Tuesday, May 28, 2024

Chinese Language Phone Keyboard Exploits Leave One Billion Users Exposed

We analyzed the security of cloud-based pinyin keyboard apps from nine vendors — Baidu, Honor, Huawei, iFlytek, OPPO, Samsung, Tencent, Vivo, and Xiaomi — and examined their transmission of users’ keystrokes for vulnerabilities.

Our analysis revealed critical vulnerabilities in keyboard apps from eight out of the nine vendors in which we could exploit that vulnerability to completely reveal the contents of users’ keystrokes in transit. Most of the vulnerable apps can be exploited by an entirely passive network eavesdropper...


Given the scope of these vulnerabilities, the sensitivity of what users type on their devices, the ease with which these vulnerabilities may have been discovered, and that the Five Eyes have previously exploited similar vulnerabilities in Chinese apps for surveillance, it is possible that such users’ keystrokes may have also been under mass surveillance.

Recommendation: We urge users to install the latest updates to their keyboard apps and that they keep their mobile operating systems up to date. We also recommend that at-risk users consider switching from a cloud-based keyboard app to one that operates entirely on-device. more

Monday, May 27, 2024

FutureWatch: New AI Headphones Have Spy Potential

Appear to be listening to music, while zeroing in on a particular person's conversation...

What if you only want to hear what a single person is saying in a room full of other people? The experts over at the University of Washington have developed an AI-driven kit for headphones that lets you look at a person for three to five seconds as a directional signal*, and the headphones will only allow their voice to pass through. The team calls it "Target Speech Hearing" and it works even if the listener is moving around and no longer sitting directly in front of the speaker.

"In this project, we develop AI to modify the auditory perception of anyone wearing headphones, given their preferences. With our devices you can now hear a single speaker clearly even if you are in a noisy environment with lots of other people talking," says Professor Shyam Gollakota from the Paul G. Allen School of Computer Science & Engineering. more
* This could easily be adjusted so looking at the person is not necessary. Looking forward could signal AI to focus in on the person behind you, or any angle. ~Kevin

Spycam in Aircraft Toilet - Who's to Blame?

A law firm tried to blame a 9-year-old girl for not noticing an iPhone camera a former American Airlines flight attendant secretly taped to a toilet seat.

American Airlines has replaced the law firm that told a judge a 9-year-old girl was negligent in not noticing there was a camera phone taped to the seat in an airplane lavatory.

The change in lawyers came after Wilson Elser said in a court document that any harm to the girl could be blamed on her “fault and negligence” for using the lavatory, “which she knew or should have known contained a visible and illuminated recording device.” 

An airline spokesperson confirmed Friday that the Wilson Elser law firm is no longer defending American in a lawsuit filed by the girl’s family.

A former American flight attendant is accused of luring girls to use the lavatory after taping his iPhone to the toilet seat and explaining that the seat was broken. Estes Carter Thompson III, who was fired by American, pleaded not guilty this week to attempted sexual exploitation of children and possession of images of child sexual abuse. more

Hikvision Takes A Hike

Chinese surveillance industry giant Hikvision has suspended operations in Russia, joining the ranks of over 1,000 companies that have scaled back business in the country since Russian President Vladimir Putin's 2022 invasion of Ukraine.

Hikvision's Russian website is currently offline, a development flagged by Russian security systems adviser Videoglaz on the social media platform Telegram last week. The precise date operations ceased is unclear...

Hikvision, along with its budget brand HiWatch, comprised some 30 percent of Russia's surveillance camera market in 2021, according to Russian media agency RSpectr. more

Subsea Espionage

In the depths of the world’s oceans, a murky game of espionage unfolds,
with nations accusing each other of exploiting submarine cables for intelligence gathering and geopolitical maneuvering. The latest accusation comes from China.

“Submarine cables have in recent years become a tool for some countries to steal intelligence information and even seek geopolitical interests,” stated China’s Ministry of State Security. Although no country was explicitly named, the implication was clear: China was pointing the finger at the United States...

