Friday, December 30, 2022
Turning Google Smart Speakers into Wiretaps
I (@downrightnifty4874) was recently rewarded a total of $107,500 by Google for responsibly disclosing security issues in the Google Home smart speaker that allowed an attacker within wireless proximity to install a “backdoor” account on the device, enabling them to send commands to it remotely over the Internet, access its microphone feed, and make arbitrary HTTP requests within the victim’s LAN (which could potentially expose the Wi-Fi password or provide the attacker direct access to the victim’s other devices). These issues have since been fixed. more video
The Lasers are Coming - Killer Eyeglasses & Drones
For years, movies have teased us with the possibilities of augmented reality (AR) and mixed reality (MR), from Minority Report to Iron Man. But unlike robotic insects and flying suits, AR and MR smart glasses are much closer to reality for everyday consumers. One of the major barriers has been consumers’ desire for lightweight smart glasses that resemble standard eyeglasses and can be worn all day, every day. Compact, chic designs require projection technology and batteries that are as small and power-efficient as possible, which has been difficult to achieve. The internet hype that AR glasses are just around the corner has given into the reality that there are a number of large problems to solve before mass deployment in the consumer space can begin. more
---
Aerial drones are essentially the new improvised explosive devices (IEDs)—they’re relatively cheap and easily weaponized. Weaponized swarms of drones working together on a mission are an asymmetric threat that can quickly turn into an ugly situation. In the future, drones are expected to become faster, more autonomous, more difficult to detect or jam, and deadlier, with more sophisticated swarm attacks.
An arms race of sorts is quietly underway to be able to counter any countermeasures against drones. So the U.S. military is adopting a multilayered counter-drone approach to deal primarily with small drones (classified as Groups 1 and 2)—including commercial ones you can easily buy online and ones with fixed wings that look like tiny airplanes. Pinpoint accuracy at the speed of light makes high-energy lasers, a form of directed energy, one of the most promising options. more
Monday, December 26, 2022
FutureWatch: More Progress on the Electronic Dog Nose - TSCM Potential
Recap #1: Device can detect distress signals from plants that are harmed, under attack It turns out the best way to hear a plant scream is to smell it. (10/17/2008) more
Recap #2: Specially trained dogs have been used to sniff out covert electronic items, like cell phones in prisons, for quite a while now. The secret to detection is the device's electronic circuit boards. They contain these compounds: triphenylphosphine oxide (TPPO) and hydroxycyclohexyl phenyl ketone (HPK). This second compound is also found on CDs, DVDs, Blu-Rays, the old tech floppy disks. (5/18/2021) more
FutureWatch: Technical Surveillance Countermeasures (TSCM) professionals have many types of technologies at their disposal for detecting illegal electronic surveillance devices. To name a few... Non-Linear Junction Detection, Infrared Thermography, and Radio-frequency Spectrum Analysis. We are now well on our way to adding EDN to our kit.
Recap #2: Specially trained dogs have been used to sniff out covert electronic items, like cell phones in prisons, for quite a while now. The secret to detection is the device's electronic circuit boards. They contain these compounds: triphenylphosphine oxide (TPPO) and hydroxycyclohexyl phenyl ketone (HPK). This second compound is also found on CDs, DVDs, Blu-Rays, the old tech floppy disks. (5/18/2021) more
The latest development:
Researchers use biomimicry to enhance particle detection 16-fold by sniffing like dogs. more
Researchers use biomimicry to enhance particle detection 16-fold by sniffing like dogs. more
FutureWatch: Technical Surveillance Countermeasures (TSCM) professionals have many types of technologies at their disposal for detecting illegal electronic surveillance devices. To name a few... Non-Linear Junction Detection, Infrared Thermography, and Radio-frequency Spectrum Analysis. We are now well on our way to adding EDN to our kit.
