A prominent Hezbollah commander, Muhammad Ali Yunis, was killed by unknown gunmen on Sunday morning in southern Lebanon, Iranian and Lebanese media reported.
The Iranian semi-official Fars news agency reported that the slain commander was “responsible for tracking spies and collaborators.” more
Tuesday, April 7, 2020
Taiwan Joins Canada & More in Banning Zoom
Malaysia - The National Security Council (NSC) has warned that hackers could be listening to their conversations amid increasing use of video conferencing applications during the movement control order (MCO) period. more
New York City's education department is directing teachers and staff to “move away from using Zoom as soon as possible” for virtual instruction purposes due to cybersecurity concerns, department spokesperson Danielle Filson said on Saturday. more
Google has banned Zoom from its staffers' devices. Google told its employees last week that it would block Zoom from working on their Google-provided computers and smartphones. This move comes after Taiwan tolds government employees not to use Zoom. Earlier, New York schools told its teachers to "gradually transition" from Zoom to another video-conferencing service. more
Rare World War II Footage Released - British Spy Center
A silent film shows MI6 staff members at a site linked to the code-breaking facility Bletchley Park during World War II.
Like a home movie reel, the silent footage shows young people at candid moments: playing soccer and cricket, sunbathing, smiling and making faces at the camera...
But they were not ordinary office colleagues: They were off-duty secret British communications staffers, linked to code-breakers who decrypted German ciphers and helped the Allies win World War II.
The newly revealed footage features staff members of the MI6 Section VIII — the British spy agency’s communications staff — filmed at a site associated with the famous code-breaking facility Bletchley Park. more
But they were not ordinary office colleagues: They were off-duty secret British communications staffers, linked to code-breakers who decrypted German ciphers and helped the Allies win World War II.
The newly revealed footage features staff members of the MI6 Section VIII — the British spy agency’s communications staff — filmed at a site associated with the famous code-breaking facility Bletchley Park. more
New iPad Pro Prevents Eavesdropping or Spying
Apple beefs up iPad Pro security by disabling the microphone when the case is closed, a feature which was previously reserved for the Mac.
Apple introduced a feature with the 2018 MacBook lineup, allowing the microphone to be disabled whenever the display lid was closed. This measure was put in place to prevent eavesdropping, preventing malicious apps to tap into the microphone to gather extra data about you.
Fast forward to 2020 and the feature has come to the new iPad Pro lineup. The way it works is pretty simple - just close the lid of the case on the iPad Pro, which has to be MFi compliant, and the microphone is physically disconnected to prevent any sort of eavesdropping or malicious code from running if iPadOS is compromised in some way. more
Fast forward to 2020 and the feature has come to the new iPad Pro lineup. The way it works is pretty simple - just close the lid of the case on the iPad Pro, which has to be MFi compliant, and the microphone is physically disconnected to prevent any sort of eavesdropping or malicious code from running if iPadOS is compromised in some way. more
Friday, April 3, 2020
Facebook Tried to Buy Controversial Tool to Spy on iPhone Users, Court Filing Reveals
Reported by Motherboard, when Facebook was starting to build its spyware cloaked in a VPN product, Onavo Protect for iOS and Android, the social media company reached out to the controversial company NSO Group that creates spyware for government agencies...
Apple made Facebook remove Onavo Protect from the App Store in August of 2018.
Then in 2019 Facebook repackaged it as a “Research app” and tried to pay teens to sideload it on their devices.
Zoom’s Encryption Is “Not Suited for Secrets” and Has Surprising Links To China, Researchers Discover
Meetings on Zoom, the increasingly
popular video conferencing service, are encrypted using an algorithm
with serious, well-known weaknesses, and sometimes using keys issued by
servers in China, even when meeting participants are all in North
America, according to researchers at the University of Toronto.
The
researchers also found that Zoom protects video and audio content using
a home-grown encryption scheme, that there is a vulnerability in Zoom’s
“waiting room” feature, and that Zoom appears to have at least 700
employees in China spread across three subsidiaries. They conclude, in a report for the university’s Citizen Lab
— widely followed in information security circles — that Zoom’s service
is “not suited for secrets” and that it may be legally obligated to
disclose encryption keys to Chinese authorities and “responsive to
pressure” from them.
Zoom could not be reached for comment. more
4/15/2020 UPDATE - More top companies ban Zoom following security fears. more
Thursday, April 2, 2020
Think Your Smart Speaker is Spying On You... get Paranoid
(Note: As of this date the manufacturer is only accepting pre-orders. Gauging demand before going into production is not uncommon. The following is just an interesting bit of news; not a product endorsement. Also, it might be an April Fool's prank.)
Their headline reads, "Blocks smart speakers from listening, while keep them voice-activated. Just say "Paranoid" before your usual commands." more
"How?" ...you may ask.
A. In one of three ways.
Their headline reads, "Blocks smart speakers from listening, while keep them voice-activated. Just say "Paranoid" before your usual commands." more
"How?" ...you may ask.
A. In one of three ways.
- The BUTTON model begins with the mute button pressed. When it hears you say, "Paranoid" it presses again, thus letting your next command to pass through. After your command is finished it re-mutes with another press.
- The HOME model (it appears) uses ultrasound to block the speakers microphones. Click here to learn how ultrasound blocking works. The volume needed for this application is very low so it shouldn't be a health risk.
- The MAX model requires you sending them your smart speaker so they can physically install their solution. People who use this option are not true paranoids. True privacy paranoids would be afraid the unit might come back, bugged!