However, the United States has been no stranger to leveling similar accusations at China. In May 2024, the Biden administration reportedly warned Silicon Valley giants such as Meta and Google, who have invested in submarine cables, about the potential threat posed by Chinese cable repair ships.

US officials are concerned that China could sabotage or tap undersea communications cables, which carry 95 percent of the world’s online traffic, to siphon information, from personal data to intellectual property and classified military intelligence. more

NASCAR Radio Comms Hacked - “That Was Some Weird Sh*t”

Unwelcome Participant Eavesdropping on Bubba Wallace...


Remember the 2023 All-Star Race? The No. 23 team and specifically its driver, Bubba Wallace, experienced a bad situation. Somebody hacked into the team’s radio channel and delivered a derogatory message...Although NASCAR investigated the incident, the mysterious voice remained unknown.

A similar situation seems to have propped up at the 2024 Coca-Cola 600 race, but devoid of the hurtful comments. While Bubba Wallace was prying for the lead in stage 2, an unfamiliar voice popped in between his communication with his pit team. The 23XI Racing driver was surprised yet fascinated by this occurrence.

Earlier in 2024, the No. 23 team’s radio buffered during the race at Talladega Superspeedway. As it turned out, not only Bubba Wallace but also other drivers faced a similar problem. Joe Gibbs Racing’s No. 19 driver Martin Truex Jr was audibly frustrated: “All our radios are f***ed up right now.”

Now another mysterious glitch has surfaced in Charlotte, with unfamiliar voices on Wallace’s radio. We can only wait till the end of the weather-delayed race to delve deeper into this curious matter. more
......
Care to eavesdrop yourself? "DOWNLOAD NASCAR MOBILE APP and click on Buy Premium link in the navigation to subscribe for full access on mobile devices." more 
Or... do what that mysterious voice did... Buy a cheap 2-way radio.

One Bugged Bugger

A husband who was fined BD50 for eavesdropping on his wife’s phone calls without her consent, bugging her house and sending the recordings to his siblings has lost his final appeal at the Cassation Court. 

Last July, the Public Prosecution issued an order fining the Arab man BD20 on eavesdropping charges, without referring the misdemeanour to court, but he objected to the ruling in the Lower Criminal Court. more

Monday, May 20, 2024

Who Paints Their Espionage Devices Bright Yellow?

China's Ministry of State Security is once again circulating claims it has discovered foreign espionage devices in its domestic waters.

In a note on its Wechat channel, the state security ministry said foreign intelligence agencies have been “using different methods to strengthen their monitoring of China's maritime areas, carrying out a series of intelligence gathering and technical espionage activities.” 

It has paid Chinese fishermen handsome rewards for their discovery of what they claimed were multiple spying devices caught in fishing nets inside of China’s exclusive economic zone. more

When Countering Espionage Becomes Counter-Productive

US-based Kingland Systems, specializing in data management and regulatory compliance for financial services, insurance, and agriculture, has announced the closure of its subsidiary office in China.
The decision, which came as a shock to the local workforce, will result in the termination of all 151 employees.

Employees were informed of the closure on Wednesday....

This move comes in the wake of increasingly challenging economic conditions in China, coupled with rising geopolitical tensions. New regulations, such as stricter data-security laws and an anti-espionage law, have made operating in China more difficult for foreign businesses. more

The Yin & Yang of Wiretapping


President Ferdinand Marcos Jr. (Philippines)
over the weekend said he has ordered the investigation on the alleged wiretapping of a ranking Armed Forces of the Philippines official by the Chinese Embassy in Manila. more

Macedonian President Gjorge Ivanov ordered a halt on Tuesday to all criminal inquiries into allegations of a vast government wiretap operation, prompting the opposition to demand his resignation for a move it said amounted to a "coup d'etat". more

The Constitutional Court has ordered the Slovak Intelligence Service (SIS) to destroy the results of wiretapping in the Gorilla scandal. [The Gorilla scandal concerned alleged shady collusion between senior politicians and big business. - ed. note] more

A Spycam Rocks Her World

CA - A Chino Hills woman was disturbed to learn that a camera disguised as a rock had been planted outside of her home last week.

