Monday, December 16, 2013

NSA News Flash

* Judge: NSA Phone Spying 'Almost Certainly' Unconstitutional 
* Ruling Deals a Blow to NSA Records-Collection Methods 
* Lengthy Federal Court Process Still Ahead for NSA Spying 
(MORE TO COME)

Saturday, December 14, 2013

Opinion - IT Should Ban Google Glass Before It's Too Late

IT Should Ban Google Glass Before It's Too Late

Google's soon-to-be-publicly-available wearable technology exposes your company to problems ranging from illegal wiretapping and surveillance to a wild spectrum of inappropriate uses.  

Columnist Rob Enderle writes that you should do yourself a favor and ban Google Glass before it is even available to your employees. (more)

Coach with The Bush School Accused of Spycam'ing Female Students

WA - A Seattle private school has put a coach and substitute teacher on administrative leave after he was arrested and charged with voyeurism.

Jason Paur, a 43-year-old teacher with The Bush School, was arrested in British Columbia Tuesday while on a school sponsored ski team trip.

Pauer is accused of putting a video camera in a room where female students were staying. Police have also charged him with possessing child porn and breaking and entering. (more)

Fargo - A homespun spycam story.

ND - Police from two separate cities are investigating KVLY-KXJB reporter Mellaney Moore after the station aired her hidden camera story about local school security.

Jerry Lundegaard, town car salesman, upon hearing the news.
According to Moore’s story, she entered three schools, one in West Fargo, one in Fargo and one in Moorhead, MN, to test school security. “She had a hidden camera and was not stopped by any school official.

The Forum of Fargo-Moorhead reports police in Moorhead, MN, and West Fargo are now looking into whether she should face charges. “The concern we had was that they were specifically doing something that wasn’t lawful,” Moorhead police Lt. Tory Jacobson told The Forum. (more)

Business Espionage - "Corn ain't just chicken feed, Bubb"

Two Chinese agricultural scientists face charges after they were caught trying to smuggle a variety of seeds — stolen from a biopharmaceutical plant in Kansas — into China, Reuters reports.

After a tour of agricultural facilities and universities in the Midwest and Arkansas, the two Chinese nationals were caught with the seeds as they boarded a plane for home, the report says. 

(In a separate, but parallel espionage case, "Investigators found ears of corn stashed in an Illinois self-storage unit, dozens of bags of corn kernels stuffed under the seat of a car, and hundreds of pictures of corn fields and production facilities.")

Don’t be fooled because they’re “just” seeds. The unidentified victim of the theft had invested about $75 million in patented technology to create the seeds, the report says. (more)

Friday, December 13, 2013

...thus bringing back traditional spycraft.

Governments around the world may be compelled to wall off their Internet systems as nations and companies move to protect sensitive data amid increasing cybercrime and espionage, Kaspersky Lab Chief Executive Officer Eugene Kaspersky said.

Cybercrime is increasing and secret documents released by former U.S. National Security Agency contractor Edward Snowden have heightened technology company concern about espionage. Some governments and corporations may even scrap information-technology systems in some cases, moving critical data back to paper, Kaspersky said. (more)

Interpretation
  • Hacking is easier than traditional spycraft.  
  • Computerization = low-hanging fruit for the business espionage and criminal crowds. 
  • Throwing security budgets to the IT folks is not effective enough. 
  • Solution... keep your secrets off the web, and out of the computers. 
  • Anticipate... Traditional spycraft (bugging, tapping, intrusions, moles, etc.)
  • Arm yourself... Put a counterespionage consultant on your team.

The Road to Farewellville

A police department in Battle Creek, Michigan is being sued by one former officer and two currently employed cops who say their superiors secretly installed a surveillance camera in the woman’s locker at a local precinct...

According to the claim, Inspector Maria Alonso of the department’s Internal Affairs Division was told in late 2012 that there had been instances of theft occurring in the women’s’ locker room of the Battle Creek Police Department. Upon approval of her superiors, Alonso installed a surveillance camera in the room sometime the following January and used evidence obtained by it to allegedly implicate a plaintiff in the case of robbing co-workers by rifling through their lockers.


Plaintiff Laurie Gillespie was shown the video shortly after and, according to the complaint, was depicted in the clip “going through at least two open lockers” while in uniform... She was ultimately terminated less than two months later. (more)

Thursday, December 12, 2013

Data Security and Breach Notification Act of 2013 & Information Security Tips

American IT departments' decisions could inadvertently put organizations at risk of an information security breach if they don't have sufficient protocols for the disposal of old electronic devices...
Despite the many public wake-up calls, most American organizations continue to be complacent about securing their electronic media and hard drives...


Congress is hoping to hold businesses accountable for the protection of confidential information with the introduction of the Data Security and Breach Notification Act of 2013, which will require organizations that acquire, maintain, store or utilize personal information to protect and secure this data. (q.v.)