Friday, December 23, 2022
Eavesdropping & Anti-Eavesdropping Apps
Two new apps to be aware of…
The iEavesdrop app redirects internal microphone, external wired microphone or line input input audio to any Bluetooth audio device such as AirPods so that you can use your phone as a stealth listening device.Using the correct line input cables, audio from any device such as an external microphone, in-flight entertainment or portable gaming device can be routed to your AirPods or other Bluetooth device. iEavesdrop will work with all iOS devices.
THIS APP CAN ALSO BE USED FOR MANY OTHER PURPOSES SUCH AS A BABY MONITOR, HEARING AID OR ANY OTHER APPLICATION THAT REQUIRES YOU TO LISTEN IN OR ROUTE MICROPHONE AUDIO TO A BLUETOOTH DEVICE.
(iOS)
———
(ANDROID)
About this app...
Ever thought someone might eavesdrop through your smart phone? Skewy is a privacy protection method, which is more than just a software setting. With Skewy you can mask your conversation with a simple – yet effective method. Simply making the audio data picked up by your phone unusable. Additionally, Skewy can detect ultrasonic signals to indicate the presence of device tracking technologies.
Thursday, December 22, 2022
Last Minute Xmas Gift for Your TSCM Nerd
Most of these T-shirts are available on amazon.com
Sunday, December 18, 2022
Reno 911: Mayor Finds GPS Tracker on Her Car – Sues PI
Reno mayor Hillary Schieve is suing a private investigator and his company after finding a device attached to her vehicle that was capable of tracking its real-time location.
The lawsuit alleges that the investigator trespassed onto her property to install the device without her consent. It says Schieve was unaware until a mechanic noticed it while working on her vehicle.
The complaint says, further, that the investigator was working on behalf of an “unidentified third party” whose identity she has not been able to ascertain...
There was no immediate response to a request for comment emailed Friday by The Associated Press to David McNeely, the investigator alleged to have placed the tracking device, and 5 Alpha Industries, the company... She brought it to police in neighboring Sparks, and they were able to determine that it had been purchased by McNeely. more
Do-it-Yourself Vehicle GPS Tracker Detection
The lawsuit alleges that the investigator trespassed onto her property to install the device without her consent. It says Schieve was unaware until a mechanic noticed it while working on her vehicle.
The complaint says, further, that the investigator was working on behalf of an “unidentified third party” whose identity she has not been able to ascertain...
There was no immediate response to a request for comment emailed Friday by The Associated Press to David McNeely, the investigator alleged to have placed the tracking device, and 5 Alpha Industries, the company... She brought it to police in neighboring Sparks, and they were able to determine that it had been purchased by McNeely. more
Do-it-Yourself Vehicle GPS Tracker Detection
Students Analyze, Hack, Remove Under-Desk Surveillance Devices
Northeastern University - In October, the university quietly introduced heat sensors under desk without notifying students or seeking their consent. Students removed the devices, hacked them, and were able to force the university to stop its surveillance.
Early in October, Senior Vice Provost David Luzzi installed motion sensors under all the desks at the school's Interdisciplinary Science & Engineering Complex (ISEC), a facility used by graduate students and home to the "Cybersecurity and Privacy Institute" which studies surveillance. These sensors were installed at night—without student knowledge or consent—and when pressed for an explanation, students were told this was part of a study on “desk usage," according to a blog post by Max von Hippel, a Privacy Institute PhD candidate who wrote about the situation for the Tech Workers Coalition’s newsletter.
Early in October, Senior Vice Provost David Luzzi installed motion sensors under all the desks at the school's Interdisciplinary Science & Engineering Complex (ISEC), a facility used by graduate students and home to the "Cybersecurity and Privacy Institute" which studies surveillance. These sensors were installed at night—without student knowledge or consent—and when pressed for an explanation, students were told this was part of a study on “desk usage," according to a blog post by Max von Hippel, a Privacy Institute PhD candidate who wrote about the situation for the Tech Workers Coalition’s newsletter.
