Lawmakers are stepping up their demands for more information from the Trump administration about foreign efforts to spy on Americans' cellphones. more
Tuesday, July 3, 2018
Washington Policymakers Bluster About High-Tech Foreign Surveillance (again)
Washington policymakers are growing increasingly worried about the
threat of high-tech foreign surveillance, a development complicated by
U.S. spy agencies' use of similar technologies.
Lawmakers are stepping up their demands for more information from the Trump administration about foreign efforts to spy on Americans' cellphones. more
Lawmakers are stepping up their demands for more information from the Trump administration about foreign efforts to spy on Americans' cellphones. more
Facebook Promises Not to Use Tech in Phone Eavesdropping Patent
In an attempt to assuage concerns raised by Facebook's filing for a patent for software that could turn the mics of smartphones on in order to record secret messages in TV ads, the social networking giant has ruled out using the technology in any of its products.
The patent had been filed "to prevent aggression from other companies," Facebook Vice President and Deputy General Counsel Allen Lo told Engadget in a statement this week. The technology in this patent has not been included in any of Facebook's products, "and never will be", Lo said. more
The patent had been filed "to prevent aggression from other companies," Facebook Vice President and Deputy General Counsel Allen Lo told Engadget in a statement this week. The technology in this patent has not been included in any of Facebook's products, "and never will be", Lo said. more
No Formal Process for Protecting a Trade Secret in Canada ?!?!
Canada - At the annual Uniform Law Conference of Canada in 1989, there was proposed legislation drafted that was called the Uniform Trade Secrets Act.
It provided for potential civil remedies against anyone who acquired a trade secret improperly, including through commercial espionage or electronic means. Courts could grant injunctions, award damages and determine who could make future use of the trade secret.
The proposed legislation was put forward one year after the Supreme Court of Canada issued its ruling in R. v. Stewart on the issue of whether “confidential information” can be the subject of theft under the Criminal Code. The court, in a unanimous decision, concluded that it could not, since confidential information on its own is not property...
Three decades later, there are still no criminal offences specific to this area and the Uniform Trade Secrets Act was never enacted into law by any province. In fact, the current website of the federal Canadian Intellectual Property Office states flatly that there is “no formal process” for protecting a trade secret. more
Meanwhile... Australia has passed new laws to get tough on spying. more
It provided for potential civil remedies against anyone who acquired a trade secret improperly, including through commercial espionage or electronic means. Courts could grant injunctions, award damages and determine who could make future use of the trade secret.
The proposed legislation was put forward one year after the Supreme Court of Canada issued its ruling in R. v. Stewart on the issue of whether “confidential information” can be the subject of theft under the Criminal Code. The court, in a unanimous decision, concluded that it could not, since confidential information on its own is not property...
Three decades later, there are still no criminal offences specific to this area and the Uniform Trade Secrets Act was never enacted into law by any province. In fact, the current website of the federal Canadian Intellectual Property Office states flatly that there is “no formal process” for protecting a trade secret. more
Meanwhile... Australia has passed new laws to get tough on spying. more
Monday, July 2, 2018
Sign Up - Hackers On Planet Earth (H.O.P.E.) - 3 Days & Nights in NYC
The Circle of HOPE will take place on July 20, 21, and 22, 2018 at the Hotel Pennsylvania in New York City. H.O.P.E. stands for Hackers On Planet Earth, one of the most creative and diverse hacker events in the world. It's been happening since 1994.
Three full days and nights of activities, including more of the provocative and enlightening speakers that the HOPE conferences are known for. In addition, they will have access to a massive amount of space to put together all sorts of hacker projects and assorted fun stuff.
In the past they've had huge hackerspace villages, film festivals, Segway rides, lock picking villages, a wide variety of vendors, art installations, live video, vintage computers, robots, an amateur/ham radio station, electronics workshops, book signings, and the country's biggest supply of Club-Mate.
All of that happening right in the middle of New York City, across the street from Penn Station and down the block from the Empire State Building. more
Be sure to check out the amazing list of speakers and topics!
Three full days and nights of activities, including more of the provocative and enlightening speakers that the HOPE conferences are known for. In addition, they will have access to a massive amount of space to put together all sorts of hacker projects and assorted fun stuff.
In the past they've had huge hackerspace villages, film festivals, Segway rides, lock picking villages, a wide variety of vendors, art installations, live video, vintage computers, robots, an amateur/ham radio station, electronics workshops, book signings, and the country's biggest supply of Club-Mate.
All of that happening right in the middle of New York City, across the street from Penn Station and down the block from the Empire State Building. more
Be sure to check out the amazing list of speakers and topics!
