All of the contents on a laptop can now be searched without wrongdoing or suspicion from U.S. Customs agents according to a recent federal appeals court ruling (PDF).
Expect the same level of privacy when visiting other countries as well.
(more)
Now, what are you going to do about it?
Here are some ideas and products to help you...
• Have a travel laptop. No data on the hard drive.
• Keep only necessary data on a secure USB stick.
• If you must keep sensitive data on your drive, encrypt it...
-- TrueCrypt 6.0 - The latest version of the free drive-encryption tool can shield sensitive data from prying eyes at home and abroad. Bonus - There is no way to prove that a hidden encrypted volume even exists on your drive unless you volunteer that information. TrueCrypt 6.0a is available now for Windows, Mac OS X, and Linux systems, including Windows Vista. (review)
Friday, July 11, 2008
A World Guide to Legal Interception
Need to know if "they" can legally...
bug, tap, or sap your text messages and email?
Check out this new guide to interception laws worldwide.
30+ countries covered.
THE READY GUIDE TO INTERCEPT LEGISLATION 2
bug, tap, or sap your text messages and email?
Check out this new guide to interception laws worldwide.
30+ countries covered.
THE READY GUIDE TO INTERCEPT LEGISLATION 2
Executive Alert - Your Trip to China
from Forbes Magazine...
When traveling to China for the Olympics this summer, leave any expectation of privacy at the border. Instead, prepare for possible eavesdropping and surveillance--from listening devices in hotel rooms to bugged laptops and personal digital assistants to informers posing as friendly strangers.
Those who laugh at the seeming paranoia would be wise to remember that the U.S. recently accused Chinese authorities of allegedly copying data from the laptop of a visiting trade official last year and attempting to hack into the Commerce Department. The Chinese denied the allegations.
The U.S. Department of State advises tourists not to expect privacy in public or private locations, particularly in hotels, but a spokesman declined to comment further.
Wang Baodong, a spokesman for the Chinese embassy in Washington, D.C., was almost as tight-lipped. He declined to address specific allegations of spying on foreigners at the Olympics.
"No special security measures will be arranged beyond universally adopted international practice at public venues, hotels and offices in China," he says. "Privacy in China will be guaranteed according to the law."
But security experts say that Chinese law has few protections for individual privacy...
Bruce McIndoe, president of the security consulting company iJet, routinely warns his corporate clients about threats to their electronic security.
"What business people need to be aware of," he says, "is that the Chinese are very clear about who is coming into the country. You could be a senior level executive or a scientist and they will target you for surveillance."
(more)
How To Safeguard Your Privacy In Beijing - the short list.
When traveling to China for the Olympics this summer, leave any expectation of privacy at the border. Instead, prepare for possible eavesdropping and surveillance--from listening devices in hotel rooms to bugged laptops and personal digital assistants to informers posing as friendly strangers.
Those who laugh at the seeming paranoia would be wise to remember that the U.S. recently accused Chinese authorities of allegedly copying data from the laptop of a visiting trade official last year and attempting to hack into the Commerce Department. The Chinese denied the allegations.
The U.S. Department of State advises tourists not to expect privacy in public or private locations, particularly in hotels, but a spokesman declined to comment further.
Wang Baodong, a spokesman for the Chinese embassy in Washington, D.C., was almost as tight-lipped. He declined to address specific allegations of spying on foreigners at the Olympics.
"No special security measures will be arranged beyond universally adopted international practice at public venues, hotels and offices in China," he says. "Privacy in China will be guaranteed according to the law."
But security experts say that Chinese law has few protections for individual privacy...
Bruce McIndoe, president of the security consulting company iJet, routinely warns his corporate clients about threats to their electronic security.
"What business people need to be aware of," he says, "is that the Chinese are very clear about who is coming into the country. You could be a senior level executive or a scientist and they will target you for surveillance."
(more)
How To Safeguard Your Privacy In Beijing - the short list.
Wednesday, July 2, 2008
Did You Know #172 - Credit Card Standards
If you have anything to do with credit cards,
you need to know this...
"Credit card companies want you to charge it and they know that concerns about identity theft might possibly slow down your card use — so it is in their best interests to make sure that a solid security standard is in place to protect you. The standard has turned into a requirement for everyone who takes a credit card and that turns out to be literally millions of grocers, retailers, online retail outlets, government agencies, convenience stores, utilities — almost everyone. So the PCI-DSS standard may be the most widely applied information (data) security standard in the world.
