Thursday, July 16, 2020

Is James Bond an Idol with Feet of Clay? — You decide.

James Bond has long been the most famous "secret agent" out there. Everyone knows James Bond, and it is rare to meet someone who hasn't seen at least one of the films.

Like with most films of that kind, there are a lot of issues with the character and story lines in general. Take for instance the fact that they call him a "secret agent" when he is in fact an Intelligence Officer. Add to that he doesn't have a line manager, he somehow reports directly to the head of MI-6.

Then there is the reality that a "license to kill" doesn't really exist. Despite these tiny issues with details, the films are actually quite good.

However, there are many reasons that James Bond truly is the worst spy ever, even if he is a fictional character. Here are the top 007 reasons:
  1. He carries a gun on airplanes
  2. He constantly destroys or loses his equipment
  3. He is always being captured and/or beaten up
  4. He never follows orders
  5. He travels under his own name
  6. He always draws attention to himself
  7. Everyone knows who he is 
To top it off they all know his 00 code number … His secret code number. The number of times an adversary uses 007 is absolutely astounding. This alone is enough to make James Bond the worst spy ever. more

Wednesday, July 15, 2020

Android: Camera Can Remain Active When Phone is Locked

Mozilla says it will fix the bug later this year, in October.

Mozilla says it's working on fixing a bug in Firefox for Android that keeps the smartphone camera active even after users have moved the browser in the background or the phone screen was locked.

The bug was first spotted and reported to Mozilla a year ago, in July 2019, by an employee of video delivery platform Appear TV.

The bug manifests when users chose to video stream from a website loaded in Firefox instead of a native app. more

Santa and Cuebiq Know if You've Been Naughty or Nice

After Memorial Day, as the United States began to reopen, coronavirus cases began to rise...

For the Fourth of July weekend, a new analysis of cell phone data suggests even more people hit the road among 10 coronavirus hotspots, despite warnings from health experts.

The analysis comes from data shared with CNN by Cuebiq, one of the private companies that the US Centers for Disease Control and Prevention uses to track general movement in the United States. 

Cuebiq gets its data when people download apps on their phones and opt into anonymous location data tracking. The company's full data set includes 15 million phones nationwide. more

The Atlas of Surveillance

Documenting Police Tech in Our Communities. 

Explore 5,300 datapoints in the U.S. collected by hundreds of researchers.

TOGGLE the Legend to reveal how each technology is spreading. ZOOM into any region to see the technologies in greater detail. If an area has no markers, it means it hasn't been researched yet.
Click to enlarge. Go to website to explore. Wired article here.

Monday, July 13, 2020

Google to Restrict Ads for Spycams and More

Google is set to announce a major overhaul of its ad policy starting next month.

In a blog post, Google has said that the changes specifically framed to put restrictions on advertisements promoting surveillance technologies that let people secretly spy on their intimate partners will be made into the Enabling Dishonest Behavior policy on August 11.

“The updated policy will prohibit the promotion of products or services that are marketed or targeted with the express purpose of tracking or monitoring another person or their activities without their authorization.”, the Alphabet-owned company said in its blog. Google said the updated policies will be applicable globally as soon as it will be brought into effect starting August 11. more

Tuesday, July 7, 2020

Digital Assistant Speakers Know More Than Just Their Names

As voice assistants like Google Assistant and Alexa increasingly make their way into internet of things devices, it’s becoming harder to track when audio recordings are sent to the cloud and who might gain access to them.

To spot transgressions, researchers at the University of Darmstadt, North Carolina State University, and the University of Paris Saclay developed LeakyPick, a platform that periodically probes microphone-equipped devices and monitors subsequent network traffic for patterns indicating audio transmission. 

They say LeakyPick identified “dozens” of words that accidentally trigger Amazon Echo speakers. more

More stories about Digital Assistant Speakers.

After B&E for Bugging Home Inmate Charged Again

NY - A Gansevoort inmate was arrested Friday following an altercation at the Saratoga County Jail.

Todd D. Derush, 39, of Wilton-Gansevoort Road, was charged with felony second-degree assault.

