Security Director Alert - E-data Disposal

Stories like this one pop up with unusual regularity, but this one hits close to home...

There was a story today in the New York Times about New Jersey State Comptroller Matthew Boxer's discovery during an audit of surplus state computers slated for auction that 79% of them still had readily accessible information on their hard drives.

Information was found on 46 of the 58 computers scheduled to be sold, and on 32 of those 46, the information found was highly personal in nature that should have never been made public.

For instance, one computer - a laptop - had been used by a judge, and "contained confidential memos the judge had written about possible misconduct by two lawyers, and the emotional problems of a third," the Times article stated. Personal financial information about the judge, including tax returns, were also found on the laptop. (more) (video about photocopier drives)

Questions to ask...
What happens to my company's old hard drives? (sold, auctioned, recycled, returner to lessor, donated)

Do I even know where all of them are? (desktops, laptops, photocopy print centers, tablets)

What about other old media? (old floppies, CDs, DVDs, smart cell phones, x-rays, videotapes, product samples, prototypes, old promotional materials)

Tip: This is not the IT department's job. It's a security issue. It's security's job. "Erasing" "degaussing" and even "smashing" is not good enough to protect the most sensitive information. Keep your hard drives. Give the leasing company the money for a new one. Then crosscut shred your e-media. (Hey, you do it for your sensitive waste paper.)

I was talking to Kevin Kane and Jason Moorhouse, two sharp guys from the Shredit company, yesterday and learned that they operate globally and have shredders that can even handle old refrigerators! 

In case you need an additional reason to shred e-media, I also learned that non-compliance with HIPPA regulations, for example, can bring heavy fines and even jail time. So, gather your junkers and clunkers and find someone (I don't care who) to shred it. ~Kevin

Spying... A dirty job, but something has to do it...

Computer translated from Korean...

"Samsung Electronics, along with cleaning and video search feature in a robot vacuum cleaner with a home video 'taenggobyu (VC-RL87W)' introduced. Tango view when the cleaning is used for localization and imaging using a camera, and external cleaning can be monitored in the interior. Using a PC or a smartphone and a PC remote control from outside the voice over the microphone is also available. Equipped with lighting in a dark room is available in an emergency, you can always respond quickly." (more)

Apparently you can play Whack-A-Dust Bunny with this from work (or any Wi-Fi hot spot). Once you've cleaned up your OK-corral you can then creep up on your kids and see if they are really doing their homework. If not, use the 'voice over microphone' feature to Ra-parent the situation. FutureWatch... Someone will stash one under their boyfriend's couch for night patrol "is he cheating on me" reconnaissance. Why there? Because no guy ever cleans under their couch.

The Case of the Managers Who Talked Too Much

IA - Some employees at a medical clinic in Iowa claimed a supervisor used a baby monitor to eavesdrop on them. According to a labor representative for the University of Iowa medical clinic employees, workers found the monitor sitting on a shelf near the reception area...

"If that monitor was there for even one day, that's the potential for 100 HIPPA violations if that thing was being monitored the whole time, and that's pretty egregious," said union rep Jon Stellmach.

Managers of the office say the monitor was used to see if staff members were talking too much. (D'oh!)

The supervisors say the monitor was removed after workers complained, and University of Iowa officials say the case is being handled by the human resources department. (more)

Disposable Endoscope - 1 Cubic MM - World's Tinest Spycam?

Germany - Tiny video cameras mounted on the end of long thin fiber optic cables, commonly known as endoscopes, have proven invaluable to doctors and researchers wishing to peer inside the human body. Endoscopes can be rather pricey, however, and like anything else that gets put inside peoples' bodies, need to be sanitized after each use. A newly-developed type of endoscope is claimed to address those drawbacks by being so inexpensive to produce that it can be thrown away after each use. Not only that, but it also features what is likely the world's smallest complete video camera, which is just one cubic millimeter in size.
 
The prototype endoscope was designed at Germany's Fraunhofer Institute for Reliability and Microintegration, in collaboration with Awaiba GmbH and the Fraunhofer Institute for Applied Optics and Precision Engineering. ...They hope to bring the device to market next year. (more)

U.S. 'may' enact a Privacy Bill of Rights

FutureWatch - The Obama administration plans to ask Congress Wednesday to pass a "privacy bill of rights" to protect Americans from intrusive data gathering, amid growing concern about the tracking and targeting of Internet users. (more)

"...and what about the 18 second flatulence gap?"

GA - A Clayton County Grand Jury meets Wednesday to hear charges against a sheriff's deputy accused of making a recording of another employee in the restroom.

