A security blogger has discovered a flaw in Google Chrome that allows attackers to turn any victim's machine into a listening post.
A blogger named Guya explained that a deprecated speech API known as "x-webkit-speech" can be harnessed to run in the background without any indication to the end user that their microphone is on. His blog post includes a video that demonstrates the flaw, which you can view below.
A developer simply needs to add a single line of code to a website to exploit the bug and gain access to an audio feed of the victim's environment. (more)
Sunday, April 13, 2014
Secret WW1 Spy Files Have Been Made Available Online
UK - Interrogation reports and photographs are among secret MI5 files about World War One spies being made available online for the first time.
Among the spies detailed are Swallows and Amazons author Arthur Ransome and Dutch spy Mata Hari, who was executed for spying for the Germans.
More than 150 files are being made available in the digitized release.
It is part of a series by the National Archives to mark the centenary of World War One. (more)
The files can be accessed at the National Archives link - First World War 100.
Among the spies detailed are Swallows and Amazons author Arthur Ransome and Dutch spy Mata Hari, who was executed for spying for the Germans.
More than 150 files are being made available in the digitized release.
It is part of a series by the National Archives to mark the centenary of World War One. (more)
The files can be accessed at the National Archives link - First World War 100.
Turkish government rocked by illegal wiretapping
Turkey - Some150 officials were dismissed from the various government agencies regarding illegal wiretapping, the Turkish Interior Minister Efka Ala says.
At present time, the measures are being taken for identification of the organizers of illegal wiretapping, the Turkish Anadolu newspaper quotes the minister as saying.
Turkish media reported on Feb. 25 that in 2011 telephone conversations of about 7,000 people associated with the representatives of both the ruling and opposition parties, including family members of the PM were wiretapped, as part of the anti-terrorist operation carried out by the Istanbul prosecutor's office against the Salam terrorist organization. (more)
At present time, the measures are being taken for identification of the organizers of illegal wiretapping, the Turkish Anadolu newspaper quotes the minister as saying.
Turkish media reported on Feb. 25 that in 2011 telephone conversations of about 7,000 people associated with the representatives of both the ruling and opposition parties, including family members of the PM were wiretapped, as part of the anti-terrorist operation carried out by the Istanbul prosecutor's office against the Salam terrorist organization. (more)
Irish government rocked by exposure of secret police wire-tapping
Ireland - A major scandal over a long-running programme of secret surveillance by the Garda (police) has engulfed the Fine Gael/Labour Party government in Dublin.
Leaks show that for over 30 years Garda stations and prisons across the country have been bugged with listening devices, which have been used to record outgoing and incoming telephone calls. The phones of journalists involved in investigations relating to police activity have been tapped.
Among the thousands of calls on record are hundreds between suspects and their solicitors, a grave infringement on the basic right of defendants to consult in private with a legal representative. According to the information so far made public, such practices continued until November last year before former Garda Commissioner Martin Callinan supposedly stopped them. (more)
Leaks show that for over 30 years Garda stations and prisons across the country have been bugged with listening devices, which have been used to record outgoing and incoming telephone calls. The phones of journalists involved in investigations relating to police activity have been tapped.
Among the thousands of calls on record are hundreds between suspects and their solicitors, a grave infringement on the basic right of defendants to consult in private with a legal representative. According to the information so far made public, such practices continued until November last year before former Garda Commissioner Martin Callinan supposedly stopped them. (more)
Saturday, April 12, 2014
Special ed student records proof of bullying, threatened with charges of wiretapping
PA - A special education high school student made an audio recording of a bullying incident and was later threatened with charges of wiretapping.
School administrators agreed to reduce the sentence, and March 19 the student, from South Fayette High School in McDonald, Pa., was charged with disorderly conduct.
The student and his mother, Shea Love, testified in front of District Judge Maureen McGraw-Desmet that he had been repeatedly shoved and tripped at school, and that a fellow student had even attempted to burn him with a cigarette lighter. (more)
School administrators agreed to reduce the sentence, and March 19 the student, from South Fayette High School in McDonald, Pa., was charged with disorderly conduct.
The student and his mother, Shea Love, testified in front of District Judge Maureen McGraw-Desmet that he had been repeatedly shoved and tripped at school, and that a fellow student had even attempted to burn him with a cigarette lighter. (more)
SpyCam Found in NYC Subway
Be careful on the subway. Sure, the platforms are safer than ever, and the cars are even pretty clean. But credit card thieves seem to come up with a new way to steal your personal information every day. The latest ploy: a card-reading spy camera, hiding above the MetroCard machine.
