You are never more vulnerable to information abuse and theft than during a recession. Put your independent information security consultant into overdrive. Skimp on something else to save money.
A cautionary tale...
An insider at the California Water Service Company in San Jose broke into the company's computer system and transferred $9 million into offshore bank accounts and fled the country.
Abdirahman Ismail Abdi, 32, was an auditor for the water company, which delivers drinking water throughout the state and is located in San Jose, Calif. Abdi resigned from his position on April 27. Allegedly, that night he went back to work and made three wire transfers totaling more than $9 million from the company's accounts to an account in Qatar.
Abdi is not a U.S. citizen and was ordered deported to Somalia in 2005, the Mercury News reported. (Don't skimp on background checks either.)
“The downturn in the economy is raising the internal security threat levels dramatically, as more and more disgruntled ex-employees take advantage of the fact that their ex-employer did not decommission their access credentials,” Torsten George, vice president, worldwide marketing, ActivIdentity, told SCMagazineUS.com on Friday in an email.
According to a survey of more than 200 organizations globally conducted by Deloitte Touche Tohmatsu, the number one security problem reported by IT security auditors was “excessive access rights.”
The buzz...
In addition, only 28 percent of respondents rated themselves as “very confident” or “extremely confident” with regard to internal threats, which is down from 51 percent in 2008.
Companies can protect sensitive data by limiting information access to only those employees who must have it, the survey said. (more)
Tuesday, May 19, 2009
Monday, May 18, 2009
Business Espionage - Spying on the Board
French car-parts maker Valeo SA said it had sued an unidentified person it says secretly recorded some board-member meetings and separately said it would try to recover €3.2 million ($4.3 million) in severance from ousted Chairman and Chief Executive Thierry Morin.
The suit, filed with a Paris court, identifies the person responsible for the recordings only as "X." Under French law, a suit can be filed without publicly identifying the accused. However, a person familiar with the matter said the company believed Mr. Morin was responsible for making the recordings. Telephone calls to Mr. Morin weren't returned Monday...
French radio station RTL last month reported that Mr. Morin had installed sophisticated recording technology in the boardroom, allowing him to eavesdrop on meetings from which he was excluded and at which he was discussed. (more)
The suit, filed with a Paris court, identifies the person responsible for the recordings only as "X." Under French law, a suit can be filed without publicly identifying the accused. However, a person familiar with the matter said the company believed Mr. Morin was responsible for making the recordings. Telephone calls to Mr. Morin weren't returned Monday...
French radio station RTL last month reported that Mr. Morin had installed sophisticated recording technology in the boardroom, allowing him to eavesdrop on meetings from which he was excluded and at which he was discussed. (more)
SpyCam Story #529 - "What's up Doc?"
The story you are about to read is real. Names have been dropped to protect the people involved and the city being sued. Just coincidence? You decide. (Dum-da-dum-dum...)
Charges were dropped against a ["revered for his expertise" professional] accused of spying on his patients... he was was arrested and spent a night in jail, after a patient falsely accused him of putting a hidden camera in an office bathroom.
He says a security lightbulb was used to keep an eye on his children in the backyard of his home, but the bulb was in his office because it was broken and he was ordering a new one.
His attorney said a construction worker grabbed the security bulb off the desk, and it was his account that helped drop the charges.
"The contractor went on his own volition and explained to the district attorney's office that he accidently put the non working security device in the bathroom thinking it was a lightbulb. It's really that simple, but again no one wanted to listen..."
The [city police] said they responded to a legitimate complaint.
Prosecutors dismissed the case saying in court, they had interviewed several witnesses, one of whom "offered an innocent explanation to the placement of the surveillance light bulb in the office bathroom of the defendant."
They went on to say, "[He] did not commit the crime with which he was charged."
[He] is suing the city for $[x] million.
from another report...
[He] said he used the bulb as an outdoor monitoring system to watch his kids while they played outside at home if he got called inside. The surveillance system wasn't a secret, he said.
"Everybody who knows me knows it didn't happen because everybody knew that I bought this thing for the backyard of my house," he said. "The kids helped me set it up."
[His] father was very ill with Parkinson's disease, and the family was in the process of moving from [the suburbs] to [the city], he said.
He brought the bulb down to the city to order a new encoder box that transmits the signal to a monitor. The original box was misplaced when the family was packing to move, he said.
from another report...
"At 5 until 12 I get a call from my secretary saying this guy thinks you're watching him pee. He called 9-11. He called the cops," [he] explained.
One of [his] patients called police when he found a light bulb with a small hidden surveillance camera in the men's bathroom.
Turns out a contractor doing work at the office accidentally installed the light.
[He] took the bulb to work that day to get it fixed.
from another report...
He said he brought it to work because he needed the code number on the camera to order a new one.
A contractor working in the office at night as part of an office expansion project told investigators he could not find a bulb when the light blew out in the bathroom, so he screwed in the broken one he found on [his] desk.
The public is generally aware of only one "lightbulb camera;" code number SVS-1. Sold on ebay and from many Web sites. It does not light. Simply a camera in lightbulb clothing, it transmits video over power lines. A decoder box is required to receive the signal. What is your verdict? (Dum-da-dum-dum-daaa...)
Charges were dropped against a ["revered for his expertise" professional] accused of spying on his patients... he was was arrested and spent a night in jail, after a patient falsely accused him of putting a hidden camera in an office bathroom.
He says a security lightbulb was used to keep an eye on his children in the backyard of his home, but the bulb was in his office because it was broken and he was ordering a new one.
His attorney said a construction worker grabbed the security bulb off the desk, and it was his account that helped drop the charges.
"The contractor went on his own volition and explained to the district attorney's office that he accidently put the non working security device in the bathroom thinking it was a lightbulb. It's really that simple, but again no one wanted to listen..."
The [city police] said they responded to a legitimate complaint.