Wednesday, April 1, 2020
Guest Wi-Fi Access Comes with Risks for Organizations
Reported this week: A convicted sex offender downloaded indecent child images at a hostel where he was staying after using another resident's wi-fi code. more
In this case, a stolen access code was used to gain access. In many organizations the same guest code is given out to all guests. Sometimes it is even posted. Often it is never changed. Once the password is out, there is no telling who will access the system, or when, or for what purpose.
Downloading illegal images is only one of many guest access risks.
While hiding behind a reputable IP address unauthorized and anonymous "guests" can also conduct: drug transactions, video voyeurism, blackmail, financial scams, hacking, and more. The finger points at the organization's network. They might be legally held responsible. And, these are just the outward facing threats. Guest access can also be a pivot point to internal information theft.
Take this 15 second assessment.
Does your organization...
Legal defense is expensive. Reputational damage is hard to quantify. A proactive professsional analysis is easy. Reduce risk and keep profits where they belong, in the bottom line.
In this case, a stolen access code was used to gain access. In many organizations the same guest code is given out to all guests. Sometimes it is even posted. Often it is never changed. Once the password is out, there is no telling who will access the system, or when, or for what purpose.
Downloading illegal images is only one of many guest access risks.
While hiding behind a reputable IP address unauthorized and anonymous "guests" can also conduct: drug transactions, video voyeurism, blackmail, financial scams, hacking, and more. The finger points at the organization's network. They might be legally held responsible. And, these are just the outward facing threats. Guest access can also be a pivot point to internal information theft.
Take this 15 second assessment.
Does your organization...
- Provide guest Wi-Fi access?
- Does guest access use the organization's network?
- Is access unencrypted?
- Do all guests use the same password?
- Is the password posted anywhere, as in a conference room?
- If posted, can it be seen from outside with binoculars or a drone?
- Has the password remained the same for over a month?
Legal defense is expensive. Reputational damage is hard to quantify. A proactive professsional analysis is easy. Reduce risk and keep profits where they belong, in the bottom line.
The Potato Chip Bag Spy
Back in 2014, the potato chip bag became an audio eavesdropping device...
Want to listen in on a juicy conversation? Researchers from the Massachusetts Institute of Technology, Microsoft, and Adobe have designed an algorithm that can pick up conversation by analyzing the vibrations from speech as they ripple through a potato chip bag, MIT News reports. more
In 2020, the potato chip bag became a visual eavesdropping device too...
Mirrors aren't the only shiny objects that reflect our surroundings. Turns out a humble bag of potato chips can pull off the same trick, as scientists from the University of Washington, Seattle have made it possible to recreate detailed images of the world from reflections in the snack's glossy wrapping.
The scientists took their work a step further by predicting how a room's likeness might appear from different angles, essentially "exploring" the room's reflection in a bag of chips as if they were actually present. This is analogous to a classical problem in computer vision and graphics: view synthesis, or the ability to create a new, synthetic view of a specific subject based on other images, taken at various angles. more
The future?
Want to listen in on a juicy conversation? Researchers from the Massachusetts Institute of Technology, Microsoft, and Adobe have designed an algorithm that can pick up conversation by analyzing the vibrations from speech as they ripple through a potato chip bag, MIT News reports. more
In 2020, the potato chip bag became a visual eavesdropping device too...
Mirrors aren't the only shiny objects that reflect our surroundings. Turns out a humble bag of potato chips can pull off the same trick, as scientists from the University of Washington, Seattle have made it possible to recreate detailed images of the world from reflections in the snack's glossy wrapping.
The scientists took their work a step further by predicting how a room's likeness might appear from different angles, essentially "exploring" the room's reflection in a bag of chips as if they were actually present. This is analogous to a classical problem in computer vision and graphics: view synthesis, or the ability to create a new, synthetic view of a specific subject based on other images, taken at various angles. more
The future?
How Small Can a Video Camera Be?
Currently, one of the smallest we know is 1.66mm in size. It has a built-in high-intensity LED light. If you don't need the light it shrinks to .97mm in diameter.
Specs: Color, 120 degree lens, 200 x 200 @ 30fps resolution
Monday, March 30, 2020
Bosses Panic-Buy Spy Software...
“Companies have been scrambling,” said Brad Miller, CEO of surveillance-software maker InterGuard. “They’re trying to allow their employees to work from home but trying to maintain a level of security and productivity.”...
“It’s not because of lack of trust,” Miller said, who compared the software to banks using security cameras. “It’s because it’s imprudent not to do it.” more
Being Zoom'ed on Zoom has Organizations Worried, or they should be...
...experts warn that a rush to hold virtual meetings through
Zoom, which has close to 13m monthly active users, could pose security
risks.
The threat is so significant that British
Ministry of Defence staff were told this week that the use of Zoom was
being suspended with immediate effect while "security implications" were
investigated.
The biggest worry is that a sudden reliance on Zoom could allow
opportunistic hackers to quietly observe video calls as executives are
focused on responding to the spread of coronavirus.
...the idea of strangers barging into virtual meeting rooms should raise alarm. more
Online Zoom classes were disrupted by individuals spewing racist,
misogynistic or vulgar content. Experts say professors using Zoom should
familiarize themselves with the program's settings. more
Mysterious Hacker Group Eavesdropping on Corporate Email & FTP traffic
Since at least early December 2019, a mysterious hacker group has been taking over DrayTek enterprise routers to eavesdrop on FTP and email traffic inside corporate networks...Instead of abusing the device to launch DDoS attacks or re-route traffic as part of a proxy network, the hackers turned into a spy-box...
...researchers didn't speculate why hackers were collecting FTP and email traffic. But speaking to ZDNet over the phone, a security researcher pointed out that this looked like a classic reconnaissance operation...
