Wednesday, June 3, 2015

Bionic Ear Comes with Wireless Microphone and Control App

Soundhawk is an ear-worn "smart listening system," which the company is very careful to describe as ... well, anything but a hearing aid...
There are two parts: the "scoop" (that's it on the right, above) which is the listening device that you put in your ear, and the "wireless mic," which you can (optionally) place near someone who's talking to you in a noisy environment. The wireless mic can either rest on a table or clip onto something like a shirt or jacket. And you can easily switch between modes using one of the buttons on the earpiece. Using the scoop alone, the audio enhancement is quite good.

...it all connects to your smartphone via Bluetooth Low Energy. The companion app lets you choose among four different listening modes (indoors, outdoors, driving and restaurants), each of which you can customize for brighter or fuller audio, as well as the level of the boost. There's also an output volume control.

There's also the potential for some serious eavesdropping here, if you tuned the settings for that... our closed-door simulations allowed us to understand faint whispers from across a bedroom. The next time you're whispering a secret to a friend, watch out for people wearing Soundhawks in the area. They might be able to hear you. more

Why do I mention it?
So you will know what you're up against.

Saturday, May 30, 2015

Antalya Police Tears Down its Office Walls, Paranoid About Bugging

Turkey - The police intelligence unit in Turkey’s primary holiday resort province Antalya has torn down its own walls in a search for a bugging device according to a tip, fueling the debate on government wiretapping.

The search was reported to have been conducted sometime in the past 8 months and apparently had not uncovered any device. The incident is likely to be regarded as indicative of the extent Turkey’s wiretap saga has reached.

Police intelligence forces who were detained and released over eight months ago were once again detained earlier in the week, in one of the latest episodes of the raids to target the police force over illegal wiretapping allegations.

Since the dated December 17, 2013 corruption probe which implicated the government, “illegal wiretapping” cases has resulted in the mass purge of the police force with hundreds of hundreds being imprisoned. Critics have slammed the government for arbitrarily using the allegations as a pretext to politicize the force. more

Friday, May 29, 2015

China Didn't Invent Industrial Espionage

The U.S. Justice Department last week charged six Chinese scientists for stealing trade secrets and engaging in industrial espionage on behalf of China. 

A separate case, announced Friday, involved the former chairman of the physics department at Temple University, a China-born U.S. citizen who allegedly passed along semiconductor technology while working at an unnamed American company.

Such cases often are held up as evidence of China’s perfidy and unscrupulous dealings in the global economy. But before getting into high dudgeon mode, the U.S., and for that matter, almost every Western nation, might wish to remember their own, no-holds-barred campaigns to swipe industrial secrets.

In fact, one of the first cases involved the theft of industrial secrets from China. In the 17th and 18th centuries, the Chinese alone possessed the ability to produce high-end “hard-paste” porcelain, an expensive material beloved by Europe’s elites. In the 1680s, a French Jesuit, Pere d’Entrecolles, traveled to China, where he saw the kilns and likely read technical works on the subject... more

Thursday, May 28, 2015

Business Espionage - Quote of the Week

"Commercial espionage is considered to be on the rise as our dependence on digital data – and technologies in the workplace – becomes more and more severe... We're only seeing the tip of the iceberg at the moment." ~ Dr Dionysios Demetis, Hull University Business School (UK) more

Summer Reading - Corporate Espionage

Here are five stories that delve deep into the murky world of corporate information gathering.

1. “Drug Spies” (Richard Behar, Fortune, September 1999)

This story about corporate spies fighting pirated drugs in the high stakes pharmaceutical industry reads like a summer action movie, complete with former Scotland Yard detectives, solitary confinement in a Cyprus prison and multinational drug giants.

2. “Confessions of a Corporate Spy” (George Chidi, Inc., February 2013)

George Chidi’s work is more social engineering than cloak-and-dagger, but this first-person piece from a competitive intelligence consultant offers fascinating insight into the less legally shaky subset of the corporate intelligence world. Bonus: the last third of the article functions as a how-to for aspiring information gatherers.

