Thursday, March 31, 2011

eBlaster'ed Wife Kicks Butt

TX - An Austin man is accused of spying on the e-mails of his estranged wife and one of her friends, using the information to build a case for divorce...

Austin police investigators charged Karl Redden Dalley, 41, with unlawful interception of electronic communication -- a second-degree felony. He allegedly spied throughout much of 2010.

Investigators said Dalley used eBlaster, made by SpectorSoft , to monitor his wife's e-mails from their home computer. They also claim he used the same software to spy on a computer at an Austin karate school.

Police said Dalley's wife also claimed her estranged husband used photos from her cell phone as evidence during their divorce proceeding in November 2010.

Police first learned of the case in February 2010, when Dalley's wife told them that he had sent an e-mail to all of the brown and black belts in the Austin area karate school. Dalley's wife was an instructor there, and the e-mail accused her of having an affair with the school's president. (more)

Cell Phone Panic Button App

There's a new app being developed by the U.S. Government and it seems like everyone should want to add it to their phone for all kinds of different reasons. If a cell phone is confiscated by police or government agency, the panic button app will wipe the cell phone's address book, history, text messages and broadcast the arrest as an emergency alert to fellow activists...

 Since 2008, the U.S. has budgeted about $50 million to promote new tech to help out social activists. Secretary Hillary Clinton is behind the U.S. technology initiative to "expand Internet freedoms." (more)

Several cell phone operating systems, like iPhone's iOS, already have a similar capability built in. The emergency broadcast is a new twist... but would that identify who all the cohorts are?

Security Tip - $5 p/m Stolen Laptop Solution

Eighteen-year-old "technology entrepreneur" and Bentley College student Mark Bao had his MacBook Air stolen in February. Unlike other bright-eyed college freshmen, Bao didn't write his laptop off as gone forever (ok, maybe he did--he went out and purchased another laptop the very same night it was stolen), he set out to find the thief.

Using online backup software BackBlaze that he'd installed on his laptop, Bao was able to see the machine's browser history and track any hard drive updates.

"Woah. Thanks to @Backblaze, I think I might be able to figure out who stole my MacBook Air at college. Creeping through the Safari history!" Bao Tweeted on March 19.

(D'oh!)
Apparently the first thing the thief did was take a photo of himself using the laptop's Photo Booth program... After discovering the photo, Bao discovered a video the thief had taken of himself dancing to Tyga's "Make it Rain." Bao uploaded the video to Vimeo, managed to hunt down the guy's Facebook page using the aforementioned Safari history, and then turned everything over to the police. 

Bao told the Daily Mail that he holds no grudges against the thief, because "I don't have time nor patience to. There are more important things in life." Mark no longer has any use for his old laptop, so he's selling it and donating the proceeds to the Red Cross Japan fund. (more)

Security Tip - Free Program Protects USB Ports from Maleware Infections

Did you find a USB memory stick and are afraid to plug it in? (good)
Does your friend want to insert their (possibly infected) drive into your computer? 
Panda USB Vaccine may help...

There is an increasing amount of malware which, like the dangerous Conficker worm, spreads via removable devices and drives such as memory sticks, MP3 players, digital cameras, etc. To do this, these malicious codes modify the AutoRun file on these devices.

Panda USB Vaccine is a free antimalware solution designed to protect against this threat. It offers a double layer of preventive protection, allowing users to disable the AutoRun feature on computers as well as on USB drives and other devices:

Vaccine for computers: This is a ‘vaccine' for computers to prevent any AutoRun file from running, regardless of whether the device (memory stick, CD, etc.) is infected or not.

Vaccine for USB devices: This is a ‘vaccine' for removable USB devices, preventing the AutoRun file from becoming a source of infection. The tool disables this file so it cannot be read, modified or replaced by malicious code.

This is a very useful tool as there is no simple way of disabling the AutoRun feature in Windows. This provides users with a simple way of disabling this feature, offering a high degree of protection against infections from removable drives and devices.

You can download Panda USB Vaccine free here.

Wednesday, March 30, 2011

Samsung - Installed Keylogger on their Laptop Computers! (UPDATE)

[UPDATE: Samsung has launched an investigation into the matter and is working with Mich Kabay and Mohamed Hassan in the investigation. Samsung engineers are collaborating with the computer security expert, Mohamed Hassan, MSIA, CISSP, CISA, with faculty at the Norwich University Center for Advanced Computing and Digital Forensics, and with the antivirus vendor whose product identified a possible keylogger (or which may have issued a false positive). The company and the University will post news as fast as possible on Network World. A Samsung executive is personally delivering a randomly selected laptop purchased at a retail store to the Norwich scientists. Prof. Kabay praises Samsung for its immediate, positive and collaborative response to this situation.]