Ah, Gee. Not LTE.
Vulnerabilities have been discovered in LTE that would make it possible for an attacker to tap into 4G networks for the purposes of spying on and hijacking 4G browsing sessions.
Security researchers from Ruhr-Universität, Bochum and New York University, Abu Dhabi show how three different attacks can be launched on the second layer of LTE -- also known as the data link layer. Two passive attacks allow for identity mapping and website fingerprinting, while the active cryptographic aLTEr attack allows for DNS spoofing and network connection redirection.
The researchers, David Rupprecht, Katharina Kohls, Thorsten Holz, and Christina Pöpper, are due to share their findings at the 2019 IEEE Symposium on Security & Privacy next year, but has published a paper in the meantime. Their findings mean that all three protocol layers of LTE (physical, data link, and network) have been found to be problematic.
Current 4G networks are vulnerable, and it is thought that 5G networks could be as well. In the name of responsible disclosure, the group informed the likes of the GSM Association (GSMA), the 3rd Generation Partnership Project (3GPP), and telephone companies of its findings. more
Security researchers from Ruhr-Universität, Bochum and New York University, Abu Dhabi show how three different attacks can be launched on the second layer of LTE -- also known as the data link layer. Two passive attacks allow for identity mapping and website fingerprinting, while the active cryptographic aLTEr attack allows for DNS spoofing and network connection redirection.
The researchers, David Rupprecht, Katharina Kohls, Thorsten Holz, and Christina Pöpper, are due to share their findings at the 2019 IEEE Symposium on Security & Privacy next year, but has published a paper in the meantime. Their findings mean that all three protocol layers of LTE (physical, data link, and network) have been found to be problematic.
Current 4G networks are vulnerable, and it is thought that 5G networks could be as well. In the name of responsible disclosure, the group informed the likes of the GSM Association (GSMA), the 3rd Generation Partnership Project (3GPP), and telephone companies of its findings. more
Whataburger - Toilet Spycam - 13 Unidentified Victims
TX - The man accused of placing a video camera in the restroom of a Whataburger restaurant has now been arrested, according to Abilene police...
Abilene police released footage of the suspect placing the camera inside a bathroom stall.
Last Friday, a woman called police after finding the device inside the toilet lid at a south Abilene Whataburger.
A woman, who said she wishes to remain anonymous, told KTAB/KRBC that when she went to the restroom, she flushed the toilet and noticed an unusual small circle under the rim of the toilet lid. She said she looked closer and found what appeared to be a camera lens. The woman said she then followed the camera to 'a bunch of wires connected to the device' under the lid of the tank.
The woman said she then ripped the device out of the tank and and ran to her car where she called police...
Whataburger said it had launched its own investigation... more
Abilene police are seeking information about potential victims from last week's Whataburger video voyeur case.
Police said 13 unidentified victims need to be identified.
Anyone who was at Whataburger at 4241 South 1st Street on Friday, June 22 between 8:50 a.m. and 1:18 p.m. and used the women's restroom as asked to call police at 325-676-6610. more
Abilene police released footage of the suspect placing the camera inside a bathroom stall.
Last Friday, a woman called police after finding the device inside the toilet lid at a south Abilene Whataburger.
A woman, who said she wishes to remain anonymous, told KTAB/KRBC that when she went to the restroom, she flushed the toilet and noticed an unusual small circle under the rim of the toilet lid. She said she looked closer and found what appeared to be a camera lens. The woman said she then followed the camera to 'a bunch of wires connected to the device' under the lid of the tank.
The woman said she then ripped the device out of the tank and and ran to her car where she called police...
Whataburger said it had launched its own investigation... more
Abilene police are seeking information about potential victims from last week's Whataburger video voyeur case.
Police said 13 unidentified victims need to be identified.
Anyone who was at Whataburger at 4241 South 1st Street on Friday, June 22 between 8:50 a.m. and 1:18 p.m. and used the women's restroom as asked to call police at 325-676-6610. more
Sunday, July 1, 2018
Could Your Smartphone Battery Spy on You? (unlikely, but...)
Most batteries in today’s smartphone are intelligent enough to detect how people use their phones and employ power-saving technologies that result in longer battery life. That advantage sounds excellent all around, but...
The researchers who authored a paper [PDF] on the subject of smartphone batteries capable of spying on people pointed out that this hack would be quick to implement and difficult to detect. They say smartphone owners may even participate in helping the hacks happen by installing malicious batteries themselves.
It could happen in a scenario where a hacker sets up an online store and entices users with promises of extra-long battery life and low prices, sends a purchaser the battery and waits for it to become installed in the phone to begin the tracking segment of the hack.
