Monday, February 1, 2016

FutureWatch - Another Step Closer to the Future of Eavesdropping

...a new experiment at the University of Washington may be bringing ESP closer to the realm of reality.

According to University of Washington computational neuroscientist Rajesh Rao and UW Medicine neurosurgeon Jeff Ojemann, the combination of a brain implant and a complex algorithm has given researchers the ability to predict human thoughts with unprecedented speed and accuracy. In fact, the duo says, they’re able to track what we’re thinking as we’re thinking it, bringing us closer to mind reading than ever before...

 “We were trying to understand, first, how the human brain perceives objects in the temporal lobe, and second, how one could use a computer to extract and predict what someone is seeing in real time,” explained Rao to the UW NewsBeat. “Clinically, you could think of our result as a proof of concept toward building a communication mechanism for patients who are paralyzed or have had a stroke and are completely locked-in,” he said. more

FutureWatch - Keep Your Eye on IoT - The Encryption Debate is a Distraction

...products, ranging from “toasters to bedsheets, light bulbs, cameras, toothbrushes, door locks, cars, watches and other wearables,” will give the government increasing opportunities to track suspects and in many cases reconstruct communications and meetings. more

...from "Don’t Panic: Making Progress on the ‘Going Dark’ Debate"
The audio and video sensors on IoT devices will open up numerous avenues for government actors to demand access to real-time and recorded communications.

A ten-year-old case involving an in-automobile concierge system provides an early indication of how this might play out. The system enables the company to remotely monitor and respond to a car’s occupants through a variety of sensors and a cellular connection. At the touch of a button, a driver can speak to a representative who can provide directions or diagnose problems with the car. During the course of an investigation, the FBI sought to use the microphone in a car equipped with such a system to capture conversations taking place in the car’s cabin between two alleged senior members of organized crime.

In 2001, a federal court in Nevada issued ex parte orders that required the company to assist the FBI with the intercept. The company appealed, and though the Ninth Circuit disallowed the interception on other grounds, it left open the possibility of using in-car communication devices for surveillance provided the systems’ safety features are not disabled in the process.

Such assistance might today be demanded from any company capable of recording conversations or other activity at a distance, whether through one’s own smartphone, an Amazon Echo, a baby monitor, an Internet-enabled security camera, or a futuristic “Elf on a Shelf” laden with networked audio and image sensors. more

Attention Attorneys - Time to Sweep for Electronic Surveillance Devices

With attention growing on the use of shell companies in high-end real estate, an activist organization released a report Sunday night that said several New York real estate lawyers had been caught on camera providing advice on how to move suspect money into the United States. 

The report is the result of an undercover investigation carried out in 2014 by Global Witness, a nonprofit activist organization that has been pushing for stricter money-laundering rules.

The lawyers featured in the report include a recent president of the American Bar Association. more video sweep service

Friday, January 29, 2016

Business Espionage: Corn Spy Pops

Security for Dupont Pioneer’s cornfields in Iowa suspected something when they detected men crawling around in the cornfields, and alerted the FBI two years ago. 

Now, one man — Chinese citizen Mo Hailong — has admitted to attempted kernel theft.
Mo was a part of a conspiracy to smuggle U.S. corn from producers Dupont Pioneer and Monsanto in Iowa and ship it to China, where scientists would attempt to replicate the corn’s genetic properties. Prosecutors accused Mo of working with others in the group Kings Nower Seed, a subsidiary of the Beijing Dabeinong Technology Group, the Associated Press reports. more

Spies Accused of Winging It, or A Very Sordid Sortie

Israel Nature and Parks Authority officials are pleading for the release of a vulture after residents of a southern Lebanese town captured the bird, claiming it was being used for spying. 

Lebanese media reported that the bird – allegedly carrying Israeli spy equipment -- was caught Tuesday to prevent it from attacking citizens in the town of Bint Jbail, according to the Jerusalem Post...

Israeli officials said the bird was released in the Gamla Nature Reserve about a month ago after arriving from Spain in 2015. The bird, outfitted with a transmitter, was brought to Israel in hopes to increase its local population, the officials added. more

P.S. They came to their senses and released the vulture.

Even Antiquarian Book Shops are Less Suspicious

A Canadian citizen who ran a coffee shop near the sensitive China-North Korea border has been charged with spying by Beijing after being kept in detention for more than a year.


Kevin Garratt... “has been accused of spying and stealing China's state secrets”, state news agency Xinhua said, citing “authorities”.

