If You Live With a Housemate – Check for Spycams

IN - A 23-year-old man was arrested Thursday on a voyeurism charge.

On June 26, a woman saw a camera in her bathroom vent... then called Tippecanoe County sheriff's officers.

After investigating, the police concluded Di Fu, the woman's housemate, was responsible for the act.

Fu is charged with voyeurism using a camera or video device. He posted bond and was released from the Tippecanoe County Jail Thursday night.

The Purdue University directory lists Fu as a graduate research assistant at its biomedical engineering department. more

If you live with housemates you need to know how to check for spycams.

Nine Years After the First Smart TV Debuted Congress Goes "Hummmm"

Smart TVs are invading privacy and should be investigated, senators say

Two Democratic US senators have asked the Federal Trade Commission to investigate privacy problems related to Internet-connected televisions.

"Many Internet-connected smart TVs are equipped with sophisticated technologies that can track the content users are watching and then use that information to tailor and deliver targeted advertisements to consumers,"

Sens. Ed Markey (D-Mass.) and Richard Blumenthal (D-Conn.) wrote in a letter yesterday to FTC Chairman Joseph Simons. "Regrettably, smart TV users may not be aware of the extent to which their televisions are collecting sensitive information about their viewing habits." more

This is normal. Legislation generally lags new technologies by about ten years. ~Kevin

Hackers Selling Access to Law Firm Secrets

...a cybersecurity firm that specializes in monitoring the dark web, showed CNBC a forum post in Russian where the cybercriminal was offering access to a New York City law firm’s network and files, and was willing to send screenshots as evidence he had broken in.

The price for the access was $3,500...

“If you're a law firm that's involved in major transactions, [mergers & acquisitions] of publicly traded companies, you're going to have a lot of sensitive information, inside information before it becomes publicly available,” Dominitz said. “If I'm able to access that, I can trade around that and manipulate stocks and make a lot of money. more

Note: Hacking is only one method used to collect inside information. Close and lock the IT door, but don't leave your other doors and windows open. Engage the services of a Technical Information Security Consultant who also has TSCM expertise.

New Jersey: Wiretap, Spycam & GPS Tracking Laws

This is an excellent article covering phone recording, video surveillance and GPS tracking in New Jersey...

As technology rapidly advances and becomes more sophisticated, attorneys, litigants and the courts must grapple with the use of modern surveillance in the context of litigation in family matters.

Surveillance can be useful in some situations, and litigants often resort to surveillance of their spouse to gather what they perceive to be valuable evidence. That evidence, whether it be video footage, recorded telephone calls, GPS tracking, digital copies of hard drives or other forms of surveillance, may be used at trial or simply to gain leverage in settlement negotiations. Nevertheless, this type of activity does not come without risk.

Without careful guidance and an understanding of the legal implications, surveillance can place attorneys in jeopardy of legal or ethical violations, and could also undermine the client’s position (e.g., something of limited evidential value could backfire on the client).

This article explores three surveillance techniques and analyzes the risks and rewards of each. more

U.S. Wiretap Report - 2017

This report covers intercepts (also known as wiretaps) concluded between January 1, 2017, and December 31, 2017, as reported to the AO, and provides supplementary information reported to the AO on arrests and convictions resulting from intercepts concluded in prior years.

Click to enlarge

Forty-eight jurisdictions (the federal government, the District of Columbia, the Virgin Islands, Puerto Rico, and 44 states) currently have laws that authorize courts to issue orders permitting wire, oral, or electronic surveillance. Table 1 shows that a total of 30 jurisdictions reported using at least one of these types of surveillance as an investigative tool during 2017. more

TSCM During Construction Projects

In the world of business espionage there is a golden time to install bugs, taps, and other electronic surveillance items.

• It is a time when nobody is checking. 
• It is a time when these devices become completely hidden from future detection.
• It is construction time.

The Bugged Embassy Case: What Went Wrong, is a well-documented story of eavesdropping devices planted so deeply the building had to be abandoned.

The Attack on Axnan Headquarters: An Espionage Operation, is a fictionalized true story of exactly how corporate construction penetrations are accomplished.

Both accounts are a fascinating read, and are true cautionary tales for our times.

———
“You really don’t want electronic surveillance
to become the hidden feature of
your new Boardroom, C-suite, or other sensitive area.”
———

Designing Information Security into Construction Projects

Electronic eavesdropping and information attacks can be stopped, but there is a catch; timing. Technical Surveillance Countermeasures (TSCM) needs to be included in the planning and construction phases of your project. Learn how.