Plus, the battery could be capable of continuous monitoring, giving hackers the opportunity to see almost all the things the targets do with their phones, whether that’s browsing the internet, typing on the phone’s keyboard or receiving calls. more
A bug made to look like a cell phone battery...
The researchers who authored a paper [PDF] on the subject of smartphone batteries capable of spying on people pointed out that this hack would be quick to implement and difficult to detect. They say smartphone owners may even participate in helping the hacks happen by installing malicious batteries themselves.
It could happen in a scenario where a hacker sets up an online store and entices users with promises of extra-long battery life and low prices, sends a purchaser the battery and waits for it to become installed in the phone to begin the tracking segment of the hack.
Plus, the battery could be capable of continuous monitoring, giving hackers the opportunity to see almost all the things the targets do with their phones, whether that’s browsing the internet, typing on the phone’s keyboard or receiving calls. more
A bug made to look like a cell phone battery...
The Search Engine That Didn't Snitch... and other disasters
Hey gang, it's almost Independence Day here in America. Yup, July 4th is just around the corner.
Fireworks are in America's bloodstream... but, did you know your on-line curiosity could get you in trouble with the terrorist chasers? Your fireworks search engine inquires might start popping red flags...
"Ludlow Kissel and the Dago Bomb That Struck Back"
"What is a Dago Bomb?"
"How can I build a Dago Bomb?"
"Dago Bomb ingredients"
"What was blown up by the Dago Bomb?"
(Knock, Knock)
"We're from Homeland Security..."
"Excelsior, you fathead!" Next time, don't use a search engine that captures your IP address. Search privately. Go to https://www.ixquick.com
ixquick is the only search engine which gives you anonymity.
Oh, and Ludlow... he had his 15 minutes of fame... about 2:17 into this Great American Fourth of July video. ~Kevin
UPDATE - NEW URL. Startpage.com in
Fireworks are in America's bloodstream... but, did you know your on-line curiosity could get you in trouble with the terrorist chasers? Your fireworks search engine inquires might start popping red flags...
"Ludlow Kissel and the Dago Bomb That Struck Back"
"What is a Dago Bomb?"
"How can I build a Dago Bomb?"
"Dago Bomb ingredients"
"What was blown up by the Dago Bomb?"
(Knock, Knock)
"We're from Homeland Security..."
"Excelsior, you fathead!" Next time, don't use a search engine that captures your IP address. Search privately. Go to https://www.ixquick.com
ixquick is the only search engine which gives you anonymity.
Oh, and Ludlow... he had his 15 minutes of fame... about 2:17 into this Great American Fourth of July video. ~Kevin
UPDATE - NEW URL. Startpage.com in
Friday, June 29, 2018
Corporate Espionage Heats Up as “Made in China 2025” Nears
Corporate espionage is an extremely serious charge in the American technology market. There have been several prominent occasions in which AMD and Intel or AMD and Nvidia have cooperated when an employee was suspected to have engaged in IP theft, precisely because the consequences of bringing a product to market that’s tainted by another company’s IP rights could be so catastrophic.
But in China, there’s a very different system in place — and the way this has played out could be driving China’s investigation of Micron and Samsung’s DRAM pricing.
Here’s what we know. Micron alleges that the United Microelectronics Corporation (UMC), a Taiwanese foundry, cooperated with Fujian Jinhua Integrated Circuit Company to steal Micron secrets.
Jinhua may have been attempting to steal secrets from Micron in a manner similar to that used by the Yangtze Memory Technology Company, or YMTC, which is now building chips that the New York Times reports look suspiciously like Samsung devices.
The Chinese companies are collectively under tremendous pressure to deliver on an initiative China calls “Made in China 2025.”
Made in China 2025 is a comprehensive Chinese effort to increase domestic production of core materials by up to 40 percent by 2020 and 70 percent in 2025.
The impact this would have on existing semiconductor manufacturing can only be described as seismic. more
Important... Made in China 2025 should be a red flag to ALL businesses in the U.S.
Make sure you understand the impact of this initiative. Make sure you get a competent Technical Information Security Consultant on your team, soon. There won't be enough to go around once the penny drops.
But in China, there’s a very different system in place — and the way this has played out could be driving China’s investigation of Micron and Samsung’s DRAM pricing.
Here’s what we know. Micron alleges that the United Microelectronics Corporation (UMC), a Taiwanese foundry, cooperated with Fujian Jinhua Integrated Circuit Company to steal Micron secrets.
Jinhua may have been attempting to steal secrets from Micron in a manner similar to that used by the Yangtze Memory Technology Company, or YMTC, which is now building chips that the New York Times reports look suspiciously like Samsung devices.
