This 600+ page tome will help you do it. Untangling the Web, A Guide to Internet Research – has just been declassified, to satisfy a Freedom of Information Request. Download the irony here.
(Originally posted in 2013. Back by popular demand.)
Monday, June 6, 2016
NSA's Untangling the Web, A Guide to Internet Research
Want to learn how to search like a spy?
This 600+ page tome will help you do it.
Untangling the Web, A Guide to Internet Research – has just been declassified, to satisfy a Freedom of Information Request. Download the irony here.
(Originally posted in 2013. Back by popular demand.)
This 600+ page tome will help you do it. Untangling the Web, A Guide to Internet Research – has just been declassified, to satisfy a Freedom of Information Request. Download the irony here.
(Originally posted in 2013. Back by popular demand.)
Business Espionage Alert: Select Your Hotel Carefully
You are a business executive or a member of the government with sensitive data on your laptop computer. You check into a luxury hotel in the United States or in many other countries. Chances are this hotel may be owned by a Chinese company even though it carries a known western brand name. Often such investors get their money directly from the Chinese Government.
You connect your computer to the hotel wifi and you may notice your secure connection can no longer be secure. Ever noticed wanting to send an email using your own domain, and you have to unblock "authentication" to make it work while connected to a hotel network? Did you ever wonder how this could open up your computer data to foreign espionage? You are no longer the only one worrying...
Chinese global investments in tourism, specifically in name brand luxury hotels and resorts is overwhelming. This is the same for Chinese investments in the United States, as it is for Chinese domination in Cuba, South America, India, South East Asia and many African countries...
A review of the Chinese $1.95-billion acquisition of New York's Waldorf-Astoria Hotel in 2014, possibly recognizing that the hotel's role as the official residence of the U.S. ambassador to the United Nations and the frequent lodging for U.S. and foreign dignitaries with business in New York made it a prime target of CFIUS (The Committee on Foreign Investment in the United States). No action by US authorities were taken...
The next time you travel on business, you have sensitive data on your computer that could lead to industrial espionage attacks, or you are a government official with data you don't want to get into Chinese hands, select your hotel carefully. more
You connect your computer to the hotel wifi and you may notice your secure connection can no longer be secure. Ever noticed wanting to send an email using your own domain, and you have to unblock "authentication" to make it work while connected to a hotel network? Did you ever wonder how this could open up your computer data to foreign espionage? You are no longer the only one worrying...
Chinese global investments in tourism, specifically in name brand luxury hotels and resorts is overwhelming. This is the same for Chinese investments in the United States, as it is for Chinese domination in Cuba, South America, India, South East Asia and many African countries...
A review of the Chinese $1.95-billion acquisition of New York's Waldorf-Astoria Hotel in 2014, possibly recognizing that the hotel's role as the official residence of the U.S. ambassador to the United Nations and the frequent lodging for U.S. and foreign dignitaries with business in New York made it a prime target of CFIUS (The Committee on Foreign Investment in the United States). No action by US authorities were taken...The next time you travel on business, you have sensitive data on your computer that could lead to industrial espionage attacks, or you are a government official with data you don't want to get into Chinese hands, select your hotel carefully. more
Russian Hi-Tech Spy Devices Under Attack Over Privacy Fears
New Russian technologies, including phone call interception and a facial recognition app, have stirred a fierce debate about privacy and data monitoring.
Infowatch, a Moscow-based IT security company managed by businesswoman Natalya Kasperskaya, found itself in hot water last month after it revealed it had invented a system that companies can use to intercept employees' mobile phone conversations...
The goal behind phone call interception, Kasperskaya said, is to provide large businesses with a tool to prevent information leaks, including companies whose success depends on protecting corporate secrets. more
Infowatch, a Moscow-based IT security company managed by businesswoman Natalya Kasperskaya, found itself in hot water last month after it revealed it had invented a system that companies can use to intercept employees' mobile phone conversations...