"It's obvious they're logging traffic to collect login credentials for FTP and email accounts," the researcher told ZDNet. "Those creds are flying unencrypted over the network. They're easy pickings." more
Tuesday, March 24, 2020
BBC Spycam Documentary
In a new BBC documentary Stacey Dooley Investigates: Spycam Sex Criminals.
The crime no doubt happens all over the world, but is actually one that has been sweeping South Korea lately, as many have been found guilty of planting recording equipment in public places and then charging people to view the footage online...
The upcoming documentary will see our fave reporter look into the subject head on to give us an insight into the voyeuristic practice and how now, with such advanced technology, it's easier than ever to hide cameras in public places.
Some of the cameras being used are as small as the head of a needle and are so difficult to spot, but Stacey will be taken on patrol with an experienced spy cam hunters to uncover hiding places.
Stacey Dooley Investigates: Spycam Sex Criminals will be available on iPlayer from 6am on 1st April - something to add to your quarantined watch list. more
The crime no doubt happens all over the world, but is actually one that has been sweeping South Korea lately, as many have been found guilty of planting recording equipment in public places and then charging people to view the footage online...
Some of the cameras being used are as small as the head of a needle and are so difficult to spot, but Stacey will be taken on patrol with an experienced spy cam hunters to uncover hiding places.
Stacey Dooley Investigates: Spycam Sex Criminals will be available on iPlayer from 6am on 1st April - something to add to your quarantined watch list. more
Coronavirus Surveillance Escalates, Personal Privacy Plummets
Tracking entire populations to combat the pandemic now could open the doors to more invasive forms of government snooping later.
...government agencies are harnessing surveillance-camera footage, smartphone location data and credit card purchase records to help trace the recent movements of coronavirus patients and establish virus transmission chains...
...authorities are analyzing location data transmitted by citizens’ mobile phones to determine how many people are obeying a government lockdown order and the typical distances they move every day. About 40 percent are moving around “too much,” an official recently said.
...internal security agency is poised to start using a cache of mobile phone location data — originally intended for counterterrorism operations — to try to pinpoint citizens who may have been exposed to the virus...
...ratcheting up surveillance to combat the pandemic now could permanently open the doors to more invasive forms of snooping later. It is a lesson Americans learned after the terrorist attacks of Sept. 11, 2001, civil liberties experts say. more
...government agencies are harnessing surveillance-camera footage, smartphone location data and credit card purchase records to help trace the recent movements of coronavirus patients and establish virus transmission chains...
...authorities are analyzing location data transmitted by citizens’ mobile phones to determine how many people are obeying a government lockdown order and the typical distances they move every day. About 40 percent are moving around “too much,” an official recently said.
...internal security agency is poised to start using a cache of mobile phone location data — originally intended for counterterrorism operations — to try to pinpoint citizens who may have been exposed to the virus...
...ratcheting up surveillance to combat the pandemic now could permanently open the doors to more invasive forms of snooping later. It is a lesson Americans learned after the terrorist attacks of Sept. 11, 2001, civil liberties experts say. more
8 Steps to Control Cybersecurity Risk in a Work From Home Environment
During the COVID-19 pandemic and response, workers are heading home in record numbers. In this short 23-min. webinar, CI Security CTO Mike Simon covers the the critical work-from-home cybersecurity risks that employees need help with now.
The material is geared toward InfoSec and IT professionals, technical users, and team managers.
Top 8 Work From Home (WFH) Cybersecurity Priorities...
Step 1: Control the WFH Environment
Step 2: Control the WFH Computer
Step 3: Up Your Phishing Game
Step 4: Worry About Sensitive Documents and Regulated Data
Step 5: Watch for Cyber-Threats
Step 6: Expanding VPN
Step 7: Say No to Split-Tunnels
Step 8: Keep Great Records
The material is geared toward InfoSec and IT professionals, technical users, and team managers.
Top 8 Work From Home (WFH) Cybersecurity Priorities...
Step 1: Control the WFH Environment
Step 2: Control the WFH Computer
Step 3: Up Your Phishing Game
Step 4: Worry About Sensitive Documents and Regulated Data
Step 5: Watch for Cyber-Threats
Step 6: Expanding VPN
Step 7: Say No to Split-Tunnels
Step 8: Keep Great Records
Saturday, March 21, 2020
Remote Work, Security & Is Your Office Being Bugged While You're Home
It's a rule of thumb in cybersecurity that the more sensitive your system, the less you want it to touch the internet. But as the US hunkers down to limit the spread of Covid-19, cybersecurity measures present a difficult technical challenge to working remotely for employees... In some cases, working from home isn't an option at all...
Late last week, the US government's Cybersecurity and Infrastructure Security Agency issued an advisory to critical infrastructure companies to prepare for remote work scenarios as Covid-19 spreads...
But cybersecurity consultants who actually work with those high-stakes clients—including electric utilities, oil and gas firms, and manufacturing companies—say that it's not always so simple. For many of their most critical customers, and even more so for intelligence agencies, remote work and security don't mix. more
Special note to the business community...
Planting bugs is easy when your offices are empty. Business espionage types know this.
Quality TSCM sweep teams will be in demand and hard to book when Covid-19 subsides. Prepare now. Put your team on retainer.
If you don't have a quality provider contact us. We'll create a back-to-work inspection strategy, and a no-obligation estimate for you. ~Kevin
Late last week, the US government's Cybersecurity and Infrastructure Security Agency issued an advisory to critical infrastructure companies to prepare for remote work scenarios as Covid-19 spreads...
But cybersecurity consultants who actually work with those high-stakes clients—including electric utilities, oil and gas firms, and manufacturing companies—say that it's not always so simple. For many of their most critical customers, and even more so for intelligence agencies, remote work and security don't mix. more
Planting bugs is easy when your offices are empty. Business espionage types know this.