The Chinese companies are collectively under tremendous pressure to deliver on an initiative China calls “Made in China 2025.”
Made in China 2025 is a comprehensive Chinese effort to increase domestic production of core materials by up to 40 percent by 2020 and 70 percent in 2025.
The impact this would have on existing semiconductor manufacturing can only be described as seismic. more
Important... Made in China 2025 should be a red flag to ALL businesses in the U.S.
Make sure you understand the impact of this initiative. Make sure you get a competent Technical Information Security Consultant on your team, soon. There won't be enough to go around once the penny drops.
Yet Another Reason for SpyCamDetection.Training
FL - A Keys man was arrested Wednesday after police said he was spying on people using the bathroom at his job.
Ray Gallegos, 32, of Big Pine Key, admitted to having planted a camera in the men's bathroom at the Walgreens, 30351 Overseas Hwy., sometime in August 2017 so he could watch men, according to the Monroe County Sheriff's Office.
Deputies and agents from Homeland Security on Wednesday searched Gallegos' home, where they said they found pictures and video depicting a bathroom stall later identified as the one located in the pharmacy at the Big Pine Walgreens. more
Facebook's Patent Called Creepy
If you’re a Facebook user, you’ve likely heard stories of people becoming convinced that the company uses the microphones that are everywhere these days (such as ones on a smartphone or laptop) to spy on its users. While those fears might just be the result of an overactive imagination, a new patent filing is fueling concerns that Facebook might actually be equipped to do just that someday soon...
The patent filing itself is densely packed with information, but the technology at the center of it would use high-pitched audio signals that are inaudible to humans and hidden within advertisements or other “broadcast content.” That audio signal could be used to activate a “client device” to record the ambient audio in the room and log an impression – which makes this sound like a system for tracking how many individual impressions an advertising campaign receives.
The abstract of the patent explains the system relies on client devices that are associated with each individual in a household, which has led many to believe that the patent is talking about activating the mic on your smartphone. The patent filing also features a number of images that depict the “client devices” as smartphones, which leaves little to the imagination. All of that, as you can imagine, has resulted in quite a few negative headlines accusing Facebook of once again overreaching when it comes to user privacy. more
The patent filing itself is densely packed with information, but the technology at the center of it would use high-pitched audio signals that are inaudible to humans and hidden within advertisements or other “broadcast content.” That audio signal could be used to activate a “client device” to record the ambient audio in the room and log an impression – which makes this sound like a system for tracking how many individual impressions an advertising campaign receives.
The abstract of the patent explains the system relies on client devices that are associated with each individual in a household, which has led many to believe that the patent is talking about activating the mic on your smartphone. The patent filing also features a number of images that depict the “client devices” as smartphones, which leaves little to the imagination. All of that, as you can imagine, has resulted in quite a few negative headlines accusing Facebook of once again overreaching when it comes to user privacy. more
California Passes Sweeping Data-Privacy Bill
California lawmakers gave consumers unprecedented protections for their data and imposed tough restrictions on the tech industry, potentially establishing a privacy template for the rest of the nation.
The law, which was rushed through the legislature this week and signed by Gov. Jerry Brown on Thursday, broadens the definition of what constitutes personal information and gives California consumers the right to prohibit the sale of personal data to third parties and opt out of sharing it altogether. The bill applies to internet giants such as Facebook Inc. and Alphabet Inc.’s Google but also will affect businesses of any size that collect data on their customers.
Ashkan Soltani, a digital researcher and former chief technologist for the Federal Trade Commission, said the regulations are the first of their kind in the U.S. more sing-a-long
The law, which was rushed through the legislature this week and signed by Gov. Jerry Brown on Thursday, broadens the definition of what constitutes personal information and gives California consumers the right to prohibit the sale of personal data to third parties and opt out of sharing it altogether. The bill applies to internet giants such as Facebook Inc. and Alphabet Inc.’s Google but also will affect businesses of any size that collect data on their customers.
Ashkan Soltani, a digital researcher and former chief technologist for the Federal Trade Commission, said the regulations are the first of their kind in the U.S. more sing-a-long
Wednesday, June 27, 2018
The Kid is Recording with His Cell Phone - Quick, Call the Cops!
A sad Middle School Civics Lesson...
One of Illinois' most-abused laws continues to be abused. For years, cops used the state's eavesdropping laws to arrest citizens who attempted to record them. This practice finally stopped when three consecutive courts -- including a federal appeals court -- ruled the law was unconstitutional when applied to target citizens recording public servants.
This may have led to the end of bullshit arrests from cops who didn't like being observed while they worked, but it's still being used by government officials to punish people they don't like. Illinois Policy reports a 13-year-old student is facing felony charges for recording a meeting between him and two school administrators.