South Korean Women Protest Against Spy Cam Porn

Thousands of South Korean women gathered in Seoul on Saturday to demand stronger government action to fight the spread of intimate photos and footage taken by hidden cameras, which they say has women living in constant anxiety and distress.

Police said about 18,000 took part in the all-women protest, with demonstrators calling for stronger investigations and punishments against male offenders who photograph or film women without their knowledge and post the material online...

Since 2004, South Korea has required smartphones to make large shutter sounds when taking pictures and videos to prevent such crimes. However, phone cameras can be silenced through apps and there’s also an abundance of miniaturized cameras that can be hidden inside bags, shoes and toilets or small holes drilled into bathroom walls and doors...

The national government plans to spend 5 billion won ($4.5 million) to equip local governments with more camera detecting equipment, and strengthen inspections of bathrooms in public spaces and private buildings. There are also plans to widen inspections to elementary, middle and high schools. more

Spycam Quote of the Week

~Christopher Falkenberg, president of security consulting firm Insite Risk Management and former U.S. Secret Service special agent discussing the ease of hotel room spycam bugging...

"Assuming someone has access to the room before and after the customer uses it, I think it’s quite easy because there are many devices available to the public that can be inserted into a room and retrieved after. It’s not high-speed stuff, and it’s not hard to get." more

Israeli Cyber Warfare Firm Employee Caught Selling Eavesdropping Software...

...which is why we say there is no such thing as a secure 'back door'.

Israel’s cyber warfare giant, NSO’s former employee stole company’s ‘Pegasus’ eavesdropping program software and tried to sell it on the ‘dark web’. 

The Pegasus is a classified security tool that can eavesdrop on any person in the world without their knowledge, Globes reported Friday.

The accused is believed to have stolen NSO products and the program worth hundreds of millions of dollars. An indictment filed against the employee last week charged him with security offenses, in addition to theft from his employer. more

What is Dumber than Spycaming a Police Station Restroom?

Not much. Give this dude a double Darwin!

A 28-year-old clerk has been accused of secretly recording other employees inside a restroom at the Long Beach Police Department’s headquarters, authorities said. 

Sergio Nieto of Downey was arrested late last month after he allegedly photographed and videotaped people inside a restroom at the department’s downtown offices...

Nieto was suspended pending further investigation... Investigators are trying to determine the scope of Nieto’s alleged misconduct, and how many people may have been illegally filmed. more

Infographic - Countries Where Private Security Outnumber Police

Whether they're patrolling shopping malls, conducting screening at airports or protecting VIPs, private security guards have become an increasingly common sight across the world. 

In many countries, they are armed with handguns and even dress in uniforms similar to the police.

The sector has experienced huge growth in recent years and today there are an estimated 20 million private security workers worldwide while the industry is worth approximately $180 billion. That is expected to grow even further to $240 billion by 2020, greater than the GDP of 100 countries including Portugal, Romania and Hungary.

According to research conducted by The Guardian, half of the planet's population lives in countries where there are more private security workers than police officers. more

Click to enlarge.

It is likely these are very conservative statistics, as they don't include security specialists, like: professional security consultants, Technical Surveillance Countermeasures (TSCM) specialists, private investigators, computer security specialists, and people working in the alarm and video surveillance sectors. ~Kevin

The Spy Who Dumped Me

Looks like a fun spy movie.
In theaters August 3, 2018.

Without Spies There May Have Been No 'Fourth of July'

By Nina Strochlic, for National Geographic magazine.

In 1777, the American colonies were badly losing their fight for independence from Great Britain. The British Army had captured New York City’s crucial port. Expecting further advances, the Continental Congress was evacuated from Philadelphia. It seemed that the war was lost.

Then George Washington, then Commander-in-Chief of the Continental Army, wrote a letter that changed the course of the war.

Washington was desperate to discover what was happening inside New York, but military scouts couldn’t get close enough. The general needed someone to penetrate enemy lines, but when he asked for volunteers, few of his troops raised their hands.

“Spying wasn’t seen as gentlemanly,” says Vince Houghton, resident historian at the International Spy Museum in Washington, D.C.

Finally, a young army captain named Nathan Hale volunteered for the dangerous assignment. He was caught a week later and hanged, the first known American spy to be executed on the job. (He’s memorialized with a statue outside CIA headquarters.)

Washington realized that the mission was too big for untrained volunteers, so he set about building an espionage organization.

John Jay, later the first Chief Justice of the Supreme Court, had been running counterintelligence as head of the New York State Committee and Commission for Detecting and Defeating Conspiracies. One of Jay’s operatives, a merchant named Nathaniel Sackett, had experience in secret writing and codes. 

