Wednesday, June 29, 2016

Spy Alert #734: The Olympic Games Warning

If Zika, political instability and contaminated water weren’t enough,

U.S. intelligence officials are warning Americans traveling to the August Olympic Games in Rio and other destinations abroad that proprietary information stored on electronic devices is at high risk for theft by spies and cyber criminals who are increasingly targeting global events as troughs rich in valuable intelligence.

Bill Evanina, the nation’s chief counter-intelligence executive, is urging travelers to carry “clean’’ devices, free of potentially valuable archives that could be tapped for economic advantage, personal data or security information.

Just as the Olympics draw the world’s most talented athletes, Evanina said the games and other international events represent a "great playground’’ for government intelligence services and criminals, if only because of the “sheer number of devices.’’ more

Nanny Cam Solves 2013 Home Invasion Case — 2016 Justice Served

A judge sentenced a New Jersey man to life in prison Wednesday for a brutal home invasion beating caught on a nanny cam, after listening to the victim describe how the attack left her with physical and psychological scars...

http://www.usatoday.com/story/news/nation/2013/06/25/home-invasion-millburn-camera/2458129/
(Judge) Wigler added an additional five years to Custis' life sentence for the child endangerment conviction. Custis won't be eligible for parole for more than 60 years.

Prosecutors had sought a life sentence for the Newark resident based on a criminal past Wigler termed "rather staggering." It included 38 arrests and 17 felony convictions before the 2013 attack in Millburn, a suburban town several miles from Newark...

"Half-measures of leniency haven't worked to deter this defendant," (Assistant Essex County Prosecutor) Semper said. "He has almost as many arrests as he's had birthdays." more

Not the World's Smallest "Camera" but... Possibly the World's Smallest Camera Lens

Tiny 3D-printed medical camera could be deployed from inside a syringe.

Getting inside the human body to have a look around is always going to be invasive, but that doesn't mean more can't be done to make things a little more comfortable. With this goal in mind, German researchers have developed a complex lens system no bigger than a grain of salt that fits inside a syringe. The imaging tool could make for not just more productive medical imaging, but tiny cameras for everything from drones to slimmer smartphones.

Scientists from the University of Stuttgart built their three-lens camera using a new 3D printing technique. They say their new approach offers sub-micrometer accuracy that makes it possible to 3D print optical lens systems with two or more lenses for the first time. Their resulting multi-lens system opens up the possibility of correcting for aberration (where a lens cannot bring all wavelengths of color to the same focal plane), which could enable higher image quality from smaller devices. more

Thursday, June 23, 2016

Mark Zuckerberg Tapes Over His Laptop Camera - You can do better!

Mark Zuckerberg is one of the most powerful men in the world...

On Tuesday, observers were reminded that Mr. Zuckerberg, 32, is not just a normal guy... his laptop camera and microphone jack appeared to be covered with tape...

The taped-over camera... usually a signal that someone is concerned... about hackers’ gaining access to his or her devices by using remote-access trojans — a process called “ratting.” (Remote access is not limited to ratters: According to a cache of National Security Agency documents leaked by Edward J. Snowden, at least two government-designed programs were devised to take over computer cameras and microphones.)

Security experts supported the taping, for a few good reasons... more
---
Murray Associates provided our clients with a more elegant solution—a year ago. 
(free)

Spybuster Tip #812 
Protect your privacy with just two disk magnets.

1. Affix one magnet to your laptop—adjacent to the camera lens.
2. Let the second magnet attach itself to the first one. It will orbit the first magnet.
3. Orbit the second magnet over the camera lens to eclipse the view.
4. Rotate it out of the way to use the camera.

Simple. Elegant. Effective.
Tape is tawdry.

You are now very cool! More cool than Zuck with his yuck tape.
Our ahead-of-the-curve mailing to our clients. Consider becoming one.

The Great Seal Bug - Excellent Synopsis

In 1946, a group of Russian children from the Vladimir Lenin All-Union Pioneer Organization (sort of a Soviet scouting group) presented a carved wooden replica of the Great Seal of the United States to Averell Harriman, the U.S. Ambassador to the Soviet Union.

Click to enlarge
The gift, a gesture of friendship to the USSR's World War II ally, was hung in the ambassador’s official residence at Spaso House in Moscow. It stayed there on a wall in the study for seven years until, through accident and a ruse, the State Department discovered that the seal was more than a mere decoration.