3. “The Secret Keeper” (William Finnegan, New Yorker, October 2009)

If there is a gold standard in the corporate intelligence world, it’s Kroll Inc., Jules B. Kroll’s namesake consulting group. Here the New Yorker profiles Mr. Kroll, who is “widely credited with having created an industry where there was none.”

4. “A Spy in the Jungle” (Mary Cuddehe, The Atlantic, August 2010)

Cuddehe was a freelance reporter with a busted rental car in a CancĂșn parking lot when a friend called with a “research” job:

…an offer from Kroll, one of the world’s largest private investigation firms, to go undercover as a journalist-spy in the Ecuadorian Amazon. At first I thought I was underqualified for the job. But as it turned out I was exactly what they were looking for: a pawn.

Her recollections, and reflections on why she chose not to take the job, are an interesting counterpoint to the New Yorker article.

5. “The Pizza Plot” (Adam L. Penenberg and Marc Barry, New York Times Magazine, December 2000)

Schwan’s knew that Kraft was going to roll out a new kind of frozen pizza, and that if they wanted to compete they would have to find out all sorts of specifics before the launch. This article, which is adapted from Penenberg and Barry’s 2000 book Spooked: Espionage in Corporate America, is a dazzlingly fun look at just how Schwan pulled that off.

Debate Over NSA ‘Spying’ Program, Explained in Under 2 Minutes

Congress has less than a week to decide the fate of a government surveillance program that was created after 9/11 to prevent terrorist attacks. The program, enabled by a provision under the Patriot Act, gives the National Security Agency a number of tools to fight terror, such as the ability to collect phone records in bulk. With the U.S. Senate deeply divided on the issue, The Daily Signal breaks down the debate happening on Capitol Hill. more

Free Espionage Movies Near Washington, DC

VA - The Crystal City Business Improvement District has revealed the lineup for its annual outdoor summer movie festival. The theme this year: espionage.

The movies are shown weekly on Monday at sunset — around 8:30 p.m. — and are held rain or shine, except in the event of dangerous weather.

Families are encouraged to bring a blanket to the free event. The outdoor “theater” is located in the courtyard of an office building at 1851 S. Bell Street.

The lineup is:
June 1 — Mission: Impossible
June 8 — Mission: Impossible II
June 15 — Mission: Impossible III
June 22 — Mission: Impossible- Ghost Protocol
June 29 — Charlie Wilson’s War
July 6 — RED
July 13 — Argo
July 20 — Tinker Tailor Soldier Spy
July 27 — Body of Lies
Aug. 3 — Enemy of the State
Aug. 10 — The Bourne Identity
Aug. 17 — The Bourne Supremacy
Aug. 24 — The Bourne Ultimatum
Aug. 31 — The Bourne Legacy



MIA - "The Conversation"


Tuesday, May 26, 2015

South Korea's New Law Mandates Installation Of Government-Approved Spyware

The app, "Smart Sheriff," was funded by the South Korean government primarily to block access to pornography and other offensive content online. But its features go well beyond that.

Smart Sheriff and at least 14 other apps allow parents to monitor how long their kids use their smartphones, how many times they use apps and which websites they visit. Some send a child's location data to parents and issue an alert when a child searches keywords such as "suicide," ''pregnancy" and "bully" or receives messages with those words...

Last month, South Korea's Korea Communications Commission, which has sweeping powers covering the telecommunications industry, required telecoms companies and parents to ensure Smart Sheriff or one of the other monitoring apps is installed when anyone aged 18 years or under gets a new smartphone. The measure doesn't apply to old smartphones but most schools sent out letters to parents encouraging them to install the software anyway...

South Korea's new system is by no means impervious. For one, it can only be fully applied to Android phones not Apple Inc. phones. more

Monday, May 25, 2015

A Memorial Day Thought - The Thing We Forgot to Fight For

We fight like hell for freedom, but we let the world pick our intellectual pockets.

Sure, the US has a counterespionage law. But it is a half-way measure. Ok, we do more than Canada. They don't even have a law.

Question... What is the quality of your freedom once your jobs are stolen, and your intellectual property is ripped out from under you? 

Memorial Day is a good day to re-print this post from April 5, 2012.