Quality TSCM sweep teams will be in demand and hard to book when Covid-19 subsides. Prepare now. Put your team on retainer.
If you don't have a quality provider contact us. We'll create a back-to-work inspection strategy, and a no-obligation estimate for you. ~Kevin
Quote of the Week
"Organizations' ham-fisted operational changes due to the novel
Coronavirus will create a field day for practitioners of
espionage--industrial and otherwise."
(Sent to me by a knowledgeable source.)
(Sent to me by a knowledgeable source.)
Surveillance App Reworked for Coronavirus Alerts
Health officials in Britain are building an app that would alert the
people who have come in contact with someone known to have the
coronavirus. The project aims to adapt China’s tracking efforts for
countries wary of government surveillance.
The project is an urgent effort by the British authorities to translate a surveillance tool deployed to fight China’s outbreak into something more palatable in Western democracies. The app is being developed for use in Britain, but could be adapted for other countries, particularly those with similarly centralized health systems, officials said.
The catch... Unlike the smartphone-tracking system used by the Chinese government, the British project would rely entirely on voluntary participation and would bank on people sharing information out of a sense of civic duty. more
The project is an urgent effort by the British authorities to translate a surveillance tool deployed to fight China’s outbreak into something more palatable in Western democracies. The app is being developed for use in Britain, but could be adapted for other countries, particularly those with similarly centralized health systems, officials said.
The catch... Unlike the smartphone-tracking system used by the Chinese government, the British project would rely entirely on voluntary participation and would bank on people sharing information out of a sense of civic duty. more
Friday, March 20, 2020
Will Working from Home Increase Business Espionage Opportunities
I received a question today about inductive coupling; gleaning computer data leaked on to power lines (aka, mains) from keyboards, screens, etc. The person mentioned this was possible if the residences shared the same power transformer.
"So, does the increase in work-from-home offices these days increase the business espionage threat?"
Interesting question. Got me thinking.
I replied...
You're correct about sharing a transformer. Information can be induced onto the mains and intercepted on that side of the circuit. Several floors in an apartment building and usually 3-4 homes in a residential neighborhood can share one transformer.
But, let's think this through...
Back before we all became computerized the mains lines were relatively noise-free. Carrier-current bugs and wireless intercoms worked quite well for transmitting audio. These days, the noise level is a digital cacophony, created by everyone who shares the circuit.
The very low signal level a keyboard might contribute would be difficult to hear. Segregating the signal from other digital noise would also be a challenge. With diligence and the right instrumentation deciphering this digital data is doable. It would not be a nosy neighbor doing this. If you got that far, you're probably a government and the home worker has a bigger than average problem.
Realistically speaking...
A fairly static group of mains users also reduces risk. Your neighbors aren't deep cover spies who have waited years for the chance you might be forced to work from home. Moving into a neighborhood or apartment building with spying intentions is possible, but not easy to do on a moments notice. There are easier ways to obtain even more information, with a lot less work, and greater chance of success.
Worry about these things...
The weak links in a home office are: the computer, wireless keyboards, Wi-Fi, and internet modems. Current versions of wireless keyboards use Bluetooth (30 foot range) with some pretty good security features. As for date leaking onto the mains... Most smart people use a UPS battery backup with filtering for their computers, so no problem there. For anyone without a UPS getting one is a very worthwhile recommendation for multiple reasons.
Threats the average home office faces...
Imagine this...
Your company needs to have a technical security consultant on retainer—because there is more to know.
"So, does the increase in work-from-home offices these days increase the business espionage threat?"
Interesting question. Got me thinking.
I replied...
You're correct about sharing a transformer. Information can be induced onto the mains and intercepted on that side of the circuit. Several floors in an apartment building and usually 3-4 homes in a residential neighborhood can share one transformer.
But, let's think this through...
Back before we all became computerized the mains lines were relatively noise-free. Carrier-current bugs and wireless intercoms worked quite well for transmitting audio. These days, the noise level is a digital cacophony, created by everyone who shares the circuit.
The very low signal level a keyboard might contribute would be difficult to hear. Segregating the signal from other digital noise would also be a challenge. With diligence and the right instrumentation deciphering this digital data is doable. It would not be a nosy neighbor doing this. If you got that far, you're probably a government and the home worker has a bigger than average problem.
Realistically speaking...
A fairly static group of mains users also reduces risk. Your neighbors aren't deep cover spies who have waited years for the chance you might be forced to work from home. Moving into a neighborhood or apartment building with spying intentions is possible, but not easy to do on a moments notice. There are easier ways to obtain even more information, with a lot less work, and greater chance of success.
Worry about these things...
The weak links in a home office are: the computer, wireless keyboards, Wi-Fi, and internet modems. Current versions of wireless keyboards use Bluetooth (30 foot range) with some pretty good security features. As for date leaking onto the mains... Most smart people use a UPS battery backup with filtering for their computers, so no problem there. For anyone without a UPS getting one is a very worthwhile recommendation for multiple reasons.
Threats the average home office faces...
- shared cable internet,
- Wi-Fi signal hacking,
- spyware viruses (data, audio and video compromise),
- Wi-Fi connected printer intercepts,
- information phishing scams,
- and none of the usual enterprise type protections.
Imagine this...
- Step #1: The spy purchases a USB Rubber Ducky (to crack into the computer) and an o.mg cable (to crack into the smartphone). Total cost: <$200.00.
- Step #2: Spy plops these into an old Amazon box and mails it to "the mark."