With such a widespread and critical standard, there is confusion about how to meet the standard because just doing a self-assessment isn’t enough — you are also required to do penetration tests on your systems that handle and transmit this electronic customer information and ATTEST that you use the standard in your information systems.
This includes having strong firewalls that protect cardholder data and making sure to remove the generic vendor-supplied passwords; using good storage devices for sensitive customer information and encrypting data that flows over your network. In addition, the card manager has to use anti-virus software, and also build secure systems. Once proper controls are in place, these controls need to be monitored and tested..."
Which leads us to the author of this piece.
Get to know her.
Caroline R. Hamilton is the Founder of RiskWatch, Inc. She offers twelve specialized risk assessment software programs which are used by thousands of her clients all over the world and in virtually every type of security assessment, gap analysis, and compliance assessment.
Murray Associates can assist you with the technical end of Wireless LAN compliance for PCI-DSS and...
• Sarbanes-Oxley Act – U.S. Public Companies
• HIPAA – Health Insurance Portability and Accountability Act
• GLBA – Gramm-Leach-Bliley Financial Services Modernization Act
• PCI-DSS – Payment Card Industry Data Security Standard
• FISMA – Federal Information Security Management Act
• DoD 8100.2 – Use of Commercial Wireless Devices, Services, and Technologies in the Department of Defense Global Information Grid
• ISO 27001 – Information Security Management
• Basel II Accord – Banking
• EU - CRD (Cad 3) – EU - Capital Requirements Directive - Banking
you need to know this...
"Credit card companies want you to charge it and they know that concerns about identity theft might possibly slow down your card use — so it is in their best interests to make sure that a solid security standard is in place to protect you. The standard has turned into a requirement for everyone who takes a credit card and that turns out to be literally millions of grocers, retailers, online retail outlets, government agencies, convenience stores, utilities — almost everyone. So the PCI-DSS standard may be the most widely applied information (data) security standard in the world.
With such a widespread and critical standard, there is confusion about how to meet the standard because just doing a self-assessment isn’t enough — you are also required to do penetration tests on your systems that handle and transmit this electronic customer information and ATTEST that you use the standard in your information systems.
This includes having strong firewalls that protect cardholder data and making sure to remove the generic vendor-supplied passwords; using good storage devices for sensitive customer information and encrypting data that flows over your network. In addition, the card manager has to use anti-virus software, and also build secure systems. Once proper controls are in place, these controls need to be monitored and tested..."
Which leads us to the author of this piece.
Get to know her.
Caroline R. Hamilton is the Founder of RiskWatch, Inc. She offers twelve specialized risk assessment software programs which are used by thousands of her clients all over the world and in virtually every type of security assessment, gap analysis, and compliance assessment.
Murray Associates can assist you with the technical end of Wireless LAN compliance for PCI-DSS and...
• Sarbanes-Oxley Act – U.S. Public Companies
• HIPAA – Health Insurance Portability and Accountability Act
• GLBA – Gramm-Leach-Bliley Financial Services Modernization Act
• PCI-DSS – Payment Card Industry Data Security Standard
• FISMA – Federal Information Security Management Act
• DoD 8100.2 – Use of Commercial Wireless Devices, Services, and Technologies in the Department of Defense Global Information Grid
• ISO 27001 – Information Security Management
• Basel II Accord – Banking
• EU - CRD (Cad 3) – EU - Capital Requirements Directive - Banking
Sunday, June 29, 2008
"Hello, Moto!"
IL - A Chinese spy was caught "red-handed," according to federal authorities, as she was about to board a plane at O'Hare bound for Beijing. Hanjuan Jin says she worked as a computer engineer for Schaumburg-based Motorola, a global leader in communications technology.
Federal agents say Jin was also working as a spy for a Chinese company, and she has been charged in a corporate espionage case that reflects a growing national security problem.
Clues...
• She downloaded hundreds of confidential documents from the company's supposedly secure internal network. Value = $600 million (Motorola estimate.)
• Arrived at O'Hare Airport with a one-way ticket to Beijing.
• Declared $10,000.00 cash. She was really carrying $30,000.00.
(more, with video) (red-handed spy catch in Illinois - not the first time)
Kicker...
It was only a routine check of passengers by customs agents that revealed she was carrying the cash and a laptop computer with more than 30 compact data storage devices containing stolen Motorola files.