In February 1777, Washington wrote a letter to Sackett in which he offered him $50 a month—out of his own pocket—to establish the first formal apparatus for the “advantage of obtaining the earliest and best Intelligence of the designs of the Enemy.” “Without the organization that Sackett set up, it would have been very difficult for us to win the war,” says Houghton. “We had a ragtag army and [the British] had the greatest army, greatest navy, and greatest economy in the world. We had no real business winning this war.”

But America’s spy service got off to an inglorious start. Most of Sackett’s agents failed at their jobs—including Sackett himself, who was fired after just six months.

Fortunately for the infant nation, Sackett’s replacement, 26-year-old Benjamin Tallmadge, created what is considered one of America’s greatest espionage operations: the Culper Spy Ring. Comprised of childhood friends from Long Island, the group included a shop owner inside New York City who gathered information, a traveling trader who smuggled it out of the city, and a whale boat captain who delivered it to Washington’s camp.

Employing the tools and tricks of the 18^th-century spy trade—hiding secret messages in hollow feather quills, using “dead drops” to transport letters—the Culper operatives unmasked enemy spies, busted a money counterfeiting plan, and stopped the British from sabotaging a French aid mission to the colonies.

After important letters were lost during an enemy raid, Tallmadge invented a “numerical dictionary” code that matched 763 cities, names, and words to numbers. (Washington’s code name was Agent 711.) Washington also asked physician James Jay (brother to John) to invent an invisible ink that could be revealed only with another chemical and would “relieve the fears of such persons as may be entrusted in its conveyance.”

Washington’s espionage experiment paid off. In 1781 the British surrendered, thanks in part to the intelligence gathered by the Culper Ring and their networks. “Washington didn’t really out-fight the British. He simply out-spied us,” a British intelligence officer allegedly said after the war.

None of the Culper spies were ever caught, and even Washington himself never learned exactly who was in the group. The ring’s very existence wasn’t discovered until the 1900s, and to this day no one knows for certain how many members it had.

After the war Washington asked Congress to reimburse him $17,000—nearly half a million dollars today—for his espionage expenses. The lawmakers obliged.

Washington Policymakers Bluster About High-Tech Foreign Surveillance (again)

Washington policymakers are growing increasingly worried about the threat of high-tech foreign surveillance, a development complicated by U.S. spy agencies' use of similar technologies.

Lawmakers are stepping up their demands for more information from the Trump administration about foreign efforts to spy on Americans' cellphones. more

The Great Seal Bug Story

Facebook Promises Not to Use Tech in Phone Eavesdropping Patent

In an attempt to assuage concerns raised by Facebook's filing for a patent for software that could turn the mics of smartphones on in order to record secret messages in TV ads, the social networking giant has ruled out using the technology in any of its products.

The patent had been filed "to prevent aggression from other companies," Facebook Vice President and Deputy General Counsel Allen Lo told Engadget in a statement this week. The technology in this patent has not been included in any of Facebook's products, "and never will be", Lo said. more

No Formal Process for Protecting a Trade Secret in Canada ?!?!

Canada - At the annual Uniform Law Conference of Canada in 1989, there was proposed legislation drafted that was called the Uniform Trade Secrets Act.

It provided for potential civil remedies against anyone who acquired a trade secret improperly, including through commercial espionage or electronic means. Courts could grant injunctions, award damages and determine who could make future use of the trade secret.

The proposed legislation was put forward one year after the Supreme Court of Canada issued its ruling in R. v. Stewart on the issue of whether “confidential information” can be the subject of theft under the Criminal Code. The court, in a unanimous decision, concluded that it could not, since confidential information on its own is not property...

Three decades later, there are still no criminal offences specific to this area and the Uniform Trade Secrets Act was never enacted into law by any province. In fact, the current website of the federal Canadian Intellectual Property Office states flatly that there is “no formal process” for protecting a trade secret. more

Meanwhile... Australia has passed new laws to get tough on spying. more

Sign Up - Hackers On Planet Earth (H.O.P.E.) - 3 Days & Nights in NYC

The Circle of HOPE will take place on July 20, 21, and 22, 2018 at the Hotel Pennsylvania in New York City. H.O.P.E. stands for Hackers On Planet Earth, one of the most creative and diverse hacker events in the world. It's been happening since 1994.

Three full days and nights of activities, including more of the provocative and enlightening speakers that the HOPE conferences are known for. In addition, they will have access to a massive amount of space to put together all sorts of hacker projects and assorted fun stuff.

In the past they've had huge hackerspace villages, film festivals, Segway rides, lock picking villages, a wide variety of vendors, art installations, live video, vintage computers, robots, an amateur/ham radio station, electronics workshops, book signings, and the country's biggest supply of Club-Mate.