For a 13-year-old, this is a huge problem. This places his recording of his conversation with school officials on the same level as aggravated assault and stalking. It comes with a minimum prison sentence of one year. more
Murray's Surreptitious Workplace Recording — and what to do about it
One of Illinois' most-abused laws continues to be abused. For years, cops used the state's eavesdropping laws to arrest citizens who attempted to record them. This practice finally stopped when three consecutive courts -- including a federal appeals court -- ruled the law was unconstitutional when applied to target citizens recording public servants.
This may have led to the end of bullshit arrests from cops who didn't like being observed while they worked, but it's still being used by government officials to punish people they don't like. Illinois Policy reports a 13-year-old student is facing felony charges for recording a meeting between him and two school administrators.
On Feb. 16, 2018, [Paul] Boron was called to the principal’s office at Manteno Middle School after failing to attend a number of detentions. Before meeting Principal David Conrad and Assistant Principal Nathan Short, he began recording audio on his cellphone.Principal Conrad sure knows his local statutes. He turned Boron in to law enforcement, which apparently decided to go ahead and process the paperwork, rather than tell Conrad to stop acting like a child. This led to prosecutors being just as unwilling to be the adults in the room.
Boron said he argued with Conrad and Short for approximately 10 minutes in the reception area of the school secretary’s office, with the door open to the hallway. When Boron told Conrad and Short he was recording, Conrad allegedly told Boron he was committing a felony and promptly ended the conversation.
For a 13-year-old, this is a huge problem. This places his recording of his conversation with school officials on the same level as aggravated assault and stalking. It comes with a minimum prison sentence of one year. more
Murray's Surreptitious Workplace Recording — and what to do about it
Air-Gapped Computers to be Ticked-off via USB Tick-Sticks
A cyber-espionage group is targeting a specific type of secure USB drive created by a South Korean defence company in a bid to gain access to its air-gapped networks.
According to a blog post by researchers at Palo Alto Networks, this attack was carried out by a group called Tick which carries out cyber-espionage activities targeting organisations in Japan and Korea.
Researchers said that weaponisation of a secure USB drive is an uncommon attack technique and likely done in an effort to spread to air-gapped systems, these networks are normally not connected to the internet. more
Murray's USB Stick Warnings
According to a blog post by researchers at Palo Alto Networks, this attack was carried out by a group called Tick which carries out cyber-espionage activities targeting organisations in Japan and Korea.
Researchers said that weaponisation of a secure USB drive is an uncommon attack technique and likely done in an effort to spread to air-gapped systems, these networks are normally not connected to the internet. more
Murray's USB Stick Warnings
A $5 Million Surveillance Car
A Cyprus-based surveillance company claims to have built a car full of next-generation snooping kit that can infect Apple and Google phones from as far away as 500 metres. WiSpear, founded by one of Israel’s longtime surveillance market players Tal Dilian, is selling the car for between $3.5 million and $5 million and claims it has plenty of interest already. It’s also inspired concern from the privacy community.
The SpearHead 360 vehicle uses 24 antennas to reach out to target devices. Once a phone has been chosen, the WiSpear automobile has four different ways to force a phone to connect to its Wi-Fi-based interceptors from where it can start snooping on devices (using what are known as man-in-the-middle attacks). Then there are four different kinds of malware for various operating systems, including Apple’s iOS or Google’s Android devices, according to Dilian.
WiSpear showed off the van at the ISS World and Eurosatory conferences this month. As seen in the video, police can splurge on a drone and a backpack to go inside the car for even more mobile surveillance. Both can be used to carry out the same attacks, according to Dilian, who noted a single backpack can cost as much as $1.2 million. “This takes customers from detection all the way to full interception,” he told Forbes. “I think it’s a game changer.” more
The SpearHead 360 vehicle uses 24 antennas to reach out to target devices. Once a phone has been chosen, the WiSpear automobile has four different ways to force a phone to connect to its Wi-Fi-based interceptors from where it can start snooping on devices (using what are known as man-in-the-middle attacks). Then there are four different kinds of malware for various operating systems, including Apple’s iOS or Google’s Android devices, according to Dilian.
WiSpear showed off the van at the ISS World and Eurosatory conferences this month. As seen in the video, police can splurge on a drone and a backpack to go inside the car for even more mobile surveillance. Both can be used to carry out the same attacks, according to Dilian, who noted a single backpack can cost as much as $1.2 million. “This takes customers from detection all the way to full interception,” he told Forbes. “I think it’s a game changer.” more
Subscribe to:
Posts (Atom)