By M. E. Kabay and Mohamed Hassan Mohamed Hassan, Network World...
The supervisor who spoke with me was not sure how this software ended up in the new laptop thus put me on hold. He confirmed that yes, Samsung did knowingly put this software on the laptop to, as he put it, "monitor the performance of the machine and to find out how it is being used."

In other words, Samsung wanted to gather usage data without obtaining consent from laptop owners.

...This is a déjà vu security incident with far reaching potential consequences. In the words of the of former FTC chairman Deborah Platt Majoras, "Installations of secret software that create security risks are intrusive and unlawful." (FTC, 2007).

Samsung's conduct may be illegal; even if it is eventually ruled legal by the courts, the issue has legal, ethical, and privacy implications for both the businesses and individuals who may purchase and use Samsung laptops. Samsung could also be liable should the vast amount of information collected through StarLogger fall into the wrong hands.
We contacted three public relations officers for Samsung for comment about this issue and gave them a week to send us their comments. No one from the company replied. (more)

"You vare personally responsible for your spy equipments...

...lose zem, and ve dock your pay!" 
You’ve gotta hand it to Russian intelligence, they’ve got chutzpah. First they planted a network of sleeper agents in the United States. Now, two of the busted and deported spies are demanding that the feds fork over their impounded spy gear...

...two former members of Russia’s Foreign Intelligence Service  (SVR) who hid in the U.S. for years, have hired lawyers to demand the FBI give them their stuff back. Vladimir and Lidia Guryev (a.k.a. Richard and Cynthia Murphy) are asking the Justice Department to return their cars, money, video cameras, computers, digital photos and unnamed “other equipment.” They’d also like the data on their digital gear back, too or, failing that, copies of it. Their tech gear and files have no “material value,” the request claims; it’s just “dear to the Guryevs.”(more)

Security Director's: The IT guys are stealing your lunch...

...and, unless you take control they will also eat your budget and make you irrelevant. 

Their recipe... Take accurate "S&P 500" statistics, add a pinch of "cyber" for a taste of scary, let it cook over "1,000 IT decision makers" with vested interests, serve as "hot news" written by... oh, no one in particular.

Cybercriminals understand there is greater value in selling a corporations’ proprietary information and trade secrets which have little to no protection making intellectual capital their new currency of choice, according to McAfee and SAIC.

The cyber underground economy is making its money on the theft of corporate intellectual capital which includes trade secrets, marketing plans, research and development findings and even source code.

McAfee and SAIC surveyed more than 1,000 senior IT decision makers in the U.S., U.K., Japan, China, India, Brazil and the Middle East. Their study reveals the changes in attitudes and perceptions of intellectual property protection in the last two years. (more)

Fight back...
Tell the boss:
1. All of the information IT claims it needs money to protect (and more) is available elsewhere long before it is ever reduced to computer data.

2. "Cybercriminals" is a self-serving label invented to scare. News and entertainment media glorify this one aspect of criminal behavior. Truth: Criminals don't care how they make a buck. Foreign governments don't have preferential spy techniques. Both want your intellectual property. The fresher, the better. Reality: Cybercriminals get the table scraps.

3. You are the front line of defense. Your job is more important today than every before in history. The proof is in the S&P 500 chart.

4. "I can take the lead in designing the overall company counterespionage strategy." 

Priority One: Realign the security budget.
• Is 80% of the budget being used to protect tangible assets? (20%) If so, change it.
• Is the budget strong enough to protect the intangible assets? (80%) If not, change it.

Need help implementing a counterespionage strategy? Call us.

P.S. Be kind to the IT guys. They have a hard time keeping up with the regular demands of their job, let alone the security issues. They will be happy you took control and can advise you on what they really need to keep their data safe.

Sell Spy Plane on Ebay? To Feds? Feedback? Arrest Warrant

FL - A Philippine man was arrested and charged with illegally selling an unmanned U.S. spy plane known as the Raven, the U.S. Attorney's Office in Tampa said on Monday.

A grand jury indicted Henson Chua, 47, of Manila on March 10 on charges that he sold the Raven to undercover federal agents on Ebay...

The Raven is a four-pound plane equipped with three cameras that U.S. troops use for battlefield surveillance. It can be taken apart and carried by troops and then reassembled for use.

According to the U.S. Attorney's Office, agents with the Homeland Security Department found out last May that Chua was offering a Raven for sale on Ebay for $13,000. (more)

Tuesday, March 29, 2011

Photo Sharing App Bares All

Critics of the much-talked-about new photo-sharing app Color can add another bickering point to the pot: A simple GPS "spoof" allows for spying on any Color user's photos. 

The problems with the highly publicized new iOS and Android photo-sharing app Color continue to mount. According to Forbes, the app has an easily exploitable feature that makes it simple for tech-savvy users to view all the photos of anyone who uses the app.