Prosecutors dismissed the case saying in court, they had interviewed several witnesses, one of whom "offered an innocent explanation to the placement of the surveillance light bulb in the office bathroom of the defendant."
They went on to say, "[He] did not commit the crime with which he was charged."
[He] is suing the city for $[x] million.
from another report...
[He] said he used the bulb as an outdoor monitoring system to watch his kids while they played outside at home if he got called inside. The surveillance system wasn't a secret, he said.
"Everybody who knows me knows it didn't happen because everybody knew that I bought this thing for the backyard of my house," he said. "The kids helped me set it up."
[His] father was very ill with Parkinson's disease, and the family was in the process of moving from [the suburbs] to [the city], he said.
He brought the bulb down to the city to order a new encoder box that transmits the signal to a monitor. The original box was misplaced when the family was packing to move, he said.
from another report...
"At 5 until 12 I get a call from my secretary saying this guy thinks you're watching him pee. He called 9-11. He called the cops," [he] explained.
One of [his] patients called police when he found a light bulb with a small hidden surveillance camera in the men's bathroom.
Turns out a contractor doing work at the office accidentally installed the light.
[He] took the bulb to work that day to get it fixed.
from another report...
He said he brought it to work because he needed the code number on the camera to order a new one.
A contractor working in the office at night as part of an office expansion project told investigators he could not find a bulb when the light blew out in the bathroom, so he screwed in the broken one he found on [his] desk.
The public is generally aware of only one "lightbulb camera;" code number SVS-1. Sold on ebay and from many Web sites. It does not light. Simply a camera in lightbulb clothing, it transmits video over power lines. A decoder box is required to receive the signal. What is your verdict? (Dum-da-dum-dum-daaa...)
Password Protection - Stick it in Your Ear
You are the victim of identity theft and the fraudster calls your bank to transfer money into their own account. But instead of asking them for your personal details, the bank assistant simply presses a button that causes the phone to produce a brief series of clicks in the fraudster's ear. A message immediately alerts the bank that the person is not who they are claiming to be, and the call is ended.
Such a safeguard could one day be commonplace, if a new biometric technique designed to identify the person on the other end of a phone line proves successful. The concept relies on the fact that the ear not only senses sound but also makes noises of its own, albeit at a level only detectable by supersensitive microphones.
If those noises prove unique to each individual, it could boost the security of call-centre and telephone-banking transactions and reduce the need for people to remember numerous identification codes. Stolen cellphones could also be rendered useless by programming them to disable themselves if they detect that the user of the phone is not the legitimate owner.
Called otoacoustic emissions (OAEs), the ear-generated sounds emanate from within the spiral-shaped cochlea in the inner ear. (more)
Such a safeguard could one day be commonplace, if a new biometric technique designed to identify the person on the other end of a phone line proves successful. The concept relies on the fact that the ear not only senses sound but also makes noises of its own, albeit at a level only detectable by supersensitive microphones.
If those noises prove unique to each individual, it could boost the security of call-centre and telephone-banking transactions and reduce the need for people to remember numerous identification codes. Stolen cellphones could also be rendered useless by programming them to disable themselves if they detect that the user of the phone is not the legitimate owner.
Called otoacoustic emissions (OAEs), the ear-generated sounds emanate from within the spiral-shaped cochlea in the inner ear. (more)
Hotel 56 "We'll leave the bug on for you."
Tanzania - Karatu member of parliament Dr Wilbrod Slaa has criticized the police for what he described as their continuing failure to charge anyone in the case of the eavesdropping devices placed in his hotel room during the last National Assembly session in Dodoma back in February.
Two such devices were discovered in the adjacent rooms of Dr Slaa, the deputy leader of the opposition camp in parliament on a CHADEMA ticket, and that of another opposition legislator, Dr Ali Tarab Ali (CUF), at Hotel 56 in the designated capital. (more)
Two such devices were discovered in the adjacent rooms of Dr Slaa, the deputy leader of the opposition camp in parliament on a CHADEMA ticket, and that of another opposition legislator, Dr Ali Tarab Ali (CUF), at Hotel 56 in the designated capital. (more)
Next Year's Dayton Celebrities
Brazil and the U.S. have been arresting people who have been illegally using obsolete, but still functioning, U.S. Navy FLTSATCOM communications satellites...As the navy stopped using FLTSATCOM in the late 1990s (shifting over to the more efficient UFO satellites), ham radio users in Brazil discovered that the FLTSATCOM satellites had no security on them.
If you knew the frequency and had a satellite dish, you could send a signal to the FLTSATCOM satellite, that would then automatically be rebroadcast by the satellite over a wide area below...Brazilians found that they could simply use FLTSATCOM to communicate over a wide area (the interior of the country) that lacked telephones. (more)
Saturday, May 16, 2009
Lebanon Displays Captured Spy Gear
Lebanon put on public display equipment an official said was used by alleged Israeli spy networks inside the 
country, including a water cooler equipped with a mapping device.
In addition to the water cooler the gadgets included a leather purse and keychains with secret compartments as well as a can for motor oil used to hide mini tapes, a radio and forged identification papers.
The alleged spies used the seemingly innocuous items to communicate with Israel using encrypted messages, the official said. (more)
country, including a water cooler equipped with a mapping device.
In addition to the water cooler the gadgets included a leather purse and keychains with secret compartments as well as a can for motor oil used to hide mini tapes, a radio and forged identification papers.
The alleged spies used the seemingly innocuous items to communicate with Israel using encrypted messages, the official said. (more)
"Get a room."
Joe Paradiso and Yasuhiro Ono of the Massachusetts Institute of Technology have just patented a system for a roving cone of silence, so that you can walk around your office building without anyone ever eavesdropping on you. The inventors are trying to fix a common problem in open-plan offices: the sound of conversations that carry across the room, making your every phone call into fodder for other people's gossip sessions.
