Update: Lyon Realty former CEO begins jail sentence

Michael Lyon, the former CEO of Lyon Real Estate, began serving a jail sentence Saturday after pleading guilty to felony eavesdropping... Under a plea agreement with the Sacramento County District Attorney's Office, Lyon was sentenced to one year in county jail followed by four years of formal probation. Lyon is serving time at Rio Cosumnes Correctional Center. According to the booking record, his scheduled release is Nov. 4, 2011. (more)

Abbottabad - How did they do it?

Revelations that American spies monitored Osama bin Laden from a safehouse for months before last Sunday's special forces raid have caused further consternation inside Pakistan, where the military is already fighting angry criticism.

CIA agents sequestered in a rented house conducted extensive surveillance on Bin Laden's hideout using an arsenal of high-tech surveillance equipment including telephoto lenses, eavesdropping equipment and radars to detect possible escape tunnels. (more)

One More Step Closer to Mind Eavesdropping

Less spooky than it sounds, but a concept which could be applied to more than just Hello Kitty ears...

(Japanese English from their web site.)

People think that our body has limitation, however just imagine if we have organs that doesn’t exist, moreover we can control that new body? We created new human’s organs that use brain wave sensor. (more)

---

“Neurowear” has developed a product called “necomimi” which takes brain signals from our emotions and turns them into visible actions rendering them in the form of wiggling cat ears.

Advertising it as a new communication tool that “augments the human body and ability”, the website introduces the product as a fashion item and gadget that uses brainwaves and other biosensors. Designed obviously for the cutesy Japanese market with its cat ear shape (neco and mimi being the words for cat and ear) the ears mimic a cat’s ears as they wiggle and rise with the wearers emotional state, for example rising in anticipation of eating a delicious cookie, or drop down when relaxed. (more)

Ok, stop laughing. Can't you see a version of this being mandated in classrooms so teachers can tell at a glance who's not paying attention? :)

Company Customer Database Hacked? Kicker... it's a password company!

Password management system LastPass has reset users' master passwords (1.25 million of them according to security expert Brian Krebs) as a precaution following the discovery of a possible hack attack against its systems...

The worst case scenario is that miscreants might have swiped password hashes, a development that leaves users who selected easier-to-guess passphrases at risk of brute-force dictionary attacks. Once uncovered, these login credentials might be used to obtain access to all the login credentials stored through the service, as LastPass explains in a blog post. (more)

World's Smallest Video Camera - Less than 1mm in diameter!

Medigus has developed the world's smallest video camera at just 0.039-inches (0.99 mm) in diameter. The Israeli company's second-gen model (a 1.2 mm / 0.047-inch diameter camera was unveiled in 2009) has a dedicated 0.66x0.66 mm CMOS sensor from TowerJazz that captures images at 45K resolution (approximately 220 x 220 pixels) and no, it's not destined for use in tiny mobile phones or covert surveillance devices, instead the camera is designed for medical endoscopic procedures in hard to reach regions of the human anatomy. (more)

Computer Store Caught Spyware Bugging Computer They Sold

A computer rental store has been caught spying on customers through their webcams, court papers reveal.
 

Rental chain Aaron’s installed secret software on laptops that let it track the keystrokes, screenshots and even webcam images of clients as they used their computers at home, it is claimed.
 

Under surveillance: Rental chain Aaron's is alleged to have installed secret spying software on laptops that let it take photos of customers at home

A Wyoming couple are suing the rental giant, which has 1,679 stores, for breach of privacy after they discovered covert images taken of them using their rented laptop.

Court papers allege that Aaron’s told police that they install the software on all their rental computers.
 

Brian and Crystal Byrd learned that snooping software had been installed on their laptop when an Aaron’s store manager came to their home and wrongly accused them of not paying for the computer.

The manager tried to repossess the laptop and showed them a picture of Mr Byrd using the computer, which had been taken by the machine’s webcam. (more)

Spybusters.com History Page Now Assigned Reading at Harvard

(You know you are in a tough course at Harvard when your professor uses his initials as his email address.)

Scott O. Bradner teaches Security, Privacy, and Usability (CSCI E-170) at Harvard University. One of his reading assignments for this Spring 2011 course is a history I compiled about The Great Seal Bug. I am honored. 

Hey, does this mean I can say I am a teaching assistant at Harvard!? Probably not, but if you like bugs, spies and government espionage, this fascinating story really is a must read. It starts off like this...

