Thursday, January 14, 2016

EU Law - Yes, the boss can spy on you... and what you can do about it. (updated)

The European Court of Human Rights has ruled that your boss has the right to spy on you at work.

Europe’s top human rights court ordered the handover of transcripts of private conversations by a Romanian worker on Yahoo Messenger. In this case, the employer had warned staff in its company policy that their devices were only to be used for work.

They argued: “It proved that he had used the company’s computer for his own private purposes during working hours.”

But lawyers told the Independent that your employer doesn't have to give you warning before monitoring your private correspondence. "Within the UK you can conduct monitoring without employee consent," said Paula Barrett, partner, head of privacy, at Eversheds. more

UPDATE - No, the European Court of Human Rights did NOT just greenlight spying on employees
The press has got itself carried away with a European court ruling on a labour dispute: workers' private communications are safe. more

Read both articles and decide for yourself. ~Kevin 

Your New IoT Ding-Dong Can Open Your Wi-Fi... to hackers

Getting hacked is bad, but there’s something worse than that: getting hacked because of your own smart doorbell. 

Ring is a popular smart doorbell that allows you to unlock your door from your phone, as well as see and hear visitors via a webcam.

Unfortunately for Ring, that same doorbell meant you could have had your Wi-Fi password stolen in a few minutes if someone cracked into the physical doorbell...

According to Pen Test Partners, the attack was relatively trivial... more

Wednesday, January 13, 2016

What Makes a Trade Secret a Trade Secret?

Article 39 of the Trade-Related Aspects of Intellectual Property Rights Agreement (TRIPS) provides general guidance on necessary conditions for trade secrets:
  • The information must be secret (i.e. it is not generally known among, or readily accessible to, circles that normally deal with the kind of information in question);
  • It must have commercial value because it is a secret; and
  • It must have been subject to reasonable steps by the rightful holder of the information to keep it secret (e.g., through confidentiality agreements, non-disclosure agreements, etc.). more
The "etc." part also includes providing extra security for the information, and the areas where it is generated, stored and used. Periodic Technical Surveillance Countermeasures inspections (TSCM) are a very important part of these conditions. Contact me for more information about this.

The Unofficial World's Record for Arresting Wiretappers Goes to...

Turkey - Thirty people alleged to have illegally wiretapped hundreds of Turkish officials, politicians and journalists were detained in simultaneous operations across the country early Tuesday. 

Suspects are accused of illegally wiretapping the communications of 432 people, including businessmen, journalists and politicians from the ruling Justice and Development (AK) Party, Republican People’s Party Party and the Nationalist Movement Party. more

Today in Spying - Bad Day for Spies

Iran Seizes U.S. Sailors Amid Claims of Spying more

Kuwait sentences two to death for 'spying for Iran' more

North Korea holding U.S. citizen for allegedly spying more

Senior officer quizzed on 'police spying' more

Former Skidmore security guard admits spying on woman more

Indian man sentenced to five years in prison for spying in UAE more

Man accused of spying on female neighbor with homemade selfie stick pleads guilty more

From those wonderful people who like back doors...

US - A hacker appears to have broken into personal accounts of the nation’s top spy chief.

The reported teenager is part of the group that hacked into CIA Director John Brennan’s personal emails last year and is using the new access for pro-Palestinian activism. According to Vice Motherboard, which broke the news on Tuesday, the hacker claimed to have broken into a personal email and phone account of Director of National Intelligence James Clapper and his wife. more

Sunday, January 10, 2016

Business Espionage: The Hoverboard Knockoff

The hoverboard hubbub at CES in Las Vegas Thursday was something straight out of a corporate espionage movie...

US marshals raided a booth set up by Chinese company Changzhou First International Trade. It was promoting its Trotter electronic skateboard—what Bloomberg describes as looking "like a seesaw with one big wheel in the middle."

The problem: Silicon Valley startup Future Motion says the product is a knockoff of its own Onewheel skateboard, invented and designed by Kyle Doerksen.

"When we got word that a company was exhibiting a knock-off product, we engaged in the formal process, which involved sending a cease and desist letter and ... getting a restraining order ... then enforced by the US marshals," Doerksen tells the BBC. more

Business Espionage: Employee's Steal Bends Steel Company With Her Bare Hands

Australia - On the day long-serving BlueScope software development manager Chinnari Sridevi "Sri" Somanchi was to be made redundant in June 2015, she was suddenly busy on the phone.

For the next two hours her redundancy meeting was delayed while Ms Somanchi was locked on the lengthy call, as her manager circled her desk trying to get her attention.

What the company did not know at the time, and now alleges, was Ms Somanchi was spending those precious hours downloading a cache of company secrets so financially important to BlueScope it has launched emergency legal action in the Federal Court of Australia and Singapore, where she is now based, to stop the information falling into the hands of its competitors.

