~Christopher Falkenberg, president of security consulting firm Insite Risk Management and former U.S. Secret Service special agent discussing the ease of hotel room spycam bugging...
"Assuming someone has access to the room before and after the customer uses it, I think it’s quite easy because there are many devices available to the public that can be inserted into a room and retrieved after. It’s not high-speed stuff, and it’s not hard to get." more
Friday, July 6, 2018
Israeli Cyber Warfare Firm Employee Caught Selling Eavesdropping Software...
...which is why we say there is no such thing as a secure 'back door'.
Israel’s cyber warfare giant, NSO’s former employee stole company’s ‘Pegasus’ eavesdropping program software and tried to sell it on the ‘dark web’.
The Pegasus is a classified security tool that can eavesdrop on any person in the world without their knowledge, Globes reported Friday.
The accused is believed to have stolen NSO products and the program worth hundreds of millions of dollars. An indictment filed against the employee last week charged him with security offenses, in addition to theft from his employer. more
Israel’s cyber warfare giant, NSO’s former employee stole company’s ‘Pegasus’ eavesdropping program software and tried to sell it on the ‘dark web’.
The Pegasus is a classified security tool that can eavesdrop on any person in the world without their knowledge, Globes reported Friday.
The accused is believed to have stolen NSO products and the program worth hundreds of millions of dollars. An indictment filed against the employee last week charged him with security offenses, in addition to theft from his employer. more
What is Dumber than Spycaming a Police Station Restroom?
Not much. Give this dude a double Darwin!
A 28-year-old clerk has been accused of secretly recording other employees inside a restroom at the Long Beach Police Department’s headquarters, authorities said.
Sergio Nieto of Downey was arrested late last month after he allegedly photographed and videotaped people inside a restroom at the department’s downtown offices...
Infographic - Countries Where Private Security Outnumber Police
Whether they're patrolling shopping malls, conducting screening at airports or protecting VIPs, private security guards have become an increasingly common sight across the world.
In many countries, they are armed with handguns and even dress in uniforms similar to the police.
The sector has experienced huge growth in recent years and today there are an estimated 20 million private security workers worldwide while the industry is worth approximately $180 billion. That is expected to grow even further to $240 billion by 2020, greater than the GDP of 100 countries including Portugal, Romania and Hungary.
According to research conducted by The Guardian, half of the planet's population lives in countries where there are more private security workers than police officers. more
It is likely these are very conservative statistics, as they don't include security specialists, like: professional security consultants, Technical Surveillance Countermeasures (TSCM) specialists, private investigators, computer security specialists, and people working in the alarm and video surveillance sectors. ~Kevin
In many countries, they are armed with handguns and even dress in uniforms similar to the police.
The sector has experienced huge growth in recent years and today there are an estimated 20 million private security workers worldwide while the industry is worth approximately $180 billion. That is expected to grow even further to $240 billion by 2020, greater than the GDP of 100 countries including Portugal, Romania and Hungary.
According to research conducted by The Guardian, half of the planet's population lives in countries where there are more private security workers than police officers. more
Click to enlarge. |
The Spy Who Dumped Me
Looks like a fun spy movie.
In theaters August 3, 2018.
In theaters August 3, 2018.
Wednesday, July 4, 2018
Without Spies There May Have Been No 'Fourth of July'
By Nina Strochlic, for National Geographic magazine.
In 1777, the American colonies were badly losing their fight for independence from Great Britain. The British Army had captured New York City’s crucial port. Expecting further advances, the Continental Congress was evacuated from Philadelphia. It seemed that the war was lost.
Then George Washington, then Commander-in-Chief of the Continental Army, wrote a letter that changed the course of the war.
Washington was desperate to discover what was happening inside New York, but military scouts couldn’t get close enough. The general needed someone to penetrate enemy lines, but when he asked for volunteers, few of his troops raised their hands.
“Spying wasn’t seen as gentlemanly,” says Vince Houghton, resident historian at the International Spy Museum in Washington, D.C.
Finally, a young army captain named Nathan Hale volunteered for the dangerous assignment. He was caught a week later and hanged, the first known American spy to be executed on the job. (He’s memorialized with a statue outside CIA headquarters.)
Washington realized that the mission was too big for untrained volunteers, so he set about building an espionage organization.