That’s not to say Color is known for its tight privacy settings — in fact, the exact opposite is true. When a user takes a photo with Color, the photo is automatically uploaded to the Color servers. Then — and this is what makes the app so notable — anyone within a set perimeter of where that photo was taken can see that picture, along with the pictures of any other Color user who happens to be snapping off shots in that particular location. (more)
Another cool use... establishing and identifying dead drops for spies.

High School Hacking Nets Great Grades... for a while

CA - Omar Khan worked the school like it was a movie, installing spyware, stealing passwords and breaking into administrator offices.

A former Tesoro High School senior was convicted Monday of breaking into his high school on multiple occasions to steal advanced placement (AP) tests from classrooms, alter test scores and change official college transcript grades.

Omar Shahid Khan, 21, of Coto de Caza, pleaded guilty to two felony counts of commercial burglary and one felony count each of altering public records, stealing or removing public records, and attempting to steal or remove public records. He is expected to be sentenced Aug. 26 to 30 days in jail, three years of probation, 500 hours of community service and more than $14,900 in restitution. 

A subsequent search by the Orange County Sheriff’s Department revealed that Khan had installed spyware devices on the computers of several teachers and school administrators throughout his senior year, according to the D.A. The devices were used to obtain passwords to access teacher computers in classrooms and school administrative offices. (more)

Oh, one more thing...

One security feature I would like to see on my future cell phone is the option of not using a password.

Think of this... all business-level cell phones have camera capability; all have (or could easily be designed to have) touch screen capability; and of course a microphone. The next logical step is adding facial, fingerprint or voice recognition to replace the access PIN code. 

In addition to the security benefit, it would sure make using the phone while driving safer. (Just kidding. I would never do that. Well... not often, anyway.) ~Kevin

Your Next Cell Phone May Seem Like a James Bond Gadget

10 Things Your Phone Will Soon Do 
via onlinedegree.net...
(more

Aston Martin teams with Mobiado for transparent touchscreen concept phone
British car maker Aston Martin is looking to leverage its luxury brand into the world of consumer electronics by teaming up with Canadian mobile phone manufacturer Mobiado to produce a line of high-end handsets to be launched in May of this year. Until then, the company has provided a tantalizing peek at possible future designs with the CPT002 Aston Martin Concept Phone that takes the 'slab of glass' design of many current smartphones to the next level. With a solid sapphire crystal capacitive touchscreen, the CPT002 is completely transparent. (more)

How to Put Out an Electrical Fire, or... Fight Fire With Fire?

It's certainly an established fact that electricity can cause fires, but today a group of Harvard scientists presented their research on the use of electricity for fighting fires. In a presentation at the 241st National Meeting & Exposition of the American Chemical Society, Dr. Ludovico Cademartiri told of how they used a unique device to shoot beams of electricity at an open flame over one foot tall. Almost immediately, he said, the flame was extinguished... Apparently, it has been known for over 200 years that electricity affects fire – it can cause flames to change in character, or even stop burning altogether. 

It turns out that soot particles within flames can easily become charged, and therefore can cause flames to lose stability when the local electrical fields are altered.

The Harvard device consists of a 600-watt amplifier hooked up to a wand-like probe, which is what delivers the electrical beams. The researchers believe that a much lower-powered amplifier should deliver similar results, which could allow the system to be worn as a backpack, by firefighters. It could also be mounted on ceilings, like current sprinkler systems, or be remotely-controlled. (more)
Bill, don't cross the beams. ~Kevin

Monday, March 28, 2011

"Have you ever been the victim of..." poll results.

Click to enlarge.
Kevin's Security Scrapbook has been running this poll for several months now. It is a follow-up to a similar poll we ran a few years ago. Time to look at the results.

Not much has changed. No one surveillance tactic is more popular than another. People will use any tool or tactic that does the job.
This parallels our corporate counterespionage field experience.

Thanks to all who shared their experience with us. ~Kevin


Export, eh... or, The PC is Smokin'

Dumpster diving isn't something Saskatchewan's privacy commissioner makes a habit of, but this time Gary Dickson says he was left with little choice.

Dickson and two assistants had to wade through a massive recycling dumpster this week to recover medical files. They sorted through paper more than 1 1/2 metres deep after getting a tip directing them to the container behind the Golden Mile Shopping Centre in Regina... "So we seized all of this stuff immediately and the only way we could do that was getting into the recycling bin."

It took a couple of hours to go through the dumpster. Dickson estimates they found more than 1,000 files that should have been shredded.

Whoever tossed the files had to know what they were, he said.

The commissioner said doctors, regional health authorities and other health professionals have long been told to follow Saskatchewan's Health Information Protection Act. The act says trustees have to safeguard personal health information in their custody.

There are fines of $50,000 for individuals and $500,000 for organizations for breaching the act. (more)

A shredder is beginning to look like a bargain, Doc.