So they devised a sound-damping sensor, comprised of an infra-red motion-detector, a speaker and a microphone. These would be scattered around the walls of an office.
You can then activate your personal mute button from your computer. The system locks onto you, identifies anyone close enough to eavesdrop, and hits them with a murmur of white noise so they can't hear you.
The downside is that this system requires lots of infrastructure, not to mention the creepiness of having your moves watched by a computer that tags you as a nosey eavesdropper. (more)
If your conversations are really that important, get a room, your own office, a conference room. Sweep your rooms regularly for bugs, of course. ~ Kevin
Spies Need a Safe Place to Eat
The Safe House is located on the hard-to-find Front Street, which is basically an alley that runs one block west of Water Street between Wells and Mason Streets. The building -- adorned with a few flags -- does not have a Safe House sign, but does have a small placard that reads "International Exports Ltd." After trying two other locked doors, the boys finally found an unlocked door that led them into a very small room with a large book shelf.
At night, guests are greeted by a person -- playing the role of "Ms. Moneypenny" from the James Bond films -- who asks for the password. During the day, however, a voice pipes through a speaker (this is a new feature) and asks if you know the password.
The password has not changed in four decades, but if you do not say it exactly right, you are asked to take a special "spy test" proving that you are indeed a spy who deserves entry into the Safe House. At night, the spy test can get a bit sassy, but when kids are involved, the test is G-rated, requiring those that don't know the password to like act like a monkey or hop on one foot.
Video cameras are hidden in the wall of the Safe House entry way, so unbeknownst to the new guests, diners are watching their antics on television screens inside the restaurant.
If you whisper the password correctly into the speaker, or once you pass the spy test if you didn't know the password, the faux book shelf opens like a door and allows you to walk down a hallway to the bar / restaurant. The Safe House opened in the late '60s, and since then, very little has changed. (more)
Prove you are a worthy secret agent, man.
Figure out Safe House's home city.
Be seeing you.
~ Kevin
Would You Trade Privacy for Communications?
How much information do you think your mobile phone company has about you? Your address, your bank details... what about your religion? Or your sexuality? Does it know if you've been speeding?
Well at the moment, probably not.
But a new report (from FIDIS - Future of Identity in the Information Society) is warning that if we sign up to agreements without reading them properly, this could become a reality. (more)
Give this a few seconds of thought. The phone companies already have a pretty good idea of who you are, where you are and where you go - especially if your phone has GPS capabilities. Valuable info. They would love to sell it.
FutureWatch... They will sell it. Keep an eye on future service contracts. You will ride the slippery slope. Think you'll protest? Not if they give you "free" calls in exchange. That's how much your privacy is worth to someone else.
Well at the moment, probably not.
But a new report (from FIDIS - Future of Identity in the Information Society) is warning that if we sign up to agreements without reading them properly, this could become a reality. (more)
Give this a few seconds of thought. The phone companies already have a pretty good idea of who you are, where you are and where you go - especially if your phone has GPS capabilities. Valuable info. They would love to sell it.
FutureWatch... They will sell it. Keep an eye on future service contracts. You will ride the slippery slope. Think you'll protest? Not if they give you "free" calls in exchange. That's how much your privacy is worth to someone else.
Thursday, May 14, 2009
Alert: In-Flight Internet... aka InfoButterfly.Net
via Netragard, LLC...
Airline passangers' personal computer information can be easily hacked while in flight.
The wireless inflight airline internet access service, GoGo Inflight Internet ("GoGo"), which enables travelers to access the internet while in flight does not encrypt communications between users (passengers) and the Wireless Access Points on the aircraft.
As a result of this lack of encryption it is easy to intercept and record all data sent and received by passengers. This poses significant risk to passengers and their respective businesses as sensitive information is sent over the air without encryption. This information can include, emails, email attachments, email content, usernames and
passwords,credit card information, social security numbers, methods for accessing business networks, trade secrets, etc.
This information can be intercepted and recorded by anyone on the aircraft with a WiFi capable
laptop/device. (more)
P.S. Things named GoGo seem to be really cool but don't last. Just sayin'. (Goggo mobile) (GoGo National Airlines) (GoGo dancers) (sing-a-long) (Psycho a Go-Go) (Secret GoGo) (Beat GoGos) (Surf GoGo) (GoGo!7188-C7) (Road Runner GoGo) (88 GoGo) (Tokyo A Go Go) (Goin to a GoGo) (GoGo Brothers) (Ghoul A Go-Go) (GO GO HAPPY DAY) (Penn Gillett Rescuing a Go-Go Dancer NSFW) but I digress.
Remember... Don't do anything more sensitive on the airplane than read USA Today... no email, no accessing your corporate web site, no bidding on ebay, no buying viagra, etc., etc.
UPDATE - Gogo Inflight Internet service deserves equal time. It is, after all, providing a very useful and wanted service. The information released by Netragard, LLC applies to all public Wi-Fi hot spots, and to single out Gogo makes their motives suspect.
The problem of public Wi-Fi spying is why I mentioned Hotspot Shield, a FREE VPN, a while back. (more)
Gogo would like you to know...
"To date, Aircell and its carrier partners have not identified any network security vulnerabilities in the Gogo Inflight Internet service that are threats to our customers. Credit card transactions to access Gogo are encrypted and fully secure. Other Internet traffic on the Gogo network is as secure as any public Wi-Fi hotspot in a hotel, airport or coffee house. For users who wish a higher level of information security, Gogo supports virtually all VPN clients. Aircell is committed to our customers' safety and security both in the air and online and will do all we can to ensure our customers' information remains secure and private."
Go with Gogo and be as cautious as you would at any public Wi-Fi hotspot. VPN it. ~ Kevin
Airline passangers' personal computer information can be easily hacked while in flight.
The wireless inflight airline internet access service, GoGo Inflight Internet ("GoGo"), which enables travelers to access the internet while in flight does not encrypt communications between users (passengers) and the Wireless Access Points on the aircraft.