Washington was desperate to discover what was happening inside New York, but military scouts couldn’t get close enough. The general needed someone to penetrate enemy lines, but when he asked for volunteers, few of his troops raised their hands.
“Spying wasn’t seen as gentlemanly,” says Vince Houghton, resident historian at the International Spy Museum in Washington, D.C.
Finally, a young army captain named Nathan Hale volunteered for the dangerous assignment. He was caught a week later and hanged, the first known American spy to be executed on the job. (He’s memorialized with a statue outside CIA headquarters.)
Washington realized that the mission was too big for untrained volunteers, so he set about building an espionage organization.
John Jay, later the first Chief Justice of the Supreme Court, had been running counterintelligence as head of the New York State Committee and Commission for Detecting and Defeating Conspiracies. One of Jay’s operatives, a merchant named Nathaniel Sackett, had experience in secret writing and codes.
In February 1777, Washington wrote a letter to Sackett in which he offered him $50 a month—out of his own pocket—to establish the first formal apparatus for the “advantage of obtaining the earliest and best Intelligence of the designs of the Enemy.” “Without the organization that Sackett set up, it would have been very difficult for us to win the war,” says Houghton. “We had a ragtag army and [the British] had the greatest army, greatest navy, and greatest economy in the world. We had no real business winning this war.”
But America’s spy service got off to an inglorious start. Most of Sackett’s agents failed at their jobs—including Sackett himself, who was fired after just six months.
Fortunately for the infant nation, Sackett’s replacement, 26-year-old Benjamin Tallmadge, created what is considered one of America’s greatest espionage operations: the Culper Spy Ring. Comprised of childhood friends from Long Island, the group included a shop owner inside New York City who gathered information, a traveling trader who smuggled it out of the city, and a whale boat captain who delivered it to Washington’s camp.
Employing the tools and tricks of the 18th-century spy trade—hiding secret messages in hollow feather quills, using “dead drops” to transport letters—the Culper operatives unmasked enemy spies, busted a money counterfeiting plan, and stopped the British from sabotaging a French aid mission to the colonies.
After important letters were lost during an enemy raid, Tallmadge invented a “numerical dictionary” code that matched 763 cities, names, and words to numbers. (Washington’s code name was Agent 711.) Washington also asked physician James Jay (brother to John) to invent an invisible ink that could be revealed only with another chemical and would “relieve the fears of such persons as may be entrusted in its conveyance.”
Washington’s espionage experiment paid off. In 1781 the British surrendered, thanks in part to the intelligence gathered by the Culper Ring and their networks. “Washington didn’t really out-fight the British. He simply out-spied us,” a British intelligence officer allegedly said after the war.
None of the Culper spies were ever caught, and even Washington himself never learned exactly who was in the group. The ring’s very existence wasn’t discovered until the 1900s, and to this day no one knows for certain how many members it had.
After the war Washington asked Congress to reimburse him $17,000—nearly half a million dollars today—for his espionage expenses. The lawmakers obliged.
Tuesday, July 3, 2018
Washington Policymakers Bluster About High-Tech Foreign Surveillance (again)
Washington policymakers are growing increasingly worried about the
threat of high-tech foreign surveillance, a development complicated by
U.S. spy agencies' use of similar technologies.
Lawmakers are stepping up their demands for more information from the Trump administration about foreign efforts to spy on Americans' cellphones. more
Lawmakers are stepping up their demands for more information from the Trump administration about foreign efforts to spy on Americans' cellphones. more
Facebook Promises Not to Use Tech in Phone Eavesdropping Patent
In an attempt to assuage concerns raised by Facebook's filing for a patent for software that could turn the mics of smartphones on in order to record secret messages in TV ads, the social networking giant has ruled out using the technology in any of its products.
The patent had been filed "to prevent aggression from other companies," Facebook Vice President and Deputy General Counsel Allen Lo told Engadget in a statement this week. The technology in this patent has not been included in any of Facebook's products, "and never will be", Lo said. more
The patent had been filed "to prevent aggression from other companies," Facebook Vice President and Deputy General Counsel Allen Lo told Engadget in a statement this week. The technology in this patent has not been included in any of Facebook's products, "and never will be", Lo said. more
No Formal Process for Protecting a Trade Secret in Canada ?!?!
Canada - At the annual Uniform Law Conference of Canada in 1989, there was proposed legislation drafted that was called the Uniform Trade Secrets Act.