"During the investigation, Chinese authorities also found evidence which implicates Garratt in accepting tasks from Canadian espionage agencies to gather intelligence in China," Xinhua reported. more

The Defend Trade Secrets Act of 2015

Prepared Statement by Senator Chuck Grassley of Iowa
Chairman, Senate Judiciary Committee
Executive Business Meeting

The next bill on the agenda is S.1890, the Defend Trade Secrets Act of 2015, introduced by Senators Hatch and Coons.

As we learned in a recent Committee hearing, while state trade secret laws provide U.S. companies many protections, at times these laws are inadequate.

The threats trade secret owners face are coming from thieves who are able to quickly travel across state lines and who use technology to aid their misappropriation. In many cases, the existing patch-work of state laws governing trade secret theft presents difficult procedural hurdles for victims who must seek immediate relief.

Further, the pace of trade secret theft is mounting and federal law enforcement authorities don’t have the bandwidth to prosecute but a fraction of cases. This means that victims of trade secret theft cannot rely on criminal enforcement, making a civil cause of action an effective way to go after the perpetrators.

The Defend Trade Secrets Act would amend the Economic Espionage Act of 1996 to create a federal civil remedy for trade secret misappropriation, allowing for a uniform national standard without preempting state law. The bill would provide clear rules and predictability for trade secret cases. Victims will be able to move quickly to federal court, with certainty of the rules, standards, and practices to stop trade secrets from being disseminated and losing their value. By improving trade secret protection, this bill will also help to incentivize future innovation.

Additionally, Ranking Member Leahy and I will be offering an amendment to help protect whistleblowers. more

Tuesday, January 26, 2016

Security Director Alert: Check your board and conference rooms for equipment made by AMX

Lots of companies -- and even the White House -- use a conference calling system that could possibly be tapped by hackers, according to new research.

On Thursday, cybersecurity experts at SEC Consult revealed a secret doorway that's built into a popular conference calling product built by a company called AMX.

AMX makes tablet panels used to control conference calls for businesses, government agencies and universities.

The company hard-coded backdoor access into its system. AMX created a "secret account" with a permanent username and password, which means a hacker who already sneaked into a computer network could tap into actual meetings, if the hacker knew the backdoor access code.

It's a glaring security hole. more

Murray Associates Recommendation
A firmware update is available for products and systems incorporating the NetLinx NX Control platform:

NX Series Controllers
NX-4200 FG2106-04
NX-3200 FG2106-03
NX-2200 FG2106-02
NX-1200 FG2106-01
Massio® ControlPads
MCP-106 FG2102-06X-X
MCP-108 FG2102-08-X
Enova® DVX All-in-One Presentation Switchers
DVX-3256HD FG1906-22/24
DVX-3255HD FG1906-16/18
DVX-3250HD FG1906-15/17
DVX-2250HD FG1906-11/13
DVX-2255HD FG1906-12/14
DVX-2210HD FG1906-07/09

Firmware downloads require a current login and password for the AMX Account Center to access the protected Technical Documentation and Support Materials sections of the AMX by HARMAN website. Technical Support Staff within End User organizations should contact their authorized AMX Dealer or HARMAN Professional representative for assistance.

Monday, January 25, 2016

More Banksy Art, from Artsy

I received this email today and thought you might like to know...

Hi - my name is Oliver, and I work at Artsy. While researching Banksy, I found your page: http://spybusters.blogspot.com/2014_06_01_archive.html. I wanted to briefly tell you about Artsy's Banksy page, and about our mission.

Click to enlarge.
We strive to make all of the world’s art accessible to anyone online. Our Banksy page, for example, provides visitors with Banksy's bio, over 150 of his works, exclusive articles, as well as up-to-date Banksy exhibition listings. The page even includes related artist & category tags, plus suggested contemporary artists, allowing viewers to continue exploring art beyond our Banksy page.

Glad to help!
Here is another Banksy anti-surveillance piece of art.

Radar Rat, 2004
Spray paint and silkscreen on paper
14 × 14 in
35.6 × 35.6 cm
Gallery Nosco
Sold
£20,000 - 30,000 ($28,500 - $42,800)

World's Largest Bugging Device Hears What You Can't... and it may save our butts!

This desolate outpost in remotest Greenland is home to one of the world's most high-tech listening devices, tasked with saving humanity from itself.

Located along the coastline just outside the village of Qaanaaq – which bears the additional distinction of being the world's most northerly palindrome – the sole purpose of Infrasound station IS18 consists of listening to the planet's groans that occur at frequencies too low for the human ear to detect, occurring within the range of 20 Hz down to 0.001 Hz.

Click to enlarge.
Qaaanaaq's eight-element array is divided into two sub-arrays bolstered by wind reduction technology, all of which are linked to a Central Processing Facility (or CPF) that churns out data around-the-clock to a central terminal in Qaanaaq proper. But why put such an extremely space-age device in a village accessible only by helicopter, whose locals subsist largely on narwhal, seals, and polar bears?

