Thursday, January 30, 2014

New SpyCam App for Android Phones and Tablets

via droidforums.net...
The new spycam app by "dooblou", SECuRET SpyCam, makes you an instant gum shoe! 

There are maybe some not so ethical uses for this, but then again this app would make it easy to see who is stealing your juice out of the office cooler, or what exactly the babysitter is doing with your kid. 

The app turns any Android phone or tablet camera as well as a remote camera into your very own motion triggered spycam. With this app your device will capture stills or video when activated by any motion within its field of view and then either save or email the photo or video. 


 

This app has apparently already caught several criminals in the act of stealing cars, and breaking into homes. 

You don't have to use your phone you can use this app to control a laptops webcam or another device camera with the use of livestream. 

The app includes disguise mode and touch screen locking so your phone won't be detected, advanced settings to tweak performance and timings, ability to choose between the front and back cameras, choice of video and photo resolutions including resolutions photos and high def videos, quick start mode and more. 

Pro version is $4.49, and there is a Demo version so you can see how it works before buying. (more

Why do I mention it?
So you will know what you're up against.

Not to be left out, tiny Malta has its own spy scandal...

Malta  ...Home Affairs Minister Manuel Mallia was “caught eavesdropping” on an opposition meeting.

Reliable sources told this paper that Dr Mallia was last week caught “with his ears to the Opposition Parliament office” as a meeting was going on inside. At the time a meeting of the Opposition’s Committee for the South was being held. Chairman Stephen Spiteri and MPs Carm Mifsud Bonnici, Mario Galea, Jason Azzopardi and Anthony Bezzina were present.

The sources said that Dr Mallia was seen eavesdropping by another person, who is not a politician. (more)

Tuesday, January 28, 2014

Proof Spying is Mainstream - The Walmart of India has a Spy Section

India - Naaptol with its “shop right, shop more” slogan has just announced its own list of the top 10 spy gadgets of 2014. And it’s just the start of the year! 

They come in all shapes and sizes. Spy gadgets camouflaged as pens (Rs 2999 for 4 GB); sim card phone device ear bugs; and even cloth hooks spy cameras. 

If that’s not enough, check out the video recording button camera. No one might suspect that it’s not part of your suit! You have an option of hidden cameras that fit in a car key-chain, the world’s smallest digital mini camera that is slightly bigger than your eye, motion sensor padlocks, anti-theft whistle key-chains, wall clocks that hide a CCTV camera, mini USB-shaped reader digital camera flash drive. (more) (store)

Spy ‘Numbers Stations’ Still Baffle, Enthrall

In the early 1990s, at the end of the Cold War, before the onset of the Internet Age, 
Courtesy, SpyArtStudios
you could tune across the shortwave bands and hear the monotonous drone of an automated woman’s voice calling out long strings of numbers in Spanish. “Siete — Quatro — Cinqo — Cinqo — Cinqo,” the voice would say, pause, and then switch to a new set of numbers. The Spanish-language female voice station became known as “Attenćion,” due to its repeated use of that phrase at the beginning of each transmission.

These transmissions, which had started at the end of the Second World War, weren’t always in Spanish, nor were they always female. Other languages were used to broadcast entire strings of numbers, which many believed made up a coded message that could be heard by anyone with a shortwave radio. The consensus view at the time was they were meant for secret agents operating in foreign countries...

Today, with the Internet Age fully mature and the Cold War buried under 20 years of modern history, the numbers are still being transmitted. (more)

Surreptitous Workplace Recording - IT Guy Receives Sentence

PA - The Easton Area School District's former technology director has entered a first-time offenders program after being accused of illegally recording a private meeting.

That's according to the Morning Call, which says Thomas Drago's record will be expunged following a year on probation and a psychiatric evaluation.

Drago, 54, of Bushkill Township, resigned from his post in late 2012, just before the district began investigating whether he had been spying on his colleagues.

Police say investigators eventually learned Drago had used his iPhone to audio tape an "Act 93" meeting in March 2012. He was charged in August of last year with one count of felony wiretapping. (more)


Security Directors: FREE Security White Paper - "Surreptitious Workplace Recording ...and what you can do about it."   

Sunday, January 26, 2014

How to Stop Websites from Eavesdropping Via Google Chrome

...review the sites you've allowed to access your microphone and camera in Chrome.

1. Open Chrome, and type chrome://settings/contentExceptions#media-stream into the Omnibar.
 

2. You'll see the Media Exceptions screen, where you can see which host names have permissions to your microphone and camera, and which of those two each site has access to.
 