The District Attorney's Office is bringing a proposed indictment charging Sheriff's Deputy and Public Information Officer Alicia Parkes with unlawfully eavesdropping on the job. Parkes is alleged to have made a recording with her cell phone of a co-worker in the bathroom. A half-dozen witnesses are expected to testify. (more)

HBO Announces Cold War Drama with ‘80s Spy Series ‘Reds’

HBO has announced it is developing a new series tentatively titled Reds, inspired by the real-life occurrence of a KGB sleeper agent infiltrating the United States during the 1980s.

The series will be drawn from an encounter writer/director Martyn Burke had while filming a documentary across the United States in the early part of the decade. Unknown to Burke, and the rest of his crew, the soundman they were all working with was actually a colonel in the KGB. Before being found out, the Soviet spy managed to successfully establish a base of operations just outside New York City, and sought to conceal his true identity further by trying to start and raise a family. (more)

Pakistan frees CIA spy charged with murder

Raymond Davis, the CIA spy charged with murder in Pakistan, has been freed after the families of two dead men agreed to drop charges in exchange for financial compensation. (more)

How not to handle your surly survant problems in Maryland...

More bad neighbors.

MD - A 42-year-old city woman accused of recording private conversations of employees at a Salisbury apartment complex has been charged on a warrant for wiretapping.

Cassandra Denise Baytops was arrested in connection with an alleged January wiretapping incident, according to the Salisbury Police Department. An investigation revealed that the suspect made both video and audio recordings of conversations by the victims, then presented the data to another apartment complex employee, police said. Baytops was charged with four counts of wiretapping, then jailed at the Wicomico County Detention Center. Bond was not determined. (more)

Maryland state law requires that all parties to a recording consent to being recorded.

Dom, Le Espion... or, "The guard probably did it."

France - A security agent for Renault has been charged with fraud and accused of inventing industrial espionage claims that led the French carmaker to wrongly suspect — and suspend — three executives, the state prosecutor said Monday...

Preliminary charges of "organized fraud" were filed Sunday against Dominique Gevrey, once employed by the Defense Ministry intelligence service and now a member of Renault's security service, prosecutor Jean-Claude Marin told reporters Monday.

Gevrey had been detained Friday at Paris' Charles de Gaulle airport as he prepared to board a flight for Guinea, and has since been jailed. (more)

FutureWatch - Let insurer spy on driving, get a discount

“Romper, bomper, stomper, boo.
Tell me, tell me, tell me do.
Magic Mirror, tell me today.
Did all my friends have fun today?”

More auto insurers are rolling out programs offering discounts to drivers who let the company electronically spy on their driving habits.

Progressive, one of the nation's largest auto insurers, today launches a nationwide ad campaign for its "Snapshot" program, in which drivers can elect to install a small data recorder in their cars that tracks how hard they brake, how far they drive and whether it's day or night driving. Based on the results, drivers can save up to 30 percent on their insurance. Average savings: $150 a year.

Progressive is one of a growing list of insurers with discounts for monitoring:
• Allstate. The Drive Wise program begun last year in Illinois will expand to other states.
• GMAC. Only total mileage is tracked - up to 54 percent off - drive fewer than 2,500 miles a year.
• State Farm. Mileage also is tallied via OnStar mileage for its "Drive Safe & Save" plan in California and Ohio. Texas will be added next month, Illinois later this year.

Although the programs are voluntary, they've raised the eyebrows of privacy advocates. One worry is that the insurers eventually will make the monitoring mandatory. (more)

Lyon May Put Teeth into CA Video Voyeurism Law

CA - Michael Lyon pled guilty today to what he called “criminal conduct which was selfish, impulsive and wrong.” In a deal with prosecutors, he admitted to four counts of felony electronic eavesdropping.

He was arrested last November for videotaping prostitutes in his home without their knowledge. As part of his plea deal, Lyon will have to spend a year in the custody of Sacramento County, but there is a good chance he will be placed in home detention, with an electronic monitoring device attached to his ankle. (more)

Lyon case spurs effort to tighten state's video voyeurism law
Lyons' ugly divorce battle takes a new twist

No, I'm not Mr. Rogers. I'm Mr. Rivard, your neighbor.

MI - The trial for a man who police said broke into his neighbor’s home 10 times over a four-month period continues. Paul Rivard, 36, is also accused of planting a baby monitor in the bedroom of his neighbor’s home to eavesdrop on them. Authorities said he also rearranged items in their home and torched their clothes... If Rivard is convicted, this incident will not be his first home invasion. State prison records show the 36-year-old was paroled in late 2008 after serving 10 years for second-degree home invasion. (more with video)

SpyCam Story #604 - 44 Regrets?!?!