The goal behind phone call interception, Kasperskaya said, is to provide large businesses with a tool to prevent information leaks, including companies whose success depends on protecting corporate secrets. more
34 Officials Pardoned for Wiretapping 20,000 People... now unpardoned.
President Gjorge Ivanov on Monday revoked pardons he had granted to 34 officials implicated in a wire-tapping scandal that has thrown Macedonia into political turmoil, meeting demands from the opposition, the European Union and the United States.
In an EU-brokered deal last year, Macedonia's political parties agreed to hold an early election and that a special prosecutor should investigate allegations that former prime minister Nikola Gruevski and his close allies authorized eavesdropping on more than 20,000 people.
Ivanov's decision in April to pardon 56 officials prosecuted over their involvement in the scandal drew nationwide protests that led to the cancellation of an election set for June 5. more
In an EU-brokered deal last year, Macedonia's political parties agreed to hold an early election and that a special prosecutor should investigate allegations that former prime minister Nikola Gruevski and his close allies authorized eavesdropping on more than 20,000 people.Ivanov's decision in April to pardon 56 officials prosecuted over their involvement in the scandal drew nationwide protests that led to the cancellation of an election set for June 5. more
Thursday, June 2, 2016
Book - "Accidental P.I." by David B. Watts - Very Non-Fiction. Very Good.
Accidental P.I. takes you on a thrill ride following the fifty-year professional career of Private Investigator David Watts, as his life story treats you to these experiences and more. From murder, rioting, gambling and drug raids to sex cases, and fraud, this behind-the-scenes peek at real-life cases shows how investigators get the job done—not like in the movies or on television.
David Watts entered the investigative field as a young New Jersey policeman at the beginning of the turbulent 1960s. His descriptions of the seedier side of the cultural revolution during that era is riveting . . . and you get to go along for the ride! Switching to the private sector, armed with a Super 8 camera, he had the guts to quit law enforcement and start his own business in 1976 and has been at it ever since...
About the Author
David B. Watts, a licensed private investigator for the past four decades, specializes in fraud and business investigations. He and Linda, his wife of 53 years, worked for major law firms and the Fortune 500 in the busy New York to Philadelphia corridor on cases ranging from kickbacks to special security issues. Dave has also worked several murder cases and innumerable insurance fraud matters.
His investigation career began in his twenties as a Plainfield, New Jersey patrolman. He was promoted to detective, then joined the Union County Prosecutor's Office as a County Investigator. These early experiences eventually launched him into a lifetime of investigation work in the private sector. His pursuit of the facts brought him into state and federal courts as well as the board rooms of major corporations. He is respected among his peers and continues to take on special investigations, now in his seventies. more
Dave and I go way back. I am familiar with some of his cases (as he is with some of mine) so I can assure you he shares these experiences accurately. Reading about them brought back some good memories. It also made me realize how much he and his wife Linda accomplished in their career together. Congratulations, Dave & Linda!
Meet Dave - Book Signings
June 12, 2016 – 1 to 3 p.m. Clinton Book Shop, Clinton, NJ
July 10, 2016 – 12 N to 2 p.m. Barnes & Noble, Bridgewater, NJ
David Watts entered the investigative field as a young New Jersey policeman at the beginning of the turbulent 1960s. His descriptions of the seedier side of the cultural revolution during that era is riveting . . . and you get to go along for the ride! Switching to the private sector, armed with a Super 8 camera, he had the guts to quit law enforcement and start his own business in 1976 and has been at it ever since...About the Author
David B. Watts, a licensed private investigator for the past four decades, specializes in fraud and business investigations. He and Linda, his wife of 53 years, worked for major law firms and the Fortune 500 in the busy New York to Philadelphia corridor on cases ranging from kickbacks to special security issues. Dave has also worked several murder cases and innumerable insurance fraud matters.
His investigation career began in his twenties as a Plainfield, New Jersey patrolman. He was promoted to detective, then joined the Union County Prosecutor's Office as a County Investigator. These early experiences eventually launched him into a lifetime of investigation work in the private sector. His pursuit of the facts brought him into state and federal courts as well as the board rooms of major corporations. He is respected among his peers and continues to take on special investigations, now in his seventies. more
Dave and I go way back. I am familiar with some of his cases (as he is with some of mine) so I can assure you he shares these experiences accurately. Reading about them brought back some good memories. It also made me realize how much he and his wife Linda accomplished in their career together. Congratulations, Dave & Linda!