3. Highlight any site you want to remove, and click the "x" on the right side of the line.
 

4. Save your changed by clicking Done.

PCWorld also notes that if you prefer, you can just go to: chrome://settings/content Scroll down to Media, and instead of "Ask me when a site wants to use a plug-in to access my camera and microphone" (which is the default setting), select "Do not allow any sites to access my camera and microphone," which is kind of the nuclear option. 

Doing this will also disable features like Google's Conversational Search, which can be pretty useful, likely break any voice integration with Google Now (which will arrive in Chrome any day now), and disable any other voice-activated features in Chrome or elsewhere on the web. (more) (background)

800+ Detained in China for Illegal Surveillance

Chinese police have arrested over 800 people suspected of producing, selling and using illegal wiretapping and photography equipment to conduct surveillance.

Through joint efforts by police from 14 provincial regions, 13 production facilities have been destroyed and 67 groups associated with illegal wiretapping equipment have been uncovered in the action, the Ministry of Public Security said. 

The police have uncovered over 1,550 criminal cases involving the use of wiretapping equipment in blackmail, kidnapping, illegal detention and other crimes. Over 15,000 sets of equipment for covert tracking, positioning, photographing and recording have been confiscated, state-run Xinhua news agency reported today. (more) (sing-a-long)

Cell Phone Snitch Stories

Butt Dialing Law Suit Busted
KY - A federal judge has dismissed a lawsuit filed by Kenton County Airport Board Chairman Jim Huff and his wife after an airport secretary that Huff called accidentally overheard their private conversation... Huff accidentally dialed secretary Carol Spaw while on a business trip. Spaw overheard Huff discussing ways to demote the Cincinnati/Northern Kentucky International Airport's chief executive officer or get her to resign... Spaw took notes on the conversation and recorded a portion of it... (The judge) ruled that even though the cell phone call was accidental, Spaw was under no obligation to hang up. (more)

Butt Photos Proved It
A suspicious Kuwait man thought it was his chance to verify whether his wife is loyal to him when she went out and left her mobile phone at home. As he surfed through the phone’s files, he got the shock of his life when he saw obscene pictures of her with another man... “The man rushed to the police station and showed them what he found on his wife’s mobile. “He accused her of adultery and police decided to summon the wife to face her with the charges,” the Kuwaiti daily Al Shahid said. (more)

Saturday, January 25, 2014

Tennessee Bill Would Shut Down NSA Spy Center

Legislators in Tennessee have introduced a bill that would ban the state from providing water and electricity to an NSA data center which is currently involved in building supercomputers designed to crack encrypted data.

The Fourth Amendment Protection Act, which mirrors legislation introduced in other states, would prohibit local and state agencies from “providing material support to…any federal agency claiming the power to authorize the collection of electronic data or metadata of any person pursuant to any action not based on a warrant.”

The bill also disincentivizes local companies from doing business with the NSA. (more)


Interestingly, Tennessee is the home of the most patriotic city in the U.S., Knoxville, and the largest manufacturer of counterspy gear in the U.S., REI. Tennessee's slogan, "America at its best."

Two New Android Spyware Issues

Hop, Skip and a Bank Bug...
Malware capable of infecting Android handsets using Windows PCs and laptops has been uncovered targeting developers.


Security response manager at Symantec Alan Neville told V3 the malware is atypical as it uses a two-stage attack process to jump from Windows PCs to Android handsets.

"It starts with a Trojan that when executed creates a new service on a Windows machine," he said. "It then targets Android devices that connect on USB. It uses the Android debugging bridge to deliver the Fakebank Trojan." Fakebank is a notorious Trojan designed to take victims' financial data. (more)


Fake Security App Intercepts Calls and Texts...
Researchers have discovered a new Android malware family that disguises itself as a security app, and intercepts the incoming texts and calls of victims.

According to Hitesh Dharmdasani, a malware researcher... six variants of the Android malware, dubbed “HeHe,” have been detected by the firm.

On Wednesday, Dharmdasani told SCMagazine.com that the free app is most likely infecting users via third party app marketplaces or through SMS spam. (more)

War On Drones Drones On War

Palindrone Palindrome of the Day...
NH - Rep. Neal M. Kurk (R) has introduced a bill that would limit the use of drones in the Granite State.  

HB1620 is similar to a bill introduced earlier in the session by Rep. Joe Duarte, but takes things a step further by applying the prohibition to drone use by the federal government and including penalties for violating its provisions.