More sensors were removed afterwards and put into a "public art piece" in the building lobby spelling out NO! more
Timothy Webster, Pinkerton Spy for the Union Army
In Chicago’s Graceland Cemetery, there is a headstone bearing the name, “Timothy Webster,” but the grave is empty.
The headstone in the Chicago cemetery is actually a memorial, part of the Pinkerton National Detective Agency’s burial plot for its deceased agents.
Webster is actually buried beneath a simple white marble stone in the township cemetery at Onarga, an Iroquois County village some 90 miles south of Chicago.
The headstone in the Chicago cemetery is actually a memorial, part of the Pinkerton National Detective Agency’s burial plot for its deceased agents.
Timothy Webster died at the age of 40 in Richmond, Virginia, where he was hanged as a Union spy on April 29, 1862, by the Confederate government. He was the first spy executed by the Confederates during the Civil War. more
Twit Gets 3 1/2-Year Term on Spying for Saudis
A former Twitter Inc manager convicted of spying for Saudi Arabia by sharing user data several years ago and potentially exposing users to persecution was sentenced to 3-1/2 years in prison on Wednesday, U.S. prosecutors said. more
Can You Solve the GCHQ Christmas Card Challenge?
Today we've released the 2022 #GCHQChristmasChallenge. The puzzle, masterminded by a team of our in-house puzzlers, features on our Director's annual Christmas card.
The card is sent to partners in the UK and around the world who work with us to counter threats, including hostile state activity, terror groups and organised crime gangs.
Whilst the Challenge has been designed for schools and colleges, we're also encouraging the wider public to take on the challenge to pit their wits against our puzzlers. more video And, of course, count on the Security Scrapbook to provide the solution.
Whilst the Challenge has been designed for schools and colleges, we're also encouraging the wider public to take on the challenge to pit their wits against our puzzlers. more video And, of course, count on the Security Scrapbook to provide the solution.
Former Criminal Justice Professor Bugged Ex's Car
A former Iowa Wesleyan University criminal justice professor accused of stalking his ex-wife has been sentenced...charged with stalking and electronic or mechanical eavesdropping...
According to criminal complaints, Buffington is accused of placing a recording device on his ex-wife’s car, which recorded conversations within the vehicle.
Police said Buffington took his two daughters to his office at Iowa Wesleyan and played the recordings for them. Later, one of Buffington’s daughters obtained the recording device and a zip drive and gave them to law enforcement. That daughter told police she found it in Buffington’s bedroom nightstand...
Buffington also is accused of placing nails in the tires of his ex-wife’s car and admitting to her that he tracked her via OnStar. more
According to criminal complaints, Buffington is accused of placing a recording device on his ex-wife’s car, which recorded conversations within the vehicle.
Police said Buffington took his two daughters to his office at Iowa Wesleyan and played the recordings for them. Later, one of Buffington’s daughters obtained the recording device and a zip drive and gave them to law enforcement. That daughter told police she found it in Buffington’s bedroom nightstand...
Buffington also is accused of placing nails in the tires of his ex-wife’s car and admitting to her that he tracked her via OnStar. more
How to find GPS trackers and Bugs in your vehicle.
The National Cryptologic Museum is Open Again - Revamped - With New Spy Stuff
Vince Houghton (the new director of the National Security Agency's National Cryptologic Museum) and his team unveiled what they'd been working on during the COVID 19 pandemic: a complete overhaul of the aging, 1990s-era museum in Fort Meade, Md...
"These are artifacts that have never been on display before to the public at all," Houghton noted...
Until recently, historians believed many of the artifacts on display at the Cryptologic Museum were lost to history. For Houghton, unearthing old and unique pieces of cryptologic history has been an exceptionally satisfying part of his mission.
That's because the NSA maintains a large warehouse where employees have kept highly classified objects in the hopes that one day those stories could be told. Houghton compared the warehouse, where he and his colleagues spent hours before opening the museum, as "the end of Raiders of the Lost Ark," the 1981 Indiana Jones movie ending in a giant room full of treasure.