Meet Dave - Book Signings
June 12, 2016 – 1 to 3 p.m. Clinton Book Shop, Clinton, NJ
July 10, 2016 – 12 N to 2 p.m. Barnes & Noble, Bridgewater, NJ
Wednesday, June 1, 2016
Spy on Any Phone, Anywhere... for a price.
With just a few million dollars and a phone number, you can snoop on any call or text that phone makes – no matter where you are or where the device is located.
That’s the bold claim of Israel’s Ability Inc, which offers its set of bleeding-edge spy tools to governments the world over. And it’s plotting to flog its kit to American cops in the coming months.
Ability’s most startling product, from both technical and price perspectives, is the Unlimited Interception System (ULIN). Launched in November last year, it can cost as much as $20 million, depending on how many targets the customer wants to surveil.
All a ULIN customer requires is the target’s phone number or the IMSI (International Mobile Subscriber Identity), the unique identifier for an individual mobile device. Got those? Then boom – you can spy on a target’s location, calls and texts.
This capability is far more advanced than that of IMSI-catchers (widely known as StingRays), currently used by police departments in the United States. IMSI-catchers can help acquire a target’s IMSI number, as well as snoop on mobiles, but only if the target is within range. more
That’s the bold claim of Israel’s Ability Inc, which offers its set of bleeding-edge spy tools to governments the world over. And it’s plotting to flog its kit to American cops in the coming months.
Ability’s most startling product, from both technical and price perspectives, is the Unlimited Interception System (ULIN). Launched in November last year, it can cost as much as $20 million, depending on how many targets the customer wants to surveil.All a ULIN customer requires is the target’s phone number or the IMSI (International Mobile Subscriber Identity), the unique identifier for an individual mobile device. Got those? Then boom – you can spy on a target’s location, calls and texts.
This capability is far more advanced than that of IMSI-catchers (widely known as StingRays), currently used by police departments in the United States. IMSI-catchers can help acquire a target’s IMSI number, as well as snoop on mobiles, but only if the target is within range. more
"What are the most important characteristics of a great InfoSec professional in 2016?"
23 Information Security Leaders Reveal the Most Important Traits for InfoSec Pros in 2016
Digital Guardian compiled their responses to create a comprehensive guide outlining the most important characteristics for InfoSec professionals. (My contribution appears below. The additional 22 thoughtful responses appear here.)
---
"The single most important characteristic for successful InfoSec professionals in 2016 is..."
Inquisitiveness.
With this quality, an InfoSec professional will question the status quo, look for loopholes, seek new solutions, follow-up on red flags early on, and look at InfoSec from a holistic viewpoint.
The viewpoint is the most important element. It shapes all other aspects of the job. The inquisitive person will see their job not as an IT defender, but as a defender of information, no matter how it is generated, stored, or transmitted. The great InfoSec professional realizes all the data stored on the computers was available to the adversary long before it ever entered a database.
This holistic outlook takes into account the genesis of information. It may start out as a phone call, which may be wiretapped; a conference room strategy meeting, which can be bugged; unsecured written information left on desks or unlocked file cabinets, which may be easily photographed; information stored on a photocopier hard drive, which can later be reprinted; or on an unsecured Wi-Fi Appearance Point, or wireless printer, whose transmissions may be intercepted. The list of info-vulnerabilities is long.
In recent years, the rush has been to focus on IT security, and rightly so. But, in doing so, the gap between great InfoSec professionals and tunnel-visioned InfoSec managers has become wide and clear. Great InfoSec professionals, being inquisitive, see and handle the big picture. It isn't just computers. The real task is detecting and plugging any method by which information can leak out. Today's great InfoSec professionals defend accordingly. They are much more successful than their colleagues, who only put out fires. ~Kevin
Digital Guardian compiled their responses to create a comprehensive guide outlining the most important characteristics for InfoSec professionals. (My contribution appears below. The additional 22 thoughtful responses appear here.)