- Step #3: Mark goes, "Wow, cool. I didn't order this. Amazon must have screwed up. Not worth sending back. I'll keep it."
- Step #4: Mark plugs this windfall into his computer and phone.
- Step #5: Gotcha!
Your company needs to have a technical security consultant on retainer—because there is more to know.
Thursday, March 19, 2020
Face Masks v. Facial Recognition - China has it Covered
Hanwang, the facial-recognition company that has placed 2 million of its cameras at entrance gates across the world, started preparing for the coronavirus in early January.
Huang Lei, the company’s chief technical officer, said that even before the new virus was widely known about, he had begun to get requests...to update its software to recognize nurses wearing masks...
The company now says its masked facial recognition program has reached 95 percent accuracy in lab tests, and even claims that it is more accurate in real life, where its cameras take multiple photos of a person if the first attempt to identify them fails. more
Huang Lei, the company’s chief technical officer, said that even before the new virus was widely known about, he had begun to get requests...to update its software to recognize nurses wearing masks...
The company now says its masked facial recognition program has reached 95 percent accuracy in lab tests, and even claims that it is more accurate in real life, where its cameras take multiple photos of a person if the first attempt to identify them fails. more
The Best Way to Sumggle a Filing Cabinet of Secrets
An American citizen will spend the next four or so years behind bars in the US for smuggling corporate secrets out of the states to his spymasters in China.
A federal district judge this week sentenced Xuehua Edward Peng, 56, of Hayward, California, after he admitted handing over the trade secrets to Beijing. Peng earlier confessed that SD cards loaded with information stolen from an unspecified US company were left for him to collect at hotels by a contact only known as Ed.
Peng would also hide tens of thousands of dollars in hotel rooms for Ed to collect as payment. Lawyers said Peng spent years trafficking confidential info. more
Flashback to 2009 when we made a point about this vulnerability...
A federal district judge this week sentenced Xuehua Edward Peng, 56, of Hayward, California, after he admitted handing over the trade secrets to Beijing. Peng earlier confessed that SD cards loaded with information stolen from an unspecified US company were left for him to collect at hotels by a contact only known as Ed.
Peng would also hide tens of thousands of dollars in hotel rooms for Ed to collect as payment. Lawyers said Peng spent years trafficking confidential info. more
Flashback to 2009 when we made a point about this vulnerability...
Tuesday, February 25, 2020
Schools Using Kids' Phones to Track and Surveil Them
At least 10 schools across the US have installed radio frequency scanners, which pick up on the Wi-Fi and Bluetooth signals from students' phones and track them with accuracy down to about one meter, or just over three feet, said Nadir Ali, CEO of indoor data tracking company Inpixon.
His company has been in talks with other school districts, and a few schools in the Middle East are also considering the product... more
Bathroom Spycam'er Gives GoPro A Whole New Meaning
A New Jersey teen's recent routine visit to a bookstore turned into a horrible nightmare when someone filmed her while she was inside a bathroom stall, according to prosecutors.
Juan Mejia, 44, of Paterson was arrested on Wednesday at the Barnes & Noble bookstore in Clifton after he secretly videotaped two separate women who were using the bathroom stalls, according to the Passaic County Prosecutor's Office.
The incident happened when her teen daughter said she had to use the bathroom. So, Delaney said, she went upstairs to help her own mother find a book.
Shortly after getting upstairs, Delaney said, her phone "started going off like crazy."
It was her daughter "texting me that someone in the stall next to her was filming her with a GoPro, that she was scared, and to please find someone and help her," Delaney wrote.
Barnes & Noble issued a statement, saying the company was "disturbed" to learn of the incident... more
"Disturbed" is not the right response. Every business offering toilet, shower and/or changing facilities needs this.
Juan Mejia, 44, of Paterson was arrested on Wednesday at the Barnes & Noble bookstore in Clifton after he secretly videotaped two separate women who were using the bathroom stalls, according to the Passaic County Prosecutor's Office.
The incident happened when her teen daughter said she had to use the bathroom. So, Delaney said, she went upstairs to help her own mother find a book.
Shortly after getting upstairs, Delaney said, her phone "started going off like crazy."
It was her daughter "texting me that someone in the stall next to her was filming her with a GoPro, that she was scared, and to please find someone and help her," Delaney wrote.
Barnes & Noble issued a statement, saying the company was "disturbed" to learn of the incident... more"Disturbed" is not the right response. Every business offering toilet, shower and/or changing facilities needs this.
Thursday, February 20, 2020
Ultrasonic Bracelet Claims to Jam Eavesdropping Microphones
Spying isn’t the same as it was in the old days. Today, an inconspicuous smart speaker could be recording every word you say in your own home. That threat of invaded privacy will only continue to grow as more microphone-enabled devices are released in the years to come.
to combat it. They created a bracelet that uses ultrasonic signals to jam nearby microphones. Though it isn’t something that most people would need to use on a daily basis it could represent a picture of what jewelry will need to be in the future—both stylish and functional.
The experimental version is quite clunky, looking more like a piece of audio equipment than jewelry. However, that design has a purpose. The bracelet’s array of 24 speakers emit imperceptible ultrasonic signals. To nearby microphones, these signals come across as loud static that effectively drowns out any speech in the vicinity. more
This eavesdropping countermeasure has been around forever. We experimented with it back in the 80's. It's effectiveness can be very iffy, its downsides serious. Read more about it here.
Chief Bugged: Former City Council Candidate Arrested at Meeting
CA - Former City Council candidate James Clinton Davies sentenced to three years probation in eavesdropping case.