As a result of this lack of encryption it is easy to intercept and record all data sent and received by passengers. This poses significant risk to passengers and their respective businesses as sensitive information is sent over the air without encryption. This information can include, emails, email attachments, email content, usernames and
passwords,credit card information, social security numbers, methods for accessing business networks, trade secrets, etc.This information can be intercepted and recorded by anyone on the aircraft with a WiFi capable
laptop/device. (more)P.S. Things named GoGo seem to be really cool but don't last. Just sayin'. (Goggo mobile) (GoGo National Airlines) (GoGo dancers) (sing-a-long) (Psycho a Go-Go) (Secret GoGo) (Beat GoGos) (Surf GoGo) (GoGo!7188-C7) (Road Runner GoGo) (88 GoGo) (Tokyo A Go Go) (Goin to a GoGo) (GoGo Brothers) (Ghoul A Go-Go) (GO GO HAPPY DAY) (Penn Gillett Rescuing a Go-Go Dancer NSFW) but I digress.
Remember... Don't do anything more sensitive on the airplane than read USA Today... no email, no accessing your corporate web site, no bidding on ebay, no buying viagra, etc., etc.
UPDATE - Gogo Inflight Internet service deserves equal time. It is, after all, providing a very useful and wanted service. The information released by Netragard, LLC applies to all public Wi-Fi hot spots, and to single out Gogo makes their motives suspect.
The problem of public Wi-Fi spying is why I mentioned Hotspot Shield, a FREE VPN, a while back. (more)
Gogo would like you to know...
"To date, Aircell and its carrier partners have not identified any network security vulnerabilities in the Gogo Inflight Internet service that are threats to our customers. Credit card transactions to access Gogo are encrypted and fully secure. Other Internet traffic on the Gogo network is as secure as any public Wi-Fi hotspot in a hotel, airport or coffee house. For users who wish a higher level of information security, Gogo supports virtually all VPN clients. Aircell is committed to our customers' safety and security both in the air and online and will do all we can to ensure our customers' information remains secure and private."
Go with Gogo and be as cautious as you would at any public Wi-Fi hotspot. VPN it. ~ Kevin
Business Espionage - Crestron vs AMX
Security Directors - A $10 million dollar loss is being attributed to poor password practices.Suggest a password management program which forces new and effective password creation regularly. Use this article to back-up your brilliant suggestion. ~ Kevin
NJ - A Long Island man has pleaded guilty to illegal wiretapping in a corporate espionage case that targeted two Bergen County companies.
David A. Goldenberg of Oceanside, N.Y., admitted to accessing internal e-mail at Sapphire Marketing LLC in Woodcliff Lake, a regional sales representative for Crestron Electronics in Rockleigh, which makes audiovisual equipment. He worked for Crestron's rival, Texas-based AMX Corp., at the time.
"He was able to figure out what their default passwords were, which they never changed," said Brian Lynch, chief of the white-collar crime unit in the Bergen County Prosecutor's Office.
Goldenberg was arrested in March 2008, accused of stealing e-mail and information over a nine-month period, allowing AMX to underbid Crestron on competitive contracts. Crestron has said it lost more than $10 million in business as a result. (more)
DOD official charged with espionage
DC - A civilian employee of the Defense Department was arrested Wednesday on espionage charges that he sold classified information and passed other sensitive documents to a spy for the Chinese government who has been convicted of compromising another Pentagon employee.
James Wilbur Fondren Jr., 62, was charged in federal court in Virginia with conspiracy to communicate classified information to an agent of a foreign government. He faces up to five years in prison if convicted.
Mr. Fondren, who has been suspended since February 2008 from his job as deputy director of the U.S. Pacific Command's Washington liaison office, turned himself in to federal agents Wednesday morning and was released without having to post bond, but will be on GPS monitoring. (more) (more)
James Wilbur Fondren Jr., 62, was charged in federal court in Virginia with conspiracy to communicate classified information to an agent of a foreign government. He faces up to five years in prison if convicted.
Mr. Fondren, who has been suspended since February 2008 from his job as deputy director of the U.S. Pacific Command's Washington liaison office, turned himself in to federal agents Wednesday morning and was released without having to post bond, but will be on GPS monitoring. (more) (more)
Business Espionage - Power from The Peoples
Russia - A Moscow court convicted two brothers with dual Russian-U.S. citizenship of industrial espionage Thursday and gave them one-year suspended sentences, according Russia's top domestic security agency.
The Federal Security Service said Ilya and Alexander Zaslavsky were convicted of attempting to acquire classified commercial data from state-owned Russian energy company Gazprom. (more)
The Federal Security Service said Ilya and Alexander Zaslavsky were convicted of attempting to acquire classified commercial data from state-owned Russian energy company Gazprom. (more)
Business Espionage - America's Cup
A suspect has been arrested in the south of France for allegedly conducting industrial espionage against the America's Cup holders, Alinghi. The Swiss-backed team felt that their jealously guarded secrets in sailing's equivalent of formula one were under threat. Police sources in the south of France confirmed that a team of officers had travelled down from Paris to conduct a surveillance operation around the Alinghi base.
It is understood that at least one individual was arrested in the French town of Villeneuve. The suspect is believed to be under interrogation by specialist officers in Paris but the operation is so secret that police sources refused to provide any details, instead referring inquiries to the central information office of the French legal system.
Intriguingly, a 3D model of the "Alinghi vehicle assembly building – interpolated from spy photos" appeared on the YouTube website a fortnight ago. It is not known if the two incidents are linked. (more) (YouTube video)
Wednesday, May 13, 2009
Today's Buzz - Palm-sized SpyCam Helicopter
Norway - PD-100 Black Hornet is a small video camera equipped helicopter not more than 100 mm long, weighing less than 20 grams.It can be carried in your pocket and launched within seconds to give immediate situational awareness. This new ultra small aircraft is a valuable tool in situations where a closer look at a hostile area or inside a contaminated building is crucial.
