Monday, March 5, 2018

Court Admits Husband's Illegal Bugging into Evidence

Turkey - A top appeals court decided that evidence collected through illegal bugging could not be used by itself to prove guilt but could be used in conjunction with other evidence in a 2015 case where a man in the Aegean province of Aydın believed his wife was cheating on him and installed a bugging application onto her cell phone.

The application turned the cell phone into a recording device. The recordings showed the woman really was cheating on him with a colleague from work. The man immediately filed for divorce, demanding compensation from his wife and the custody of their child. more


An app that can help determine if an Android phone is infected with spyware.

10 New Attacks on 4G LTE Discovered

A group of researchers has uncovered ten new attacks against the 4G LTE wireless data communications technology for mobile devices and data terminals.

The attacks exploit design flaws in the communications protocol and unsafe practices employed by the stakeholders and can be used to achieve things like impersonating existing users, spoofing the location of the victim device, delivering fake emergency and warning messages, eavesdropping on SMS communications, and more.

Among the uncovered attacks they consider one particularly worrying: an authentication relay attack that allows an adversary to impersonate an existing user (mobile phone) without possessing any legitimate credentials.

“Through this attack the adversary can poison the location of the victim device in the core networks, thus allowing setting up a false alibi or planting fake evidence during a criminal investigation,” they pointed out. more

Cuba's Sonic Attacks - Possibly a Side-Effect of Spying

Its surveillance tools may have transmitted ultrasonic sounds by mistake...

Remember those 'sonic attacks' against the American and Canadian embassies last summer, making staff queasy and raising all kinds of questions as to what happened? There might have an answer. University of Michigan researchers have theorized that the incidents were really the result of ultrasonic signals from poorly functioning surveillance equipment. While individual ultrasonic signals can't harm people outside of extreme circumstances, multiple signals can clash with each other and produce a sound that's just low enough to be audible.

The scientists tested their hypothesis by replicating the "chirping" from an AP video using two ultrasonic emitters that combined tones, one at 25kHz and another at 180Hz. That produced a similar-sounding 7kHz frequency with ripples of sound at an even 180Hz spacing. The team even built a device that would simulate eavesdropping by playing a song instead of the 180Hz tone. more

Security Scrapbook fans knew this might be a botched spying attempt, and how it worked, last August. ~Kevin

Wednesday, February 28, 2018

Invention: Simple Device Allows Fast Lockdowns in Schools

As school carpenter Cory Webster replaced dozens of deteriorating rubber door stoppers that were installed to help keep Palos Verdes Peninsula classrooms safe in the event of a lockdown, he thought there must be a better way...

The 123 Lock-down Latch works much like a hotel door bumper: a teacher simply slides the metal lever to prevent a locked door from closing. When a lockdown happens, anyone inside the classroom can slide the lever back and the door closes and locks...

Because most classroom doors can only be locked from the outside with a key, the teacher can leave the door locked but with the latch engaged during passing period to allow students in and out easily. In the event of an active shooter, it’s not always safe for a teacher to step outside to lock the door. With the latch, there’s no need to fumble for keys or leave the classroom to secure the door. more

Austria: Bugging Devices Found... and then, a break-in!

The office of Austrian far-right leader and vice chancellor Heinz-Christian Strache was broken into this week, shortly after bugging devices were discovered there, and a criminal inquiry has been launched, prosecutors said on Thursday.

The break-in occurred on Wednesday night while Strache, whose Freedom Party entered the governing coalition after elections in October, was out for dinner, his spokesman said, confirming an earlier report by broadcaster Oe24.

The spokesman said the electronic surveillance devices had been discovered last week behind a mirrored wall by intelligence service specialists. “This was a routine check after moving into a new office,” he said. more

TSCM 101 - When you find one bug, don't stop looking. A post-discovery break-in may indicate the removal of additional, and more sophisticated bugs. Later discovery of these devices might implicate who planted them in the first place.  ~Kevin

Tuesday, February 27, 2018

Smartphone Goes Dark at the Flip of a Switch

Cybersecurity firm DarkMatter has launched its first smartphone, designed to stop spy agencies listening to you.

An Android device called Katim, it was made available commercially Monday at Mobile World Congress in Barcelona, Spain, and has a 5.2-inch display, as well as a high level of encryption...

One security feature built by the Middle East-based firm is called "shield mode," which disconnects power from the microphone and camera on the device so that nobody can spy on your conversations. more

The Case of the License Plate ICE Pick

The Immigration and Customs Enforcement (ICE) agency has officially gained agency-wide access to a nationwide license plate recognition database, according to a contract finalized earlier this month. The system gives the agency access to billions of license plate records and new powers of real-time location tracking, raising significant concerns from civil libertarians...

ICE agents would be able to query that database in two ways. A historical search would turn up every place a given license plate has been spotted in the last five years, a detailed record of the target’s movements. That data could be used to find a given subject’s residence or even identify associates if a given car is regularly spotted in a specific parking lot. more

As foreshadowed...

