Teen Taps Top Cops

A teenager eavesdropped on highly-sensitive police counter-terror conversations after bypassing technology from the 1980s, hackers have claimed.

The leader of an anarchist group known as Team Poison said it was "easy" to drop "a 24-hour phone bomb" on elite security officers...

Is that, at, at, at you Bryce?

In another recording officers appear to be discussing counter-terror operations while Team Poison listens in. The group - which uses the Twitter name @_TeaMp0isoN - claimed the calls were made to MI6 - but it is understood they were in fact picked up by the Metropolitan Police's counter-terrorism command.

Trick, reportedly a 17-year-old who launched Team Poison in 2010, emailed the Press Association, saying the group bypassed outdated technology to compromise a server from Malaysia to record conversations. He wrote: "Yes, it was easy :)"

Trick said: "The phone denial of service was done via a custom script for Asterisk which was installed on an overseas server. The conversation was tapped into via a private phreaking method, their phone system is old and we found a way to get in via basic but private phreaking technique." (more)

Privacy Journal 2012 Privacy Law Compilation Updated

With a surge in the final days of the 2011 session, the California legislature enacted several new privacy protections that clearly keep the state at the top of the privacy-protecting states in the U.S., according to a new survey of the states by Privacy Journal.

The monthly newsletter reports on new privacy laws enacted by states and Congress each year. The information is available in its Compilation of State and FederalPrivacy Laws, updated yearly. (more)

Two Cell Phone Eavesdropping Attacks Reported

 • Security firm Cryptography Research showed how it's possible to eavesdrop on any smartphone or tablet PC as it is being used to make a purchase, conduct online banking or access a company's virtual private network.

• Researchers at security firm McAfee, a division of chipmaker Intel, highlighted several ways to remotely hack into Apple iOS, the operating system for iPads and iPhones.

McAfee's research team remotely activated microphones on a variety of test devices and recorded conversations taking place nearby. They also showed that it's possible to steal secret keys and passwords, and pilfer sensitive data, including call histories, e-mail and text messages.

"This can be done with absolutely no indication to the device user," says Ryan Permeh, McAfee's principal security architect. (more)

IKEA Apologizes to Workers for Spying

 The management of IKEA in France, where workers have sued the company for allegedly spying on employees, admitted that activities contravening its ethical standards had taken place and pledged to put a stop to them. (more)

SpyCam Story #658 - This Week in SpyCam News

SpyCam stories have become commonplace and the techniques used, repetitive. We continue to keep lose track of the subject for statistical purposes, but won't bore you with the details. Only links to the stories will be supplied unless there is something useful to be learned.

Azerbaijan - Sex video used to blackmail Azerbaijani journalist.
UK - Garage ‘spies at the pumps’ could cut off fuel supply for uninsured driver. 

IL - Cubs install cameras in their minor-league stadiums...One team official called it “Spycam"

Canada - Two women charged with voyeurism...photo'ed man using cell and shared.

Canada - Man with hidden camera who filmed sex with unsuspecting women sentenced.

Canada - Scouts ex-leader faces child pornography charges.

AR - Middle school student faces charge of video voyeurism.

UK - Dentist arrested over ‘voyeurism’.

OH - Woman confronted suspect over cellphone videos at tanning salon.

SC - Man accused of placing a video recorder his bathroom during St. Patrick's Day party.  

IN - Child porn charges filed over camera found hidden in high school boys locker room.

FL - Man accused of using a camera pen to capture images of a woman in her bathroom. 

FL - Gov. Scott signs video voyeurism bill.

RI - URI basketball player charged with video voyeurism. Also wanted by Florida police.

LA - Security Guard Gets More Charges In Video Voyeurism Case.

RI - Video voyeurism reports on the rise.

NC - Stepfather jailed for voyeurism attempt. Cameras were hidden in teen girl's room.

TX - Traveling evangelist accused of filming in church bathrooms. Three states investigating.

MA - Man recorded teen, mother in bathroom.

UK - Man alleged to have filmed women using the bathroom gets court date.

Canada - Uni. of Waterloo employee caught using his iPhone to take videos pleads guilty.

NJ - Security specialist loses Top Secret clearance over underskirt videos.

SC - Employee discovers camera attached to a urinal in men's bathroom at a textile plant.

UK - Sky News, a 24-hour news channel in the U.K., twice authorized its reporters to hack into emails of suspected criminals but said the actions were "editorially justified" and in "the public interest."