All of that happening right in the middle of New York City, across the street from Penn Station and down the block from the Empire State Building. more

Be sure to check out the amazing list of speakers and topics!

Ah, Gee. Not LTE.

Vulnerabilities have been discovered in LTE that would make it possible for an attacker to tap into 4G networks for the purposes of spying on and hijacking 4G browsing sessions.

Security researchers from Ruhr-Universität, Bochum and New York University, Abu Dhabi show how three different attacks can be launched on the second layer of LTE -- also known as the data link layer. Two passive attacks allow for identity mapping and website fingerprinting, while the active cryptographic aLTEr attack allows for DNS spoofing and network connection redirection.

The researchers, David Rupprecht, Katharina Kohls, Thorsten Holz, and Christina Pöpper, are due to share their findings at the 2019 IEEE Symposium on Security & Privacy next year, but has published a paper in the meantime. Their findings mean that all three protocol layers of LTE (physical, data link, and network) have been found to be problematic.

Current 4G networks are vulnerable, and it is thought that 5G networks could be as well. In the name of responsible disclosure, the group informed the likes of the GSM Association (GSMA), the 3rd Generation Partnership Project (3GPP), and telephone companies of its findings. more

Whataburger - Toilet Spycam - 13 Unidentified Victims

TX - The man accused of placing a video camera in the restroom of a Whataburger restaurant has now been arrested, according to Abilene police...

Abilene police released footage of the suspect placing the camera inside a bathroom stall.

Last Friday, a woman called police after finding the device inside the toilet lid at a south Abilene Whataburger.

A woman, who said she wishes to remain anonymous, told KTAB/KRBC that when she went to the restroom, she flushed the toilet and noticed an unusual small circle under the rim of the toilet lid. She said she looked closer and found what appeared to be a camera lens. The woman said she then followed the camera to 'a bunch of wires connected to the device' under the lid of the tank.

The woman said she then ripped the device out of the tank and and ran to her car where she called police...

Whataburger said it had launched its own investigation... more

Abilene police are seeking information about potential victims from last week's Whataburger video voyeur case.

Police said 13 unidentified victims need to be identified.
Anyone who was at Whataburger at 4241 South 1st Street on Friday, June 22 between 8:50 a.m. and 1:18 p.m. and used the women's restroom as asked to call police at 325-676-6610. more

Could Your Smartphone Battery Spy on You? (unlikely, but...)

Most batteries in today’s smartphone are intelligent enough to detect how people use their phones and employ power-saving technologies that result in longer battery life. That advantage sounds excellent all around, but...

The researchers who authored a paper [PDF] on the subject of smartphone batteries capable of spying on people pointed out that this hack would be quick to implement and difficult to detect. They say smartphone owners may even participate in helping the hacks happen by installing malicious batteries themselves.

It could happen in a scenario where a hacker sets up an online store and entices users with promises of extra-long battery life and low prices, sends a purchaser the battery and waits for it to become installed in the phone to begin the tracking segment of the hack.

Plus, the battery could be capable of continuous monitoring, giving hackers the opportunity to see almost all the things the targets do with their phones, whether that’s browsing the internet, typing on the phone’s keyboard or receiving calls. more

A bug made to look like a cell phone battery...

The Search Engine That Didn't Snitch... and other disasters

Hey gang, it's almost Independence Day here in America. Yup, July 4th is just around the corner.

Fireworks are in America's bloodstream... but, did you know your on-line curiosity could get you in trouble with the terrorist chasers? Your fireworks search engine inquires might start popping red flags...

"Ludlow Kissel and the Dago Bomb That Struck Back"
"What is a Dago Bomb?"
"How can I build a Dago Bomb?"
"Dago Bomb ingredients"
"What was blown up by the Dago Bomb?"

(Knock, Knock)
"We're from Homeland Security..."

"Excelsior, you fathead!" Next time, don't use a search engine that captures your IP address. Search privately. Go to https://www.ixquick.com
ixquick is the only search engine which gives you anonymity.

Oh, and Ludlow... he had his 15 minutes of fame... about 2:17 into this Great American Fourth of July video. ~Kevin

UPDATE - NEW URL. Startpage.com in

Corporate Espionage Heats Up as “Made in China 2025” Nears

Corporate espionage is an extremely serious charge in the American technology market. There have been several prominent occasions in which AMD and Intel or AMD and Nvidia have cooperated when an employee was suspected to have engaged in IP theft, precisely because the consequences of bringing a product to market that’s tainted by another company’s IP rights could be so catastrophic.

But in China, there’s a very different system in place — and the way this has played out could be driving China’s investigation of Micron and Samsung’s DRAM pricing.