The charge stemmed from illegally recording a private conversation he had with Tehachapi Police Chief Kent Kroeger after being invited into the chief's office, and not announcing he was recording or requesting permission to record. more
Frank Anderson, Former Spy Who Supplied Afghan Insurgents, Dies at 78
Frank Anderson, an American spymaster who oversaw the Central Intelligence Agency’s covert mission to funnel weapons and other support to Afghan insurgents fighting their Soviet occupiers in the 1980s, died on Jan. 27 in Sarasota, Fla. He was 78.The cause was a stroke, his wife, Donna Eby Anderson, said. Mr. Anderson lived in Sarasota and had been in hospice care.
During his nearly 27 years with the C.I.A., Mr. Anderson became the ranking American clandestine officer in the Arab world.
He served as Beirut station chief; was promoted to chief of the Near East and South Asia division of the agency’s Directorate of Operations, its covert branch; and directed the agency’s technical services division, a role similar to that of James Bond’s “Q.” more
Soviet Spy Radio - Discovered Buried in Germany
Archaeologists digging for the remains of a Roman villa near the German city of Cologne have found a sophisticated Soviet spy radio that was buried there shortly before the fall of the Iron Curtain.
The spy radio (USSR spy radio set - Swift Mark IIIR-394KM, codenamed Strizh) was buried inside a large metal box that was hermetically sealed with a rubber ring and metal screws.
Although the radio's batteries had run down after almost 30 years in the ground, the box hissed with inrushing air when it was opened.
"Everything in the box was carefully encased in wrapping paper — it is a factory-fresh radio," said archaeologist Erich Classen from the Rhineland Regional Association (LVR). more
Collectors and Hams: Time to break out your metal detectors. ~Kevin
Although the radio's batteries had run down after almost 30 years in the ground, the box hissed with inrushing air when it was opened.
"Everything in the box was carefully encased in wrapping paper — it is a factory-fresh radio," said archaeologist Erich Classen from the Rhineland Regional Association (LVR). more
Collectors and Hams: Time to break out your metal detectors. ~Kevin
Friday, February 14, 2020
Spy Fail: Alleged Huawei Spy Caught Disguised as 'Weihua' Employee
That's apparently all one Huawei employee spy did to disguise himself during a late-night attempt to steal technology from a U.S. competitor.
Needless to say, it wasn't exactly successful.
This hilarious new detail emerged as part of the United States government's indictment of the Chinese firm on charges of racketeering and conspiracy to steal trade secrets. The indictment lays out how the company sought to steal the intellectual property of six different U.S. tech companies — though not every attempt was particularly sophisticated. more
Thursday, February 13, 2020
AI News: The Farm Bots Are Here... finally
IL - In a research field off Highway 54 last
autumn, corn stalks shimmered in rows 40-feet deep. Girish Chowdhary, an
agricultural engineer at the University of Illinois at
Urbana-Champaign, bent to place a small white robot at the edge of a row
marked 103.
The robot, named TerraSentia, resembled a souped up version
of a lawn mower, with all-terrain wheels and a high-resolution camera
on each side.
In much the same way
that self-driving cars “see” their surroundings, TerraSentia navigates a
field by sending out thousands of laser pulses to scan its environment.
A few clicks on a tablet were all that were needed to orient the robot
at the start of the row before it took off, squeaking slightly as it
drove over ruts in the field. more
Farm Bots from 48 years ago,
in your weekend movie,
Wednesday, February 12, 2020
Wireless Tech to Steal Luxury Cars in Seconds
As they both walked through a dimly lit parking garage, one of the
pair of men peered at a black, laptop-sized device inside his messenger
bag. Using buttons on its outer case, he flicked through various
options on the device's bright LED screen before landing on his choice....
"EvanConnect," one of the men in the video who goes by a pseudonym online, embodies a bridge between digital and physical crime. These devices he sells for thousands of dollars let other people break into and steal high end vehicles. He claims to have had clients in the U.S., UK, Australia, and a number of South American and European countries.
"Honestly I can tell you that I have not stolen a car with technology," Evan told Motherboard. "It's very easy to do but the way I see it: why would I get my hands dirty when I can make money just selling the tools to other people." more
"EvanConnect," one of the men in the video who goes by a pseudonym online, embodies a bridge between digital and physical crime. These devices he sells for thousands of dollars let other people break into and steal high end vehicles. He claims to have had clients in the U.S., UK, Australia, and a number of South American and European countries.
"Honestly I can tell you that I have not stolen a car with technology," Evan told Motherboard. "It's very easy to do but the way I see it: why would I get my hands dirty when I can make money just selling the tools to other people." more
How to Delete Your Personal Information From People-Finder Sites
While some sites might have a link for removing personal information, the actual process could be convoluted.
Spokeo is, perhaps, the simplest. You just find your profile page on the site, go to spokeo.com/optout, and then type (or paste) the link along with your email address so you can confirm.
Others are not as straightforward. At Whitepages, you have to paste the URL to your profile at whitepages.com/suppression_requests, and then type the reason you want to opt-out. After that, you have to provide your phone number—yes, you have to give a data broker your phone number. You then receive a call from a robot, which gives you a verification code you have to type on the website to complete the process.
The ultimate indignity? 411.info actually charges a fee if you want it to remove your info. more
Spokeo is, perhaps, the simplest. You just find your profile page on the site, go to spokeo.com/optout, and then type (or paste) the link along with your email address so you can confirm.
Others are not as straightforward. At Whitepages, you have to paste the URL to your profile at whitepages.com/suppression_requests, and then type the reason you want to opt-out. After that, you have to provide your phone number—yes, you have to give a data broker your phone number. You then receive a call from a robot, which gives you a verification code you have to type on the website to complete the process.