"In 1946, Soviet school children presented a two foot wooden replica of the Great Seal of the United States to Ambassador Averell Harriman. The Ambassador hung the seal in his office in Spaso House (Ambassador's residence). 

During George F. Kennan's ambassadorship in 1952 (six years later!), a secret technical surveillance countermeasures (TSCM) inspection discovered that the seal contained a microphone and a resonant cavity which could be stimulated from an outside radio signal." (more)

360º Video Surveillance: Cool... on an iPhone 4, VERY COOL!

Watch the video first.
Use your mouse to move what you see to the left or right.

"The GoPano micro is a lens for the iPhone 4 to make 360º panoramic videos! Just snap the lens to your iPhone 4 and press record to make cool interactive 360º videos. Use it to record all the action of your favorite sport, record your next meeting in 360º or just as a fun toy for the summer.

The GoPano micro will record everything around you simultaneously. You can go back to the recorded video and choose to view any perspective, any angle at any point in time. The GoPano app allows you to upload your 360º video onto our web platform and share 360º videos with your friends. You can watch 360º videos uploaded by others in the app or on the web site. (the GoPano lens records everything simultaneously and not just the scene on the screen, you can pan & zoom in/out anywhere in your recorded video)."

Now, imagine the uses for this in the security field.

• Surveillance - Set it and forget it.

• Technical Surveillance (TS) - Comparison of room items and locations upon completion of installations.

• Technical Surveillance Countermeasures (TSCM) - Comparison of room items and locations upon re-inspection.

• Crime scene documentation.

• Event management documentation.

You get the idea and I am sure you can come up with more.

Problem... You can't buy a GoPano for your iPhone 4, yet. But you can help this project get off the ground for a $50. contribution and get one free once they are manufactured. (more)

SpyCam Story #608 - SpyCam to the Rescue!

The state has revoked a Delaware County nursing-care facility's license following the arrest this month of three workers on allegations that they abused a patient...

The three "care managers" were charged with taunting and physically abusing Lois McCallister, a 78-year-old dementia patient, for 12 minutes and blocking her door when she tried to escape.

McCallister's family contacted Quadrangle administrators in March after she complained of being punched and slapped, but said they were told the allegations were products of McCallister's dementia. The relatives then installed a camera disguised as a clock in her room and turned over the resulting video to Haverford police. (more)

Mclay Surveillance Hat Trick Caps Happy Meal Romance

Perth, Australia - An Alfred Cove man alleged to have stalked his estranged partner and planted bugging devices in her home and in her car will fight charges against him.

Dougal John Mclay, 53, has been charged with one count of stalking his 40-year-old former partner over an 18-month period. Mr Mclay was in a relationship with the woman for several years before it ended in mid-2010.

It is alleged that Mr Mclay installed listening devices and recording devices in the woman’s home and that he placed a GPS tracker in her car and in her mobile phone. (more)

Hi-Tech Surveillance Plus Old-Fashioned Intelligence Work Found Osama Bin Laden

Sept. 11 accelerated a shift to personal tracking that culminated last week when U.S. Navy SEALs gunned down Osama bin Laden in his Pakistani compound. Over the last decade, technologies that monitored phone calls, engaged in complex computer searches and provided constant drone surveillance isolated, disabled, and finally found the world's most wanted man.

More than simply finding bin Laden, advanced surveillance technology boxed in the al-Qaida leader. He knew that the U.S. could track his phone calls, watch his Internet traffic and follow his movements, so he avoided electronic communication and travel at all costs. That fear of technology turned bin Laden into a stationary target, and led him to create of a compound whose absence of incoming phone lines actually made it easier to identify...

Computer power has increased so substantially that the U.S. National Security Agency can -- and does -- search nearly all of the world's phone and email traffic for specific keywords, said John Pike, director of GlobalSecurity.org and an expert on defense technology and policy. When not listening, the U.S watches. Drone aircraft fill the sky by the hundreds, allowing American intelligence officers to follow targets of interest on a camera feed every minute of every day, Pike told InnovationNewsDaily. Some even credit a specially designed persistent camera system called "Gorgon Stare" for single-handedly reducing the scale of violence in Iraq.

The advances in computer and drone technology have also drastically reduced the cost of running wiretapping and airborne surveillance every hour of every day. The intelligence aspect of the operation that finally found bin Laden likely only cost a few million dollars, Pike said, a cost far below the expense of a single day of combat in Iraq or Afghanistan.