He was arrested on Jan. 30 for allegedly illegally entering an acquaintance’s home and hiding equipment to record conversations. The victim had an order of protection against him. He was charged with felony second-degree burglary, first-degree criminal contempt, eavesdropping, unlawful surveillance and misdemeanor possession of eavesdropping devices. more

New Spy Movie: My Grandfather The Spy

EXCLUSIVE: Dave Evans’ feature doc My Grandfather The Spy, which chronicles the director’s exploration of his own family’s long-buried secrets, has been boarded by SMP Distribution for international sales... It follows how director Evans uncovers that his grandfather Eric, seemingly a quiet unassuming shopkeeper, actually had a connection to Cold War espionage... Shooting took place in Bulgaria, England and Wales. SMP is now looking into festival screenings. more

Don't Click on Links Like This... but click on this one to learn why. (blahaha)

A subset of Three UK users have received an SMS message warning them about text message-based spam – complete with a shortlink and textual urgings to click it and learn more.

The definitely-not-smishing-honest message was received by Reg reader Chris, and he was not very chuffed with it. He told us:

"They send an unsolicited out-of-the-blue SMS which asks you to 'click' (not tap) on a link. When checked out in a sandboxed environment this goes to an insecure http-only page which warns of suspicious text messages and a video telling recipients not to tap on any links. Awesome!" more

The offending message is reproduced in all its glory below:

Privacy Advocates Alert: Make Orwell Fiction Again

Make Orwell Fiction Again https://amzn.to/2O591aq

Monday, July 6, 2020

America’s Cup Buffeted by Fraud and Spying Allegations

New Zealand’s plans to host the 2021 America’s Cup are in disarray amid allegations of fraud, spying and a government decision to suspend funding for the world’s most famous yachting event.

Grant Dalton, managing director of Team New Zealand, has denied claims of fraud and financial mismanagement. He said the team and organisers were the victims of spying and intentional reputational damage by people with questionable motives.

“It is a deliberate, sinister, and highly orchestrated attack which includes anonymous tip-offs, recordings and document leaks. ‘Informants’ orchestrate unfair accusations, bypassing normal processes, and going straight to external authorities,” he said.

Mr Dalton revealed this week the team had sacked a number of employees for leaking confidential information. He said his organisation had been infiltrated by spies. more

US Court Rules Facebook Widgets can be Considered Wiretaps

After a nine-year-long legal battle, a federal appeals court has ruled that Facebook’s practice of collecting data through its widgets could be considered a violation of anti-wiretapping laws.

The social media firm has long defended its actions by quoting the part of the federal Wiretap Act that defines wiretapping as interception of communications. According to a Gizmodo report, in Facebook’s logic, gathering user data isn’t the same as wiretapping without that active interception.

However, a panel of judges on the 9th Circuit Court of Appeals in the US has dismissed this technicality as it was found that the Facebook widget was collecting information from people who didn’t click on it. Such actions, they ruled, count as interception. more

How attackers hack mobile networks...

...and get access to free data, locations, wiretap calls and more.  
A fairly detailed and interesting article for the technically curious. more

TikTok - Times Up

This has been a week that TikTok—the Chinese viral video giant that has soared under lockdown—will want to put quickly behind it...

Whether India had always planned to announce its ban on TikTok, along with 58 other Chinese apps, on June 29, or was prompted by the viral response to the iOS security issue is not known. But, as things stand, TikTok has been pulled from the App Store and Play Store in India, its largest market, and has seen similar protests from users in other major markets around the world, including the U.S.

One of the more unusual groups campaigning against TikTok is the newly awakened Anonymous hactivist group... “Delete TikTok now,” the account tweeted, “if you know someone that is using it, explain to them that it is essentially malware operated by the Chinese government running a massive spying operation.more
Calls for Tik Tok to be banned in Australia over Chinese spying fears

Security Director Alert: Why Home Offices Also Need TSCM

Since the coronavirus hit the U.S. in full force in March, spam emails are up 6,000%. This data from the head of IBM’s X-Force Threat Intelligence, Wendi Whitmore... The surge is, in part, connected to the high numbers of people working from home...

Since the lockdowns began, cybersecurity experts began to worry that it would be easier for attackers to compromise security systems. The fear of the pandemic, financial stress, and other distractions at home turned workers into ripe targets for scammers, as stress lowers people’s guard to tactics like phishing.

In the case of workers using VPNs, some experts see them as the perfect way to get a bad actor into a company’s network, likening it to a hypodermic needle. All an attacker needs is a few employees to click on some malware, perhaps from an email or a fake resume and they could be in — and some cyber experts even speculated that attackers might target unsecured Wi-Fi networks. more