UK - A peeping tom who hid a spy camera in a teddy bear and recorded a woman in a state of undress has walked free from court. Voyeur Paul Littlewood’s secret recordings only came to light after he sexually assaulted his victim by touching her breast over her T-shirt... Prosecutor Sue Jacobs said that was examined and found to contain 612 movie files of which 44 appeared to be taken by either a webcam or a spycam and showed a woman in various stages of undress.

The court heard that Littlewood told police that he had hidden a camera inside a teddy bear but “regretted it straight away” and subsequently destroyed the camera. (more)

From Android to spyDroid in just 299 Cents

A non-stealth mobile phone spy app...

Secret Spy will send you an email with your phone's location, a picture from the camera, call logs, text Messaging logs, and the visited web page history, on demand.

T-shirt extra.

Secret Spy checks your Gmail account every few minutes and waits for you to send yourself a blank email from that same account. When Secret Spy gets that email, it activates and wakes up the phone, takes a picture, and sends that picture along with the phone's logs to your Gmail email address...

Secret Spy does not try to hide itself on the phone. It DOES show up as an entry in your application list. It is only meant for legal uses such as wildlife photography, or for monitoring your house's security. (more) (T-shirt)

From iPhone to Video spyPhone in just 299 Cents

A revamped iPhone videography app from Mirage Labs is crammed so full of features that the developer is promoting it as "the Swiss Army knife of camcorders." Among those militaristic attributes: a "spy cam" setting that lets users make surreptitious recordings.

MultiCorder 2.0, formerly known as Flexicorder, debuted Wednesday in the iOS App Store. The new spy mode lets users select a picture from their photo library to display on screen while making the secret video; a finger swipe up or down the screen automatically ends the recording. (more)

Security Directors: FREE Security White Paper - "Surreptitious Workplace Recording ...and what you can do about it."   

The Giant Ants of Atlanta Meet The Big Bees of Melbourne

The recent post about Uncle Milton's ant farm colonies, complete with The Giant Ants of Atlanta, 

echoed around the world and brought us The Big Bees of Melbourne, from a reader with a sense of humor. 

Very cool! 

Thank you.

Security Director Alert: Tiny GPS Tracker with Real-Time Reporting

Keep track of top executives as they travel. Bonus: SOS button. 

TrackingTheWorld's newest portable real-time GPS tracking device is the WorldTracker Enduro Pro... offers improved GPS sensitivity, and up to 60 day battery life.

Throughout our (GPS Magazine) testing, Enduro Pro's performance was outstanding. The device provided reliable real-time tracking, even in challenging environments, and in areas of marginal cellular coverage.

The Bottom Line
• Exceptional accuracy and battery life
• Small enough to be carried by a child, powerful enough to be used by law enforcement
• Works in extreme weather conditions (-40° to 185°F), IPX-5 Water Resistant
• GeoFencing

• Speed reporting

• SOS / Panic button
• Priced under $200, plus monthly service

Once fully charged, the Enduro Pro can last up to 60 days on a single charge (that estimate is based on updates every 2 hours, and little motion. When set to update more frequently, such as every 2 minutes, battery life drops to a still-impressive 2 weeks on average). 

Location Reports

Reports are accessed via TrackingTheWorld.com. Maps can be viewed as Road view, Aerial view, or Hybrid (Road & Aerial). The map can be zoomed in or out, and panned by dragging the mouse around or using the pan/zoom control in the upper-left corner of the screen.

Tabs along the right side of the map screen allow you to view historical location data for previous days/months, as well as access driving reports, configure GeoFence alerts, and set how frequently Enduro Pro should send location updates (less frequent updates = longer battery life).

Click to enlarge.

The breadcrumbing feature allows you to see where the device has been throughout a given day, as well as the direction of travel and speed the device was traveling. (more)

Bump.com - License Plate Tag or Public Branding

Bump.com, an online start-up, is creating a way for people to ping each other using their license plates. The company’s founder, Mitch Thrower, compares the service to online coupon and location-sharing sites — with one exception. “It’s like a Groupon or Foursquare that you can’t turn off,” he says.

You can’t turn it off because the service will capture your license plate whether you like it or not. But to receive virtual fist-shaking, finger-pointing, or flirty messages from fellow motorists, or the “special offers” from merchants that Thrower hopes will pay his company for access to your in-box, you actually do have to sign up and identify yourself as the owner of your license plate.

The service works by using images of license plates snapped by other people using their cell phone cameras, or by license plate numbers people can send via telephone, a special email address, or a smartphone app. The company has already captured more than 250,000 license plates from a combination of messages sent by beta testers and publicly-available video feeds like cameras at toll booths, according to Thrower.

The site will officially launch at the SXSW festival in Austin, Texas, next week. (more)

Where Does the Government Go Shopping for Security?