---
"The single most important characteristic for successful InfoSec professionals in 2016 is..." Inquisitiveness.
With this quality, an InfoSec professional will question the status quo, look for loopholes, seek new solutions, follow-up on red flags early on, and look at InfoSec from a holistic viewpoint.
The viewpoint is the most important element. It shapes all other aspects of the job. The inquisitive person will see their job not as an IT defender, but as a defender of information, no matter how it is generated, stored, or transmitted. The great InfoSec professional realizes all the data stored on the computers was available to the adversary long before it ever entered a database.
This holistic outlook takes into account the genesis of information. It may start out as a phone call, which may be wiretapped; a conference room strategy meeting, which can be bugged; unsecured written information left on desks or unlocked file cabinets, which may be easily photographed; information stored on a photocopier hard drive, which can later be reprinted; or on an unsecured Wi-Fi Appearance Point, or wireless printer, whose transmissions may be intercepted. The list of info-vulnerabilities is long.
In recent years, the rush has been to focus on IT security, and rightly so. But, in doing so, the gap between great InfoSec professionals and tunnel-visioned InfoSec managers has become wide and clear. Great InfoSec professionals, being inquisitive, see and handle the big picture. It isn't just computers. The real task is detecting and plugging any method by which information can leak out. Today's great InfoSec professionals defend accordingly. They are much more successful than their colleagues, who only put out fires. ~Kevin
Tuesday, May 31, 2016
10 types of spy cameras that could be watching you right now - No. 6 is a surprise
Camera technology has advanced a lot the past few years. They keep getting smaller and smaller, making it possible to conceal them any which way.
Spy cam manufacturers have been creative in producing some of the most cleverly disguised (and tiny) camera/DVR systems, complete with HD video, motion detection, large storage card support and remote controls...
1. USB flash drive spy cameras
These cameras look like your regular USB storage sticks, but think again. They have a hidden camera inside! It’s not unusual these days for someone to be carrying USB sticks around so spotting them can be a bit challenging.
So how can you tell? The camera lens for these USB stick cameras is usually located on the posterior end of the stick, opposite the USB plug. With this form factor, this spy cam will blend seamlessly in an office or classroom.
See all 10 here.
Spy cam manufacturers have been creative in producing some of the most cleverly disguised (and tiny) camera/DVR systems, complete with HD video, motion detection, large storage card support and remote controls...
1. USB flash drive spy cameras
These cameras look like your regular USB storage sticks, but think again. They have a hidden camera inside! It’s not unusual these days for someone to be carrying USB sticks around so spotting them can be a bit challenging.So how can you tell? The camera lens for these USB stick cameras is usually located on the posterior end of the stick, opposite the USB plug. With this form factor, this spy cam will blend seamlessly in an office or classroom.
See all 10 here.
Concerns for Energy Espionage Climb
The FBI is warning U.S. energy companies that the oil industry's downturn is increasing their vulnerability to theft of technological secrets.
Companies that long have faced the prospect of economic espionage must now be prepared for the possibility that workers who have been laid off could be targeted by foreign entities and competitors wanting to steal intellectual property.
"FBI investigations indicate economic espionage and trade secret theft against U.S. oil and natural gas companies and institutes are on the rise," according to an unclassified briefing report prepared for the energy industry.
Agents shared the report recently with about 150 energy sector executives, managers and others who gathered behind closed doors at the FBI building... more
Companies that long have faced the prospect of economic espionage must now be prepared for the possibility that workers who have been laid off could be targeted by foreign entities and competitors wanting to steal intellectual property. "FBI investigations indicate economic espionage and trade secret theft against U.S. oil and natural gas companies and institutes are on the rise," according to an unclassified briefing report prepared for the energy industry.
Agents shared the report recently with about 150 energy sector executives, managers and others who gathered behind closed doors at the FBI building... more
How Business Espionage Really Works (Hint, it ain't just computers.)
The Dirty Dozen
- Trespassing on the property of a competitor.
- Secretly observing the activities or properties of others.
- Using electronic eavesdropping equipment.
- Learning trade secrets by hiring people who work for a competitor.