Imagine the counterespionage successes you can accomplish in your company with routine checks.
(Mr. Moto is a fictional Japanese spy played by Peter Lorre, a Polish Jew.)
Federal agents say Jin was also working as a spy for a Chinese company, and she has been charged in a corporate espionage case that reflects a growing national security problem.Clues...
• She downloaded hundreds of confidential documents from the company's supposedly secure internal network. Value = $600 million (Motorola estimate.)
• Arrived at O'Hare Airport with a one-way ticket to Beijing.
• Declared $10,000.00 cash. She was really carrying $30,000.00.
(more, with video) (red-handed spy catch in Illinois - not the first time)
Kicker...
It was only a routine check of passengers by customs agents that revealed she was carrying the cash and a laptop computer with more than 30 compact data storage devices containing stolen Motorola files.
Imagine the counterespionage successes you can accomplish in your company with routine checks.
(Mr. Moto is a fictional Japanese spy played by Peter Lorre, a Polish Jew.)
Saturday, June 28, 2008
IMF's aren't known for giving 'comp time'
One unintended consequence of India and Pakistan establishing better relations in the last year, is a bunch of lawsuits by former Indian spies against the Indian government.
The former spies are suing to obtain pay for the years they have spent in Pakistani jails. That's because both countries have freed hundreds of men who had been imprisoned for spying, but the agencies that hired these men, often will still not admit it. (more)
The former spies are suing to obtain pay for the years they have spent in Pakistani jails. That's because both countries have freed hundreds of men who had been imprisoned for spying, but the agencies that hired these men, often will still not admit it. (more)
Friday, June 27, 2008
Spybusters Shades - Poop on the Paparazzi
Proof of Concept. Very effective. Murray's Prediction: Look for some sharp sunglass manufacturer to put this into production.
"Spy", perhaps?!?!
"Spy", perhaps?!?!
Thursday, June 26, 2008
The Bugs of Margaritaville
Another employee vs. boss illegal bugging story.But the case gets weirder...
Key West, FL - ...suspended Key West police officer Thomas Neary was fired Wednesday for telling people he was an undercover federal agent investigating corruption in the Police Department and looking into possible terrorist attacks...
The Neary investigation even involved bugging Lt. Kathleen Ream's office to record conversations she had with him. Transcripts from the bugging show some statements that indicate Neary told Ream he and his wife are federal agents...
In a casual conversation before the investigation began, "Officer Neary told [detective Bradley Lariz] that he had [City Commissioner Mark Rossi's] plane and house bugged and that they were watching him. He also told Lariz that he was watching and doing an investigation on Sgt. Robert Allen."
It's not clear what he was inferring with Rossi, but with Allen, he allegedly accused the sergeant of transporting drugs to Cuba in a police boat. (more)
On Taping Your Own Conversations, Legally
IN - A Carmel man who claimed he set up a voice recorder to capture conversations with his wife before their divorce action has been acquitted of criminal wiretapping.A Hamilton Circuit Court jury found the man not guilty of the Class C felony offense of interception of telephonic communications. (more)
Indiana is a one-party consent state, meaning only one person who is being recorded needs to agree to the recording. Some states require all parties to consent. Want to know the law for your state? Check here.
Unified Communications - Beware the Dark Side
Unified Communications refers to an umbrella of technologies that are likely already familiar to corporate users: Instant messaging, that lets users chat with others in real-time using a simple client interface; presence, which allows users to see who is available on IM, but also what is active on the network; and unified messaging, the combination of e-mail, voice, and fax in a single in-box that offers users access at any time from any device.
The products come as hardware and software combinations, stand-alone software, software suites, or as a hosted service. When working together, these tools aim to simplify the lives of professionals... (more) (more)
However...
• UC is a bigger, juicer, easier target for spies and hackers than each system individually.
• Court-ordered electronic surveillance of UC systems is easier and more productive.
• UC system breakdowns / sabotage will mean more $$$ lost than with current devices.
The products come as hardware and software combinations, stand-alone software, software suites, or as a hosted service. When working together, these tools aim to simplify the lives of professionals... (more) (more)
However...
• UC is a bigger, juicer, easier target for spies and hackers than each system individually.
• Court-ordered electronic surveillance of UC systems is easier and more productive.
• UC system breakdowns / sabotage will mean more $$$ lost than with current devices.