It provided for potential civil remedies against anyone who acquired a trade secret improperly, including through commercial espionage or electronic means. Courts could grant injunctions, award damages and determine who could make future use of the trade secret.
The proposed legislation was put forward one year after the Supreme Court of Canada issued its ruling in R. v. Stewart on the issue of whether “confidential information” can be the subject of theft under the Criminal Code. The court, in a unanimous decision, concluded that it could not, since confidential information on its own is not property...
Three decades later, there are still no criminal offences specific to this area and the Uniform Trade Secrets Act was never enacted into law by any province. In fact, the current website of the federal Canadian Intellectual Property Office states flatly that there is “no formal process” for protecting a trade secret. more
Meanwhile... Australia has passed new laws to get tough on spying. more
It provided for potential civil remedies against anyone who acquired a trade secret improperly, including through commercial espionage or electronic means. Courts could grant injunctions, award damages and determine who could make future use of the trade secret.
The proposed legislation was put forward one year after the Supreme Court of Canada issued its ruling in R. v. Stewart on the issue of whether “confidential information” can be the subject of theft under the Criminal Code. The court, in a unanimous decision, concluded that it could not, since confidential information on its own is not property...
Three decades later, there are still no criminal offences specific to this area and the Uniform Trade Secrets Act was never enacted into law by any province. In fact, the current website of the federal Canadian Intellectual Property Office states flatly that there is “no formal process” for protecting a trade secret. more
Meanwhile... Australia has passed new laws to get tough on spying. more
Monday, July 2, 2018
Sign Up - Hackers On Planet Earth (H.O.P.E.) - 3 Days & Nights in NYC
The Circle of HOPE will take place on July 20, 21, and 22, 2018 at the Hotel Pennsylvania in New York City. H.O.P.E. stands for Hackers On Planet Earth, one of the most creative and diverse hacker events in the world. It's been happening since 1994.
Three full days and nights of activities, including more of the provocative and enlightening speakers that the HOPE conferences are known for. In addition, they will have access to a massive amount of space to put together all sorts of hacker projects and assorted fun stuff.
In the past they've had huge hackerspace villages, film festivals, Segway rides, lock picking villages, a wide variety of vendors, art installations, live video, vintage computers, robots, an amateur/ham radio station, electronics workshops, book signings, and the country's biggest supply of Club-Mate.
All of that happening right in the middle of New York City, across the street from Penn Station and down the block from the Empire State Building. more
Be sure to check out the amazing list of speakers and topics!
Three full days and nights of activities, including more of the provocative and enlightening speakers that the HOPE conferences are known for. In addition, they will have access to a massive amount of space to put together all sorts of hacker projects and assorted fun stuff.
In the past they've had huge hackerspace villages, film festivals, Segway rides, lock picking villages, a wide variety of vendors, art installations, live video, vintage computers, robots, an amateur/ham radio station, electronics workshops, book signings, and the country's biggest supply of Club-Mate.
All of that happening right in the middle of New York City, across the street from Penn Station and down the block from the Empire State Building. more
Be sure to check out the amazing list of speakers and topics!
Ah, Gee. Not LTE.
Vulnerabilities have been discovered in LTE that would make it possible for an attacker to tap into 4G networks for the purposes of spying on and hijacking 4G browsing sessions.
Security researchers from Ruhr-Universität, Bochum and New York University, Abu Dhabi show how three different attacks can be launched on the second layer of LTE -- also known as the data link layer. Two passive attacks allow for identity mapping and website fingerprinting, while the active cryptographic aLTEr attack allows for DNS spoofing and network connection redirection.
The researchers, David Rupprecht, Katharina Kohls, Thorsten Holz, and Christina Pöpper, are due to share their findings at the 2019 IEEE Symposium on Security & Privacy next year, but has published a paper in the meantime. Their findings mean that all three protocol layers of LTE (physical, data link, and network) have been found to be problematic.
Current 4G networks are vulnerable, and it is thought that 5G networks could be as well. In the name of responsible disclosure, the group informed the likes of the GSM Association (GSMA), the 3rd Generation Partnership Project (3GPP), and telephone companies of its findings. more
Security researchers from Ruhr-Universität, Bochum and New York University, Abu Dhabi show how three different attacks can be launched on the second layer of LTE -- also known as the data link layer. Two passive attacks allow for identity mapping and website fingerprinting, while the active cryptographic aLTEr attack allows for DNS spoofing and network connection redirection.