The disclosure adds to the intensified scrutinty of British reporting tactics. Sky News is a unit of British Sky Broadcasting Group PLC, which itself is 39.1%-owned by News Corp., whose U.K. newspapers have been at the center of a storm over reporting methods. (more)

Wheelchair Bug Saves Disabled Child from Cruel Teachers

Two Alabama teachers were caught cruelly taunting and abusing a 10-year-old boy who has celebral palsy after the boy’s mother attached an audio recorder to his wheelchair.

The shocking recording captures two voices chiding Jose Salinas for his ‘disgusting’ drooling and reveals he was left alone with no instruction for long periods of time...

Determined to be sure of what was happening herself she attached a bugging device to Jose’s wheelchair and left it recording over three days. The recording revealed that her son was being cruelly taunted about his disability and ignored for the majority of the day with no-one giving him instruction.

She played the tapes to the school board and the teachers were placed on administrative leave... But within days the teachers were returned to their positions so Salinas and other parents took their children out of the school in protest.

Feeling that ‘nobody was listening’ Salinas took the recordings to her local newspaper and the teachers were placed on leave once again. (more) (audio)

The Woman Who Bugged Her Ex-Boyfriend's Car - Case Closed

WI - Charges are settled for a local woman accused of bugging her ex-boyfriend's car so she could keep tabs on him. 

Jamie Mesang was accused of duct-taping a digital tape recorder underneath a car seat that belonged to her ex. Police say he became suspicious when Mesang started sending text-messages to him about his whereabouts. Eventually he searched his car and found the device, which was recording at that time. 

On Wednesday, Mesang entered a guilty plea. She also admitted she posted a female rival's picture and contact information on a website which led to that woman getting calls from men seeking sexual relationships. But prosecutors agreed to recommend dismissal of the felonies in one year if Mesang stays out of trouble during that time. (more)

Gordon Ramsay's Phone Calls Believed Bugged Not Hacked

UK - Gordon Ramsay was plunged into a sex tape nightmare last night. Self-proclaimed “professional mistress” Sarah Symonds says detectives probing phone hacking found “very sensitive tapes” of her with the TV cook.

The blonde, who claims she had a seven-year fling with Gordon Ramsay, believes an audio sex tape was among a stash of evidence seized by officers probing investigators for the defunct News Of The World.

Sarah, 41, feared the tape was the result of “bugging’” rather than hacking – which has led to scores of celebrities pocketing damages from the tabloid’s publishers News Corp. (more)

Espionage Outrage Reaches the Boiling Point ...and a solution.

Gen. Keith B. Alexander, (NSA)

...called the continuing, rampant cybertheft “the greatest transfer of wealth in history.” (bio)

---

Shawn Henry, (FBI) 

...current public and private approach to fending off hackers is "unsustainable.'' Computer criminals are simply too talented and defensive measures too weak to stop them, he said. (bio)

---

Richard A. Clark, (presidential advisor) 

"Yet the same Congress that has heard all of this disturbing testimony is mired in disagreements about a proposed cybersecurity bill that does little to address the problem of Chinese cyberespionage." (bio)

---

Letter to the Editor - The New York Times

Dear Editor,

Richard A. Clarke’s op-ed piece, “How China Steals Our Secrets,” (4/2/12) states the current business espionage problem perfectly, but we need a solution. Consider this...

The Chinese secrets of: silk and tea production; making porcelain, gunpowder and paper, could not survive Western espionage attacks – not even when protected with death penalties. Espionage killed their economy, and the damage lasted for centuries. Obviously, competitive advantages are also National Interest Assets.

The one-sided, punish-the-spy security model, still being used today, never worked. We need to make it two-sided. There must be a proactive legal responsibility to protect.

The solution... Corporate caretakers must be held accountable for protecting their valuables; our national treasures. We need a law creating business counterespionage security standards, with penalties for inadequate protection. We already successfully employ the same concept with medical and financial record privacy.

Kevin D. Murray
Spybusters, LLC

---

A cybersecurity law alone will not stop spying. 

If implemented, it will force an increase in traditional spy techniques, such as: bugging, wiretapping, physical intrusions and social engineering. (Remember, computer data is available elsewhere long before it is computerized.) 

Protecting our competitive advantages requires a holistic approach; a National Interest Assets law which would also...

• Protect the entire intellectual property timeline, from brainstorming and initial discussions, to the final product or business strategy. 

• Impose a responsibility of due care upon the creators and holders competitive advantage information.

• Specify compliance requirements aimed at countering traditional business espionage practices. Technical Surveillance Countermeasures Inspections (TSCM / bug sweeps), information-security audits, and information-security compliance procedures; safeguards which can be easily mandated and monitored.

This is a no-brainer, Congress.