Here’s what we know. Micron alleges that the United Microelectronics Corporation (UMC), a Taiwanese foundry, cooperated with Fujian Jinhua Integrated Circuit Company to steal Micron secrets.

Jinhua may have been attempting to steal secrets from Micron in a manner similar to that used by the Yangtze Memory Technology Company, or YMTC, which is now building chips that the New York Times reports look suspiciously like Samsung devices.

The Chinese companies are collectively under tremendous pressure to deliver on an initiative China calls “Made in China 2025.”

Made in China 2025 is a comprehensive Chinese effort to increase domestic production of core materials by up to 40 percent by 2020 and 70 percent in 2025.

The impact this would have on existing semiconductor manufacturing can only be described as seismic. more

Important... Made in China 2025 should be a red flag to ALL businesses in the U.S. 
Make sure you understand the impact of this initiative. Make sure you get a competent Technical Information Security Consultant on your team, soon. There won't be enough to go around once the penny drops.

Yet Another Reason for SpyCamDetection.Training

FL - A Keys man was arrested Wednesday after police said he was spying on people using the bathroom at his job.

Ray Gallegos, 32, of Big Pine Key, admitted to having planted a camera in the men's bathroom at the Walgreens, 30351 Overseas Hwy., sometime in August 2017 so he could watch men, according to the Monroe County Sheriff's Office.

Deputies and agents from Homeland Security on Wednesday searched Gallegos' home, where they said they found pictures and video depicting a bathroom stall later identified as the one located in the pharmacy at the Big Pine Walgreens. more

Facebook's Patent Called Creepy

If you’re a Facebook user, you’ve likely heard stories of people becoming convinced that the company uses the microphones that are everywhere these days (such as ones on a smartphone or laptop) to spy on its users. While those fears might just be the result of an overactive imagination, a new patent filing is fueling concerns that Facebook might actually be equipped to do just that someday soon...

The patent filing itself is densely packed with information, but the technology at the center of it would use high-pitched audio signals that are inaudible to humans and hidden within advertisements or other “broadcast content.” That audio signal could be used to activate a “client device” to record the ambient audio in the room and log an impression – which makes this sound like a system for tracking how many individual impressions an advertising campaign receives.

The abstract of the patent explains the system relies on client devices that are associated with each individual in a household, which has led many to believe that the patent is talking about activating the mic on your smartphone. The patent filing also features a number of images that depict the “client devices” as smartphones, which leaves little to the imagination. All of that, as you can imagine, has resulted in quite a few negative headlines accusing Facebook of once again overreaching when it comes to user privacy. more

California Passes Sweeping Data-Privacy Bill

California lawmakers gave consumers unprecedented protections for their data and imposed tough restrictions on the tech industry, potentially establishing a privacy template for the rest of the nation.

The law, which was rushed through the legislature this week and signed by Gov. Jerry Brown on Thursday, broadens the definition of what constitutes personal information and gives California consumers the right to prohibit the sale of personal data to third parties and opt out of sharing it altogether. The bill applies to internet giants such as Facebook Inc. and Alphabet Inc.’s Google but also will affect businesses of any size that collect data on their customers.

Ashkan Soltani, a digital researcher and former chief technologist for the Federal Trade Commission, said the regulations are the first of their kind in the U.S. more sing-a-long

The Kid is Recording with His Cell Phone - Quick, Call the Cops!

A sad Middle School Civics Lesson...

One of Illinois' most-abused laws continues to be abused. For years, cops used the state's eavesdropping laws to arrest citizens who attempted to record them. This practice finally stopped when three consecutive courts -- including a federal appeals court -- ruled the law was unconstitutional when applied to target citizens recording public servants.

This may have led to the end of bullshit arrests from cops who didn't like being observed while they worked, but it's still being used by government officials to punish people they don't like. Illinois Policy reports a 13-year-old student is facing felony charges for recording a meeting between him and two school administrators.

On Feb. 16, 2018, [Paul] Boron was called to the principal’s office at Manteno Middle School after failing to attend a number of detentions. Before meeting Principal David Conrad and Assistant Principal Nathan Short, he began recording audio on his cellphone.

Boron said he argued with Conrad and Short for approximately 10 minutes in the reception area of the school secretary’s office, with the door open to the hallway. When Boron told Conrad and Short he was recording, Conrad allegedly told Boron he was committing a felony and promptly ended the conversation.

Principal Conrad sure knows his local statutes. He turned Boron in to law enforcement, which apparently decided to go ahead and process the paperwork, rather than tell Conrad to stop acting like a child. This led to prosecutors being just as unwilling to be the adults in the room.