The researchers, David Rupprecht, Katharina Kohls, Thorsten Holz, and Christina Pöpper, are due to share their findings at the 2019 IEEE Symposium on Security & Privacy next year, but has published a paper in the meantime. Their findings mean that all three protocol layers of LTE (physical, data link, and network) have been found to be problematic.
Current 4G networks are vulnerable, and it is thought that 5G networks could be as well. In the name of responsible disclosure, the group informed the likes of the GSM Association (GSMA), the 3rd Generation Partnership Project (3GPP), and telephone companies of its findings. more
Whataburger - Toilet Spycam - 13 Unidentified Victims
TX - The man accused of placing a video camera in the restroom of a Whataburger restaurant has now been arrested, according to Abilene police...
Abilene police released footage of the suspect placing the camera inside a bathroom stall.
Last Friday, a woman called police after finding the device inside the toilet lid at a south Abilene Whataburger.
A woman, who said she wishes to remain anonymous, told KTAB/KRBC that when she went to the restroom, she flushed the toilet and noticed an unusual small circle under the rim of the toilet lid. She said she looked closer and found what appeared to be a camera lens. The woman said she then followed the camera to 'a bunch of wires connected to the device' under the lid of the tank.
The woman said she then ripped the device out of the tank and and ran to her car where she called police...
Whataburger said it had launched its own investigation... more
Abilene police are seeking information about potential victims from last week's Whataburger video voyeur case.
Police said 13 unidentified victims need to be identified.
Anyone who was at Whataburger at 4241 South 1st Street on Friday, June 22 between 8:50 a.m. and 1:18 p.m. and used the women's restroom as asked to call police at 325-676-6610. more
Abilene police released footage of the suspect placing the camera inside a bathroom stall.
Last Friday, a woman called police after finding the device inside the toilet lid at a south Abilene Whataburger.
A woman, who said she wishes to remain anonymous, told KTAB/KRBC that when she went to the restroom, she flushed the toilet and noticed an unusual small circle under the rim of the toilet lid. She said she looked closer and found what appeared to be a camera lens. The woman said she then followed the camera to 'a bunch of wires connected to the device' under the lid of the tank.
The woman said she then ripped the device out of the tank and and ran to her car where she called police...
Whataburger said it had launched its own investigation... more
Abilene police are seeking information about potential victims from last week's Whataburger video voyeur case.
Police said 13 unidentified victims need to be identified.
Anyone who was at Whataburger at 4241 South 1st Street on Friday, June 22 between 8:50 a.m. and 1:18 p.m. and used the women's restroom as asked to call police at 325-676-6610. more
Sunday, July 1, 2018
Could Your Smartphone Battery Spy on You? (unlikely, but...)
Most batteries in today’s smartphone are intelligent enough to detect how people use their phones and employ power-saving technologies that result in longer battery life. That advantage sounds excellent all around, but...
The researchers who authored a paper [PDF] on the subject of smartphone batteries capable of spying on people pointed out that this hack would be quick to implement and difficult to detect. They say smartphone owners may even participate in helping the hacks happen by installing malicious batteries themselves.
It could happen in a scenario where a hacker sets up an online store and entices users with promises of extra-long battery life and low prices, sends a purchaser the battery and waits for it to become installed in the phone to begin the tracking segment of the hack.
Plus, the battery could be capable of continuous monitoring, giving hackers the opportunity to see almost all the things the targets do with their phones, whether that’s browsing the internet, typing on the phone’s keyboard or receiving calls. more
A bug made to look like a cell phone battery...
The researchers who authored a paper [PDF] on the subject of smartphone batteries capable of spying on people pointed out that this hack would be quick to implement and difficult to detect. They say smartphone owners may even participate in helping the hacks happen by installing malicious batteries themselves.
It could happen in a scenario where a hacker sets up an online store and entices users with promises of extra-long battery life and low prices, sends a purchaser the battery and waits for it to become installed in the phone to begin the tracking segment of the hack.
Plus, the battery could be capable of continuous monitoring, giving hackers the opportunity to see almost all the things the targets do with their phones, whether that’s browsing the internet, typing on the phone’s keyboard or receiving calls. more
A bug made to look like a cell phone battery...