The cost of keeping National Interest Assets safe is infinitesimal compared to current losses (not to mention the long-term effects). Just ask the Chinese.
~Kevin

Ambassador to Russsia Thinks Cell Phone is Monitored (well, duh)

The Obama administration has complained to Russia about harassment of its outspoken ambassador in Moscow, who has confronted television news crews and taken to social media to raise suspicions that his cell phone and email were being hacked.

Michael McFaul, who has been a frequent target of criticism by state media, seemed to have relished the attention, at least at first. And he may have become a bigger target by taking to Twitter to muse about the alleged surveillance, admitting to learning on the job, correcting his "bad Russian" and engaging in exchanges with a person whose Twitter account was "prostitutkamila."

"There's been a number of incidents since his arrival there that have caused us to have some concerns about his security and safety," State Department spokesman Mark Toner said Friday. "So as we would in following normal protocol, we've raised that with the government of Russia." (more)

Pop Quiz: Should government ambassadors be Tweeting?

Mission Creeps - Cop Tickets via Safety CCTV

Australia - A parking inspector ... has been using a network of security cameras to book drivers. The council says more than 150 tickets were issued in just over a fortnight using the CitySafe CCTV system... But Ipswich Mayor Paul Pisasale says as soon as he heard it was happening he acted. He has decided to not only waive the fines but send a letter of apology as well. (more)

Phones & Polls - Time for the Mexican Tap Dance

The frequency in Mexico of wiretapping politicians' telephones and leaking what's said would make even a British tabloid editor envious. The compressed, three-month presidential campaign leading to July 1 doesn't kick off till Friday, yet already a wiretap scandal is unfolding.

Political commentator Raymundo Riva Palacio calls the drumbeat of leaked wiretaps a "perverse factor in Mexican politics."

In the latest case, the ruling party's candidate, allegedly speaking to an aide on the phone, mocks two top functionaries in her party, among them President Felipe Calderon's highly influential security chief, for her suspicion that they listen in on calls.

In this instance, as in nearly every case of apparent illegal eavesdropping, politicians have greeted the leak with condemnations and demands for a criminal probe. But no successful prosecutions for illegal wiretapping have occurred in recent years. (more)

...thus giving new meaning to 'a back door friend'.

According to Richard Clarke—who warned everyone about a 'spectacular' Al Qaeda attack before 9/11—all electronics made in China could contain back doors that would allow Chinese hackers to spy and attack anyone they want.

He claims that these traps may be hidden in every device, from your iPhone and Android phones to every iPad, laptop and computer. Even your TVs or anything else made in China. His claims sound may sound preposterous, but he claims the evidence is strong:

I'm about to say something that people think is an exaggeration, but I think the evidence is pretty strong. Every major company in the United States has already been penetrated by China. 

Clarke also believes that Chinese hackers have sneaked into the mainframes of companies like Microsoft, Cisco or Boeing, stealing their research and development secrets. He claims that Chinese companies are using these secrets to leapfrog over their Western competition. This claim is not that crazy: only two years ago Google experienced and denounced such an attack. (more) (sing-a-long)

Email Bugging Scandal in New Zealand

New Zealand - Online security has been tightened at ACC after some claimants bugged emails to see what case managers were doing.

Bronwyn Pullar, the woman at the centre of the ACC security scandal, has revealed she used email tracking software to get updates of activity with her file - a detail already revealed by Michelle Boag to ACC minister Judith Collins. (more)

North Miami and The Bugs of City Hall

FL - In the past year, North Miami Mayor Andre Pierre had a nagging suspicion he was being followed. He also thought someone had his City Hall office bugged with listening devices.

It turns out Pierre was right; someone was watching and listening.

...Pierre had secret cameras installed in his City Hall office and a private firm swept the space for bugs and wiretaps, costing taxpayers about $8,200.

Audio recordings obtained by The Miami Herald, and the FDLE report, confirm police conducted surveillance on Pierre, who did not return several telephone calls from a Miami Herald reporter on Monday. (more)

How effective is antivirus software on smartphones?

"...my recommendation is to not worry about trying to get antivirus software to run on the phones themselves. Not only is it barely effective, but like any background process, it takes up valuable battery life and resources." Patrick Lambert, TechRepublic (more)

"Next bill. The proposed name change to Oceania."

The British government is set to unveil legislation that will allow it to monitor its citizens' phone calls, emails, text messages and internet use. The UK Home Office says technological advances mean it needs new powers to tackle terrorism and crime. Internet firms will be required to give the intelligence agency, Government Communications Headquarters (GCHQ), access to communications on demand. It will allow officers to monitor who is calling who, and for how long, or what websites they are visiting. The legislation also covers social networking sites. (more)

Think Your Intellectual Property is not Worth a few Bucks to Protect? Think Again.