Operational Concept
Deployment
• Complete PD-100 System Carried by One Man
• Ready to Fly – In the Air Within One Minute
• Requires No Prepared Surface
• Stealth – Small and Quiet
• Reusable with Fly Home Capability
• Low Cost
• Easy to Fly, Requires Little Training
Missions
• Look Behind Objects
• Birds Eye View of Areas of Interest
• Visual Information in Urban Operations
• Reconnaissance Inside Buildings
• Hover and Stare
• Object Identification
• Target and Damage Assessment
• Deployment of Special Payload
• and sneaking into offices to read paperwork (see video)
(more) (more video) (TV report)
Think Geek - Build Your Own BUG
from our"Wow, this is cool!"
files...
What is BUG?
BUG is a baby monitor. BUG is a security system. BUG is a GPS device. BUG can read barcodes, draw pictures, update your twitter feed, and control robots. BUG is a platform for learning, rapid prototyping, and experimentation. BUG is just about whatever you want it to be. So, the BUG can be anything, but what is it?
BUG is a set of tools that lets you create personalized gadgets and devices. It's open-source and modular, letting you literally snap together the device you need. Backed by a community of enthusiastic developers, BUG development continues to grow more exciting and diverse. (more) (video) (buglabs)
Porn Name Game Sucks in Twits
A web security expert is warning people to be careful with personal information they divulge on social networking sites, after the latest suspected identity fraud quest hit Twitter. (more) Bottom line Tweets...
• Change your passwords regularly;
• Don't use the default password or a common password;
• Ensure your password is long and is not a word used in dictionaries;
• Never write down or store your passwords on your computer;
• Don't click onto links or attachments in emails obtained from someone you don't know;
• Don't provide personal or security details in response to any email;
• Scan new programs or files for viruses before you open, install or use them.
Tuesday, May 12, 2009
Dump Your FM Analog Wireless Microphones
FM analog wireless presenter's microphones are a security nightmare...and an eavesdropper's dream.
Security-wise...
You're naked!
(background)
If you have analog wireless microphones, dump them.
If your A/V company uses them, dump them too, until they upgrade to encrypted wireless microphones.
Replace your info-leakers with one of these digital systems...
• Audio-Technica - SpectraPulse™ Ultra Wideband (UWB)
• Lectrosonics (...and an Encryption White Paper)
• Zaxcom
• Mipro ACT-82
• Telex SAFE-1000
The good news...
Your old wireless system may be eligible for a trade-in!
Most wireless microphone companies are currently offering rebates and free retuning due to changes in the FCC rules. Some are even offering trade-in money. Check here for a partial list of programs.
Black Hat is Coming
Black Hat is the leading conference series for technical security professionals.Black Hat Briefings and Training has earned cult status among security enthusiasts and leading technical influencers. Black Hat USA 2009, July 25–30 at Caesars Palace, Las Vegas. (more) (register)
Has Castro Blackmailed Hollywood?
Sometimes a story comes along that sounds true but needs more evidence to back it up. You decide...
"My job was to bug their hotel rooms,” says high-ranking Cuban intelligence defector Delfin Fernandez. “With both cameras and listening devices. Most people have no idea they are being watched while they are in Cuba. But their personal activities are filmed under orders from Castro himself...”
"...famous Americans are the priority objectives of Castro’s intelligence,” says Fernandez. “When word came down that models Naomi Campbell and Kate Moss were coming to Cuba, the order was a routine one: 24-hour-a-day vigilance. Then we got a PRIORITY alert,” recalls Fernandez, “because there was a rumor that they would be sharing a room with Leonardo DiCaprio. The rumor set off a flurry of activity, and we set up the most sophisticated devices we had.”
“The American actor Jack Nicholson was another celebrity who was bugged and taped THOROUGHLY during his stay in the hotel Melia Cohiba,” states Fernandez, the man in charge of the bugging.
Turns out, however, that at least one visiting dignitary foiled Castro’s intelligence. On his visit to Cuba in 1998, Pope John Paul II’s assistants discovered and removed several bugging devices from His Holiness’ hotel room.
While holding up the book ”Fidel: Hollywood's Favorite Tyrant
” on his TV show, Bill O’Reilly called these celebs “Hollywood pinheads.” (more)
"My job was to bug their hotel rooms,” says high-ranking Cuban intelligence defector Delfin Fernandez. “With both cameras and listening devices. Most people have no idea they are being watched while they are in Cuba. But their personal activities are filmed under orders from Castro himself...”
"...famous Americans are the priority objectives of Castro’s intelligence,” says Fernandez. “When word came down that models Naomi Campbell and Kate Moss were coming to Cuba, the order was a routine one: 24-hour-a-day vigilance. Then we got a PRIORITY alert,” recalls Fernandez, “because there was a rumor that they would be sharing a room with Leonardo DiCaprio. The rumor set off a flurry of activity, and we set up the most sophisticated devices we had.”
“The American actor Jack Nicholson was another celebrity who was bugged and taped THOROUGHLY during his stay in the hotel Melia Cohiba,” states Fernandez, the man in charge of the bugging.
Turns out, however, that at least one visiting dignitary foiled Castro’s intelligence. On his visit to Cuba in 1998, Pope John Paul II’s assistants discovered and removed several bugging devices from His Holiness’ hotel room.
While holding up the book ”Fidel: Hollywood's Favorite Tyrant
” on his TV show, Bill O’Reilly called these celebs “Hollywood pinheads.” (more)
Government Surveillance Hit Parade
In what may be the first assessment of its kind, a private company... is ranking the United States No. 6 in the world for having the most aggressive procedures for monitoring residents electronically.