- Hiring a spy to get specific information from an other company.
- Planting an undercover operative on someone else’s payroll.
- Stealing documents or property (includes electronic documents).
- Conducting phone negotiations for a license, franchise, or distributorship in order to gain inside information.
- Gaining information by staging a phony market research study or similar interview project.
- Bribing. Most forms of bribery are unethical, including those disguised as “gifts”.
- Blackmailing.
- Extorting.
Trump Campaign Manager Asked if Trump Offices Are Being Bugged - Bizarre Response
Donald Trump’s controversial campaign manager, Corey Lewandowski, appeared on “Fox News Sunday” this week to answer questions about the Republican front-runner’s strategy as the primary season winds down...
...with seconds remaining in the interview, host Chris Wallace asked a question that produced a response no one likely anticipated.
Wallace asked Lewandowski to comment on reports that some Trump associates are suspicious that the campaign’s Trump Tower offices are being bugged. At first the campaign manager ignored the question, but Wallace pressed further.
“Is there any bugging going on at the Trump Tower?” Wallace asked, with 10 seconds remaining in the interview.
“I think that’s a lot of speculation,” Lewandowski began. “I don’t think that’s the case at all — I think we’re very happy with the way that our offices are set up.”
It’s not quite clear what Lewandowski was trying to suggest, and given that there was no time for a follow-up question, the bizarre response was left alone. more
...with seconds remaining in the interview, host Chris Wallace asked a question that produced a response no one likely anticipated.
Wallace asked Lewandowski to comment on reports that some Trump associates are suspicious that the campaign’s Trump Tower offices are being bugged. At first the campaign manager ignored the question, but Wallace pressed further. “Is there any bugging going on at the Trump Tower?” Wallace asked, with 10 seconds remaining in the interview.
“I think that’s a lot of speculation,” Lewandowski began. “I don’t think that’s the case at all — I think we’re very happy with the way that our offices are set up.”
It’s not quite clear what Lewandowski was trying to suggest, and given that there was no time for a follow-up question, the bizarre response was left alone. more
Friday, May 27, 2016
The Friendly Maintenance Man's Spycam
Apartment maintenance man Jerry Rowe was a nice, friendly guy who carried around treats for residents' dogs. Residents of the Steeplechase Apartments were surprised Thursday when word spread that Rowe, 65, had been arrested and charged with hiding a camera in the bathrooms of five female tenants.
...The investigation into Rowe started Wednesday when a woman saw a camera in a vent in the ceiling of her bathroom. The Friendly Maintenance Man's
She called the Warren Co. Sheriff's Office and deputies said they found images of Rowe placing the camera in the vent on the camera. Lt. John Faine said five women were captured by the camera...
Faine said he believes Rowe had one camera that he moved from one apartment to another. However, he cannot rule out that there may be other cameras at this point in the investigation. more
...The investigation into Rowe started Wednesday when a woman saw a camera in a vent in the ceiling of her bathroom. The Friendly Maintenance Man'sShe called the Warren Co. Sheriff's Office and deputies said they found images of Rowe placing the camera in the vent on the camera. Lt. John Faine said five women were captured by the camera...
Faine said he believes Rowe had one camera that he moved from one apartment to another. However, he cannot rule out that there may be other cameras at this point in the investigation. more
Thursday, May 26, 2016
DIY Tip: How to Check Your Wi-Fi for Spies
If you would like to see who (or what) is tapped into your wireless network, you can take a peek with router utilities and mobile apps...
Depending on your interest in technical fiddling, you can see what other devices are connected to your network in several ways. For one, you could log into your wireless router’s administrative page and check its DCHP Client Table (sometimes called the DHCP Client List or Attached Devices, as some router companies use different terms) to see the roster of computers, smartphones, tablets and other gear currently connected to the wireless router...
If that sort of thing seems like way too much work, you can also get a program or app that scans your network for connected devices. Your router maker may have its own app, like Netgear’s Genie, Linkys Connect or Apple’s AirPort Utility for iOS.