Australia - The Federal Government has described a multi-million-dollar legal settlement over CSIRO's wi-fi technology as a major boost for the organisation.

The settlement secures more than $220 million for CSIRO, which invented the technology in the 1990s.

Wi-fi technology is used in more than 3 billion electronic devices worldwide, including personal computers, video games and mobile phones.

The settlement is the second successful litigation to be conducted by the CSIRO, which patented the technology and now has licence agreements with 23 telecommunications companies. (more)

FutureWatch: You may not know now what your ideas will be worth further down the road. Hook up with a good counterespionage consultant today. No matter where in the world you are, we can recommend someone we know personally to you.

Is You New Date Lying About Their Age? (There's an app for that.)

One’s age can now be detected through scanning a photo, thanks to Face.com’s new API (application programming interface).

The API considers factors like the shape of one’s face, wrinkles, and smoothness of skin, among others, in checking for one’s age. The age detector might not be always correct, but after it studies your photo, it also gives an age range which might be more accurate. The API’s accuracy is dependent on the image quality of the photo and one’s pose in the snapshot. (more)

One developer has already used the API to build app called Age Meter, which is available in the Apple App Store. (more)

Cell Phone Tracking - A Routine Tool for Police

Law enforcement tracking of cellphones, once the province mainly of federal agents, has become a powerful and widely used surveillance tool for local police officials, with hundreds of departments, large and small, often using it aggressively with little or no court oversight, documents show.

The practice has become big business for cellphone companies, too, with a handful of carriers marketing a catalog of “surveillance fees” to police departments to determine a suspect’s location, trace phone calls and texts or provide other services. Some departments log dozens of traces a month for both emergencies and routine investigations. (more)

Privacy Alert: The Stalking App

Another day, another creepy mobile app. Here is one that allows you to find women in your area. It definitely wins the prize for too creepy.

Girls Around Me uses Foursquare, the location-based mobile service, to determine your location. It then scans for women in the area who have recently checked-in on the service. Once you identify a woman you’d like to talk to, one that inevitably has no idea you’re snooping on her, you can connect to her through Facebook, see her full name, profile photos and send her a message.

P.S. When you sign up for the Girls Around Me application, you are asked to log in to Facebook, giving the service your personal information, too. (more)

FutureWatch: The Creepy Guys Around Me app.

No, wait... This just in...

In direct response to our story from earlier today about Girls Around Me, an iOS app by Russian-based app developer i-Free that tracks and gives personal information about women without their knowledge, Foursquare has released a statement announcing that they have officially killed Girls Around Me’s access to their public API. (more)

Eavesdropper Reveries - Laser Keyboards

My new iPhone has a laser keyboard...

In my dreams :)

But until then, there is always this...

Somewhere, someone (other than me) is musing about how to eavesdrop on this technology.

The Bluetooth connection?
Optical intercept?
Keystroke logging spyware?
Or, maybe an accelerometer embedded in the table to decipher the finger tapping sounds?

Am I allowed to have this much fun at work?

New CCTV Scans 36 Million Faces for a Match... in one second!

There were several news stories late last week about a new surveillance system by Hitachi Kokusai Electric that the company claims is able to capture a person's face and, in one second, scan some 36 million facial images stored in its database to see whether it can find a match. According to this story at Digital Trends:

"Now, here's my plan..."

"Hitachi’s software is able to recognize a face with up to 30 degrees of deviation turned vertically and horizontally away from the camera, and requires faces to fill at least 40 pixels by 40 pixels for accurate recognition. Any image, whether captured on a mobile phone, handheld camera, or a video still, can be uploaded and searched against its database for matches." 

The company states in a video posted at DigInfoTV that it thinks the system is "suitable for customers that have a relatively large-scale surveillance system, such as railways, power companies, law enforcement, and large stores."

Over time, I suspect that the technology will be reduced in price to be "suitable" for just about anyone with a surveillance system. (more)

Business Espionage: "If we can't hack your voicemail, we'll hack your business."

Australia - Revelations that a secret unit within Rupert Murdoch’s News Corp promoted high-tech piracy that damaged pay TV rivals will increase fears of corporate espionage in boardrooms across Australia and around the world. A four-year investigation by The Australian Financial Review has revealed a global trail of corporate dirty tricks by a group of former policemen and intelligence officers within News Corp that devastated competitors. (more)

Australia - Senior Australian officials have expressed concern over allegations that News Corporation engaged in hacking and piracy in order to damage its commercial television competitors. The allegations suggested that the firm owned by Rupert Murdoch had set up a unit to sabotage rivals. The Australian Financial Review said this was done by making pirate copies of competitors' smart cards. (more)