Sing-along! "Every single day, Every word you say, I'll be watching you."
Executives who often work on the move or in public places had better be more discreet about their business conversations and documents.
A survey in Britain and the United States, released last week, found that eavesdropping in public places was common.
Information exchanged during supposedly private business conversations were also used by others for their own advantage, according to survey findings.
Conducted by flexible work solutions provider Regus, the survey found that 67 per cent of Britons had listened in on someone else's business conversation while they were in public places.
Americans were also guilty of this act - 59 per cent of those polled did just that.
Besides eavesdropping, the habit of sneaking a peek at other people's business documents in public places, such as while on the train, was also not unheard of.
Nearly two out of five British professionals (35 per cent) and 34 per cent of Americans surveyed said they had caught sight of other people's sensitive company documents.
And the shocking thing was that 13 per cent of Britons and 19 per cent of Americans said they were able to use the information overheard for their own business purposes. (more)
A survey in Britain and the United States, released last week, found that eavesdropping in public places was common.
Information exchanged during supposedly private business conversations were also used by others for their own advantage, according to survey findings.
Conducted by flexible work solutions provider Regus, the survey found that 67 per cent of Britons had listened in on someone else's business conversation while they were in public places.
Americans were also guilty of this act - 59 per cent of those polled did just that.
Besides eavesdropping, the habit of sneaking a peek at other people's business documents in public places, such as while on the train, was also not unheard of.
Nearly two out of five British professionals (35 per cent) and 34 per cent of Americans surveyed said they had caught sight of other people's sensitive company documents.
And the shocking thing was that 13 per cent of Britons and 19 per cent of Americans said they were able to use the information overheard for their own business purposes. (more)
Larry, The IT Guy (No... make that, Spy)
Security Directors, CEOs, Chief Legal Counsels:
Immediately after you read this, make sure you have a clear, concise written policy in place detailing allowable IT behavior.
One in three IT administrators say they or one of their colleagues have used top-level admin passwords to pry into confidential or sensitive information at their workplace, according to a survey by a password-management vendor.
Nearly half also confessed that they have poked around systems for information not relevant to their jobs.
"We asked these questions last year, too," said Adam Bosnian, vice president of product strategy and sales for Cyber-Ark, a Newton, Mass.-based maker of password file security management software. "And we got similar results. So on one hand, the results weren't surprising. What was surprising initially -- and this time around, too -- is that people admit to it." (more)
Immediately after you read this, make sure you have a clear, concise written policy in place detailing allowable IT behavior.
One in three IT administrators say they or one of their colleagues have used top-level admin passwords to pry into confidential or sensitive information at their workplace, according to a survey by a password-management vendor.
Nearly half also confessed that they have poked around systems for information not relevant to their jobs.
"We asked these questions last year, too," said Adam Bosnian, vice president of product strategy and sales for Cyber-Ark, a Newton, Mass.-based maker of password file security management software. "And we got similar results. So on one hand, the results weren't surprising. What was surprising initially -- and this time around, too -- is that people admit to it." (more)
Wednesday, June 25, 2008
Remind Employees - "Don't sing!"
One in five U.S. workers regularly attends after-work drinks with co-workers, where the most common mishaps range from bad-mouthing another worker to kissing a colleague and drinking too much, according to a study... (survey conducted for CareerBuilder.com) As to what happens when the after-work drinks flow... Five percent said they had shared a secret about the company, and 4 percent confessed to singing karaoke.
Overall, 21 percent of workers attend happy hours with co-workers and, of those, nearly a quarter go at least once a month. (more)
Tuesday, June 24, 2008
Smart Spy Cameras
UK - Intelligent CCTV cameras are being developed in Britain that not only see trouble but are able to hear it, scientists said.
The technology allows the sounds of breaking glass, someone shouting, or the noise of a crowd gathering to be 'learned' by artificial intelligence software in the cameras.
The technology could slash the speed with which crimes are caught on camera and responded to by police but will again raise a debate about the extent of "surveillance Britain" and the use of such technology.
The three-year project by the University of Portsmouth aims to adapt artificial intelligence software already being developed to identify visual patterns. (more)
The technology allows the sounds of breaking glass, someone shouting, or the noise of a crowd gathering to be 'learned' by artificial intelligence software in the cameras.
The technology could slash the speed with which crimes are caught on camera and responded to by police but will again raise a debate about the extent of "surveillance Britain" and the use of such technology.