In its most practical application, IS18 is part of a network of highly specialized sensors charged with monitoring the globe for atomic blasts, as set forth by the Comprehensive Nuclear-Test-Ban Treaty Organization (CTBTO). Around the clock, the array monitors the entire world for distinctive blast patterns produced by such explosions, as their unique pattern of ultra-low frequency sound waves persist even when ricocheting through the Earth's surface. more

Saturday, January 23, 2016

Fibre Optic Eavesdropping Tap Alarm

Allied Telesis, announced that it has released an innovative security measure to prevent eavesdropping on fibre communications, 

Active Fiber Monitoring. The patent-pending technology can detect when a cable is being tampered with, and will raise an alarm to warn of a possible security breach.

Fibre-optic links are used extensively for long-range data communications and are also a popular choice within the LAN environment. One of the perceived advantages of fiber is that eavesdropping on traffic within the cable is not possible. However, it is now possible to acquire devices that can snoop traffic on fiber cables; and even more disturbing is that these devices are readily available and very easy to use.

Active Fiber Monitoring, a technology that detects small changes in the amount of light received on a fibre link. When an intrusion is attempted, the light level changes because some of the light is redirected by the eavesdropper onto another fibre. As soon as this happens, Active Fiber Monitoring detects the intrusion and raises the alarm. The link can either be shut down automatically, or an operator can be alerted and manually intervene. more

VoIP Software Used to Eavesdrop

The backdoor could allow agents, employers or third parties to listen in on conversations...

The GCHQ has developed VoIP encryption tools with a built-in backdoor, allowing both authorities and third parties to listen in on conversations.

The backdoor is embedded into the MIKEY-SAKKE encryption protocol and has a 'key escrow' built in, allowing those with authority - whether an employer or government agency - to access it if a warrant or request is made.

The backdoor was uncovered by Dr Steven Murdoch, a security researcher from the University of London, who wrote a blog about the potential snooping tool. more

Ex-San Diego Mayor Bob Filner alleges his office was bugged...

Former San Diego Mayor Bob Filner, in an interview this week, denied having sexually harassed women and claimed that his City Hall office had been bugged...

...later in the interview, he said he had "found a bug" in his office that he claimed was planted there by the city attorney. "We asked the police to look at it and they didn't want to or didn't do it," he said.

Former Police Chief Bill Lansdowne disputed that claim Tuesday, saying Filner's chief of staff approached him with the concern that there might be a recording device in the mayor's office.

Lansdowne worked with the department's intelligence unit, hired an outside company to sweep Filner's office for bugs and came up empty-handed, the former police chief said.

"We had that office checked and we came back negative. They did not find anything," Lansdowne said. more

The Top Private Investigators on Twitter in 2015

via PINow.com...
We are happy to release the Top Private Investigators on Twitter in 2015! We received a lot of nominations and saw plenty of excitement, so thank you for your participation!

Twitter is a great tool for interacting with peers, sharing legislation updates, related news, business tips, promoting associations, and more. We present this list every year to recognize those in the industry who have proved to be valuable resources to their peers, specifically on the topic of investigations. Congratulations to all 2015 list-makers!

The list is ranked based on a variety of criteria, including nominations, scores on social media sites like Retweetrank, Klout, and StatusPeople, and on scores for content, consistent activity, and more.

Thank you!
Kevin

Wednesday, January 20, 2016

Why an RFID-blocking Wallet is Something You Don't Need

via Roger A. Grimes
You don't need a tinfoil hat, either. Opportunists have exploited consumer fears to create an industry that doesn't need to exist...

(summary)

First and foremost, does your credit card actually have an RFID transmitter? The vast majority does not. Have you ever been told you can hold up your credit card to a wireless payment terminal, and without inserting your card, pay for something? For most of my friends, and the world in general, the answer is no...

If you look at the number of credit cards with RFID, you can’t even represent it statistically. It’s not 0 percent, but it’s so far below 1 percent that it might as well be 0 percent...

On top of that, most of the world is going to wireless payments using your mobile device...


But did that bad guy ever sit on the corner in the first place? Sure, I’ve seen the demos, but I’ve yet to hear of one criminal who was caught using an RFID sniffer or who admitted to stealing credit card info wirelessly. We know about all sorts of cyber crime. Why not the theft of RFID credit card information if the risk is so high?

Here's why: It would be a lousy use of a criminal mastermind’s time. Today’s smart criminals break into websites and steal hundreds of thousands to tens of millions of credit cards at a time. Why would a criminal go to the effort and expense of stealing credit card info one card at a time when you can steal a million in one shot?  more