Mitigation tips:
  • Think prevention, not reaction.
  • Put portable policies in place for employees with a laptop, tablet or smartphone to minimize the risk of a security compromise while traveling;
  • Protect electronic data. Ensure that obsolete electronic records are protected as well. (Remember, all that data was somewhere else before it became electronic data. Protect that too.)
  • Create a culture of security. Train all employees on information security best practices... Explain why it's important, and conduct regular security audits (including TSCM) of your office to assess security performance. (more)

Santa App Lets You Spy Back

A new app is letting family spy on Santa and his friendly elves. The free app, created by two Michigan entrepreneurs, is called Santa Spy Cam.

What do Elves pass, if not gas?
Santa Spy Cam uses magic only found at the North Pole to help parents get video of St. Nick and his friendly elves when they visit your house.

Now, what's fun about the app is it captures these special moments when kids are asleep.

How does it work? Well, the Santa Spy Cam has a built in sensor that flips on in your own home when Santa or his elves are nearby. 

"Fully approved by The North Pole Clandestine Services Bureau (NPCSB) to capture live-action video of Elves as they visit your home during the holiday season. And of course, the big visit, by the big man on Christmas Eve, Santa Claus." (more)

I just tested it. 
Works remarkable well. 
You get three free scenes; others at 99 cents each. 
~Kevin

Wednesday, December 11, 2013

Hong Kong PI's are Parents Eyes

China - Rich mainland parents are paying thousands of Hong Kong dollars to private investigators to spy on their children studying in Hong Kong, including PhD students and kindergarteners...

Philic Man Hin-nam, founder and director of Global Investigation and Security Consultancy, an all-woman detective agency, said that mainland student cases accounted for about 40 per cent of the more than 100 requests made by parents last summer for information on their children...

"Many mainland students studying in Hong Kong are single children from rich families," Liu of Wan King On Investigations said, "Those parents attach great importance to their children's behavior." (more)

New Android threats could turn some phones into remote bugging devices...

Researchers have recently uncovered two unrelated threats that have the potential to turn some Android devices into remotely controlled bugging and spying devices.

The first risk, according to researchers at antivirus provider Bitdefender, comes in the form of a software framework dubbed Widdit, which developers for more than 1,000 Android apps have used to build revenue-generating advertising capabilities into their wares...

What's more, Widdit uses an unencrypted HTTP channel to download application updates, a design decision that allows attackers on unsecured Wi-Fi networks to replace legitimate updates with malicious files. (more)

'That thing they said they're not doing? They're totally doing" - Jon Stewart

Last week The National Reconnaissance Office launched a new satellite called NROL-39 from Vandenberg Air Force Base in California, and a lot of people noticed a picture of a massive octopus straddling the earth.

"The Daily Show With Jon Stewart" has some fun with the spy logo, the choice of which drew ridicule in light of the many leaks about mass government surveillance from ex-NSA contractor Edward Snowden. 

After playing a game of 'That Thing They Said They're Not Doing? They're Totally Doing" — which involves showing clips of the U.S. government denying spying allegations only to confirm them later — Stewart went after the logo that boasts: "Nothing Is Beyond Our Reach." (more)


In 1955 an octopus taking over Earth was just science fiction. 
Perhaps the logo artist remembered this.

Tuesday, December 10, 2013

GSM A5/1 Encryption Comes to German Cell phones

Deutsche Telekom is the first network operator in Germany to deploy the A5/3 encryption standard for voice transmission in its mobile phone network. This means conversations are better protected against wiretapping, even in the GSM network... The GSM network previously implemented the A5/1 encryption standard, which experts have cracked... Telekom is not limiting rollout of the A5/3 encryption standard to Germany, either: the new technology has already been implemented in Macedonia, Montenegro, Poland and the Czech Republic. More countries will follow. (more)

$15. Girl Tech IM-ME Pager Turned Into - a Spectrum Analyzer; a Police Radio Jammer...

This isn’t something we’d encourage our readers to do, but it’s pretty fascinating that a seemingly innocuous toy has such power. 

The IM-ME is a small electronic toy made by Girl Tech that’s intended to be used as a sort of imitation cell phone, allowing users to send wireless messages to each other. 

Unfortunately, a hacker named Travis Goodspeed discovered that you can use the hardware to roam frequencies freely and even decode the metadata that prefixes radio communications, allowing a listener to identify both parties on the call. 

You can also use the thing as a spectrum analyzer and many other unintended purposes... such as jamming. (more) (video on P25)

Surveillance Cameras a Weapon in Neighborhood Feud

Scott and Terri Gale, of Kemah, Tex., are seeking a restraining order against Natalie Belk, who lives directly across the street from them, according to media reports.

The Gales say Belk’s surveillance cameras point into their master bedroom and bathroom.

The cameras were installed in September 2012, but the neighbors have been feuding since 2008 court records say. (more)


Without laser. With laser.
I guess taking their case to court is more civil than installing a permanently mounted laser pen aimed at the camera's lens. (snicker) (How to Zap a Camera)