on a removable disk between March 13 and Oct. 2 in 2012. They used the footage to try and blackmail Hu for promotion, according to the ruling. (more)

Landlord, Tenant, SpyCam - What Could Possibly...

I stopped posting these stories a while back, simply because there were so many of them. This is just a reminder. The SpyCam is the Number One illegal eavesdropping tool in use today.

Canada - An employee at a major Canadian broadcaster is facing charges of voyeurism, mischief and defamatory libel. 56-year-old David Sealey was arrested Saturday after a man saw a woman he knew secretly filmed in an online video. He notified the victim, who reported the incident to police.

A search warrant was issued and over 150 voyeuristic videos of women were found on a computer inside Sealey’s home, along with recording devices.

The female victim rented a room from Sealey in the Richmond Ave. and Spadina Ave. area and police believe there could be more victims. (more)

Captain Crunch sez... "Here's looking at you, matey."

It’s not quite “Minority Report”-levels of creepiness, but it’s getting there.

He saw this coming.
Mondelez International, whose properties include Chips Ahoy, Nabisco, Ritz and other high-profile snack brands, says it’s planning to debut a grocery shelf in 2015 that comes equipped with sensors to determine the age and sex of passing customers.

The shelf, which is hooked up to Microsoft’s Kinect controller, will be able to use basic facial features like bone structure to build a profile of a potential snacker, Mondelez chief information officer Mark Dajani told the Wall Street Journal. While pictures of your actual face won’t be stored (yet), aggregate demographic data from thousands of transactions will be. (more)


I spy a tipping point. We are sailing into Fedup Bay. Watch the backlash, me hardies.

Ex-School IT Director Faces Trial on Wiretapping Charge

PA - The former technology director for Easton Area School District accused of secretly recording a private meeting will face trial in Northampton County Court.

Thomas Drago, 54, acknowledged at a hearing Tuesday that prosecutors have enough evidence to merit a wiretap violation charge. Drago's attorney, Philip Lauer said his client will apply for a first-time offender's program. Drago remains free on $50,000 unsecured bail.

In August, Drago surrendered to authorities for allegedly recording a conversation with school officials without their permission. Drago, 54, of Bushkill Township resigned shortly before an internal probe this year uncovered nude photos on his work computer. (more)

Sunday, October 20, 2013

Doc v. Doc Bugging Ends in House Call to Graybar Motel

India - Spying on his wife landed a qualified doctor husband behind bars on Saturday. 

Dr Gyaneshwar Maini, who owns a private hospital, was arrested for keeping a tab on the locations and conversations of his wife, while installing a high-quality Global Positioning System (GPS) along with a micro-mike packed in a black box in the steering wheel of her sedan car for the past eight months. 

The victim is also a qualified doctor and employed with a leading private hospital in Mohali.  

Police have also decided to take legal action against employees of a private firm, who installed the device in the car of the woman.

The GPS system, along with a mike, was in a black box worth Rs 18,000 ($293.76), which was detected with the help of an expert from a private company, which supplies these gadgets. 

The black box was linked with a 10-digit cell number used by Dr Maini's friend. Police said the installer of the device in the car has identified Dr Maini. In her complaint to the police, the woman suspected that there was some instrument in her car, which was keeping a tab on her movements and conversations, about which her husband would come to know even without her telling him. (more)

No more, "Gee, I thought you said..." — Record Your Cell Phone Calls

Here's a useful item for PIs, Security and LEOs — a way to document important cell phone calls, without app sapping charges. No more, "Gee, I thought you said..." 

Recording Cell Phone conversations using apps is not possible on iPhone, Droid or BlackBerry without paying per minute charges. The Call Mynah Cell Phone Recorder gives you complete control of Recording Cell Phone Calls. You decide to Record Mobile Phone Calls or not, set up your Call Mynah to Record Cell Phone (all calls) or only as you choose.
  • 340 hours of Cell Phone Recording storage
  • Connects to any mobile phone via Bluetooth to create a simple Cell Phone Call Recorder
  • Automatically Record Cell Phone Calls (manual recording options too)
  • Saves all Cell Phone Records, call details (date, time, number, duration, call type)
  • Add comments to calls and flag as 'Important'
  • Upload calls to your PC for easy management (software supplied)
  • 150 Hours standby, 8 hours talking before battery charge
  • Call recording warn tone or prompt can be sent to callers (optional)
  • Handset, Speakerphone or Headset (supplied) operation
  • Security features to prevent unauthorized listening to your calls (more)