via Krebs on Security
Your mobile phone is giving away your approximate location all day long.
This
isn't exactly a secret: It has to share this data with your mobile provider
constantly to provide better call quality and to route any emergency 911 calls
straight to your location.
But now, the major mobile providers in the United
States -- AT&T, Sprint, T-Mobile and Verizon -- are selling this location
information to third party companies -- in real time -- without your consent
or a court order, and with apparently zero accountability for how this data
will be used, stored, shared or protected.
It may be tough to put a price on one's location privacy, but here's something
of which you can be sure: The mobile carriers are selling data about where you
are at any time, without your consent, to third-parties for probably far less
than you might be willing to pay to secure it. more
Tuesday, May 22, 2018
Monday, May 21, 2018
"Secure" Cell Phone Spyware Springs a Leak
At least one server used by an app for parents to monitor their teenagers' phone activity has leaked tens of thousands of accounts of both parents and children.
The mobile app, TeenSafe, bills itself as a "secure" monitoring app for iOS and Android, which lets parents view their child's text messages and location, monitor who they're calling and when, access their web browsing history, and find out which apps they have installed.
Although teen monitoring apps are controversial and privacy-invasive, the company says it doesn't require parents to obtain the consent of their children. more
The mobile app, TeenSafe, bills itself as a "secure" monitoring app for iOS and Android, which lets parents view their child's text messages and location, monitor who they're calling and when, access their web browsing history, and find out which apps they have installed.
Although teen monitoring apps are controversial and privacy-invasive, the company says it doesn't require parents to obtain the consent of their children. more
Tuesday, May 15, 2018
IBM Bans Removable Drives and Shows World's Smallest Computer
IBM has allegedly issued a worldwide ban against the the use of
removable drives, including Flash, USB, and SD cards, to transfer data.
This new policy is being instituted to prevent confidential and sensitive information from being leaked due to misplaced or unsecured storage devices.
According to a report by TheRegister, IBM's global chief Information security officer Shamla Naidoo issued an advisory stating that the company “is expanding the practice of prohibiting data transfer to all removable portable storage devices (eg: USB, SD card, flash drive).” This advisory further stated that this policy is already in effect for some departments, but will be further enforced throughout the entire company. more
-------
Today, IBM will be showing off the world's smallest computer at its Think 2018 conference. This computer is the size of a grain of salt, contains a million transistors, and only costs .10 to manufacture.
This micro computer is being unveiled as part of IBM's crypto-anchors initiative, which are digital fingerprints that can be embedded in products such as medicine, cell phones, toys, watches, and even wine to detect counterfeit products. With product fraud costing the global economy $600 billion dollars a year, IBM is hoping crypto-anchors can help stem the tide of fraudulent products and counterfeit drugs...
FutureWatch: Within the next five years, cryptographic anchors — such as ink dots or tiny computers smaller than a grain of salt — will be embedded in everyday objects and devices. more
This new policy is being instituted to prevent confidential and sensitive information from being leaked due to misplaced or unsecured storage devices.
According to a report by TheRegister, IBM's global chief Information security officer Shamla Naidoo issued an advisory stating that the company “is expanding the practice of prohibiting data transfer to all removable portable storage devices (eg: USB, SD card, flash drive).” This advisory further stated that this policy is already in effect for some departments, but will be further enforced throughout the entire company. more
-------
Today, IBM will be showing off the world's smallest computer at its Think 2018 conference. This computer is the size of a grain of salt, contains a million transistors, and only costs .10 to manufacture.
This micro computer is being unveiled as part of IBM's crypto-anchors initiative, which are digital fingerprints that can be embedded in products such as medicine, cell phones, toys, watches, and even wine to detect counterfeit products. With product fraud costing the global economy $600 billion dollars a year, IBM is hoping crypto-anchors can help stem the tide of fraudulent products and counterfeit drugs...
FutureWatch: Within the next five years, cryptographic anchors — such as ink dots or tiny computers smaller than a grain of salt — will be embedded in everyday objects and devices. more
Friday, May 11, 2018
Cell Phone Problems Predicted in 1919
Click to enlarge. |
The Pocket Telephone: When Will it Ring?
Published in The Daily Mirror Mar. 5, 1919
Social Meddling on Social Media
The massive trove of Facebook ads House Intelligence Committee Democrats released Tuesday provides a stunning look into the true sophistication of the Russian government’s digital operations during the presidential election.