Personal Phone Calls at Work Can Put Employers in Jeopardy

This from a California court: Employers unwise to permit use of company telephones for personal calls—at least if the employer plans to record those calls.
  • Two-party consent means two-party consent: All parties to a call must be told the call is going to be recorded and must consent.
  • Employers with recording systems should consider barring use of company telephones for personal calls and making sure that people receiving calls on a recorded line automatically are informed, up front, that the call will be recorded.
  • Barring all personal calls is not necessary, but it may offer some protection against the legal consequences of a breakdown in the employer’s system of ensuring notice to all parties before the recording begins.
In a for-publication opinion, the California Court of Appeal has warned employers that it is not enough to tell employees they have no right of privacy if they use the employer’s telephones for personal calls: the employer might still be liable to third persons whose telephone calls are recorded. Rojas v. HSBC Card Servs. Inc., ___ Cal. App. 4th ___, No. D071442, 2018 WL 802094 (Cal. Ct. App. Fourth Dist. Jan. 16, 2018). more

Note: Many other states follow the more restrictive version of Federal law–two party consent–as well. ~Kevin

Saturday, February 24, 2018

Extortionography and the Missouri Gov. Eric Greitens Felony Indictment

Missouri Gov. Eric Greitens, who was once considered a rising star in the Republican Party, has been under siege since January, when accusations emerged that he threatened to use a nude photo to blackmail his former hairstylist, with whom he was having an extramarital affair.

Greitens had allegedly threatened the woman by saying he would distribute a nude photo he had secretly taken of her if she exposed their relationship.

The accusations stemmed from a covert recording by the woman’s ex-husband published by KMOV in St. Louis, in which the woman is heard describing how Greitens invited her to his home in 2015 and, with her consent, taped her hands to exercise rings and blindfolded her. He then allegedly took a photo of her naked. more

What is extortionography?

Mystery 911 Calls from Apple Repair Center


Apple is working with local police to remedy a surge in unintentional emergency calls to 911 that are originating from the company’s distribution and repair center in Elk Grove, California.

The influx of calls has been ongoing for months, averaging 20 accidental calls a day and totaling over 1,600 since October.

911 dispatchers hear silence and intermittent employee chatter when the calls come in. more

Thursday, February 22, 2018

FutureWatch: Tomorrow's Spys Today

"Help young people. Help small guys. Because small guys will be big. Young people will have the seeds you bury in their minds, and when they grow up, they will change the world." 
~Jack Ma

Teens at the Library for grades 6-10: Spy Academy 
Categories: Community
Date: Thursday, February 22, 2018
Start Time: 6:30 PM (GMT-05:00) Eastern Time (US & Canada)
End Time: 7:30 PM
Location Northeast Regional Library, 14401 Green Elm Ln, Raleigh, NC 27614
Google Calendar Yahoo! Calendar Windows Live Calendar iCal/Outlook

Put your sleuth skills to the test. Come for a night of code breaking, laser-beams, memory, and more!

For more information...

Dronebusters

Two drones headed north above Capitol Boulevard toward the Idaho statehouse. Lt. Gov. Brad Little stood to Gov. Butch Otter’s right at the top of the Capitol steps and watched...

The demonstration by Black Sage Technologies showed off the Boise company’s system to immobilize drones that might be carry a bomb, drop contraband or weapons into prison recreation yards, or spy on sensitive operations.

Black Sage uses cameras, radar and other tools to detect drones. It can see them at least three and a half miles away. The company sometimes demonstrates its anti-drone system at military bases. Wednesday’s exhibition was one of the few times the public has gotten to see it. more

The Employee Competitor: Spy in the Yogurt

Click here.
The American yogurt market has remained pretty steady over the past few years, yet the yogurt areas in all my go-to grocery stores keep expanding, meaning it’s an increasingly competitive industry, and this fosters the sort of tense environment that sometimes can lead to suspicions of corporate espionage.

On Wednesday, Bloomberg reported that Dannon Co. sued its former senior vice president, Federico Muyshondt, alleging he divulged trade secrets to colleagues at his new job, which is with Chobani LLC. Both of these companies, obviously, are renowned for their yogurt.

According to the complaint—filed in a federal court in White Plains, New York—Muyshondt stands accused of pilfering details of Dannon’s business strategy, plans for forthcoming products, and lists of customers before he left the company in January to take a job with Chobani, which was not named as a defendant in the lawsuit. more

Report Reveals 50% of Organizations Don't Provide Employee Information Security Training

New cybersecurity reports just released by Cisco and Verizon Wireless say that businesses are faced with more sophisticated security threats from wireline and wireless devices running on their networks.

Perhaps the more disturbing revelation of Verizon’s study is that it’s not hacktivists, criminals or those engaging in corporate espionage that pose the greatest threat, but a company’s own employees. However, only 50% of all organizations provide IT training when a new employee joins a company. more

Observation: Interestingly, even fewer businesses proactively check for all the other methods of corporate espionage, e.g. regular information security surveys and technical surveillance countermeasures inspections

Coincidentally, the few that are pro-active seem to be among the most successful and profitable companies in America. Just coincidence?

Wednesday, February 21, 2018

You Are Never a Stranger in Our City - Facial Recognition Street Cams

Nvidia has partnered with AI developer AnyVision to create facial recognition technology for "smart cities" around the world. The two companies will work to install automatic facial recognition into CCTV (closed-circuit television) surveillance cameras.

AnyVision claims the technology enables cameras that can continuously scan for faces 24/7, automatically identifying and tracking individuals within a large crowd with 99% accuracy.

Algorithms working with human monitors can then compare the faces identified against a database of known terrorists or criminals.

The company also says it's committed to protecting the personal data that CCTV cameras collect.

So... is this technology terrifying, and possibly everything Orwell warned us about? Absolutely.

But it could also save thousands of lives. The technology could be useful not only for catching at-large criminals, but also for quickly identifying suspects, and tracking down individuals who have gone missing. more

You may recall, this has been tried before and its comeback was predicted here in 2008.