The ultimate indignity? 411.info actually charges a fee if you want it to remove your info. more
The CIA's Greatest Hit... that we know of so far.
For more than half a century, governments all over the world trusted a single company to keep the communications of their spies, soldiers and diplomats secret. The company, Crypto AG, got its first break with a contract to build code-making machines for U.S. troops during World War II. Flush with cash, it became a dominant maker of encryption devices for decades...
The Swiss firm made millions of dollars selling equipment to more than 120 countries well into the 21st century. Its clients included Iran, military juntas in Latin America, nuclear rivals India and Pakistan, and even the Vatican.
But what none of its customers ever knew was that Crypto AG was secretly owned by the CIA in a highly classified partnership with West German intelligence. These spy agencies rigged the company’s devices so they could easily break the codes that countries used to send encrypted messages. more
Talk about your self-licking ice cream cone.
Profit from selling expensive crypto gear.
Profit by deciphering everything going through it.
Brilliant! ~Kevin
Thursday, February 6, 2020
US Weapons-Makers Plagued by Industrial Espionage
The U.S. defense industrial base received a "mediocre C" report-card grade as it struggles to stay ahead of adversaries, such as China, that rely on stealing American military secrets to remain competitive, according to a new report from the National Defense Industrial Association (NDIA).
"Vital Signs 2020: The Health and Readiness of the Defense Industrial Base," a data-based report compiled by NDIA and the data analytics firm Govini, analyzed 44 statistical indicators ranging from potential threats to digital systems to surge capacity over the last three years.
The report then graded eight performance areas -- on a scale of 100 -- for an average grade of 77 for 2019. more
The report then graded eight performance areas -- on a scale of 100 -- for an average grade of 77 for 2019. more
Book: Chinese Communist Espionage: An Intelligence Primer
Chinese Communist Espionage: An Intelligence Primer
Chinese espionage hinges on a sophisticated network of spies focused on state-sponsored tech theft, according to a new book that dispels outdated theories of how Beijing collects intelligence around the world.
Why it matters: Old tropes cast all ethnic Chinese as potential amateur spies, a belief which has led to racial profiling. In reality, China's intelligence agencies employ highly trained professionals who operate much like spies from any other country.
Details: Published late last year by the Naval Institute Press, doubles as an explainer of how Chinese espionage works and as a brief encyclopedia of key figures.
Chinese espionage hinges on a sophisticated network of spies focused on state-sponsored tech theft, according to a new book that dispels outdated theories of how Beijing collects intelligence around the world.
Why it matters: Old tropes cast all ethnic Chinese as potential amateur spies, a belief which has led to racial profiling. In reality, China's intelligence agencies employ highly trained professionals who operate much like spies from any other country.
Details: Published late last year by the Naval Institute Press, doubles as an explainer of how Chinese espionage works and as a brief encyclopedia of key figures.
- The book's authors are Peter Mattis, a former CIA counterintelligence analyst, and Matthew Brazil, a former US Army officer and diplomat.
- Their main message: That Chinese espionage is neither mysterious nor totally different than that practiced by other nations. more
Business Club Teacher Charged in Spy Camera Case
A Wisconsin high school teacher facing federal child pornography charges was charged Wednesday in Minnesota with trying to secretly record students in their Minneapolis hotel rooms on a business club trip.
Hennepin County prosecutors charged David Kruchten, 37, of Cottage Grove, Wisconsin, with three felony counts of interfering with the privacy of a minor under 18.
Kruchten is a teacher at Madison East High School and was chaperoning students on a trip to Minneapolis in December. Authorities allege Kruchtenhid cameras in a smoke detector and two air fresheners planted in students’ hotel bathrooms at the Hyatt Regency in downtown Minneapolis....
The automatic air fresheners and a smoke detector were “oriented to face toward the toilet and shower area. One of the victims noticed an air freshener on her bathroom counter and went to press a button that she believed would activate the spray. When she pressed it, the device opened up to reveal the inner workers of a surveillance camera and other related electronics,” the complaint said. more find spycams yourself sing-a-long
Hennepin County prosecutors charged David Kruchten, 37, of Cottage Grove, Wisconsin, with three felony counts of interfering with the privacy of a minor under 18.
Kruchten is a teacher at Madison East High School and was chaperoning students on a trip to Minneapolis in December. Authorities allege Kruchtenhid cameras in a smoke detector and two air fresheners planted in students’ hotel bathrooms at the Hyatt Regency in downtown Minneapolis....
The automatic air fresheners and a smoke detector were “oriented to face toward the toilet and shower area. One of the victims noticed an air freshener on her bathroom counter and went to press a button that she believed would activate the spray. When she pressed it, the device opened up to reveal the inner workers of a surveillance camera and other related electronics,” the complaint said. more find spycams yourself sing-a-long
Tuesday, February 4, 2020
In the Era of Hacking, Bugs Remain a Critical Espionage Threat
via Scott Stewart, Vice President Tactical Analysis at Stratfor
HIGHLIGHTS
HIGHLIGHTS
- While cyberattacks offer a powerful means for corporate surveillance, it is important to remember that it is just one option in the espionage toolbox.
- Some information, such as in-person conversations, cannot be obtained through hacks and thus require the use of other tools, such as human intelligence collection insiders or covert audio and video recorders and transmitters (bugs).
- Today, bugs are cheaper, smaller and easier to obtain than ever — and the number being deployed and discovered is vastly under-reported, masking the true scope of the threat.
- Therefore, in order to adequately combat corporate espionage, organizations must also implement security measures to protect against bugging. more
Brazen B&E to Plant Spy TV
NY - State Police have arrested a Town of Moreau man for breaking into a home and hiding a recording device in a bedroom.