When combined, these two technologies allow intelligence officials to take the classic police procedures of wiretapping and stake outs and expand both to a global reach.

"Persistent surveillance [by drone aircraft], in particular, is the modern equivalent of good old- fashioned police work," Pike said. "It's a stakeout, isn't it? In the good old days, you'd park across the street and order in pizza. Well, the drone doesn’t need pizza." (more)

How Businesses Keep Their Secrets Secret

Corporate espionage is becoming more common, with bribery and bugging playing a large part in businesses keeping up with their competition.

Eavesdropping on a rival is expensive, but trying to prevent it can cost even more.  

The BBC's Joe Lynam spoke to Andy Williams, head of security for banking firm Nomura, and Crispin Sturrock from the WhiteRock, which works to prevent corporate espionage. (video) 

Many companies in the U.S. offer similar Technical Surveillance Countermeasures (TSCM) services. Unfortunately, most are not providing the level of service shown here. If you need a referral to a competent business counterespionage specialist, contact me directly.

Note to U.S. Navy Seals

You rock!

THANK YOU

Note to CIA

You rock!

THANK YOU

The 12 Step Program to Securing Your Life

Nick Mediati, of PCWorld has written a good security article with very practical advice. The summary of tips appears below, but click (more) to read the full details for each item.

Being Security Scrapbook readers, you probably already know, or have done, all of them. 

I thought so until I hit #12. It had been a while decades, so I checked. Surprise, everything financial was correct, but they listed me as being employed by a company I had never heard of. Hummm. Should I correct it, or use it as a cover for my real work?

Secure Your Life in 12 Steps

1. Use Virtual Credit Card Numbers to Shop Online
2. Secure Your Wi-Fi
3. Encrypt Your Hard Drives
4. Keep Your Software Up-to-Date
5. Upgrade to the Latest Antivirus Software
6. Lock Down Your Smartphone
7. Install a Link-Checker Plug-In
8. Don't Neglect Physical Security
9. HTTPS Is Your Friend
10. Avoid Public Computers and Wi-Fi
11. Be Password Smart
12. Check Your Credit Report Each Year...

If you are a U.S. citizen, you're entitled to receive one free credit report every 12 months from each of the three major credit agencies--Equifax, Experian, and TransUnion--via AnnualCreditReport.com.  (more)

SpyCam Story #607 - Skyped

 Australia - Two cadets from the Australian Defence Force Academy (ADFA) have faced court over allegations they secretly filmed a female cadet having sex and broadcast it over the internet.

Police arrested Daniel McDonald, 19, and Dylan De Blaquiere, 18, early this morning...

The 18-year-old said she had consensual sex with another first-year cadet but it was transmitted via Skype to six cadets in another room without her knowledge. She said still photos were also taken and "then distributed to other people". (more)

"Is My Cell Phone Bugged?" - Urgent Reader Update

In the book, Is My Cell Phone Bugged? (just available this week), the chapter Spyware Scams, Misleading Notions & “Experts” warns readers about people who are taking advantage of them. This update is about a new scam.

Summary: Phoney anti-virus program attacks cell phone. Scam'er makes money.

via CA Security Advisory Research...

"We have seen countless number of rogue security products for Windows platform however this one is targeted to trick mobile users.

The sample masquerades itself as a certain AV (a bogus Kaspersky anti-virus program) for mobile and always reports that it has identified two threats in the mobile and pretends that it has encountered an error while trying to cure. It provides the users an error code as a reference token of the error scenario.

This sample is supposedly spread by some social engineering tricks where the users would have been provided with support numbers/email id to contact to resolve these error codes displayed in screen 5. This info was missing to conclude how the malware authors were actually getting the money.

As mentioned in our earlier blogs, the best defense against such social engineering tricks is the education of users coupled with a mobile security solution. With the exponential growth of the smart phone market, it is expected such kind of threats will be growing proportionately.

We advise users to exercise basic security principles while surfing and be skeptical of free downloads, and as always keep your security products up to date." (more)

Is My Cell Phone Bugged? comes with free updates. For now, the updates will be posted here. Eventually they will only be available to purchasers, via private email.

This Shourd ain't Tourin' in the Middle-East

Iran wants Sarah Shourd, one of three Americans arrested in 2009 on spying charges, to return from the United States to stand trial in May, her lawyer was quoted as saying on Tuesday.