The three-year project by the University of Portsmouth aims to adapt artificial intelligence software already being developed to identify visual patterns. (more)
Amazing Spy Gear - PENCAM-15C
Better yet... A. Can you guess how little it costs?
B. Can you guess the recording time?
C. Can you guess her phone number?
Need three or more? Call the source.
Need some counterespionage help?
Call someone who knows this stuff exists, me.
Time to A-ppeal!!!
We work in The Big Apple.We see a lot of weird things;
everything from terrestrial Victorian borescopes to the Naked Cowboy.
Naked Cowboy drives to work each day between 11 and noon, in costume, with his female companion.
'Naked' parks in the same 43rd Street garage we use, jumps out and gets right to work. Doesn't matter whether it is 95 degrees and sunny, or 20 degree with snow. He is there. He makes millions smile. Want a photo with him; just stuff a buck in his boot and click away.Whattaguy! Hard working. A real Robert Lampf 'dare to be different' original.
Here is the outrage...
"A judge said a Times Square entertainer who wears just enough to justify the name the "Naked Cowboy" can continue a lawsuit he brought against a blue M&M.
Federal Judge Denny Chin in Manhattan on Monday stripped Robert Burck of some of his claims that a blue M&M wearing a white cowboy hat, cowboy boots and underpants violates his trademarks.
But the judge left intact one strand of that lawsuit. Mr. Chin said Mr. Burck might be able to prove that Mars Inc., which makes M&Ms, unfairly gave the impression that he had endorsed its advertising campaign.
For its part, Mars says the ad campaign was a parody and is protected by the First Amendment." (source)
I wonder how M&M would take it if Naked Cowboy took Big Blue, x'ed out his eyes, cracked his shell, and propped him up in a 42nd St. doorway with an empty whiskey bottle??? Parody? Art, perhaps?
Naked Cowboy will survive – and ride off into the sunset in a big black Cadillac SUV.
Go Naked.
Monday, June 23, 2008
Spying Spouses
Family law can sometimes involve “good people, behaving badly.”
That’s according to Laura W. Morgan, of Family Law Consulting in Charlottesville, Va., who offers the tale of a hypothetical client named Mary, who thinks her husband, John, is cheating on her and using marital funds to pay for his trysts. Among other tactics, Mary purchased surveillance software, popularly known as “spyware,” and installed it on a shared computer, so she could read John’s password-protected e-mails and see the Web sites he visits. She additionally took the computer to a forensic computer specialist, who made a copy of the hard drive and then found scads of evidence that could be damaging to John in a divorce.
Mary is what Morgan calls a “self-help” spouse, because she has forgone formal electronic discovery — and it was easy and fairly inexpensive for her to do that. The problem is she may have broken a few laws in the process. (more)
That’s according to Laura W. Morgan, of Family Law Consulting in Charlottesville, Va., who offers the tale of a hypothetical client named Mary, who thinks her husband, John, is cheating on her and using marital funds to pay for his trysts. Among other tactics, Mary purchased surveillance software, popularly known as “spyware,” and installed it on a shared computer, so she could read John’s password-protected e-mails and see the Web sites he visits. She additionally took the computer to a forensic computer specialist, who made a copy of the hard drive and then found scads of evidence that could be damaging to John in a divorce.
Mary is what Morgan calls a “self-help” spouse, because she has forgone formal electronic discovery — and it was easy and fairly inexpensive for her to do that. The problem is she may have broken a few laws in the process. (more)
Man Used Cell Phone to Bug Ex-girlfriend
A Swedish man has been given a suspended sentence for converting a cell phone to a bugging device to confirm his suspicions about his ex-girlfriend. A court in Hasselholm in southern Sweden also imposed a fine.
The man hid the phone behind the headboard of his girlfriend's bed, hooking up the charger to a bedside lamp. He set the phone up so, when he called it, the phone allowed him to hear what was being said in her room -- and he learned his ex- had indeed met someone else.
The court found the man's violation of his former girlfriend's privacy was so serious that a fine alone was not enough. (more)
The man hid the phone behind the headboard of his girlfriend's bed, hooking up the charger to a bedside lamp. He set the phone up so, when he called it, the phone allowed him to hear what was being said in her room -- and he learned his ex- had indeed met someone else.