For a 13-year-old, this is a huge problem. This places his recording of his conversation with school officials on the same level as aggravated assault and stalking. It comes with a minimum prison sentence of one year. more 

Murray's Surreptitious Workplace Recording — and what to do about it

Air-Gapped Computers to be Ticked-off via USB Tick-Sticks

A cyber-espionage group is targeting a specific type of secure USB drive created by a South Korean defence company in a bid to gain access to its air-gapped networks. 

According to a blog post by researchers at Palo Alto Networks, this attack was carried out by a group called Tick which carries out cyber-espionage activities targeting organisations in Japan and Korea.

Researchers said that weaponisation of a secure USB drive is an uncommon attack technique and likely done in an effort to spread to air-gapped systems, these networks are normally not connected to the internet. more

Murray's USB Stick Warnings
 

A $5 Million Surveillance Car

A Cyprus-based surveillance company claims to have built a car full of next-generation snooping kit that can infect Apple and Google phones from as far away as 500 metres. WiSpear, founded by one of Israel’s longtime surveillance market players Tal Dilian, is selling the car for between $3.5 million and $5 million and claims it has plenty of interest already. It’s also inspired concern from the privacy community.

The SpearHead 360 vehicle uses 24 antennas to reach out to target devices. Once a phone has been chosen, the WiSpear automobile has four different ways to force a phone to connect to its Wi-Fi-based interceptors from where it can start snooping on devices (using what are known as man-in-the-middle attacks). Then there are four different kinds of malware for various operating systems, including Apple’s iOS or Google’s Android devices, according to Dilian.


WiSpear showed off the van at the ISS World and Eurosatory conferences this month. As seen in the video, police can splurge on a drone and a backpack to go inside the car for even more mobile surveillance. Both can be used to carry out the same attacks, according to Dilian, who noted a single backpack can cost as much as $1.2 million. “This takes customers from detection all the way to full interception,” he told Forbes. “I think it’s a game changer.” more

Darwin Award: Man Spycams Wife for 3 Years to Bug Her - Shoots Himself

Paul Lewis, 46, rigged up the secret video camera because he feared his wife Ann, 45, was having a secret affair.

His video revealed she wasn’t having sex romps while he was at work – but he carried of covertly filming her for the next three years anyway.

He said continued because he knew it would annoy her.

A court heard the marriage had been ‘effectively over’ for some time when Ann, a teacher, found the digital camera after it was moved to the kitchen of their three-bedroom village home.

She found 29 videos of herself that had been shot in the bedroom lasting between a few seconds and up to 40 minutes.

Lewis, an engineer, blundered because some of the clips showed him accidentally filming himself installing the spy camera in a bedside cabinet. more

Spy Collector Alert: Soviet Spy-Camera Auction

On July 12, Aston’s Auctioneers of Dudley, England (about halfway between Liverpool and London), will feature the Russian Collection auction, 25 lots of rare and unusual cameras collected from the Cold War days, when Russia merely constituted much of the U.S.S.R. and Germany was still separated into two states.

“To find as many [cameras] in one place is pretty unusual,” says Tim Goldsmith, photographic consultant to Aston’s. The unnamed source for the auction had been collecting Soviet spy cameras for 30 to 40 years, as far back as when smuggling anything of this sort in or out of the Soviet Bloc would have needed spycraft itself. “Obviously, that’s when East Germany was still completely surrounded,” says Goldsmith. Until recently, finding such a trove in the West was nearly miraculous. “And it’s unheard of in the U.K., though it’s dribbling out since the whole universe discovered these things on the internet."

Aston’s hosts three camera auctions a year, yet this one, as Goldsmith put it, “has fired everyone’s imagination.” more

Wi-Fi to Get More Security Muscle

The Wi-Fi Alliance has officially unveiled WPA3, its next-generation security standard to keep wireless networks better protected, alongside a move to streamline the setup of the likes of smart home gadgets.

As you may be aware, WPA3 follows on from the currently employed WPA2 standard, which has been hit by security vulnerabilities that have led folks to question its overall strength in recent times.

So, the arrival of WPA3 is clearly important, and the Wi-Fi Alliance is delivering the fresh standard in two forms, one aimed at the home user, and one for businesses: WPA3-Personal and WPA3-Enterprise.

Both flavors are designed to provide far more robust security, with users benefiting from Protected Management Frames (PMF) to defend against malicious parties eavesdropping on their data transmissions. more

Dan Ingram - RIP

Dan Ingram.
Super nice guy.
Unbelievably funny, even during the songs when nobody but the engineer could hear him.
more 7/4/68 Air Check

Android Alert: Surveillance Malware Infects Telegram App

A new family of malware capable of comprehensive surveillance is targeting Android devices through the encrypted messaging app Telegram, according to research from antivirus vendor ESET.

