Monday, January 5, 2015

How to Travel Like a Spy

A 14-page document from the Central Intelligence Agency carrying the arduous bureaucratic title of “Surviving Secondary: An Identity Threat Assessment of Secondary Screening Procedures at International Airports”... Translated into normal English, this means how undercover agents can avoid trouble when going through passport and custom controls.

Although the study deals narrowly with the CIA’s concern that its clandestine agents will be stopped in passport checks and their false identities exposed, its information holds interest to anyone who travels internationally. Indeed, it’s a useful guide precisely to what not to do when landing in a foreign airport.
(more)

More Ops Against Cops for Taps in Turkey

At least 34 police officers, including former police chiefs, were detained on charges of illegal wiretapping in simultaneous dawn raids on Monday across multiple provinces as part of a new wave of investigations into the police.

Twenty-two police officers who formerly served at the intelligence unit of the Gaziantep Police Department were detained in 13 Turkish provinces, and another 14 were detained in 12 provinces in an operation based out of Şanlıurfa. There are reportedly police chiefs among those who were taken into custody in the Şanlıurfa-based operation.
(more)

SnoopSnitch App Detects IMSI Catchers ...on some Android phones

SnoopSnitch is a brand new app for Android users developed by the folks over at Security Research Labs. Its purpose is to bring more control in the hands of consumers by collecting and analyzing mobile radio data. The new app warns about Android users about such threats like fake base stations (IMSI catchers), user tracking, and SS7 attacks, but at the moment it will work only on rooted devices with a Qualcomm chip inside.

International Mobile Subscriber Identity (IMSI) catchers are eavesdropping devices that are being used for intercepting mobile phone traffic and tracking the movement of smartphone users. The guys over at Techopedia have a slightly more detailed explanation:

To prevent the subscriber from being identified and tracked by eavesdroppers on a radio interface, the IMSI is rarely transmitted. A randomly generated temporary mobile subscriber identity (TMSI) is sent instead of the IMSI, to ensure that the identity of the mobile subscriber remains confidential and eliminate the need to transfer it in an undeciphered fashion over radio links.

Security experts have discovered security flaws that could allow hackers to listen to private calls and read text messages by using IMSI catchers or ‘stingrays’. So if you are concerned about these things, the new SnoopSnitch can detect IMSI catchers and warn smartphone users if their devices are giving up their personal information. Besides intercepting traffic and tracking the movement, hackers can use this loophole to even manipulate the device remotely.
(more)

...thus upstaging Santa's naughty and nice list...

The US National Security Agency (NSA) published transparency reports on its web page at 1:30 pm on Christmas Eve.

Time span of the reports is from the fourth quarter of 2001 to the second quarter of 2013. The reports were released after the American Civil Liberties Union (ACLU) issued a Freedom of Information Act request for the information.
(more)

Lizard Patrol May Soon Be Able to Eavesdrop On Tor Users

Uh oh. Lizard Patrol, the hacking group claiming responsibility for the Christmas attacks on PlayStation and Xbox Live, has announced a new target: Tor, the anonymous internet service.

The hacker group appears to be attempting to dominate Tor's relays to the point where it can comprise anonymity. Tor keeps you anonymous by bouncing your communications around a network of volunteer nodes. But if one group is controlling the majority of the nodes, it could be able to eavesdrop on a substantial number of vulnerable users. Which means Lizard Squad could gain the power to track Tor users if it infiltrates enough of the network.

So far, they have already established over 3000 relays, nearly half of the total number. That's very not good.
(more)

Tuesday, December 23, 2014

Companies May Get a New Weapon in the Fight Against Economic Espionage

Currently, intellectual property owners that want to file suit for trade secret theft can only do so in state court. Under the Senate’s Defend Trade Secrets Act and the House’s Trade Secrets Protection Act, plaintiffs could sue in federal court, where it can be easier to reach defendants that have fled to another state or country.

