Friday, January 9, 2015

Hanoi Police Seek Criminal Charges in Massive Phone Bugging Case

Hanoi police have finished investigating a deputy director and six employees of a technology firm which sold a spy app that allowed its users to spy on more than 14,000 mobile phones in 2013-2014.

They said Thursday they have recommended that the prosecutor's office charge Viet Hong Technology Company’s Deputy Director Nguyen Viet Hung and six employees for “illegally using information culled from computer, internet and telecommunication networks.”

Police said Hung, 41, and the employees... developed mobile phone-monitoring software and sold it to more than 14,000 people between September 2013 and May 2014.

Hung and the six employees earned around VND900 million (US$42,000) from the illegal activity, police said. 

For VND400,000 ($19) per month, Viet Hong's customers could install the Ptracker software onto anyone's smartphones to listen on calls, read text messages, access contacts, track the owners' movements and use the phone to listen in on their daily lives.

The stolen information was archived on Viet Hong’s servers and could be accessed by signing up for a paid account.
(more)

TEMPEST in a Tea Shop, or Dude, You're Leaking

If you’re sitting in a coffee shop, tapping away on your laptop, feeling safe from hackers because you didn’t connect to the shop’s wifi, think again. The bad guys may be able to see what you’re doing just by analyzing the low-power electronic signals your laptop emits even when it’s not connected to the Internet. And smartphones may be even more vulnerable to such spying.


Researchers at the Georgia Institute of Technology are investigating where these information “leaks” originate so they can help hardware and software designers develop strategies to plug them. By studying emissions from multiple computers, the researchers have developed a metric for measuring the strength of the leaks — known technically as “side-channel signal” — to help prioritize security efforts.
(more)

Thursday, January 8, 2015

Security Directors: Cell Phone App Security... in simple terms, pass it around.

Mobile devices, such as tablets and smartphones, have become one of the primary technologies we use in both our personal and professional lives.

What makes mobile devices so versatile are the millions of apps we can choose from...

However, with the power of all these mobile apps come risks. Here are some steps you can take to securely use and maintain your mobile apps.
(Securely Using Mobile Apps)

Peeking Through Keyholes With Lasers... well, yes and no.

An imaging technique that measures the path of a laser to build up a three-dimensional picture could now let spies map an entire room through a tiny hole.

In 2012, researchers used a laser to see around corners. The system worked by firing short laser pulses at a nearby wall, bouncing light around a corner to a hidden object, which then bounces some of it back to a camera next to the laser...

Now Chenfei Jin of the Harbin Institute of Technology in China and colleagues have taken this a step further. They used a laser set-up to measure the 3D shape and position of three cardboard letters, spelling HIT, through a 2 centimetre hole in a nearby wall...

The letters were coated in highly reflective material while the rest of the room was covered in black light-absorbing cloth, so the technique might not work as well in a real-world setting...

Guy Satat of the Massachusetts Institute of Technology says he likes the work, but points out that if the hole were easily accessible, it would be easier for would-be spies to simply put a camera up against the wall and take a photo of the room.
(more)

Wednesday, January 7, 2015

Encrypted Video-calling and Chat Service by Kim Dotcom

Kim Dotcom, founder of the file hosting service Mega, is preparing to launch an encrypted video-calling and chat service that will shield its users’ communications from government surveillance.

“Mega will soon release a fully encrypted and browser-based video call and chat service including high-speed file transfers,” the entrepreneur known as Kim Dotcom said in a tweet.

Kim Dotcom is positioning the service as a more secure way to chat and collaborate online free of government surveillance or spying, partly by virtue of Mega being based in New Zealand. Kim Dotcom has been teasing the app for some time, though now it appears nearly ready for prime time.
(more)

Movie Scoop - The Man from U.N.C.L.E. (returns)

Henry Cavill (Man of Steel) stars as Napoleon Solo opposite Armie Hammer (The Social Network) as Illya Kuryakin in director Guy Ritchie’s action adventure The Man from U.N.C.L.E., a fresh take on the hugely popular 1960s television series. Set against the backdrop of the early 1960s, at the height of the Cold War, The Man from U.N.C.L.E. centers on CIA agent Solo and KGB agent Kuryakin. Forced to put aside longstanding hostilities, the two team up on a joint mission to stop a mysterious international criminal organization, which is bent on destabilizing the fragile balance of power through the proliferation of nuclear weapons and technology. The duo’s only lead is the daughter of a vanished German scientist, who is the key to infiltrating the criminal organization, and they must race against time to find him and prevent a worldwide catastrophe.

The Man of U.N.C.L.E. is expected in theaters from August 14th, 2015.

Until then...

Weird Spy News - Man in trunk spying on car passenger, CIA admits UFOs, and more...

NJ - Two men were arrested Monday after police say they were found with drugs while trying to spy on someone else. ...police pulled Edguardo Mendez, 24, of Newark, over at 2:54 a.m. Monday while he was driving with a passenger... During the stop, officers found that another man, Trevor Torres, 21, of Belleville, was hiding in the car's trunk... Torres, “was a surprise to the front seat passenger whom (he) was allegedly spying on,” Bloomfield Sgt. Anthony Servedio said... Torres was arrested on multiple drug charges... Mendez was charged with marijuana possession... Police did not immediately respond to questions about the men’s relationship to the passenger, or why the two were trying to spy.
(more)

Spy on and play with your pet from afar with Petcube.
 
The Central Intelligence Agency (CIA) has recently taken responsibility for at least half of all UFO sightings between 1950s-60s... A previously confidential CIA document revealed that most of the sightings were actually U-2 spy planes.
(See Pages 72-73.)