The MTA just put out a call for customers "to be vigilant" when buying MetroCards, after finding the hidden camera inside of a power outlet in the heavily trafficked 59th St-Columbus Circle station. A passenger noticed the device and ripped it down before taking it to the station agent. The MTA also found a card-skimming device installed on one of the machines. (more)
The MTA just put out a call for customers "to be vigilant" when buying MetroCards, after finding the hidden camera inside of a power outlet in the heavily trafficked 59th St-Columbus Circle station. A passenger noticed the device and ripped it down before taking it to the station agent. The MTA also found a card-skimming device installed on one of the machines. (more)
SpyCams Found in Leeds United Stadium Boardroom... and Toilets
UK - Police have begun an investigation at Leeds United after spy cameras were apparently found at the Elland Road stadium in a security sweep ordered by controversial new boss Massimo Cellino.
West Yorkshire Police would not confirm details of their inquiry but, according to reports, officers were called to the ground on Wednesday after surveillance equipment was found in the boardroom and toilets.
The police inquiry centered around an allegation of theft, relating to the club funds apparently used to buy the cameras. (more)
West Yorkshire Police would not confirm details of their inquiry but, according to reports, officers were called to the ground on Wednesday after surveillance equipment was found in the boardroom and toilets.
The police inquiry centered around an allegation of theft, relating to the club funds apparently used to buy the cameras. (more)
In-Flight Wi-Fi: Privacy Going GoGoing Gone
The NSA is harvesting the online data of millions of airline passengers who use inflight WiFi across the U.S., a secret letter has revealed.
Gogo, the main supplier of WiFi to airlines in the U.S., are among a host of network providers that have been handing over information gleaned from air travelers' browsing history.
The news has enraged privacy campaigners who say the data exchange may be in violation of U.S. law.
A letter, leaked to Wired, Gogo admitted violating the Communications Assistance for Law Enforcement Act (CALEA) - a 1994 wiretapping law that gave a backdoor to government agencies to monitor telecom and broadband activity.
But Gogo states in the letter that it added a raft of new measures to its service that made spying on users easier for the authorities. (more)
Gogo, the main supplier of WiFi to airlines in the U.S., are among a host of network providers that have been handing over information gleaned from air travelers' browsing history.
The news has enraged privacy campaigners who say the data exchange may be in violation of U.S. law.
A letter, leaked to Wired, Gogo admitted violating the Communications Assistance for Law Enforcement Act (CALEA) - a 1994 wiretapping law that gave a backdoor to government agencies to monitor telecom and broadband activity.
But Gogo states in the letter that it added a raft of new measures to its service that made spying on users easier for the authorities. (more)
NSA Issues "Best Practices for Keeping Your Home Network Secure"
All right. Stop giggling.
If you can get past the double irony (recommendation #5 being the second), this 8-page pdf document is really quite good. (more)
If you can get past the double irony (recommendation #5 being the second), this 8-page pdf document is really quite good. (more)
Friday, April 11, 2014
App Scam: Top Ranked Anti-Spyware App Removed from Google Play
Until Sunday night, the top new paid app on the Google Play store was a complete scam. Google Inc. quickly removed “Virus Shield” from the Google Play store, but not before thousands of people downloaded the fake anti-malware app, exposing a major flaw in the open strategy Google has taken with its mobile app marketplace.
"Virus Shield" claimed that it protected Android smartphone users from viruses, malware and spyware, and that it even improved the speed of phones. It touted its minimal impact on battery life and its additional functionality as an ad blocker. At only $3.99, "Virus Shield" sounded like a pretty good deal to the tens of thousands of people who downloaded it in less than two weeks.
Virus Shield downloads Google Play Store (screenshot by Android Police)
Those 10,000 people even seemed to enjoy "Virus Shield," as the app maintained a 4.7-star rating from about 1,700 users. Another 2,607 users recommended it on the Google Play store, helping “Virus Shield” get ranked as the No. 1 new paid app and third overall top paid app. (more)
Coming soon to Google Play, something that really works.
"Virus Shield" claimed that it protected Android smartphone users from viruses, malware and spyware, and that it even improved the speed of phones. It touted its minimal impact on battery life and its additional functionality as an ad blocker. At only $3.99, "Virus Shield" sounded like a pretty good deal to the tens of thousands of people who downloaded it in less than two weeks.
Virus Shield downloads Google Play Store (screenshot by Android Police)
Those 10,000 people even seemed to enjoy "Virus Shield," as the app maintained a 4.7-star rating from about 1,700 users. Another 2,607 users recommended it on the Google Play store, helping “Virus Shield” get ranked as the No. 1 new paid app and third overall top paid app. (more)
Coming soon to Google Play, something that really works.
Labels:
Android,
App,
cautionary tale,
cell phone,
malware,
scam,
spyware,
X-Ray Vision
Friday, April 4, 2014
Red Flag - Doing Business in China? Using Your Intellectual Property? Take Note...
Knowles, a supplier of microphones to Apple and Samsung Electronics, said its lawyers were shut out of court proceedings in an intellectual property suit filed by a Chinese rival, highlighting the uncertainties foreign companies can face in China’s legal system.