It was a bug.

The Soviets had built a listening device—dubbed “The Thing” by the U.S. intelligence community—into the replica seal and had been eavesdropping on Harriman and his successors the whole time it was in the house. “It represented, for that day, a fantastically advanced bit of applied electronics,” wrote George Kennan, the ambassador at the time the device was found. “I have the impression that with its discovery the whole art of intergovernmental eavesdropping was raised to a new technological level.” more

The full story.

Godless Android Malware - Secretly Roots Phone, Installs Programs

Android users beware: a new type of malware has been found in legitimate-looking apps that can “root” your phone and secretly install unwanted programs.

The malware, dubbed Godless, has been found lurking on app stores including Google Play, and it targets devices running Android 5.1 (Lollipop) and earlier, which accounts for more than 90 percent of Android devices, Trend Micro said Tuesday in a blog post.

Godless hides inside an app and uses exploits to try to root the OS on your phone. This basically creates admin access to a device, allowing unauthorized apps to be installed.

Godless contains various exploits to ensure it can root a device, and it can even install spyware, Trend Micro said...

Trend recommends you buy some mobile security software. more

My solution. ~Kevin

Wednesday, June 22, 2016

Security Director Alert: Check the Settings on your Video Teleconferencing Equipment

Closed-door meetings by Canada's Quebec Liberal Party were exposed to trivial eavesdropping thanks to flaws in its video conferencing software.

The flaws, found and reported by a resident white hat researcher, are being fixed.

The researcher speaking on the condition of anonymity told local tabloid Le Journal de Montreal (French) he accessed the video streams using a vulnerability and the default password which was in use.

They were able to gain on-demand access to two meeting rooms in Quebec and Montreal, and supplied screen captures as evidence of the exploit.

"It was just too easy," the researcher told the paper. "It is as if they had stuck their PIN on their credit card."

Party communications director Maxime Roy says nothing relating to national security was discussed at the meetings... "We are working with our supplier." more

Need help? 
Call me.

Seek Thermal CompactPRO — Possible TSCM Tool Coming Soon

Seek Thermal has announced the first thermal imager for smartphones with 76,800 temperature pixels.

The new CompactPRO is said to deliver the high-quality thermal image resolution and the enhanced software features professionals demand, including:
  • 320 x 240 thermal sensor
  • Wide 32-degree field of view
  • Minimum focusable distance of 15cm
  • Emissivity control
  • Thermal level and span
  • 9 color palettes

I plan on testing this and will report in a future post. ~Kevin

Snooping on Mobile Phones: Prevalence and Trends

Abstract: Personal mobile devices keep private information which people other than the owner may try to access.

Thus far, it has been unclear how common it is for people to snoop on one another’s devices. Through an anonymity-preserving survey experiment, we quantify the pervasiveness of snooping attacks, defined as "looking through someone else’s phone without their permission."

We estimated the 1-year prevalence to be 31% in an online participant pool. Weighted to the U.S. population, the data indicates that 1 in 5 adults snooped on at least one other person’s phone, just in the year before the survey was conducted.

We found snooping attacks to be especially prevalent among young people, and among those who are themselves smartphone users. In a follow-up study, we found that, among smartphone users, depth of adoption, like age, also predicts the probability of engaging in snooping attacks.

In particular, the more people use their devices for personal purposes, the more likely they are to snoop on others, possibly because they become aware of the sensitive information that is kept, and how to access it. These findings suggest that, all else remaining equal, the prevalence of snooping attacks may grow, as more people adopt smartphones, and motivate further effort into improving defenses. more

A Technology that lets Companies Eavesdrop on Mobile Calls Made on their Premises.

Ever sought a bit of privacy by stepping away from your desk to make a personal call on your cell phone?

Soon, that may not be enough to prevent the boss from listening in -- at least not in Russia.

A Moscow security firm has developed technology that lets companies eavesdrop on mobile calls made on their premises. InfoWatch says the product is legal in Russia and that it’s scouting for other markets where customers -- banks, government agencies, or anyone else trying prevent leaks of confidential information -- would be allowed to use it.

“These technologies have been used by secret services or the military in certain countries,” said Natalya Kaspersky, chief executive officer of InfoWatch. “Our breakthrough is in applying them for corporate security.”The product expands an employer’s arsenal for fighting industrial espionage but is also likely to further fuel the global debate about data privacy. more

"Emergency! Everybody to get from street!"