The malware – which has mostly been distributed in Iran – ensnares its victims by posing as an application pledging more social media followers, bitcoin, or free Internet connections, according to ESET. Once downloaded, the malware can carry out surveillance tasks ranging from intercepting text messages to recording audio and screen images from devices, ESET researcher Lukas Stefanko explained in a blog post.

Each compromised device is controlled via a bot that the attacker commandeers via Telegram, which recently boasted 200 million monthly users.

“Attackers can control victimized devices by simply tapping the buttons available in the version of the malware they are operating,” Stefanko wrote.

Such nefarious programs have been knocking on Google Play’s door in droves: With the help of machine learning, security specialists removed 700,000 malicious apps from the store last year. more

For Sale: Your Whereabouts

Verizon and AT&T have promised to stop selling their mobile customers' location information to third-party data brokers following a security problem that leaked the real-time location of US cell phone users.

Sen. Ron Wyden (D-Ore.) recently urged all four major carriers to stop the practice, and today he published responses he received from Verizon, AT&T, T-Mobile USA, and Sprint.

Wyden's statement praised Verizon for "taking quick action to protect its customers' privacy and security," but he criticized the other carriers for not making the same promise.

"After my investigation and follow-up reports revealed that middlemen are selling Americans' location to the highest bidder without their consent or making it available on insecure Web portals, Verizon did the responsible thing and promptly announced it was cutting these companies off," Wyden said. "In contrast, AT&T, T-Mobile, and Sprint seem content to continuing to sell their customers' private information to these shady middle men, Americans' privacy be damned." more

Tesla's Sabotage / Espionage Wake-Up Call

Tesla has routed out a saboteur who changed code on internal products and exfiltrated data to outsiders, damaging company operations and possibly causing a fire, CEO Elon Musk told employees in an email...

Musk wrote in an email obtained by CNBC. “This included making direct code changes to the Tesla Manufacturing Operating System under false usernames and exporting large amounts of highly sensitive Tesla data to unknown third parties.”

While Musk said Tesla doesn't know the full extent of the employee's actions, “what he has admitted to so far is pretty bad,”...

“Trusted users always pose the highest risk as they have the means and only lack the motivation. In this instance, the motivation sounds personal, and that is quite often the case in corporate sabotage,” said Chris Morales, head of security analytics at Vectra. “It is not clear how this event was detected, but it sounds like it was discovered after the damage already occurred and there is still work to uncover the extent of that damage.”

Whether addressing a rogue insider or an outsider who has gained access to employee credentials, he said, “enterprises benefit from internal monitoring that can detect suspicious behavior in order to prevent damage,” more

World Cup Tip - Leave Your Electronics at Home

The top U.S. counterintelligence agent has warned Americans traveling to Russia for the 2018 World Cup against taking any electronics with them, saying soccer fans could be targeted by hackers.

William Evanina, an FBI agent and the director of the U.S. National Counterintelligence and Security Center, said in a Tuesday statement that even those who see themselves as insignificant could become victims of Russian spying.

“If you’re planning on taking a mobile phone, laptop, PDA, or another electronic device with you—make no mistake—any data on those devices (especially your personally identifiable information) may be accessed by the Russian government or cyber criminals,” Evanina said, according to Reuters. more

Three Tips for Protecting a Business's Passwords

One of the common areas we see companies and technology groups struggling to manage securely and effectively is… passwords.  We know we need them (passwords), we know they need to be “secure”, and we know they’re a pain in the neck to keep organized.  That’s exacerbated exponentially when you factor in shared passwords and accounts for teams.
Tip 1:  Quit Using Excel to Manage Your Passwords...
Tip 2:  Know All of Your Org’s Accounts...
Tip 3:  Know Your Password Security Options...

Read the full details about each tip at criticalinformatics.com

Cell Phone Passcode of 1+2+3+4 = 18 Years in Prison

A man serving 18 years in prison in South Carolina for burglary was rightfully convicted in part because he left his cellphone at the crime scene and a detective guessed his passcode as 1-2-3-4 instead of getting a warrant, the state Supreme Court ruled Wednesday.

Lawyers for Lamar Brown argued detectives in Charleston violated Brown’s right to privacy by searching his phone without a warrant.

After storing the cellphone in an evidence locker for six days in December 2011, the detective guessed right on Brown’s easy passcode, found a contact named “grandma” and was able to work his way back to Brown.