Itasca, Ill.-based Knowles is the world’s largest supplier of micro-electrical-mechanical systems (MEMS) microphones, which are widely used in smartphones. The company has a factory in Suzhou, near Shanghai. Since 2012, Knowles has faced stronger competition from business with Apple from Chinese competitors Goertek and AAC Technology Holdings. Knowles and Goertek have been locked in legal battles in the U.S. and China since June, with each accusing the other of patent infringements...
Knowles said Wednesday the Weifang Intermediate People’s Court in China denied its lawyers access to the courthouse as the trial against Goertek proceeded on March 31.
“The Weifang Court’s decision to bar Knowles from the legal proceedings makes a fair trial impossible,” said Knowles Chief Executive Jeffrey Niew.
Intellectual property has long been a major issue for foreign companies that operate in China...
Lawyers in China said the situation Knowles is alleging is unusual and raises questions of whether other companies could face such a situation. (more)
Itasca, Ill.-based Knowles is the world’s largest supplier of micro-electrical-mechanical systems (MEMS) microphones, which are widely used in smartphones. The company has a factory in Suzhou, near Shanghai. Since 2012, Knowles has faced stronger competition from business with Apple from Chinese competitors Goertek and AAC Technology Holdings. Knowles and Goertek have been locked in legal battles in the U.S. and China since June, with each accusing the other of patent infringements...
Knowles said Wednesday the Weifang Intermediate People’s Court in China denied its lawyers access to the courthouse as the trial against Goertek proceeded on March 31.
“The Weifang Court’s decision to bar Knowles from the legal proceedings makes a fair trial impossible,” said Knowles Chief Executive Jeffrey Niew.
Intellectual property has long been a major issue for foreign companies that operate in China...
Lawyers in China said the situation Knowles is alleging is unusual and raises questions of whether other companies could face such a situation. (more)
Thursday, April 3, 2014
If You Don't Sweep, Don't Try to Sweep it Under the Rug When it Happens
Days after the chief financial officer of a Tampa maintenance company was accused of recording videos of female employees using the bathroom and showering, the former information technology employee who exposed the chief financial officer's alleged actions has sued the company and his ex-boss.
On March 28, Jeremy Lenkowski, the former information technology director for MaintenX , filed a lawsuit accusing the company's president and vice president, among others, of failing to act after Lenkowski showed them videos he'd discovered on CFO James Stanton Jr.'s laptop in 2010. (more)
On March 28, Jeremy Lenkowski, the former information technology director for MaintenX , filed a lawsuit accusing the company's president and vice president, among others, of failing to act after Lenkowski showed them videos he'd discovered on CFO James Stanton Jr.'s laptop in 2010. (more)
Nearly Invisible, Lens-Free Camera is the Future of Spying
The camera modules used in today's smartphones are typically pretty small, as you can see from the image below. However if you look to the left, you'll see something even smaller that's set to be the future of spying.
Researchers at Rambus have developed a miniscule camera with a 200 micron (µm) sensor, which is smaller than the tip of a pencil. It's also completely lens-free, with the tiny sensor mapping out light signals before a processor compiles the data into a viewable image. (more)
Researchers at Rambus have developed a miniscule camera with a 200 micron (µm) sensor, which is smaller than the tip of a pencil. It's also completely lens-free, with the tiny sensor mapping out light signals before a processor compiles the data into a viewable image. (more)
Sports Spying (aka business espionage): Spying on Earthquakes
Mexico's Deportivo Toluca has been handed a $5,000 fine by CONCACAF's disciplinary committee for spying on a San Jose Earthquakes training session.
San Jose Earthquakes claimed that Toluca had filmed, without authorization, parts of a closed training session on March 18 at Estadio Nemesio Diez, before the return leg of their Champions League quarter final...
The Mexican/US spygate scandal is not the first time one club has been caught illegally watching another's training session.
In a slightly more light-hearted incident in Italy last year a coach from Genoa was caught "spying" on local rivals Sampdoria of their derby clash. The agent was dressed in Rambo-style camouflage and hiding in the training ground bushes.
Sampdoria said in a statement he was hiding "like Rambo" but "failed to overcome Sampdoria's intelligence and counter-intelligence operations". (more)
Moral: Have a counter-intelligence strategy. Professional counterespionage help here.
San Jose Earthquakes claimed that Toluca had filmed, without authorization, parts of a closed training session on March 18 at Estadio Nemesio Diez, before the return leg of their Champions League quarter final...
The Mexican/US spygate scandal is not the first time one club has been caught illegally watching another's training session.
In a slightly more light-hearted incident in Italy last year a coach from Genoa was caught "spying" on local rivals Sampdoria of their derby clash. The agent was dressed in Rambo-style camouflage and hiding in the training ground bushes.
Sampdoria said in a statement he was hiding "like Rambo" but "failed to overcome Sampdoria's intelligence and counter-intelligence operations". (more)
Moral: Have a counter-intelligence strategy. Professional counterespionage help here.
Privacy: On-line Search Privacy Options
Explore services that allow you to search online without compromising your privacy.
Subscribe to:
Posts (Atom)