...a swath of empirical and visual evidence of Russia’s disinformation campaign, in the form of more than 3,000 incredibly specific and inflammatory ads purchased by an Internet troll farm sponsored by the Kremlin.
The ads clearly show how Russia weaponized social media, the senior Democrat on the panel investigating Moscow’s interference in the presidential election said. more
...a swath of empirical and visual evidence of Russia’s disinformation campaign, in the form of more than 3,000 incredibly specific and inflammatory ads purchased by an Internet troll farm sponsored by the Kremlin.
The ads clearly show how Russia weaponized social media, the senior Democrat on the panel investigating Moscow’s interference in the presidential election said. more
Beware the Venmo
Nicole found out the guy she was dating was already in a committed relationship. Abby learned that her ex had most likely hooked up with someone new, and Ben discovered that a long-ago casual fling had apparently developed a drug habit.
The sleuthing tool that cracked these relationship mysteries was not a private investigator, but the peer-to-peer payment app Venmo.
The mobile payment service, which processed more than $35 billion in payments last year, is a no-fuss solution for splitting the dinner bill after a night out with friends.
But Venmo users have found it’s also an extremely effective tool for keeping tabs on friends, partners and exes, researching crushes, and in some cases, uncovering infidelity. Some even say Venmo is a better method for watching people than more explicitly public social media platforms like Facebook or Instagram.
Some users seem to forget that their transactions are public by default, and their payment activity provides an unfiltered paper trail of what’s really happening in their lives. more
The sleuthing tool that cracked these relationship mysteries was not a private investigator, but the peer-to-peer payment app Venmo.
The mobile payment service, which processed more than $35 billion in payments last year, is a no-fuss solution for splitting the dinner bill after a night out with friends.
But Venmo users have found it’s also an extremely effective tool for keeping tabs on friends, partners and exes, researching crushes, and in some cases, uncovering infidelity. Some even say Venmo is a better method for watching people than more explicitly public social media platforms like Facebook or Instagram.
Some users seem to forget that their transactions are public by default, and their payment activity provides an unfiltered paper trail of what’s really happening in their lives. more
The Skim Reaper - Detects Credit Card Skimmers
After three years of study, Patrick Traynor and two Florida graduate students invented a device they call the “Skim Reaper,” a credit-card thin gadget that slides into card reader slots and can easily and quickly detect if an ATM or gas pump has been compromised. The New York Police Department is testing the Skim Reaper with some early success in its effort to rid the streets of the pervasive devices...
Most credit card skimmers work by installing an extra “read head” inside or outside a machine. This extra read head allows criminals to make a copy of the card’s information as a consumer swipes it. Skim Reaper was built to detect when more than one read head is present, Traynor said...
The device looks like a long credit card that can be slid into a card slot in a gas pump or ATM. It’s attached by a wire to a cellphone-sized box with a small readout screen that says “possible skimmer!” when multiple read heads are detected...
Right now, it costs about $50 to make each Skim Reaper, Traynor said, but his team is working daily to get that number down...
Nolen Scaife, one of the graduate students who designed the device with Traynor, said the team is working to improve the Skim Reaper’s design so that it is wallet-sized. Then, consumers would be able to carry the device and dip it into a card reader before they get gas or use the ATM to ensure they aren’t being skimmed. more
Most credit card skimmers work by installing an extra “read head” inside or outside a machine. This extra read head allows criminals to make a copy of the card’s information as a consumer swipes it. Skim Reaper was built to detect when more than one read head is present, Traynor said...
The device looks like a long credit card that can be slid into a card slot in a gas pump or ATM. It’s attached by a wire to a cellphone-sized box with a small readout screen that says “possible skimmer!” when multiple read heads are detected...
Right now, it costs about $50 to make each Skim Reaper, Traynor said, but his team is working daily to get that number down...
Nolen Scaife, one of the graduate students who designed the device with Traynor, said the team is working to improve the Skim Reaper’s design so that it is wallet-sized. Then, consumers would be able to carry the device and dip it into a card reader before they get gas or use the ATM to ensure they aren’t being skimmed. more
FontCode: Embed Secret Messages Within Text
Click to enlarge. |
The hidden information persists even when documents or images with perturbed texts are printed or converted to another file type. Method could prevent document tampering, protect copyrights, as well as embed QR codes and other metadata without altering the look or layout of a document.