The court found the man's violation of his former girlfriend's privacy was so serious that a fine alone was not enough. (more)
Open Season on Bugging Cellphones
The Geek Chorus welcomes Alan Reiter, President of Wireless Internet & Mobile Computing as he echos our warnings, in his well-written piece 'Open Season on Bugging Cellphones'...
"Silently, but with increasing frequency, government agencies and private individuals around the world are bugging cellular phones. Some of those phones are surreptitiously transmitting copies of their SMS, emails, call histories, and locations to Websites where the data may be viewed by those who have installed the clandestine software.
Most cellular subscribers don't have to worry about this happening to them, at least not yet. But anyone -- suspected criminals, spies, corporate executives, spouses, and even ex-lovers -- could be targeted. Thanks to software you can purchase over the Web, you don't have to be a secret agent to listen to cellular conversations or retrieve data transmissions.
Recently, a Swedish man was found guilty of hiding a cellular phone behind the headboard of his ex-girlfriend’s bed and remotely turning on the phone to listen to conversations..." (more)
"Silently, but with increasing frequency, government agencies and private individuals around the world are bugging cellular phones. Some of those phones are surreptitiously transmitting copies of their SMS, emails, call histories, and locations to Websites where the data may be viewed by those who have installed the clandestine software.
Most cellular subscribers don't have to worry about this happening to them, at least not yet. But anyone -- suspected criminals, spies, corporate executives, spouses, and even ex-lovers -- could be targeted. Thanks to software you can purchase over the Web, you don't have to be a secret agent to listen to cellular conversations or retrieve data transmissions.
Recently, a Swedish man was found guilty of hiding a cellular phone behind the headboard of his ex-girlfriend’s bed and remotely turning on the phone to listen to conversations..." (more)
Spy News of the Week
Sweden - "Earlier this week the Swedish stasi-government decided -- against the peoples wishes -- to wiretap all internet and telephone traffic in order to protect Sweden against threats. As you all know, being a neutral country makes Sweden a target for all the terrorists of the world, apparently," blogs one of The Pirate Bay's admins, Peter Sunde. "Many people have asked me what we're planning to do -- and the answer is 'A lot!'. This week we're going to add SSL to The Pirate Bay. We're also going to help out making a website about easy encryption -- both for your hard drives and your net traffic." (more)Germany - German incumbent Deutsche Telekom is going to get yet another scolding. German public television channel ZDF reported the former operator turned self-spying agency wire tapped a few customers. Apparently 120 calls were illegally tapped by the company, without any court order or involvement of the police. (more)
UK - Every council in England will today be instructed to stop using tough laws to spy on people over "trivial matters" such as dog-fouling and litter offences. (more)
New Zealand - A 21-year-old peeping tom has been caught spying on his female neighbour in Dunedin. The Otago University student was nabbed peering through a flat window just before 9pm yesterday. (more)
India - This year the Delhi University saw many of the "spy students" hired by private detective agencies being roped in by parents to keep an eye on their wards. However... a growing number of students are visiting detective agencies and are offering handsome amounts to them to know whether their parents have hired any "spy students", mainly girls, to keep a watch on their activities. (more)
United States - Xiaodong Sheldon Meng, 44, who was raised in China and holds Canadian citizenship, was sentenced on the rare charge of committing economic espionage against the U.S. It's the most serious crime under the Economic Espionage Act of 1996 and involves stealing trade secrets to benefit a foreign government. (more)
South Africa - The bugging devices of the former dispensation, which were used in foreign embassies in South Africa and had been planted by an espionage front company, are still being used. (more)
Switzerland - A left-wing campaign group asked Swiss authorities on Friday to investigate Swiss food and drinks giant Nestle SA for allegedly hiring a spy to infiltrate the group. A Swiss chapter of anti-globalization group Attac filed the legal complaint in Vaud canton (state), after learning that an employee of Securitas AG security company took part in its private meetings between late 2003 and June 2004... (more)
United States - US information security company Cyber-Ark surveyed 300 senior IT professionals, and found that one-third admitted to secretly snooping, while 47 per cent said they had accessed information that was not relevant to their role. (more)
Bulgaria - A man applied for a job as an industrial spy. Together with several other applicants, he was given a sealed envelope and told to take it to the fourth floor. As soon as the man was alone, he stepped into an empty hallway and opened the envelope. Inside, a message read: "You're our kind of person. Report to the fifth floor Personnel Office." (source)
SpyCam Story #451 - Cheap Thrill
A 52-year-old Long Island man has been arrested on charges of videotaping women's private body parts as they shopped at a dollar store. Nassau County police say the man followed unsuspecting women around the store in Baldwin and placed a camcorder under their clothing. (more)
Perhaps he was also shopping for DSPM parts?
