Safety Tips for Parents / Children with Internet-Enabled Portable Communications Devices

...via Australia / globally useful...

Police are warning parents and teenagers to consider the possible dangers associated with the use of mobile internet technology. The warning extends to so-called social locator applications. These are programs which issue alerts to the user via mobile phone when someone with the same activated application and similar interests enters their proximity.  

You don’t know with whom you are really communicating,” Detective Superintendent Kerlatec said, “It may not be who you really think it is. There’s also the possibility that someone, using the same applications, is electronically intercepting or eavesdropping on conversations between you and your friends,” he added.

Tips for parents:

• Be aware of how much time your child spends on the internet.
• Spend time talking to your child about the dangers associated with online conversations.
• Spend time exploring the internet with your children and let them teach you about their favourite websites.

• Keep the computer in a room the whole family can access; not in your child's bedroom.
• Consider installing filtering and/or computer blocking software provided by your Internet Service Provider. The Netalert web page provides information on a number of commercially-available products at www.netalert.net.au
• Ensure you are able to access your child's emails and randomly check the contents.
• Check your phone bill for unusual outgoing calls or consider using a "caller ID" device to identify incoming calls.
• Consult your telephone company for options designed to ensure privacy and security.
• Inquire with your child's school, public library and places they frequent to ascertain what internet safety measures they have in place.
• Information relating to internet safety is available on the NSW Police website at: http://www.police.nsw.gov.au/community_issues/children/child_exploitation

Tips for children:
• Do not send a picture of yourself to anyone you don't know and never place a full profile and picture anywhere on the internet.
• Never give out your personal information including name, home address, phone number or school, over the internet.
• Never arrange a face-to-face meeting with a stranger you have chatted with on the internet.
• Tell your parents or another adult of any contact that makes you feel uncomfortable.

(more)

"Psssst... Wanabuy a primo bug, cheap?"

Broadway theaters, sports franchises and other public entertainment forums must change the radio frequency they use for their wireless microphones under an order issued Friday by the Federal Communications Commission.

Under the order, the groups have until June 12 to find other radio frequencies, something the theaters said could cost thousands of dollars per institution but that they can do.

The F.C.C.’s ruling relates to a broader shift in the way the nation allocates precious spectrum used to transmit signals for mobile phones, TVs and other devices. The commission said the transition was necessary to make spectrum in the 700-megahertz band available for use by next-generation wireless services for consumers and public safety agencies. (more)

FutureWatch

• NOW is the time for all good corporations and A/V companies to upgrade to encrypted wireless microphones for Boardrooms and hotel conference centers.

• Look for a spike in very inexpensive wireless microphones on Ebay. Some of them will find a second life as very high quality bugs.

Business Espionage - Google (more)

Google attack - part of widespread spying effort

U.S. firms face ongoing espionage from China... Google's decision Tuesday to risk walking away from the world's largest Internet market may have come as a shock, but security experts see it as the most public admission of a top IT problem for U.S. companies: ongoing corporate espionage originating from China. (more)

Espionage has many tentacles. Computer Hacking is only one of them. Hack attacks are the new thing and currently has press attention. A few years ago, Competitive Intelligence snatched the headlines. These diversions distract attention from basic every-day spy techniques: electronic surveillance (bugs & taps); physical intrusions, moles, social engineering, etc..

Google, like most large corporations,  should have a holistic counterespionage strategy in place... one which they don't discuss publicly. The counterespionage element of these corporate security programs takes into account all spying techniques.

If your organization does not have a counterespionage strategy, call me. If you think you don't need one, just remember who wrote "The Art of War."

Another reason to keep my number handy!

Vic Pichette, who is a licensed private detective from Rhode Island for over 21-years, has started teaching individual Private Eye Classes.

"Covert video is now so state of the art, that almost no one can tell a camera from a clock. In this fun and exciting class, I teach people what is out there, why they need them, and how to use them."(more) (his number) (my number)
Thanks, Vic! 
I think this is what my friend John calls a 'self-licking ice cream cone'.

The data loss fines are coming. The data loss...

UK - The Information Commissioner's Office will be able to issue fines of up to £500,000 for serious data security breaches.

The new rule is expected to come into force in the UK on 6 April 2010. It has been approved by Jack Straw MP, Secretary of State for Justice. The size of the fine will be determined after an investigation to assess the gravity of the breach. Other factors will include the size and finances of the organisation at fault. (more)

Business Espionage - Google

Google Inc. said it is "reviewing the feasibility of our business operations in China" and may back out of China entirely, as it disclosed it had been hit with major cyberattacks it believes to have originated from the country.