----------------------------------

Gen. Keith B. Alexander, (NSA)
...called the continuing, rampant cybertheft “the greatest transfer of wealth in history.” (bio)
---
Shawn Henry, (FBI) 
...current public and private approach to fending off hackers is "unsustainable.'' Computer criminals are simply too talented and defensive measures too weak to stop them, he said. (bio)
---
Richard A. Clark, (presidential advisor) 
"Yet the same Congress that has heard all of this disturbing testimony is mired in disagreements about a proposed cybersecurity bill that does little to address the problem of Chinese cyberespionage." (bio)
---

Letter to the Editor - The New York Times

Dear Editor,

Richard A. Clarke’s op-ed piece, “How China Steals Our Secrets,” (4/2/12) states the current business espionage problem perfectly, but we need a solution. Consider this...

The Chinese secrets of: silk and tea production; making porcelain, gunpowder and paper, could not survive Western espionage attacks – not even when protected with death penalties. Espionage killed their economy, and the damage lasted for centuries. Obviously, our competitive advantages are also our National Interest Assets.

The one-sided, punish-the-spy security model, still being used today, never worked. We need to make it two-sided. There must be a proactive legal responsibility to protect.

The solution... Corporate caretakers must be held accountable for protecting their valuables; our national treasures. We need a law creating business counterespionage security standards, with penalties for inadequate protection. We already
successfully employ the same concept with medical and financial record privacy.

Kevin D. Murray
Spybusters, LLC
---

A cybersecurity law alone will not stop spying. 
If implemented, it will force an increase in traditional spy techniques, such as: bugging, wiretapping, physical intrusions and social engineering. (Remember, computer data is available elsewhere long before it is computerized.) 

Protecting our competitive advantages requires a holistic approach; a National Interest Assets law which would also...

• Protect the entire intellectual property timeline, from brainstorming and initial discussions, to the final product or business strategy. 

• Impose a responsibility of due care upon the creators and holders competitive advantage information.

• Specify compliance requirements aimed at countering traditional business espionage practices. Technical Surveillance Countermeasures Inspections (TSCM / bug sweeps), information-security audits, and information-security compliance procedures; safeguards which can be easily mandated and monitored.

This is a no-brainer, Congress.

The cost of keeping National Interest Assets safe is infinitesimal compared to current losses (not to mention the long-term effects). Just ask the Chinese.
~Kevin

Saturday, May 23, 2015

Spy Trick # 482 - Keyless Car Break-in Mystery Solved

If you have a wireless key fob for a car with a remote keyless system, then you might want to start keeping your keys in a freezer or other Faraday Cage to protect it from high-tech thieves, who can use a $17 power amplifier to break into your vehicle.

Cars with keyless entry systems are capable of searching for a wireless key fob that is within a couple feet of the vehicle, but car thieves can use a $17 "power amplifier" to boost the key searching capabilities, sometimes up to around 100 meters, and pull off a high-tech car break-in. more extra spy credit

Friday, May 22, 2015

Does Android Factory Reset Protect Your Information

If you sell or gift your old Android phone to someone, is it enough to do a factory reset to wipe all your sensitive data? And if your Android gets stolen, how sure are you that your anti-theft solution will do a good job wiping it and/or locking the device?

Consumers generally have no insight in how well these features work. Their only option is to trust the manufacturers' and developers' assurances, and wait for security researchers to test the solutions.

Now, two researchers from the Security Group at the University of Cambridge Computer Laboratory have published two papers that answer those questions.

The first one details the results of a security analysis of Android's Factory Reset option, tested on 21 second-hand Android smartphones from 5 vendors running Android versions v2.3.x to v4.3.

In the second paper, they revealed the results of their testing of the top 10 mobile anti-virus apps' anti-theft functions (“remote wipe” and “remote lock”). Again, the results are bad: they found flaws that undermine MAV security claims and highlight the fragility of third-party security apps. more

Coming Soon - Surveillance Cacti - Prick

AZ - The Town of Paradise Valley is adding a new gadget to its collection of surveillance tools: permanent roadside license plate readers. Several Valley police agencies, including Paradise Valley, already use license plate readers mounted on patrol cars. But the decision by council leaders to install the technology at eleven locations across town signals a broader use of the cameras.