The camera was planted in the ground across the street from her house on Glen Ridge Drive, leaving her with fear that she's being watched by someone. 


"I think it's really strange. I think it's really scary, because you're supposed to feel safe in your own home and your neighborhood," the woman, who wished not to be identified, said. "But, something like that happens and you really don't know anymore, times have changed." more

Corporate Espionage as AI Sees It

A totally AI-created short video explaining corporate espionage.


Interesting, but also consider how AI will become a force-multiplier tool in the hands of people engaged in corporate espionage. Each tidbit of information about a business is just a puzzle piece. Dump them all in to your AI spymaster, et voilà!... instant full picture, with guidance on how best to take advantage.

Friday, May 10, 2024

Recent Spy Headlines

• Philippines seeks expulsion of Beijing’s diplomats over wiretapping as tensions explode more
• DX Group shares plunge after corporate espionage legal claim more
• Polish defector judge faces espionage charges more
• Russian diplomat to be expelled by UK for spying more
• U.S. Spy Agencies Adopt Rules for Purchasing Commercial Data on Americans
more
• Is your car spying on you? more
• Canadian spy agency accuses India of espionage more
• US confronts China over Volt Typhoon cyber espionage more
• Public (in China) urged to be on lookout for marine espionage devices more
• Rival cryptocurrency CEOs courtroom showdown: a tale of innovation, espionage more
• New Book: The Spy Who Came in From the Circus more
• Former Equatorial Guinea Police Commissioner Arrested in Cameroon for Espionage more
• Oleg Gordievsky: the double agent who changed the course of the Cold War more
• China accuses Australia of ‘spying’ after navy flare-up more
• Australian Defence chief rejects China's spying accusation more
• Seeing spies everywhere - Yes the west is paranoid, but that doesn’t mean they’re not out to get us more
...and not to be outdone...
• China sees foreign threats ‘everywhere’ as powerful spy agency takes center stage... In a slick video marking the National Security Education Day, China’s top spy agency has a stern message for Chinese people: foreign spies are everywhere. more video


Recent Spycam News

• Hasbro Children’s Hospital Employee Arrested for Video Voyeurism... they said they found a hidden camera in an employee bathroom. more
• Anderson High School student arrested, charged with voyeurism more (video)
• Stuart landlord ordered to prison for installing hidden cameras to spy on 12-year-old girl... cameras they said he hid in the electric outlets of her bedroom more
• Man arrested for video voyeurism in Library West restroom more
• Man accused of secretly photographing woman in Fairfield Township Walmart more
• Jacksonville police seeking suspect who secretly recorded women in bathroom... store surveillance footage, along with video of the confrontation, provided a suspect description. more
• ‘Hidden Spy Camera’: Arizona High School Teacher Allegedly Recorded Students Changing Clothes... the teenager uncovered a charger plugged into the wall which was actually a “hidden spy camera,” Students went on to discover two more, one of which doubled as a clock on the wall. more
• Can you guess which of these everyday objects is actually a spy cam? Hidden spy cameras are still available all over Amazon despite the firm being sued over the gadgets. more


Microsoft Launches AI Chatbot for Spies

Microsoft has introduced a GPT-4-based generative AI model designed specifically for US intelligence agencies that operates disconnected from the Internet, according to a Bloomberg report. 

This reportedly marks the first time Microsoft has deployed a major language model in a secure setting, designed to allow spy agencies to analyze top-secret information without connectivity risks—and to allow secure conversations with a chatbot similar to ChatGPT and Microsoft Copilot.

But... it may also mislead officials if not used properly due to inherent design limitations of AI language models. more