Google disclosed its thinking in a blog post Tuesday. In the post, Google said it detected a "highly sophisticated and targeted attack on our corporate infrastructure originating from China" in mid-December and that the attack resulted in "the theft of intellectual property from Google." (more)

"MAV" The Scariest SiFi Movie You'll See this Year

FutureWatch - Air Force Bugbots - Micro Air Vehicle (MAVs). (Trailer)

The term micro air vehicle (MAV) or micro aerial vehicle refers to a type of unmanned air vehicle (UAV) that is remotely controlled. Today's MAVs are significantly smaller than those previously developed, with target dimensions reaching a maximum of approximately 15 centimetres (six inches). Development of insect-size aircraft is reportedly expected in the near future. Potential military use is one of the driving factors of development, although MAVs are also being used commercially and in scientific, police and mapping applications. Another promising area is remote observation of hazardous environments that are inaccessible to ground vehicles. Because these aircraft are often in the same size range as radio-controlled models, they are increasingly within the reach of amateurs, who are making their own MAVs for aerial robotics contests and aerial photography.

Finally, a movie that beats Runaway (released in 1984, of course) for bugbot creepiness. ~Kevin

"You sound like you're in a tin can."

 ...via blog.modernmechanix.com

You can insure absolute privacy and secrecy with “SCHER’S IMPROVED TELEPHONE MUFFLER”

You need not leave our desk or go to a private booth to talk freely, and confidentially over the phone. This invention gives the equivalence of a telephone booth.

It is instantly attached and detached on the telephone transmitter. No complicated parts. Occupies 3-1/2 inches of space on the mouth piece of “phone” and is at your elbow when in need. It is unquestionably the most useful telephone accessory of today. Made of Aluminum, lasts a lifetime. Used by U. S. Dept. of Agriculture, First N’tl Bank, Guarantee Trust Co.. and thousands of others over the world. If dealers can’t supply you, we will forward one prepaid on receipt of $3.50.

AGENTS wanted in U. S. and foreign countries. Write for territory.

The Amalgamated Sales Corp., Mfrs., 1478 Broadway, Dept. C.S., New York City
Source: Popular Electricity And Modern Mechanics
Issue: Sep, 1914

SpyCam Story #566 - Bear in the Den (SFW)

No, no, the title did not say "Bare."

“On Friday the 8th January Doug Hajicek (with the help of Pix Controller and www.bear.org) installed an Infra Red camera system into Lily’s den near Ely, Minnesota. It is believed that Lily (a 2 year old black bear) is pregnant and there is an above average chance that she will give birth in mid January.”
The dark area in this screen shot is her fur. The live feed (with sound and 60Hz hum) can be seen here.

Poll - Eavesdropping Law

Question: Which theory of eavesdropping law is better?

60% - One Party Consent... If you are part of a conversation, you can record it.

38% - Two Party Consent... Everyone in the conversation must agree to recording it.

1% - Other... (No reason or comment given.)

For more information on U.S. eavesdropping law... more  more

Leaky Laptops to get Eavesdropping Vaccine

Korea - Beware of what you talk about in front of your computer, as recordings of sensitive business deals could go straight to the ears of rivals or even the government.

The Korea Communications Commission and the Korea Internet and Security Agency said Friday it will draw up security recommendations after local Internet experts found that notebook computers with internal microphones are vulnerable to electronic eavesdropping.

Notebook makers will have to install an external on/off switch, while online security firms develop a defense system against software used to mask recording files. (more)

...and you thought this only happened at dealerships.

NC - Federal authorities are investigating whether the former commissioner of the state Division of Motor Vehicles illegally wiretapped the phone calls of agency employees. 

George Tatum, who resigned in 2007 amid a corruption scandal, had a special telephone in his office that allowed him to listen in on the calls of his subordinates without their knowledge, according to current DMV officials. Greg Lockamy, who retired unexpectedly last year after serving as the agency's internal affairs director, also had a phone set up for secret eavesdropping.

State law forbids intercepting phone calls without a warrant unless at least one person in the conversation knows the monitoring is taking place. (more)

Spy Magic for Kids

Spy secrets...
...magically revealed!

In the real-life world of espionage, spies often call upon the art of magic and illusion to distract the enemy, make evidence disappear, and escape unnoticed. Secret Agent Magician, ‘James Wand,’ demonstrates the art of misdirection, sleight of hand, and other illusions used by skilled spies. This one of a kind performance custom developed especially for the International Spy Museum is guaranteed to fascinate children and adults alike.

Saturday, 30 January; 10:30–11:30 am or 12:30–1:30 pm (more)

Quote of the Week - On Bug Sweeps

"...if a client thinks they are being 'bugged' at home or work you would be remiss if all you did was 'sweep' the office for listening devices." Ed Stroz, quoted in "Private Investigations in the Information Age" (more)
 

Ed is correct. There are many ways information leaks out and secrets are stolen. A good counterespionage specialist take this into consideration. However, the inspection for electronic surveillance devices comes first. 

Why are sweeps done first?

• Bugging is the easiest intelligence collection technique to discover.