Sarah Shourd was released on $500,000 bail last September while her two male companions, Shane Bauer and Josh Fattal, remain in jail in Tehran. (more)

Wiretap Whistleblower - Off the Hook

 The Justice Department has dropped its investigation into a former department attorney who tipped off the media about the Bush administration's warrantless eavesdropping program.

The department informed Thomas Tamm's attorneys that he will not be prosecuted for the leak that then-President George W. Bush called a breach of national security.

Tamm has said he called The New York Times about the program because it "didn't smell right" and he thought the public had a right to know. (more)

NSA Whistleblower - On the Hook

Closed hearings are being held this week ahead of the trial of a former National Security Agency employee accused of mishandling classified information.

Thomas Drake is charged with violating espionage laws without being accused of spying. Instead, he's accused of shredding documents, deleting files from his computer and lying to investigators. Supporters claim he's being punished for blowing the whistle on inefficiencies and mismanagement at the NSA. (more)

SpyCam Story #606 - The Power of One SpyCam

It's a hammer.

The price of cattle market futures seem to have dropped in response to last week’s release of a whistleblower video documenting severe abuse of dairy calves at E6 Cattle Company in Hart, Texas, according to Reuters and the Wall Street Journal...

The Wall Street Journal’s Lester Aldrich wrote, “The video, which has been posted to the internet, pressured live-cattle futures on the Chicago Mercantile Exchange. Traders were concerned its graphic nature would cause a pullback in consumer demand for beef…  

The video helped to push June futures down 1.3% to $1.1565 a pound after the contract hit a two-week high earlier in the trading day.” (more) (disturbing video)

Sony Shuts Down Online PlayStation Network - Personal Data Hacked

Sony Corp. said a hacker has obtained customer information, potentially including credit-card numbers, for the 77 million members of its online PlayStation Network, which has forced the company to take down its service.

The Japanese electronics giant said it has informed PlayStation Network customers that personal information—including names, addresses, billing history and birthdays—was obtained by an "unauthorized person" following a hacking attack that caused Sony to shut down its Internet gaming service last week. Sony said customer credit-card numbers may also have been compromised.

The Japanese game maker said it has hired a security firm to conduct an investigation into what happened. In the mean time, Sony said it expects to restore its Internet gaming service within a week. (more)

Competitive Intelligence - Made to Sound Nasty

Rumors. Inside dirt. Gossip.

Let’s just say you have your sources—moles on the floor of the NYSE, guys who know guys, a certain colonel who’s worked his way up the ranks of Russian intelligence.

And, of course, a little up-and-comer called Facebook.

Which brings us to ContentAide, a new service devoted to spying on the Facebook pages of your enemies, online now. (more)

Brain Sucking Cell Phone Spider

The "Universal Forensic Extraction Device" sounds like the perfect cell phone snooping gadget.

Its maker, Israel-based Cellebrite, says it can copy all the content in a cell phone -- including contacts, text messages, call history, and pictures -- within a few minutes. Even deleted texts and other data can be restored by UFED 2.0, the latest version of the product, it says.

And it really is a universal tool. The firm says UFED works with 3,000 cell phone models, representing 95 percent of the handset market. Coming soon, the firm says on its website: "Additional major breakthroughs, including comprehensive iPhone physical solution; Android physical support – allowing bypassing of user lock code, (Windows Phone) support, and much more." For good measure, UFEC can extract information from GPS units in most cars.

The gadget isn't a stalker's dream; it's an evidence-gathering tool for law enforcement. Cellebrite claims it’s already in use in 60 countries. (more)

The Car Whisperers

With a modest amount of expertise, computer hackers could gain remote access to someone's car -- just as they do to people's personal computers -- and take over the vehicle's basic functions, including control of its engine, according to a report by computer scientists from UC San Diego and the University of Washington.

Although no such takeovers have been reported in the real world, the scientists were able to do exactly this in an experiment conducted on a car they bought for the purpose of trying to hack it. Their report, delivered to the National Academy of Sciences' Transportation Research Board, described how such unauthorized intrusions could theoretically take place.

Because many of today's cars contain cellular connections and Bluetooth wireless technology, it is possible for a hacker, working from a remote location, to take control of various features -- like the car locks and brakes -- as well as to track the vehicle's location, eavesdrop on its cabin and steal vehicle data, the researchers said. They described a range of potential compromises of car security and safety. (more) (research paper) (the other car whisperers)