And... What The Hell Is Going On In The Buick Commercial Where The Couple Is Spying On The Garcias?

Tuesday, January 6, 2015

No Warrant Wiretaps - There is a Santa "Clause"

If you're in a public place, don't expect your phone calls and texts to stay private. At least not if the FBI flies a Cessna over your head or drives a car around your neighborhood while you're out for a walk.

Warrant?
The FBI won't bother to obtain search warrants before it uses interception devices on people in public, according to a letter written by Senate Judiciary Committee Chairman Patrick Leahy (D-Vt.) and staffer Sen. Chuck Grassley (R-Iowa).

These devices include Stingrays, the cell-tower decoy interception devices used to scoop up data from devices around it. The FBI puts Stingrays and similar devices known as dirtboxes in cars and small airplanes as a way to quickly dragnet data from a large number of devices while it is hunting for a device that belongs to a suspect.
(more)

Is it OK to spy on your kids? (CNN)

Whether you think spying on your kids is acceptable in today's digital age or a breach of trust seems to really depend on how you define "spying" in the first place.

In conversations over email with parents across the country, it's clear that people have dramatically different views about the definition and whether it's an appropriate behavior to help keep children safe.

"I don't call it spying. I call it parenting," said Amanda Rodriguez, a mom of three boys in Frederick, Maryland... On the other side are parents such as Lori Day, an educational psychologist and mom of a daughter in graduate school, who considers spying "an invasion or privacy and a violation of trust."
(more)

Pest Control Tech Arrested for... Planting Bugs (update)

A southwest Iowa man (38-year-old Aaron Johnson) accused of planting audio recording devices in a woman’s home now faces a federal charge of being a felon in possession of firearms...

He’s pleaded not guilty to state charges of eavesdropping and being a felon in possession of a firearm...

The woman reported finding one of the audio bugs, and then authorities found another in her bedroom. She says the only person granted access to her residence was a pest control technician, Johnson.

Police say a search of Johnson’s home turned up similar devices and guns and ammunition.
(more) (background)

Monday, January 5, 2015

How to Travel Like a Spy

A 14-page document from the Central Intelligence Agency carrying the arduous bureaucratic title of “Surviving Secondary: An Identity Threat Assessment of Secondary Screening Procedures at International Airports”... Translated into normal English, this means how undercover agents can avoid trouble when going through passport and custom controls.

Although the study deals narrowly with the CIA’s concern that its clandestine agents will be stopped in passport checks and their false identities exposed, its information holds interest to anyone who travels internationally. Indeed, it’s a useful guide precisely to what not to do when landing in a foreign airport.
(more)

More Ops Against Cops for Taps in Turkey

At least 34 police officers, including former police chiefs, were detained on charges of illegal wiretapping in simultaneous dawn raids on Monday across multiple provinces as part of a new wave of investigations into the police.

Twenty-two police officers who formerly served at the intelligence unit of the Gaziantep Police Department were detained in 13 Turkish provinces, and another 14 were detained in 12 provinces in an operation based out of Şanlıurfa. There are reportedly police chiefs among those who were taken into custody in the Şanlıurfa-based operation.
(more)

SnoopSnitch App Detects IMSI Catchers ...on some Android phones

SnoopSnitch is a brand new app for Android users developed by the folks over at Security Research Labs. Its purpose is to bring more control in the hands of consumers by collecting and analyzing mobile radio data. The new app warns about Android users about such threats like fake base stations (IMSI catchers), user tracking, and SS7 attacks, but at the moment it will work only on rooted devices with a Qualcomm chip inside.

International Mobile Subscriber Identity (IMSI) catchers are eavesdropping devices that are being used for intercepting mobile phone traffic and tracking the movement of smartphone users. The guys over at Techopedia have a slightly more detailed explanation:

To prevent the subscriber from being identified and tracked by eavesdroppers on a radio interface, the IMSI is rarely transmitted. A randomly generated temporary mobile subscriber identity (TMSI) is sent instead of the IMSI, to ensure that the identity of the mobile subscriber remains confidential and eliminate the need to transfer it in an undeciphered fashion over radio links.

Security experts have discovered security flaws that could allow hackers to listen to private calls and read text messages by using IMSI catchers or ‘stingrays’. So if you are concerned about these things, the new SnoopSnitch can detect IMSI catchers and warn smartphone users if their devices are giving up their personal information. Besides intercepting traffic and tracking the movement, hackers can use this loophole to even manipulate the device remotely.
(more)

...thus upstaging Santa's naughty and nice list...

The US National Security Agency (NSA) published transparency reports on its web page at 1:30 pm on Christmas Eve.

Time span of the reports is from the fourth quarter of 2001 to the second quarter of 2013. The reports were released after the American Civil Liberties Union (ACLU) issued a Freedom of Information Act request for the information.
(more)

Lizard Patrol May Soon Be Able to Eavesdrop On Tor Users

Uh oh. Lizard Patrol, the hacking group claiming responsibility for the Christmas attacks on PlayStation and Xbox Live, has announced a new target: Tor, the anonymous internet service.

The hacker group appears to be attempting to dominate Tor's relays to the point where it can comprise anonymity. Tor keeps you anonymous by bouncing your communications around a network of volunteer nodes. But if one group is controlling the majority of the nodes, it could be able to eavesdrop on a substantial number of vulnerable users. Which means Lizard Squad could gain the power to track Tor users if it infiltrates enough of the network.

So far, they have already established over 3000 relays, nearly half of the total number. That's very not good.
(more)