The report, called The Electronic Police State, assesses the status of governmental surveillance in 52 nations around the globe for 2008. The document was released Cryptohippie, Inc. (more)
The report, called The Electronic Police State, assesses the status of governmental surveillance in 52 nations around the globe for 2008. The document was released Cryptohippie, Inc. (more)
Get Smart - 100+ Open Courses on Computer Information Systems and Security
Security Directors are well aware that their professional responsibilities have grown; the biggest growth area is computer forensics, security and information protection.
Problem: How may one learn these new skills?
Solution: Open University (aka Distance Learning). "Open learning means that you will be learning in your own time by reading course material, working on course activities, writing assignments and perhaps working with other students."
One basic course being offered is: Introduction to Information Security: an introduction to the reasons and methods for securing confidential information.
Many other courses are listed here and here and here.
See you around the campus. ~ Kevin
Problem: How may one learn these new skills?
Solution: Open University (aka Distance Learning). "Open learning means that you will be learning in your own time by reading course material, working on course activities, writing assignments and perhaps working with other students."
One basic course being offered is: Introduction to Information Security: an introduction to the reasons and methods for securing confidential information.
Many other courses are listed here and here and here.
See you around the campus. ~ Kevin
Cautionary Tale - Does this ID look funny?
Comedian Armando Iannucci got past security guards at the US State department in Washington with a pass which "could have been produced by a child", in what he described as "probably international espionage". 
Mr Iannucci was researching his latest film, the US-British political drama 'In the Loop', when he visited the department's headquarters... He flashed the card at the guards in the main reception of the building, said he had an appointment and was waved through. The comedian then spent an hour walking around the building taking photographs, which were later used to help with the set designs for the film. (more)
Friday, May 8, 2009
Hard Core Info on 34% of Diss'ed Disks
Highly sensitive details of a US military missile air defence system found on a second-hand hard drive bought on eBay... 
British researchers found the data while studying more than 300 hard disks bought at computer auctions, computer fairs and eBay.
The experts also uncovered other sensitive information including bank account details, medical records, confidential business plans, financial company data, personal id numbers, and job descriptions.
A spokesman for BT said they found 34 per cent of the hard disks scrutinised contained 'information of either personal data that could be identified to an individual or commercial data identifying a company or organisation.' And researchers said a 'surprisingly large range and quantity of information that could have a potentially commercially damaging impact or pose a threat to the identity and privacy of the individuals involved was recovered as a result of the survey.'
Dr Andy Jones, head of information security research at BT, who led the survey, said: 'This is the fourth time we have carried out this research and it is clear that a majority of organisations and private individuals still have no idea about the potential volume and type of information that is stored on computer hard disks. (more)
British researchers found the data while studying more than 300 hard disks bought at computer auctions, computer fairs and eBay. The experts also uncovered other sensitive information including bank account details, medical records, confidential business plans, financial company data, personal id numbers, and job descriptions.
A spokesman for BT said they found 34 per cent of the hard disks scrutinised contained 'information of either personal data that could be identified to an individual or commercial data identifying a company or organisation.' And researchers said a 'surprisingly large range and quantity of information that could have a potentially commercially damaging impact or pose a threat to the identity and privacy of the individuals involved was recovered as a result of the survey.'
Dr Andy Jones, head of information security research at BT, who led the survey, said: 'This is the fourth time we have carried out this research and it is clear that a majority of organisations and private individuals still have no idea about the potential volume and type of information that is stored on computer hard disks. (more)
Sam's Uncle Sam Wiretap Party
MI - Political consultant Sam Riddle says he's planning a party for everyone whose conversations were picked up on a federal wiretap of his cell phone.Riddle, who worked for Detroit City Council President Monica Conyers and has political clients around the country, said today he may need to get a room big enough for 100 people "if everyone brings a guest."
To get into the party, attendees will need a letter from the Justice Department -- sent out under federal wiretap laws -- saying the attendee was intercepted having a conversation with Riddle. (more)
SpyCam Story #528 - Nothing to sneeze at...
Tissue Box CameraMotion activated cam system
It looks like a black tissue box but is it? The Tissue Box Recluse is an all-inclusive recording device in a simple tissue box. The enclosed DVR and camera become invisible as the plain black case blends into any background. This hidden camera is a simple to use and easy to deploy advanced recording system in an elegant tissue box.
Inside this ordinary looking tissue box is actually a motion activated camera, with a recor
ding system using a SD card for Memory, The Tissue Box Recluse can go anywhere and record everything without attracting any attention. Just Set the box in your desired location and begin recording. The tissue box emits no wireless signals that may or may not be stable within an already RF rich environment. Your video is safely stored within the removable SD memory card unlike some wireless camera systems that may be intercepted. Captured video may be viewed on a PC using Windows Media Player. (more)
Why do I mention it?
So you will know what you are up against.
Spy School for your Munchkins
TX - This summer Dallas will become a nest of spies. At least that's the plan of the Museum of Nature & Science as it brings The Science of Spying, an international traveling exhibition from London to North Texas.
Opening Memorial Day weekend, the interactive The Science of Spying exhibit is part James Bond, part "Spy Kids" and part "Lie to Me." It gives eager spy wannabes of all ages an opportunity to experience the latest spy gadgets and techniques -- including remote-control spy planes, night-vision goggles, biometric scanning, infiltrating computer systems and the dolphin spy camera. Visitors will also learn how to detect liars, crack safes and find hidden clues.
To bring home the lessons of the mysterious and daring world of spy craft, the Museum of Nature & Science is inviting the public to join in a sprawling Spy Adventure. In cooperation with its local promotion partners, the museum has created a web of virtual and real-world espionage activities beginning May 8. Participants who crack codes, uncover clues and demonstrate superior spy skills will receive discounts to the exhibit and a chance to win prizes.