They will be mounted on poles and embedded inside faux cacti to record the location, date and time of the plate number. Some of the cameras have already been installed and the program is expected to go online in June. The total cost for the project is $752,000...



Paradise Valley Community Resource Officer, Kevin Albert says strict protocols will be in place for investigators who are trained and designated to access the database. He also says simply having the plate numbers on file will not compromise privacy rights. (right) more

Next on the TSA Hit List... Igniting Shoe Laces


Thursday, May 21, 2015

This Week's Interesting Questions - Author Asks for Upcoming Book

An author contacted me this week with a few questions. She is writing a book, "about hearing and our relationship with sound. A small section of the book looks at electronic eavesdropping." I am always glad to help. Here is how the interview went...

How did you get involved in surveillance detection?
It started with an interest in amateur radio, electronics and building projects in high school. During college I was introduced to the world of surveillance electronics and investigations during a summer job. I switched majors from mass communications to criminal justice. I took a job as an investigator with Pinkerton's Inc. and eventually became Director of Investigations for New Jersey and Director of Electronic Countermeasures company-wide. I left them to open my own Technical Surveillance Countermeasures (TSCM) firm in 1978 and have enjoyed every day since.

What characteristics do you think are useful in this business?
Inquisitiveness is the most important characteristic, by far, on the technical end. But to be successful, one needs to learn all aspects of how to conduct business (marketing, advertising, bookkeeping, personal relations, etc.)

You have some fascinating stories of spying on your website. How far will people go to listen in on conversations?
The phrase that comes to mind is, "Whatever it takes." I've seen everything from simple holes in the wall, to pre-bugged gifts sent in via mail, to planting spyware on smartphones.


What are some of the most extreme or unusual examples you have witnessed in your work?
A wired-up person who was part of an industrial plant tour: asking pointed questions of employees he met, dictating what he saw and read off of desktop paperwork, and recording the sounds of the manufacturing process for later reverse engineering.

A company that planted 14 bugs in their own offices, and then tried to blame their competitor for doing it, in a law suit. In the same vein, a company president who did a poor job of installing a wired microphone in the ceiling of the main conference room and had the cable leading to the office of a VP he was trying to frame. Neither group succeeded.

A trusted employee who planted a covert video camera in the women's locker room of a country club. (This type of issue is the latest epidemic in our field.)

How small are the smallest of covert listening devices today? Is the technology changing much? If so, in what ways?
The real "smallest" eavesdropping devices are software in nature – used to turn smartphones into bugs, and desktop/laptop computers into audio-video bugs. In terms of available hardware to make eavesdropping devices, the "smallest" components, such as microphones and video cameras, look like this...
http://www.misumi.com.tw/

 
http://www.knowles.com/eng/Products/Microphones/Surface-mount-MEMS

(Smaller microphones are made, but these are indicative of the ones which are readily available.)

Is the technology changing much? If so, in what ways?

Eavesdropping and espionage technology is not changing, it is expanding.
New technology is being developed all the time, and the "old" technology isn't going away, it is being refined. Old technology still work. Old and new are being used today. As mentioned above, "Whatever it takes." This is why the recent high focus on IT/computer security won't solve the computer security problem. In order to hack, pre-attack intelligence is necessary. This is gathered using many of the "old" tools: social engineering, video surveillance, electronic eavesdropping, and black bag intrusions.

There is no information fresher and more valuable than the spoken word. It comes right from the brain, not from a computer, not from something written, from the brain. This is why people eavesdrop!

Thursday, May 14, 2015

mSpy - Cell Phone Spyware Company - Servers Hacked

via krebsonsecurity.com
mSpy, the makers of a dubious software-as-a-service product that claims to help more than two million people spy on the mobile devices of their kids and partners, appears to have been massively hacked.

Last week, a huge trove of data apparently stolen from the company's servers was posted on the Dark Web, exposing countless emails, text messages, payment and location data on an undetermined number of mSpy "users." more