Spy-Mart?

No.

GovSec - The government security conference and expo in Washington, DC., March 29-31.

"GovSec will help you identify and examine the security concerns of our nation's key assets and essential services. Learn about the critical strategies and solutions to best secure these resources, including new technologies, physical resources, and risk assessment!" 

In addition to the educational aspect of the conference, the real fun is the expo where you get to see all the latest technology!

"Thousands of cutting-edge systems, tools and technologies preventing future incidents, preparing for and responding to hazards and disasters, and ensuring public safety, showcased by top solution providers."

This is where American ingenuity really shines. Catch it if you can, especially if your company needs government-level security. (more)

Yet Another Celebrity Open Mike Faux Pas

(yawn) Charlie Sheen, again...

15 minutes before Tuesday's Sheen's Korner, the audio feed came on. It sounded like static at first -- but you can clearly hear Sheen rehearsing with his crew and Teleprompter. Near the end you'll also hear some last-minute editing as he decides how to skewer producer Chuck Lorre without sounding anti-Semitic. (more)

The point...

Always assume the mike is on. 

One of the worst cases I witnessed was a corporate executive waiting to take the stage. He was wearing a wireless microphone and headed to the bathroom where he met another executive. Neither realized the mike was transmitting to the control booth; it was just not being pumped to the auditorium speakers yet. Some important guests in the control booth area heard every word. The conversation (not to mention the bodily noises) led to a very embarrassing public apology made during the man's speech.

(Updates) SpyCam Man and the Expensive Teddy Bear

Two neighboring states.

Two children involved.

Two types of justice.

Fair and equal?

You decide...

KS - A Saline County man was sentenced to probation Tuesday, after admitting he used hidden cameras to secretly videotape family members. The sentence was on charges of sexual exploitation of a child and eavesdropping... The man lived at the home with his wife, stepdaughter and step-granddaughter, said his attorney. (more)

Probation?!?!

NE - Digital recording tools are so cheap and simple to use that it's easy to deploy them without thinking through the consequences. A Nebraska mother and grandfather found this out the hard way last month when they were hit with a combined $120,000 penalty for wiretapping after sticking an audio recorder inside a young girl's favorite teddy bear.

Though the mother claimed only to be concerned with her child's welfare, the judge found that the indiscriminate use of the recording device had violated the privacy of numerous people, each of whom were entitled to $10,000. (more)

China to Track 17 Million Cellphone Users

China said it may begin tracking cellphone users in Beijing through location technology it hopes will help city authorities better manage traffic. But the announcement also sparked fresh concerns that the government may be using mobile technology to surveil its residents.

In an announcement, made through Beijing's Municipal People's Government Web site, the Chinese government said it would track 17 million cellphone users in Beijing through location technology to "publish real-time dynamic information to ease congestion and improve the efficiency of public travel."

Beijing is notorious for its traffic congestion. Last August, a 60-mile jam into the capital city lasted nine days. (more)

P.S. You can see a similar use of tracking technology; it's used on Google Maps (click on the traffic view). (How it works.)

Meanwhile, outside the Tap Cave...

Turkey - A plan to install flood-prevention sensors in southeastern Turkey has prompted a panic among local residents, who became convinced that the devices in street lamps and on roofs would actually wiretap the entire city.

Speculation about the devices began to circulate in Batman province... Amid rising paranoia in Turkey, the gossip mill in Batman quickly turned the story into a more sinister one. The rumor that the city’s street lamps and roofs were full of wiretapping gadgets listening in on all of its residents’ conversations was picked up by TV stations and online news sites, creating a furor. (more)

In past news...
The mayor of an oil-producing city in southeastern Turkey, which has the same name as the Caped Crusader, is suing helmer Christopher Nolan and Warner Bros. for royalties from mega-grosser "The Dark Knight."

Huseyin Kalkan, the pro-Kurdish Democratic Society Party mayor of Batman, has accused "The Dark Knight" producers of using the city's name without permission.

"There is only one Batman in the world," Kalkan said. "The American producers used the name of our city without informing us." (more)

Old West Security Sensibility - "Drop it, pard'ner."

Wells Fargo's IT group has a simple answer for employees who want to hook personal devices up to corporate systems: No.

"They can't connect them to our networks," says Wayne Mekjian, executive vice president and CIO of information services at Wells Fargo. "We won't let them in."

The "just say no" policy applies to Apple iPads, Android tablets and smartphones owned by employees. The company also has strict policies regarding use of Twitter and Facebook, making the sites off-limits to many. Wells Fargo does, however, supply employees with corporate-approved smartphones, and a limited deployment of iPads that can connect to e-mail and other corporate systems. (more)