Perhaps he was also shopping for DSPM parts?
Sunday, June 22, 2008
Corporate Espionage Detailed in Documents
It is rare to see hard evidence of corporate espionage.Well-executed corporate espionage goes undetected.
This is unusual...
In the 1990s, a Maryland-based private detective agency composed of former CIA agents and law enforcement officers spied...
The agency, Beckett Brown International, had an operative at meetings of a group in Rockville that accused a nursing home of substandard care. In Louisiana, it kept tabs on environmental activists after a chemical spill. In Washington, it spied on food safety activists who had found taco shells made with genetically modified corn not approved for human consumption.
BBI, which was founded in 1995, disbanded in 2000, and the activists might never have learned they were spied on. But a disgruntled BBI investor began digging through company records two years ago and has been contacting the former targets. He also gave The Washington Post access to the records, which provide an unusually detailed look into the secretive world of corporate spying.
Not all of BBI's work targeted activists: Lysol wanted details of a New Jersey high school student's science fair project about cleaning products. Mary Kay executives sought a secret "psychological assessment" of a fellow executive. A consultant working for Nestlé wanted information about rivals Mars and Whetstone Candy...
An undercover operative not identified in the documents was named to the governing board of CLEAN. "I will be in the 'inner circle' and included in all the planning meetings," he wrote in an e-mail.
The operative reported on meetings held at the law office after business hours and on private conversations about lawsuits, one of which took place in a parking lot because of concern that meeting rooms were bugged. (more)
Now you know why eavesdropping and espionage detection is part of every good corporate security program.
Saturday, June 21, 2008
Electronic Surveillance Law Updates
U.S. - The House yesterday easily approved a compromise bill setting new electronic surveillance rules that effectively shield telecommunications companies from lawsuits arising from the government's terrorism-era warrantless eavesdropping on phone and computer lines in this country.The bill, which was passed on a 293-129 vote, does more than just protect the telecoms. The update to the 30-year-old Foreign Intelligence Surveillance Act is an attempt to balance privacy rights with the government's responsibility to protect the country against attack, taking into account changes in telecommunications technologies.
The House's passage of the FISA Amendment bill marks the beginning of the end to a months long standoff between Democrats and Republicans about the rules for government wiretapping inside the United States. The Senate was expected to pass the bill with a large margin, perhaps as soon as next week, before Congress takes a break during the week of the Fourth of July. (more)
Sweden - Sweden's parliament has approved controversial new laws allowing authorities to spy on cross-border e-mail and telephone traffic. The country's intelligence bureau will be able to scan international calls, faxes and e-mails. ...The bill will become law in January. (more)
How Legal Wiretapping Works in the U.S.
The days of sitting in a basement, monitoring a line, using your Audiotechnics pocket 'buttset' with alligator clips is over. G-people now sit at computers in their air-conditioned offices. The process was simply explained, by arlene, in this post..."CALEA requires that communications providers allow law enforcement officials to be able to listen in on phone conversations and get information about those phone calls, but only when the law enforcement agency has gotten approval for the tap.
The law enforcement agency goes before a judge and presents reasons a wiretap is needed. If the judge approves, a legal document or order is delivered to the communications provider.
A specially authorized person at the communications provider logs in to a system specifically set up for CALEA-approved wiretaps. A number of systems are sold by various manufacturers, but all of them tap into the routers and switches that make up telecommunications networks.
All calls on the communications network are routed digitally over switches and routers. The system used for taps connects to a central point in the network, over which all communications travel.
The tapping system captures two primary pieces of information about the call—the actual voice transmission itself (often referred to as call content information [CCC]) and data associated with each call, such as the phone numbers at both ends of the call (often referred to as call associated data [CDC]).
The CCC and the CDC information are sent over special secure routers to the law enforcement agency.
The Federal Communications Commission has ruled that PC-to-PC calls, when a call is made directly from one computer to another over the Internet using Voice over Internet Protocol (VoIP) software such as Skype, is subject to CALEA. But as of this writing, no technical way has been devised to tap in to those calls." (source)
Subscribe to:
Posts (Atom)