... . -.-. .-. - / -.-. - - - ..- .--. - - - -. / ..-. - - - .-. / .- / ..-. .-. .. / -.-. .... .. .-.. -.. .- - - -. ... / - .. -.-. -.- . - / .-.-.-
Father's Day weekend. Code: SPYB1 ~ Agent K
Opening Memorial Day weekend, the interactive The Science of Spying exhibit is part James Bond, part "Spy Kids" and part "Lie to Me." It gives eager spy wannabes of all ages an opportunity to experience the latest spy gadgets and techniques -- including remote-control spy planes, night-vision goggles, biometric scanning, infiltrating computer systems and the dolphin spy camera. Visitors will also learn how to detect liars, crack safes and find hidden clues.To bring home the lessons of the mysterious and daring world of spy craft, the Museum of Nature & Science is inviting the public to join in a sprawling Spy Adventure. In cooperation with its local promotion partners, the museum has created a web of virtual and real-world espionage activities beginning May 8. Participants who crack codes, uncover clues and demonstrate superior spy skills will receive discounts to the exhibit and a chance to win prizes.
... . -.-. .-. - / -.-. - - - ..- .--. - - - -. / ..-. - - - .-. / .- / ..-. .-. .. / -.-. .... .. .-.. -.. .- - - -. ... / - .. -.-. -.- . - / .-.-.-
Father's Day weekend. Code: SPYB1 ~ Agent K
TV Reporter Charged with Wiretapping
Philippines - Broadcast journalist Cecilia ‘Cheche’ Lazaro posted a P12,500 ($265.15) bail on Friday to avoid arrest stemming from a wiretapping case filed against her in 2008.Lazaro was accused by Government Service Insurance System Vice President Ella E. Valencerina of violating the anti-wiretapping law after airing parts of their phone conversation on her TV program “Probe".
The veteran journalist posted bail at the Pasay Metropolitan Trial Court Branch 47 after the court issued a warrant for her arrest on Thursday. Several of Lazaro's production staff members as well as concerned teachers, accompanied her in Pasay City.
"It is mind-boggling why I am being singled out for prosecution for following the tenets of responsible journalism," Lazaro said. (more)
Thursday, May 7, 2009
Hackers seek payment after break-in on state health care site
Hackers are demanding $10 million to release some eight million patient records claimed to be in their control following the compromise of Virginia's Prescription Monitoring Program (VPMP) website. Whistleblower site Wikileaks published a copy of the ransom note left by the hackers on the website, which is used by pharmacists to follow incidents of drug abuse. The note said the intruders possessed 8.3 million patient records and 35.6 million prescriptions.
Also, the thieves said they created an encrypted backup of the data and deleted the original files.
"For $10 million, I will gladly send along the password," the note said... The VPMP website remains inaccessible. (more)
When they catch this dude, and they will, I'll give him/her a Keyboard Cat play off. ~ Kevin
Wednesday, May 6, 2009
"How Real is the Risk of Corporate Espionage Today?"
via Security Director's Report (04/09) Vol. 2009, No. 4...
Globalization has resulted in an increased threat of corporate espionage. There are a variety of risks that companies are currently facing. Espionage exists in all industries, but those that are in the high-tech sector will face the most exposure.
Businesses also should be careful of foreign-government spying and U.S. companies that outsource data to India should be mindful of industrial espionage by the country's businesses. Many more competitive intelligence units have been created in order to spy on competitors, especially because it is now much easier to do so.
Spy devices, such as GPS tracking systems and listening devices, as well as Ethernet over Power (sic) help spies find information.
In addition to facing outside risk, companies are simply vulnerable to espionage. Physical defenses are poor and many spies have successfully paid internal employees to steal company data. However, there are solutions to espionage. (more)
Globalization has resulted in an increased threat of corporate espionage. There are a variety of risks that companies are currently facing. Espionage exists in all industries, but those that are in the high-tech sector will face the most exposure.
Businesses also should be careful of foreign-government spying and U.S. companies that outsource data to India should be mindful of industrial espionage by the country's businesses. Many more competitive intelligence units have been created in order to spy on competitors, especially because it is now much easier to do so.
Spy devices, such as GPS tracking systems and listening devices, as well as Ethernet over Power (sic) help spies find information.
In addition to facing outside risk, companies are simply vulnerable to espionage. Physical defenses are poor and many spies have successfully paid internal employees to steal company data. However, there are solutions to espionage. (more)
SpyCam Story #527 - Cereal Intruder
Australia - A mystery intruder has been plundering cereal and sleeping on the couches for weeks at one of Sydney's marketing agencies... Even more peculiar, was the absence of large amounts of cereal - about six bowls a night - from the stocks in the office kitchen, and evidence that the showers had been used...
While the company hires creative people to promote clients' brands, it was a moment of genius from the woman who runs the kitchen that snared the unwanted visitor. She came up with the idea of hiding a camera in a cereal box...
The camera was linked to a computer and activated by motion sensors, snapping clear photos of the intruder on his next visit and emailing them to staff...
They showed the man slipping into the office via an overhead ventilation panel (the office is on the building's fifth and top floor) and then leaving via the fire escape...
"He was a particularly neat guy. He'd come in at 4am, have breakfast - and it was a hearty breakfast, six bowls - clean up after himself, shower and then leave.
"He'd made his home here.'' (more)
Monday, May 4, 2009
Spy scandal hits 2016 Olympic race
Rio de Janeiro accuse one of its 2016 Olympic rivals of spying.
On the eve of the IOC Evaluation Commission's final day in Brazil, Rio's bid team revoked the journalist credentials of a man who claimed to be a reporter working for a news agency in Spain. It turns out the man is a paid consultant to Madrid's Olympic bid.
Rio 2016 is reportedly considering filing a formal ethics complaint with the International Olympic Committee. Madrid admits the man works for its Olympic PR firm but denies he was sent as a spy. (more)
On the eve of the IOC Evaluation Commission's final day in Brazil, Rio's bid team revoked the journalist credentials of a man who claimed to be a reporter working for a news agency in Spain. It turns out the man is a paid consultant to Madrid's Olympic bid.