"While there are obvious applications for espionage, we think FontCode has even more practical uses for companies wanting to prevent document tampering or protect copyrights, and for retailers and artists wanting to embed QR codes and other metadata without altering the look or layout of a document," says Changxi Zheng, associate professor of computer science and the paper's senior author. more
Thursday, May 10, 2018
Hidden Smart Device Commands: Manchurian Candidate, or "Yes, master."
Over the past two years, researchers in China and the United States have begun demonstrating that they can send hidden commands that are undetectable to the human ear to Apple’s Siri, Amazon’s Alexa and Google’s Assistant.
Inside university labs, the researchers have been able to secretly activate the artificial intelligence systems on smartphones and smart speakers, making them dial phone numbers or open websites.
In the wrong hands, the technology could be used to unlock doors, wire money or buy stuff online — simply with music playing over the radio. more
Monday, May 7, 2018
Spycam: Aurora Cop Caught Spying on Ex-wife
An Aurora police officer will not be reinstated after he was fired for spying on his ex-wife through three cameras hidden in her Sugar Grove home, a judge has ruled.
The decision by Kane County Judge David Akemann also cancels an arbitrator's ruling that would have reinstated Daniel Wagner to the Aurora Police Department this past January...
Wagner's now ex-wife found a hidden camera in her home in September 2016 and called police to investigate. Officers found a total of three cameras.
Records show she had filed for divorce in 2015, and Wagner installed the cameras during the divorce proceedings and reactivated them after it was final. more
The decision by Kane County Judge David Akemann also cancels an arbitrator's ruling that would have reinstated Daniel Wagner to the Aurora Police Department this past January...
Wagner's now ex-wife found a hidden camera in her home in September 2016 and called police to investigate. Officers found a total of three cameras.
Records show she had filed for divorce in 2015, and Wagner installed the cameras during the divorce proceedings and reactivated them after it was final. more
Eavesdropping: Former Police Official Charged
A recently retired city police captain is now facing a felony charge of eavesdropping.
Brian Wentland, a former training captain who left the Lockport Police Department in February, was charged Friday, according to Niagara County District Attorney Caroline A. Wojtaszek.
The charges relate to a May 6, 2013 phone call involving his ex-wife and another person.
The timing of the charges was critical in the case.Wentland’s arrest was just two days before the five-year statute of limitations expired on the charge. more
Brian Wentland, a former training captain who left the Lockport Police Department in February, was charged Friday, according to Niagara County District Attorney Caroline A. Wojtaszek.
The charges relate to a May 6, 2013 phone call involving his ex-wife and another person.
The timing of the charges was critical in the case.Wentland’s arrest was just two days before the five-year statute of limitations expired on the charge. more
Technical Surveillance Countermeasures (TSCM) and Cell Phone Security Presentation
As part of the New Jersey Association for Justice Boardwalk Seminar, Murray Associates president Kevin D. Murray will present a session entitled, “Technical Surveillance Countermeasures (TSCM) and Cell Phone Security.”
Eavesdropping, wiretapping, snooping, voyeurism, and espionage are covert activities. The victim rarely knows when it happens. Kevin D. Murray explores the world of corporate espionage, explaining how many companies are bleeding profits for lack of a counterespionage strategy.
Regularly scheduled TSCM inspections narrow the window-of-vulnerability, spot new security loopholes, identify decaying security measures and practices, disrupt the spy’s intelligence collection phase, and keep counterespionage awareness levels elevated.
"Success-to-failure ratios are similar… most airplanes don’t crash; most people don’t drown in their baths; most houses don’t burn to the ground whenever the stove is used… and, most spying goes undiscovered." ~Kevin more
Eavesdropping, wiretapping, snooping, voyeurism, and espionage are covert activities. The victim rarely knows when it happens. Kevin D. Murray explores the world of corporate espionage, explaining how many companies are bleeding profits for lack of a counterespionage strategy.
Regularly scheduled TSCM inspections narrow the window-of-vulnerability, spot new security loopholes, identify decaying security measures and practices, disrupt the spy’s intelligence collection phase, and keep counterespionage awareness levels elevated.