Monday, June 20, 2016

Cadillac CT6: A Luxury $53,000-plus 360º Surveillance Camera

Integrated into the front grille of the Cadillac CT6 is a surveillance camera that the driver can secretly activate. 

There's one on the rear trunk lid, too.

 If the alarm system is triggered, these two cameras activate, and two others on the door-mounted rearview mirrors do as well.

Footage is stored on a removable SD card in the trunk. more

Amateur Skygazers Have Already Found the New Spy Satellite

Last week, the U.S. National Reconnaissance Office launched NROL-37, carrying its latest spy satellite into geosynchronous orbit via Delta IV-Heavy rocket. But it only took amateur space enthusiasts a few days to locate the mysterious new craft in the skies near Malaysia, over the Strait of Malacca.

While the contents and capabilities of the NROL-37 mission's payload are classified (the satellite is innocuously labeled US-268), its need to hitch a ride on the world's biggest rocket strongly suggests it is the seventh member of the Mentor/Orion family, an extra-large class of signals intelligence (SIGINT) satellites which help provide eavesdropping capability to US intelligence agencies.



Their large size also makes Mentor satellites the easiest to find and photograph. In a blog post, Dr. Marco Langbroek details how he and two other amateur skygazers found the Mentor-7 satellite near 104 E longitude over the course of a few days using standard photographic equipment. (You can always spot a geosynchronous satellite by taking long exposures of the sky at night and noting which “stars” aren’t moving.) more

Eavesdropping History: Wiretapping Observations in the 1890's

via Futility Closet...
Click to enlarge.(sic)
In 1890, as the telephone’s influence spread across the United States, Judge Robert S. Taylor of Fort Wayne, Ind., told an audience of inventors that the telephone had introduced an “epoch of neighborship without propinquity.” Scientific American called it “nothing less than a new organization of society.” The New York Times reported that two Providence men “were recently experimenting with a telephone, the wire of which was stretched over the roofs of innumerable buildings, and was estimated to be fully four miles in length”:
They relate that on the first evening of their telephonic dissipation, they heard men and women singing songs and eloquent clergymen preaching ponderous sermons, and that they detected several persons in the act of practising (sic) on brass instruments. This sort of thing was repeated every evening, while on Sunday morning a perfect deluge of partially conglomerated sermons rolled in upon them. … The remarks of thousands of midnight cats were borne to their listening ears; the confidential conversations of hundreds of husbands and wives were whispered through the treacherous telephone. … The two astonished telephone experimenters learned enough of the secrets of the leading families of Providence to render it a hazardous matter for any resident of that city to hereafter accept a nomination for any office.
In 1897 one London writer wrote, “We shall soon be nothing but transparent heaps of jelly to each other.” (From Carolyn Marvin, When Old Technologies Were New, 1988.)

Security Director Alert: Check Your Alarm Systems - Especially at Executive Residences

Dec. 31, 2016 is the proposed date for all 2G cell towers to discontinue service.

2G networks are on their way out the door, as AT&T and Verizon announced plans to discontinue services. This change brings with it the end of many older security system models whose radios will need to be updated or replaced to be compliant with 3G and 4G requirements.

If the alarm systems at your executives' residences, or remote locations, have not been updated yet... do it now.
~Kevin

Replacement 3G & 4G cellular alarm dialers.

Spycam, Blackmail and a former Waffle House CEO (surprise ending)

Mye Brindle, a housekeeper for Joe Rogers, former CEO of the Waffle House restaurant chain, was indicted on Friday, for allegedly trying to extort millions of dollars from her boss. 
 
Her lawyers, John Butters and David Cohen, were charged as well. According to the Associated Press, all three were indicted for secretly videotaping Brindle and Rogers having sex in Rogers’ home, and then trying to blackmail him with the recording...

Records indicated that the video, made with a spy camera Brindle received from a private investigator, did not show that Brindle did anything against her will.

Secretly recording someone in their bedroom is considered eavesdropping, which is a felony in Georgia.

Brindle, Butters, and Cohen are all charged with conspiracy to commit extortion, conspiracy to commit unlawful eavesdropping, and eavesdropping, each facing a sentence of up to five years of incarceration. more