Both bills, which are similar in scope, have Democratic and Republican sponsors, who cited federal estimates that U.S. businesses lose $300 billion a year as a result of trade secret theft. (more)

Kangaroo Knocks Out Drone

The kids are scared. What's a mother to do?

Army Needs Super Fly Robot Spy (wannahelp?)

Army invites investors, engineers to help develop technology like fingernail-sized fly bot whose wings flap without motors.

Click to enlarge.
Researchers at the U.S. Army are taking advantage of an unusually unclassified approach to military systems development to ask for help turning a clever robotic fly into an almost undetectable spy.

The robotic flies are – or will be – semi-autonomous robots that look like real bugs and fly using wings that flap without being controlled by a motor. (more)

Skype for Android App - Eavesdropping - Feature or Flaw

The Skype for Android app reportedly features a flaw that allows other users to eavesdrop without any real effort.

As discovered by a Reddit user Ponkers (via Android Police), the security bug in Android app can "can force the Android version of Skype to answer, allowing you to eavesdrop."

The old fashioned way.
As Ponkers explains, first it requires two devices signed into Skype account Android phone (device 1) and desktop (device 2). Now, if the user calls the target Android device (device 3) with the Android phone (device 1) and then disconnects from Internet while the target Android phone (device 3) has answered, it results in a call back from the target Android phone (device 3) to the user on desktop (device 2), and an automatic connection without the owner of the device necessarily knowing. (more)

Monday, December 22, 2014

SpyCams in the Pathology Department - Staffers Bugged

Australia - SA Health has admitted using cameras hidden in smoke detectors to monitor its staff at SA Pathology premises in Adelaide.

Two cameras were installed in October in offices... as part of an investigation into processing delays for pathology reports...

A staff member, who did not want to be identified, said it did not take staff long to notice something suspicious. "The staff felt violated, there's also a microphone attachment to it so [we do not know] whether they were listening in or conversations were being recorded," they said.

However, a spokesperson for SA Health said the cameras were not used to record audio. (more)

Security Flaws Let Hackers Listen in on Cell Phone Calls

German researchers say the network that allows cellphone carriers to direct calls to one another is full of security holes. (more)

Man Bots Ex-Girlfriend's Computer... for several years

PA - A former Pennsbury School District computer technician from Doylestown Township was placed on probation for three years for remotely spying on his ex-girlfriend and their child.

Joseph Tarr, 31, admitted to controlling the Middletown woman’s home computer and its webcam for several years. By the time he was arrested, Tarr had numerous audio and video recordings of the activities in the woman’s home — all captured without her knowledge, authorities said. (more)

PI Tip # 512 - Make: Coffee Cup SpyCam

Take your cup of Joe from classic to classified with a tilt-triggered spy camera.

The trick is to modify two paper coffee cups — install the device in one, slide it into the second, and align holes cut in the bottoms of each. Two LEDs can be seen through the standard plastic lid — one illuminates when the tilt switch is activated, the other flashes twice after a picture has been taken.


Think your cover has been blown? Simply rotate the cups to hide the camera... (more)

Self-Destructing Spy Phone (Can't tell you any more right now.)

Chalk this up as one of the stranger corporate announcements this week, delivered by BlackBerry CEO John Chen...
Click to enlarge.

“We are pleased to announce that Boeing is collaborating with BlackBerry to provide secure mobile solution for Android devices utilizing our BES 12 platform. That, by the way, is all they allow me to say. So sorry (if) it seems like I am reading it word for word. .. I’m true to my commitment here.”...

It’s a sealed device, with epoxy around the casing and tamper-proof screws to prevent it from being opened... 

Any attempt to break open the casing of the device would trigger functions that would delete the data and software contained within the device and make the device inoperable,” a lawyer for Boeing wrote in a letter to the FCC... (more)

Thursday, December 18, 2014

How to Spy on Your Competition...

...by keeping tabs on their Internet presence. (And, how they may be spying on you!)