The case of alleged international espionage has left the company reeling.

Ms Somanchi has been accused this week of downloading a trove of company documents – about 40 gigabytes – over a four-year period, including the codes she allegedly downloaded just before her redundancy meeting.

BlueScope is now trying desperately to retrieve "highly sensitive and commercially valuable" information allegedly stolen by Ms Somanchi, who it describes as a disgruntled former employee...

The case of alleged international espionage has left the company reeling and urgently seeking a judge's help to find and destroy trade secrets before they fall into the hands of competitors.

Losing its customized software to a rival firm would so badly damage BlueScope that it was not seeking penalties because "it is difficult to see how damages could adequately compensate BlueScope for the loss",
a senior manager's affidavit said. The business unit at risk generates $US45 million in turnover each year. more

Business Espionage: Former Cardinals Executive Pleads Guilty To Hacking Astros

Chris Correa, the former scouting director of the St. Louis Cardinals, has pleaded guilty to five criminal charges in connection with unauthorized access of the Houston Astros' database.

Correa appeared before a U.S. district court judge in Houston on Friday and had his sentencing hearing scheduled for April 11.

The maximum penalty for each of the five counts, The Houston Chronicle reported, is up to five years in prison, a fine of up to $250,000 and restitution. more

Buy Banksy Spy Art - Get a free House

Consider yourself a bargain hunter with a penchant for modern art? Well why not buy a Banksy mural for just £210,000 ($304,900 UDS) and to sweeten the deal the owner will throw in a three-bedroom house.

A property in Cheltenham, Gloucestershire, featuring the artist's Spy Booth piece is on the market after its stressed owner said he was sick of the circus caused by the mural.

Spy Booth shows three 1950s-style agents, wearing brown trench coats and trilby hats, using devices to tap into conversations at a telephone box. more - with video
click to enlarge


Monday, January 4, 2016

"Official? Nah, I'm just hanging out here."

UK government wants to send tech companies officials to jail 

for disclosing snooping details on users.

Under a new sweeping law, many tech companies like Twitter, Yahoo and Google may face prison if they tip off their customers about spying operations by police and the security services.

These tech giants have a policy of notifying users when it’s suspected that a state-level actor is attempting to hack into their account. Twitter, Facebook and Google had previously assured their users that they would also warn them of any potential government spying. more

Surveillance Cameras Get Twittered

There is an air of mystery when you first notice @FFD8FFDB...

The Twitter bot tweets a grainy, context-free picture escorted by a line of peculiarly formatted gibberish every few minutes.

Only after you begin digging into the actual working of the bot that it becomes clear that the project is developed on a profoundly disquieting foundation that throws light on one of the major privacy escapes in the modern telecommunication set-up.

Basically, the software behind @FFD8FFDB browses the Internet for webcams whose operators have left them unsafe, taking screenshots from the feeds, and then tweets them. more

Time to check your surveillance cameras for password protection. ~Kevin

Et tu Earhart?

A new book about Amelia Earhart contains the controversial claim that she wasn’t really killed when her plane crashed in the middle of the Pacific in 1937 but instead was taken prisoner by the Japanese as a spy...

...she and navigator Fred Noonan vanished without a trace during an attempt to circumnavigate the globe.

What happened to the duo and their twin-engine aircraft during the round-the-world bid has remained one of aviation’s enduring mysteries.


Now ‘Amelia Earhart: Beyond the Grave,’ by WC Jameson, which is published tomorrow, January 5, makes the controversial claim that Earhart was actually sent to the South Pacific on a surveillance operation that had been authorized by United States President Franklin D. Roosevelt.

Mr Jameson claims that her plane was fitted with cameras with which to film Japanese military outposts and that she was actually shot down and taken prisoner.

He also claims that she was released in 1945 and returned to the United States under an assumed identity.

This flies in the face of the long-standing official theory that the pair ran out of fuel and crash landed in the middle of the Pacific Ocean near Howland Island. more

A Tale of Two Spy Cams

Despite the fast-moving pace of technology, there is one thing that's fairly uncommon, and that is a USB-powered speaker.


It's something that just simply isn't seen very often, and for fairly obvious reasons. Now, why am I pointing this out? Well, if you happen to encounter what looks like a normal computer speaker and there's a USB cord coming out the back of it, you should probably be a little suspicious about the speaker's true intentions.


After removing the back... That white thing is not a speaker -- it's actually a web cam. Someone created this unique spy speaker with bad intentions. more

Sometimes, spycams pose as legitimate web cams. 

I came across this recently...

Clue. Legitimate web cams don't need infrared LEDs positioned around the lens.  ~Kevin