The Search Engine That Didn't Snitch... and other disasters
Hey gang, it's almost Independence Day here in America. Yup, July 4th is just around the corner.
Fireworks are in America's bloodstream... but, did you know your on-line curiosity could get you in trouble with the terrorist chasers? Your fireworks search engine inquires might start popping red flags...
"Ludlow Kissel and the Dago Bomb That Struck Back"
"What is a Dago Bomb?"
"How can I build a Dago Bomb?"
"Dago Bomb ingredients"
"What was blown up by the Dago Bomb?"
(Knock, Knock)
"We're from Homeland Security..."
"Excelsior, you fathead!" Next time, don't use a search engine that captures your IP address. Search privately. Go to https://www.ixquick.com
ixquick is the only search engine which gives you anonymity.
Oh, and Ludlow... he had his 15 minutes of fame... about 2:17 into this Great American Fourth of July video. ~Kevin
UPDATE - NEW URL. Startpage.com in
Fireworks are in America's bloodstream... but, did you know your on-line curiosity could get you in trouble with the terrorist chasers? Your fireworks search engine inquires might start popping red flags...
"Ludlow Kissel and the Dago Bomb That Struck Back"
"What is a Dago Bomb?"
"How can I build a Dago Bomb?"
"Dago Bomb ingredients"
"What was blown up by the Dago Bomb?"
(Knock, Knock)
"We're from Homeland Security..."
"Excelsior, you fathead!" Next time, don't use a search engine that captures your IP address. Search privately. Go to https://www.ixquick.com
ixquick is the only search engine which gives you anonymity.
Oh, and Ludlow... he had his 15 minutes of fame... about 2:17 into this Great American Fourth of July video. ~Kevin
UPDATE - NEW URL. Startpage.com in
Friday, June 29, 2018
Corporate Espionage Heats Up as “Made in China 2025” Nears
Corporate espionage is an extremely serious charge in the American technology market. There have been several prominent occasions in which AMD and Intel or AMD and Nvidia have cooperated when an employee was suspected to have engaged in IP theft, precisely because the consequences of bringing a product to market that’s tainted by another company’s IP rights could be so catastrophic.
But in China, there’s a very different system in place — and the way this has played out could be driving China’s investigation of Micron and Samsung’s DRAM pricing.
Here’s what we know. Micron alleges that the United Microelectronics Corporation (UMC), a Taiwanese foundry, cooperated with Fujian Jinhua Integrated Circuit Company to steal Micron secrets.
Jinhua may have been attempting to steal secrets from Micron in a manner similar to that used by the Yangtze Memory Technology Company, or YMTC, which is now building chips that the New York Times reports look suspiciously like Samsung devices.
The Chinese companies are collectively under tremendous pressure to deliver on an initiative China calls “Made in China 2025.”
Made in China 2025 is a comprehensive Chinese effort to increase domestic production of core materials by up to 40 percent by 2020 and 70 percent in 2025.
The impact this would have on existing semiconductor manufacturing can only be described as seismic. more
Important... Made in China 2025 should be a red flag to ALL businesses in the U.S.
Make sure you understand the impact of this initiative. Make sure you get a competent Technical Information Security Consultant on your team, soon. There won't be enough to go around once the penny drops.
But in China, there’s a very different system in place — and the way this has played out could be driving China’s investigation of Micron and Samsung’s DRAM pricing.
Here’s what we know. Micron alleges that the United Microelectronics Corporation (UMC), a Taiwanese foundry, cooperated with Fujian Jinhua Integrated Circuit Company to steal Micron secrets.
Jinhua may have been attempting to steal secrets from Micron in a manner similar to that used by the Yangtze Memory Technology Company, or YMTC, which is now building chips that the New York Times reports look suspiciously like Samsung devices.
The Chinese companies are collectively under tremendous pressure to deliver on an initiative China calls “Made in China 2025.”
Made in China 2025 is a comprehensive Chinese effort to increase domestic production of core materials by up to 40 percent by 2020 and 70 percent in 2025.
The impact this would have on existing semiconductor manufacturing can only be described as seismic. more
Important... Made in China 2025 should be a red flag to ALL businesses in the U.S.
Make sure you understand the impact of this initiative. Make sure you get a competent Technical Information Security Consultant on your team, soon. There won't be enough to go around once the penny drops.
Subscribe to:
Posts (Atom)