"It's floor to ceiling crates that are deteriorating, because they were sent back there in 1945," Houghton said. "To me it was like every day was Christmas, because I'm such a nerd about this stuff." more
"These are artifacts that have never been on display before to the public at all," Houghton noted...
Until recently, historians believed many of the artifacts on display at the Cryptologic Museum were lost to history. For Houghton, unearthing old and unique pieces of cryptologic history has been an exceptionally satisfying part of his mission.
That's because the NSA maintains a large warehouse where employees have kept highly classified objects in the hopes that one day those stories could be told. Houghton compared the warehouse, where he and his colleagues spent hours before opening the museum, as "the end of Raiders of the Lost Ark," the 1981 Indiana Jones movie ending in a giant room full of treasure.
"It's floor to ceiling crates that are deteriorating, because they were sent back there in 1945," Houghton said. "To me it was like every day was Christmas, because I'm such a nerd about this stuff." more
Wednesday, December 7, 2022
Weird Science: Hacker Hacks Home Cam Then Reports it to Authorities
A former Davenport West High School science teacher has been found guilty of secretly recording people in various stages of undress in his Bettendorf home.
Clinton R. Vanfossen, 61, will be sentenced Jan. 5 on five counts of invasion of privacy, one count each of preventing apprehension and obstructing justice and electronic or mechanical eavesdropping...
District Court Judge Meghan Corbin filed a written ruling Monday. According to Corbin’s written ruling:
Bettendorf police received a tip from the National Center for Missing and Exploited Children.
According to the tip, a computer hacker in France hacked into the cameras of a home in Bettendorf and reported what he believed were people being unknowingly filmed in intimate moments.
Officers went to the location of the reported cameras, which were in Vanfossen’s Bettendorf home.
Officers searched the home and found two purported smoke detectors that appeared to contain a camera. The first camera was found in the second-floor hallway and the second camera was found inside a family member’s bedroom. more
Clinton R. Vanfossen, 61, will be sentenced Jan. 5 on five counts of invasion of privacy, one count each of preventing apprehension and obstructing justice and electronic or mechanical eavesdropping...
District Court Judge Meghan Corbin filed a written ruling Monday. According to Corbin’s written ruling:
Bettendorf police received a tip from the National Center for Missing and Exploited Children.
According to the tip, a computer hacker in France hacked into the cameras of a home in Bettendorf and reported what he believed were people being unknowingly filmed in intimate moments.
Officers went to the location of the reported cameras, which were in Vanfossen’s Bettendorf home.
Officers searched the home and found two purported smoke detectors that appeared to contain a camera. The first camera was found in the second-floor hallway and the second camera was found inside a family member’s bedroom. more
Canada Awarded RCMP Contract to Firm with Ties to China
Canada - The federal government awarded a contract to provide and maintain RCMP communications equipment to a company with ties to the Chinese government, Radio-Canada has learned.
The contract has security experts raising concerns about potential Chinese access to RCMP communications and data.
On October 6, 2021, the federal government awarded Sinclair Technologies a contract worth $549,637 for a radio frequency (RF) filtering system. One of the system's purposes is to protect the RCMP's land-based radio communications from eavesdropping...
Conor Healy, a Canadian now based in Washington, said, "the risks include eavesdropping, collection of communications data and jamming or shutting down the radio communications system." more
The contract has security experts raising concerns about potential Chinese access to RCMP communications and data.
On October 6, 2021, the federal government awarded Sinclair Technologies a contract worth $549,637 for a radio frequency (RF) filtering system. One of the system's purposes is to protect the RCMP's land-based radio communications from eavesdropping...
Conor Healy, a Canadian now based in Washington, said, "the risks include eavesdropping, collection of communications data and jamming or shutting down the radio communications system." more
Subscribe to:
Posts (Atom)