You can also find software from other developers that is designed to reveal the devices connected to your wireless network. NirSoft Wireless Network Watcher. Who’s on my WiFi for Windows and the Fing network scanner for Android and iOS are among the options. more
Depending on your interest in technical fiddling, you can see what other devices are connected to your network in several ways. For one, you could log into your wireless router’s administrative page and check its DCHP Client Table (sometimes called the DHCP Client List or Attached Devices, as some router companies use different terms) to see the roster of computers, smartphones, tablets and other gear currently connected to the wireless router...If that sort of thing seems like way too much work, you can also get a program or app that scans your network for connected devices. Your router maker may have its own app, like Netgear’s Genie, Linkys Connect or Apple’s AirPort Utility for iOS.
You can also find software from other developers that is designed to reveal the devices connected to your wireless network. NirSoft Wireless Network Watcher. Who’s on my WiFi for Windows and the Fing network scanner for Android and iOS are among the options. more
Russian Election Monitor Sets Trap To Test NTV For Wiretapping
In March 2012, Michael McFaul, then the U.S. ambassador to Russia, famously accused journalists from the state-controlled network NTV of hacking his phone or e-mails to access his schedule after they approached him as he arrived at a private meeting with an opposition activist.
Four years later, those same journalists have been purportedly tripped up in a sting operation by an embattled Russian election-monitoring group seeking to prove that security services are wiretapping its phones and leaking details of its meetings with foreign diplomats to the Kremlin-loyal network.
Golos, an independent election monitor that has documented widespread violations at Russian ballot boxes in recent years, says it has concluded that NTV journalists are surreptitiously obtaining information about its employees’ movements from Russian law enforcement or intelligence agencies.
Using this information, Golos alleges, the journalists are able to track the group’s itinerary and wait for them -- cameras and microphones in hand -- outside embassies and other Moscow venues where they meet foreign diplomats to discuss the country’s elections. more
Golos, an independent election monitor that has documented widespread violations at Russian ballot boxes in recent years, says it has concluded that NTV journalists are surreptitiously obtaining information about its employees’ movements from Russian law enforcement or intelligence agencies.
Using this information, Golos alleges, the journalists are able to track the group’s itinerary and wait for them -- cameras and microphones in hand -- outside embassies and other Moscow venues where they meet foreign diplomats to discuss the country’s elections. more
The 2017 Intelligence Authorization Act
As part of its continuing push for ever greater surveillance powers, the FBI is hoping that a new bill, known as the 2017 Intelligence Authorization Act, will be enacted into law, as the proposed legislation makes it possible for the agency to read emails without a warrant. It’s already been given Senate Intelligence Committee approval and will next be considered by the Senate as a whole....
Essentially, the bill would extend current FBI powers authorized by the Patriot Act, which allows the government to force telecoms companies to hand over phone records on individuals suspected of terrorism and other crimes. Known as a National Security Letter, recipients are not allowed to speak about the FBI investigation either, essentially gagging the companies and individuals involved.
...If enacted, sending such a letter would not require a court order, nor require any oversight from external organizations whatsoever.
That’s the aspect of the bill that lone-Senate Intelligence Committee dissenter, Ron Wyden, highlighted as part of his no vote.
“This bill takes a hatchet to important protections for Americans’ liberty,” he said (via CNet). “This bill would mean more government surveillance of Americans, less due process, and less independent oversight of U.S. intelligence agencies.” more
Essentially, the bill would extend current FBI powers authorized by the Patriot Act, which allows the government to force telecoms companies to hand over phone records on individuals suspected of terrorism and other crimes. Known as a National Security Letter, recipients are not allowed to speak about the FBI investigation either, essentially gagging the companies and individuals involved.
...If enacted, sending such a letter would not require a court order, nor require any oversight from external organizations whatsoever.
That’s the aspect of the bill that lone-Senate Intelligence Committee dissenter, Ron Wyden, highlighted as part of his no vote.
“This bill takes a hatchet to important protections for Americans’ liberty,” he said (via CNet). “This bill would mean more government surveillance of Americans, less due process, and less independent oversight of U.S. intelligence agencies.” more
Subscribe to:
Comments (Atom)