Rio 2016 is reportedly considering filing a formal ethics complaint with the International Olympic Committee. Madrid admits the man works for its Olympic PR firm but denies he was sent as a spy. (more)
"Sometimes you win sometimes you lose,
And sometimes the blues just get a hold of you..."
A total of 10 Lebanese men have now been arrested and charged with spying for Israel... All of those detained are said to have been linked to a spy cell headed by retired Brig.-Gen. Adib Al-Aalam, who was arrested on April 14. As with the others, the latest suspects were charged with gathering information on Lebanese and Syrian military and civilian installations in order to “facilitate” attacks by the Israelis. (more)
"Sometimes you win, sometimes you lose
And most times you choose between the two..."
U.S. drops charges against two alleged Israeli spies. (more)
Wonderin', wonderin' if you have made it..."
Israeli Prime Minister Benjamin Netanyahu has extended by a year the term of office of the head of the Mossad spy agency... (more)
"I'm Talkin' 'bout a sweet seasons on my mind..."
Lyrics by Carole King
A total of 10 Lebanese men have now been arrested and charged with spying for Israel... All of those detained are said to have been linked to a spy cell headed by retired Brig.-Gen. Adib Al-Aalam, who was arrested on April 14. As with the others, the latest suspects were charged with gathering information on Lebanese and Syrian military and civilian installations in order to “facilitate” attacks by the Israelis. (more)
"Sometimes you win, sometimes you lose
And most times you choose between the two..."
U.S. drops charges against two alleged Israeli spies. (more)
Wonderin', wonderin' if you have made it..."
Israeli Prime Minister Benjamin Netanyahu has extended by a year the term of office of the head of the Mossad spy agency... (more)
"I'm Talkin' 'bout a sweet seasons on my mind..."
Lyrics by Carole King
The Other Wiretap
WireTap is a half-hour radio show that airs on CBC Radio One Sunday afternoons... An hour-long version of WireTap is distributed in the United States by Public Radio International and is heard on multiple public radio stations. Hosted by Jonathan Goldstein, former producer of Public Radio International's This American Life, the show features stories that are told over the phone ostensibly by Goldstein's friends and family.
The show has possibly been best described as "a weekly half-hour of conversation, storytelling and introspection, culled from equal parts real-world experience and the warp of Goldstein's imagination." Each show tends to follow a particular investigative theme; titles for past shows includes: "Life Lessons", "Reach for the Top", "Prized Possessions" and "Our Fathers".
The series began in the summer of 2004 as a 10-episode experiment... As of 2008, Wiretap has a weekly listenership of 350,000. (more) (more) (more)
The show has possibly been best described as "a weekly half-hour of conversation, storytelling and introspection, culled from equal parts real-world experience and the warp of Goldstein's imagination." Each show tends to follow a particular investigative theme; titles for past shows includes: "Life Lessons", "Reach for the Top", "Prized Possessions" and "Our Fathers".
The series began in the summer of 2004 as a 10-episode experiment... As of 2008, Wiretap has a weekly listenership of 350,000. (more) (more) (more)
Saturday, May 2, 2009
Man Used Baby Monitor to Eavesdrop on Woman
CT - A 37-year-old city man was arrested on eavesdropping charges after a baby monitor was found hidden under a women's bed in Belltown, a police sergeant said.
(The man) was charged with third-degree burglary and eavesdropping. Police believe (the man) set up the monitor to listen to the victim's room, Sgt. Paul Guzda said.
The 34-year-old woman reported to police March 30 that after hearing a strange noise sounding like electric static, she found a baby monitor under her bed, Guzda said. The monitor was plugged into a nearby electrical socket. (more)
(The man) was charged with third-degree burglary and eavesdropping. Police believe (the man) set up the monitor to listen to the victim's room, Sgt. Paul Guzda said.
The 34-year-old woman reported to police March 30 that after hearing a strange noise sounding like electric static, she found a baby monitor under her bed, Guzda said. The monitor was plugged into a nearby electrical socket. (more)
People we love... Antonio ProhÃas
48 years ago, this month, Mr. Spy vs. Spy came to the United States. The rest is history...Antonio ProhÃas (January 17, 1921 – February 24, 1998), born in Cienfuegos, Cuba, was a cartoonist most famous for creating the comic strip Spy vs. Spy for MAD Magazine.
In the late 1940s, ProhÃas began working at El Mundo, the most important newspaper in Cuba. By 1960, he had become an internationally recognized and awarded political cartoonist. At this time, Fidel Castro's government took over the paper, and ProhÃas left Cuba for New York, where he found himself attracted to Mad.El Hombre Siniestro: (The Sinister Man) wore a wide-brimmed hat and overcoat and had a long pointed nose, becoming the prototype for the Spies. (more)
In the late 1950s Antonio Prohias was the president of the Association of Cuban Cartoonists. On the first of May 1960, he fled from Cuba to America flat broke. Once in the states, he went directly to work at Mad magazine, and became an internationally respected and beloved cartoonist. He started 'Spy vs. Spy' as an anti-Castro cartoon, but it ended up as one of the most popular features in Mad magazine. Prohias drew 'Spy vs. Spy' for Mad until he retired in 1990. Even though Antonio P
rohias passed away in 1998, 'Spy Vs. Spy' can still be enjoyed in every issue of Mad Magazine. (more) (NPR audio report) (The first "Spy vs. Spy")Visitors to my office smile when the see Mr. Black Spy riding atop a 3-foot bomb, on its way down to pay Mr. White Spy a visit. One can only guess what the next frame of this story will be. One thing we all know, the last frame will be
MAD... Mutually Assured Destruction. Wry ProhÃas humor. Neither side ever wins.Need something to make you, or a friend, smile? Go MAD. Let The Spy Guys make it happen. The International Spy Museum has an army of them waiting for you. Click here.
Subscribe to:
Comments (Atom)