Kurk’s proposed legislation regulates the use of drones by governments, as well as individuals. It requires search warrants, levies fines, and does not allow for the lethal or nonlethal arming of drones in the state. (more)


Hope they include some reasonable exemptions, like flying model aircraft and FedEx hospital to hospital deliveries of transplant organs.

Friday, January 24, 2014

Conflicting Reports About the Turkish President's Bug

Turkey - The Supreme Court of Appeals denied a report saying that an apparatus used to reflect signals from a bugging device found in Prime Minister Recep Tayyip ErdoÄŸan's office in Ankara in 2012 was found that same year on the roof of the top court's headquarters.

The Milliyet daily reported that the signal from a bugging device found in ErdoÄŸan's office was found to be reflected by an apparatus installed on the roof of the Supreme Court of Appeals' headquarters, which is very close to the former Prime Ministry Office in Ankara, during technical inspections of the court's headquarters soon after the bugging devices were found. (more)
  
Coincidentally... 

Turkish gov't to increase penalties for illegal wiretapping
The penalties for illegal wiretapping are to be strengthened in a government-led draft law which has stirred reactions from the opposition for increasing the justice minister’s power on the judiciary.

The draft law, on which the government is currently working, will increase the penalties for illegal wiretapping as well as limiting the wiretapping done by the permission of Turkey’s Directorate of Telecommunication (TÄ°B), which is the sole authority over all of the wiretapping and surveillance activities of security units.

The penalties for those who leaked the wiretappings will be increased. The penalties for the officials, who used their authority to wiretap illegally, will also be regulated with the draft law. The use of wiretapping and audio surveillance as part of the investigations will be limited. (more)

Spybusters Tip #873 - Eavesdropping on Foscam IP Video Cameras

The following Foscam MJPEG based video cameras (firmware version .54) can be accessed without a password: FI8904W, FI8905E, FI8905W, FI8906W, FI8907W, FI8909W, FI8910E, FI8910W, FI8916W, FI8918W, FI8919W

Foscam will be posting a firmware upgrade on their website to fix this issue. Unfortunately, most users will never know about it. 
 
Test Your Camera - A quick way to verify and confirm if your camera has this issue:
1. Enter your camera's IP address in your web browser. Example: 192.168.1.101
2. When you see the password screen do not enter a User Id and Password. Simply click the OK button. If you see your camera, you have the problem. 

Use this work-around for temporary protection (here), and be sure to upgrade the firmware when it becomes available (here).

Plan to Ban Instant Messaging has Unintended Consequences

Goldman Sachs Group Inc. is planning to ban traders from using some computer-messaging services in a bid to protect proprietary information at the heart of its sales-and-trading operation.

Under a new policy, the Wall Street firm won't allow person-to-person communication over instant-messaging (IM) services created by Bloomberg LP, Yahoo Inc., AOL Inc. and other third-party providers including Pivot Inc., according to a draft of a memo reviewed by The Wall Street Journal.


Goldman is seeking to prevent information from internal conversations from being filtered and disseminated beyond the bank's walls. The planned ban reflects a mistrust of technology developed by messaging-service providers that can make its traders more efficient but also be used to mine private communications for closely guarded intelligence on securities pricing. (more)

FutureWatch: Expect other financial institutions to follow.

Unintended Consequence: Scraping (a Wall Street term for collecting useful tidbits of info) attempts will continue as always, but it won't be easy pickings anymore. Conventional spycraft (bugging and wiretapping) worked before IM came along. It continues to work, and will become the best option again. Technical Surveillance Countermeasures (TSCM) inspections are the most cost-effective defense.

Wednesday, January 22, 2014

UPDATED - Privacy Journal's Compilation of State and Federal Privacy Laws

This new book includes new privacy laws on: demands for social-media passwords by employers and universities, use of credit reports by employers, new tracking technologies, new state restrictions on use and disclosure of Social Security numbers, plus updated chapters on credit reporting, medical, financial, testing in employment, insurance, government information, and much more, grouped by categories and listed alphabetically by states. Descriptions of state, federal, and Canadian laws are included.

Privacy Journal's Compilation of State and Federal Privacy Laws replaces the 2002 book and all subsequent supplements in one consolidated hard copy edition, 80 pages, ISBN is 9780930072568

It is also available in an electronic edition so that you may store it in your computer and search later by key words and states.


Contact:
Lee Shoreham, Assistant to the Publisher
PRIVACY JOURNAL
PO Box 28577
Providence RI 02908
Phone: 401/274-7861
Fax: 401/274-4747
orders@privacyjournal.net
www.privacyjournal.net

Also available from amazon.com.