The justices ruled in a 4-1 decision that Brown abandoned his phone at the Charleston home and made no effort to find it. The law allows police to look at abandoned property without a court-issued warrant allowing a search. more

X-Ray Vision Using Wi-Fi

The Machines now have X-ray vision. A new piece of software has been trained to use wifi signals — which pass through walls, but bounce off living tissue — to monitor the movements, breathing, and heartbeats of humans on the other side of those walls. The researchers say this new tech’s promise lies in areas like remote healthcare, particularly elder care, but it’s hard to ignore slightly more dystopian applications.

Click to enlarge.

 While it’s easy to think of this new technology as a futuristic Life Alert® monitor, it’s worth noting that at least one member of the research team at the Massachusetts Institute of Technology behind the innovation has previously received funding from the Pentagon’s Defense Advanced Research Projects Agency (DARPA). Another also presented work at a security research symposium curated by a c-suite member of In-Q-Tel, the CIA’s high-tech venture capital firm.

Inverse recently caught up with project’s leader Dina Katabi, a 2013 MacArthur “Genius Grant” Fellow who teaches electrical engineering and computer science at MIT, to talk about how the new tech may be used... more

Auction - Original artwork from Carry On Spying (1964)

Original artwork from Carry On Spying (1964) and Carry On Cowboy (1965) will go under the hammer with an estimate of £2,000 - 3,000 and £3,000 - 5,000 respectively

Both artwork pieces were illustrated by legendary British cinema poster designer, Tom Chantrell of Star Wars fame.

The auction will be live-streamed online for fans to track the bidding on auction day. Registration and bidding is now open. Bids can be placed online at www.propstore.com/liveauction, over the phone or in person.

Prop Store's Cinema Poster Live Auction is on Thursday 28th June.  more

U.S. Embassy in China Sends Alert About Mystery Health Issue

The U.S. Embassy in China sent its second alert in two weeks Friday to its citizens over unexplained health issues that have prompted the evacuation of a number of U.S. government employees working at a consulate in a southern city...

The incidents have raised fears the unexplained issues that started in Cuba in 2016 have expanded to other countries. China says it has uncovered no information that could point to a cause...

Friday's alert called for people to be attentive of symptoms including "dizziness, headaches, tinnitus, fatigue, cognitive issues, visual problems, ear complaints and hearing loss, and difficulty sleeping." It urged them "not to attempt to locate the source of any unidentified auditory sensation. Instead, move to a different location." more

Two theories. One solution.

A new theory.
Attackers can cause potentially harmful hard drive and operating system crashes by playing sounds...

The attacks use sonic and ultrasonic sounds to disrupt magnetic HDDs as they read or write data. The researchers showed how the technique could stop some video-surveillance systems from recording live streams. Just 12 seconds of specially designed acoustic interference was all it took to cause video loss in a 720p system made by Ezviz. Sounds that lasted for 105 seconds or more caused the stock Western Digital 3.5 HDD in the device to stop recording altogether until it was rebooted.

U.S. to Thwart Spying at Singapore Summit with TSCM Bug Sweeps

U.S. officials say they are preparing to counter the Chinese spies they expect to be all over Singapore next week seeking inside information on the talks.

The Chinese, who have been known to bug everything from hotel keys to the gifts given to American visitors, are expected to deploy their increasingly sophisticated repertoire of intelligence gathering techniques, both human and electronic, in Singapore.

Areas of concern for the U.S. at the summit include:

• U.S. officials are concerned China has recruited informants among the waiters and other staff in Singapore’s restaurants and bars, who are paid to eavesdrop on American customers and report back to their Chinese handlers.
• Officials also expect electronic surveillance of the summit meeting sites. Americans will sweep for bugs (TSCM) in rooms at the Capello Hotel that could be used for side discussions, and could erect tents inside hotel meeting rooms to block any concealed cameras from viewing classified documents.
• Chinese intelligence agencies have shown the ability to penetrate mobile phones even when they are off, and U.S. officials are now told to take their batteries out when they are concerned about eavesdropping, according to a U.S. intelligence official.

According to three U.S. officials, in one recent case a top U.S. official working in China repeatedly had trouble with his hotel key card. He had to replace it several times at the front desk because it wouldn’t open his door.

He brought one of the key cards back to the U.S., where security officials found a microphone embedded inside, according to the U.S. officials.

The Chinese have placed listening and tracking devices in chips embedded in credit cards, key chains, jewelry, and even event credentials, the officials said, often with the intent of capturing secret conversations among American officials. more

You can be sure same eavesdropping techniques and technology are being used for economic espionage here in the U.S. 

Fortunately, savvy private sector businesses are successfully employing similar Technical Surveillance Countermeasures (TSCM) bug sweeps on a regular basis. Businesses that do not are getting their intellectual property pockets picked. ~Kevin