"Success-to-failure ratios are similar… most airplanes don’t crash; most people don’t drown in their baths; most houses don’t burn to the ground whenever the stove is used… and, most spying goes undiscovered." ~Kevin more
Thursday, May 3, 2018
Audio Adversarial Examples: Targeted Attacks on Speech-to-Text
We construct targeted audio adversarial examples on automatic speech recognition.
Given any audio waveform, we can produce another that is over 99.9% similar, but transcribes as any phrase we choose (recognizing up to 50 characters per second of audio).
We apply our white-box iterative optimization-based attack to Mozilla’s implementation DeepSpeech end-to-end, and show it has a 100% success rate.
The feasibility of this attack introduces a new domain to study adversarial examples. more audio examples
Given any audio waveform, we can produce another that is over 99.9% similar, but transcribes as any phrase we choose (recognizing up to 50 characters per second of audio).
We apply our white-box iterative optimization-based attack to Mozilla’s implementation DeepSpeech end-to-end, and show it has a 100% success rate.
The feasibility of this attack introduces a new domain to study adversarial examples. more audio examples
From one of our Blue Blaze irregulars... "Audio
Adversarialism is the practice of fooling voice-to-text and voice
recognition systems by effectively embedding ‘hidden’ commands in audio
files which are inaudible to human ears but which are picked up by
speakers and mean, in theory, that we might hear the telly saying
“Should have gone to Specsavers!” where instead our Amazon Echo is in
fact hearing “Alexa, lock all the doors, turn on the gas and start
sparking all the bogs in 00:59, 00:58…”. This is...not scary at all, oh
no. Hi Siri! Hi Alexa!"
Thursday, April 26, 2018
Spycam Found in Starbucks Restroom... again.
GA - Police have launched an investigation after a camera was discovered last week inside a restroom at a Starbucks store in an Atlanta suburb.
A 25-year-old customer reportedly found the device Tuesday, taped under a baby changing station.
According to a police report, the woman removed the camera and alerted the manager. The manager then notified Starbucks’ corporate office...
The manager gave the camera to police for inspection. Authorities reportedly found 25 videos stored on the camera, including several that reportedly showed people using the restroom. more
N.B. Starbucks, you and any business with restrooms really need to read this.
http://tinyurl.com/ya5xvns2 |
According to a police report, the woman removed the camera and alerted the manager. The manager then notified Starbucks’ corporate office...
The manager gave the camera to police for inspection. Authorities reportedly found 25 videos stored on the camera, including several that reportedly showed people using the restroom. more
N.B. Starbucks, you and any business with restrooms really need to read this.
Wednesday, April 25, 2018
A.I. vs. Human Spies - Guess who wins
Human spies will soon be relics of the past, and the CIA knows it. Dawn Meyerriecks, the Agency’s deputy director for technology development, recently told an audience at an intelligence conference in Florida the CIA was adapting to a new landscape where its primary adversary is a machine, not a foreign agent.
Meyerriecks, speaking to CNN after the conference, said other countries have relied on AI to track enemy agents for years. She went on to explain the difficulties encountered by current CIA spies trying to live under an assumed identity in the era of digital tracking and social media, indicating the modern world is becoming an inhospitable environment to human spies.
But the CIA isn’t about to give up...
Today’s spies have the same problem as yesterday’s: the need to be invisible. What’s changed is the adversary. Instead of fooling people with fake documents and well-told lies, agents have to fool computers capable of picking out a single face in a crowd.
According to Meyerriecks at least 30 countries have the capability to do this with current CCTV camera systems...
We’ve always thought spies, like James Bond, had the coolest gadgets. Now they’re being replaced by them. more
Meyerriecks, speaking to CNN after the conference, said other countries have relied on AI to track enemy agents for years. She went on to explain the difficulties encountered by current CIA spies trying to live under an assumed identity in the era of digital tracking and social media, indicating the modern world is becoming an inhospitable environment to human spies.
But the CIA isn’t about to give up...
Today’s spies have the same problem as yesterday’s: the need to be invisible. What’s changed is the adversary. Instead of fooling people with fake documents and well-told lies, agents have to fool computers capable of picking out a single face in a crowd.
According to Meyerriecks at least 30 countries have the capability to do this with current CCTV camera systems...
We’ve always thought spies, like James Bond, had the coolest gadgets. Now they’re being replaced by them. more
Subscribe to:
Posts (Atom)