State Police in Wilton arrested 39-year-old Todd D. Derush. Police say Derush unlawfully entered the home of the victim and hid a recording device in their bedroom. Derush's actions were in violation of a full stay away order of protection barring Derush from being on the property, according to State Police. more
State Police in Wilton arrested 39-year-old Todd D. Derush. Police say Derush unlawfully entered the home of the victim and hid a recording device in their bedroom. Derush's actions were in violation of a full stay away order of protection barring Derush from being on the property, according to State Police. more
Spies in the Skys
SPY ONE
From 1957, when he first started working on the project, until 2011 when it was declassified, Dave McDowell was sworn to secrecy.
But now, the results of this once top-secret Kodak program is on full display at the Strasenburg Planetarium.
“Awe” is how McDowell described what he felt standing in front of the exhibit. “It’s something we designed and built in Rochester, and this one didn’t fly in space, but 48 others exactly like it did.”
The top-secret project was the optical system for Gambit-1, a national reconnaissance satellite. Kodak engineers designed and built what was essentially a large camera encased in a capsule. It was a revolutionary technology at that time, and it played a significant role in U.S. national security in the Cold War era. more
SPY TWO
On January 20, something rather strange happened in orbit. A Russian satellite suddenly maneuvered itself so that it was closely shadowing a US spy satellite.
The pair are now less than 186 miles (300 kilometers) apart—a short distance when it comes to space. While we don’t know for sure what’s going on, the Russian satellite’s actions strongly suggest it is there to spy on the US one—and there is very little the US can do about it. more
From 1957, when he first started working on the project, until 2011 when it was declassified, Dave McDowell was sworn to secrecy.
But now, the results of this once top-secret Kodak program is on full display at the Strasenburg Planetarium.
“Awe” is how McDowell described what he felt standing in front of the exhibit. “It’s something we designed and built in Rochester, and this one didn’t fly in space, but 48 others exactly like it did.”
The top-secret project was the optical system for Gambit-1, a national reconnaissance satellite. Kodak engineers designed and built what was essentially a large camera encased in a capsule. It was a revolutionary technology at that time, and it played a significant role in U.S. national security in the Cold War era. more
SPY TWO
On January 20, something rather strange happened in orbit. A Russian satellite suddenly maneuvered itself so that it was closely shadowing a US spy satellite.
The pair are now less than 186 miles (300 kilometers) apart—a short distance when it comes to space. While we don’t know for sure what’s going on, the Russian satellite’s actions strongly suggest it is there to spy on the US one—and there is very little the US can do about it. more
Monday, February 3, 2020
How to Turn a Tesla Into a Surveillance Station
Truman Kain, senior information security analyst at Tevora, has developed a new device called the Surveillance Detection Scout. As Wired describes it, the DIY computer plugs into the dashboard USB port of a Tesla Model S, 3 or X and uses the car’s built-in cameras to read license plates and faces to alert the driver if someone is following them.
“It turns your Tesla into an AI-powered surveillance station,” Kain told the magazine. “It’s meant to be another set of eyes, to help out and tell you it’s seen a license plate following you over multiple days, or even multiple turns of a single trip.” more
“It turns your Tesla into an AI-powered surveillance station,” Kain told the magazine. “It’s meant to be another set of eyes, to help out and tell you it’s seen a license plate following you over multiple days, or even multiple turns of a single trip.” more
Sunday, February 2, 2020
Encryption Using Palindrome Number (Never odd or even.)
Posted in honor of this special day*
This paper provides a technique for message security in which palindrome number is used for encryption message. Colour is important in authentication process as it acts as a password. Using this technique message can be protected from on-line cyber crime and accessible to an authorized individual when required. more
Who cares? The important thing is this historical date...
02/02/2020
*Palindrome Day... for the first time in 909 years! Wow, yet another palindrome!
Here in the U.S., it is also a trifecta: Palindrome Day, Groundhog Day and Superbowl Sunday.
This paper provides a technique for message security in which palindrome number is used for encryption message. Colour is important in authentication process as it acts as a password. Using this technique message can be protected from on-line cyber crime and accessible to an authorized individual when required. more
Who cares? The important thing is this historical date... 02/02/2020
*Palindrome Day... for the first time in 909 years! Wow, yet another palindrome!
Here in the U.S., it is also a trifecta: Palindrome Day, Groundhog Day and Superbowl Sunday.
Saturday, February 1, 2020
FutureWatch: You've Probably Been Photo-Napped by an App
Clearview AI, devised a groundbreaking facial recognition app. You take a picture of a person, upload it and get to see public photos of that person, along with links to where those photos appeared.
The system — whose backbone is a database of more than three billion images that Clearview claims to have scraped from Facebook, YouTube, Venmo and millions of other websites — goes far beyond anything ever constructed by the United States government or Silicon Valley giants...
The computer code underlying its app, analyzed by The New York Times, includes programming language to pair it with augmented-reality glasses; users would potentially be able to identify every person they saw...
Searching someone by face could become as easy as Googling a name. Strangers would be able to listen in on sensitive conversations, take photos of the participants and know personal secrets. Someone walking down the street would be immediately identifiable — and his or her home address would be only a few clicks away. It would herald the end of public anonymity. more
The computer code underlying its app, analyzed by The New York Times, includes programming language to pair it with augmented-reality glasses; users would potentially be able to identify every person they saw...
Searching someone by face could become as easy as Googling a name. Strangers would be able to listen in on sensitive conversations, take photos of the participants and know personal secrets. Someone walking down the street would be immediately identifiable — and his or her home address would be only a few clicks away. It would herald the end of public anonymity. more
Subscribe to:
Comments (Atom)