• To eliminate (or prove) bugging before accusing people.

And, why are the most effective sweeps conducted pro-actively?

• Intelligence collection is a leisurely process. Conversations and information are collected – in many ways – long before they are used against you. Until this collected intelligence is used, no harm is done. No losses suffered. Pro-active sweeps detect snooping early – thus, drastically reducing the potential for loss.

• Smart clients don't wait until they "think they are being bugged."

• Losses are always more costly than bug sweeps.

Georgia on my mind...

GA - Former Police Chief Investigated... Troubles continue to mount for former Clayton Police Chief Jeff Turner, who was placed on unpaid administrative leave Tuesday night while officials investigate whether he improperly used surveillance equipment. (more)

GA -  A Gwinnett County man faces six felony charges after police say he planted a hidden camera and videotaped his adult stepdaughter in her bedroom. Gwinnett County police arrested 61-year-old Christopher Belcore on Dec. 31. (more)

USB Crypt Stick - Design flaw, or...

...design back door discovered? 

You decide. 

NIST-certified USB Flash drives with hardware encryption cracked

Kingston, SanDisk and Verbatim all sell quite similar USB Flash drives with AES 256-bit hardware encryption that supposedly meet the highest security standards. This is emphasised by the FIPS 140-2 Level 2 certificate issued by the US National Institute of Standards and Technology (NIST), which validates the USB drives for use with sensitive government data. 

Security firm SySS, however, has found that despite this it is relatively easy to access the unencrypted data, even without the required password.

The USB drives in question encrypt the stored data via the practically uncrackable AES 256-bit hardware encryption system. Therefore, the main point of attack for accessing the plain text data stored on the drive is the password entry mechanism. When analysing the relevant Windows program, the SySS security experts found a rather blatant flaw that has quite obviously slipped through testers' nets. During a successful authorisation procedure the program will, irrespective of the password, always send the same character string to the drive after performing various crypto operations – and this is the case for all USB Flash drives of this type.

Cracking the drives is therefore quite simple. (more) (UPDATE)

"Don't tape and tell." - Burke's Law

MD - William Burke, a Pocomoke City resident who went on trial today on charges that he illegally recorded a heated conversation with his town's mayor, made a plea agreement and was sentenced to probation before judgment.

Burke entered an Alford plea this afternoon to a misdemeanor wiretapping charge, conceding that prosecutors had enough evidence to obtain a conviction without admitting guilt. He had originally been charged with a felony wiretapping crime.

A Circuit Court judge pronounced Burke guilty of a misdemeanor and sentenced him to probation, but did not hand down any jail time. (more) (Amos Burke) (hum-a-long)

The Year's Most-Hacked Software

At the beginning of this decade, Microsoft represented a cybercriminal's dream target: universally-used software, brimming with bugs ready to be exploited to hijack users' PCs. But as the software giant has slowly cleaned up its security flaws, hackers are looking toward another vendor whose products are nearly as ubiquitous and whose bounty of vulnerabilities are just being discovered: Adobe. (more)

Most Popular Software is Security Software

The number-one most downloaded software of all time on CNET’s Downloads.com website is from AVG Technologies — more than 1.5 million downloads every week and an astonishing 247 million downloads cumulatively since AVG was first offered at the site. (more) (free version)

Note: This is just for the Windows download section of the Web site.

While the Windows crowd is wringing their hands, the most popular software in the Mac section is fun stuff!

LimeWire lets users share and search for all types of computer files, including movies, pictures, games, and text documents. Other features include the ability to preview files while downloading, advanced techniques for locating rare files, and an extremely intuitive user interface. (Mac Section)

SpyCam Story #565 - FCC Crackdown

FCC Cracks Down on Illegal Wireless SpyCams. Nooo, not all spycams, just some wireless ones broadcasting on unapproved frequencies...

Federal Communications Commission DA 09-2623 January 6, 2010 SCS Enterprises Inc. d/b/a Spy Camera Specialists, Inc. Re: File No. EB-08-SE-142 Dear Mr. Lee: This is an official CITATION, issued to SCS Enterprises, Inc., d/b/a Spy Camera Specialists, Inc. (“Spy Camera”), pursuant to Section 503(b)(5) of the Communications Act of 1934, as amended (“Act”), for marketing unauthorized radio frequency devices in the United States in violation of Section 302(b) of the Act, and Sections 2.803 and 15.205(a) of the Commission’s Rules (“Rules”). As explained below, future violations of the Commission’s rules in this regard may subject your company to monetary forfeitures.

In March 2008, the Spectrum Enforcement Division of the Enforcement Bureau (“Division”) received a complaint alleging that Spy Camera was marketing unauthorized wireless video transmitters that operate in the 1.08, 1.12, 1.16 and 1.2 GHz bands. We initiated an investigation and on May 13, 2008, we sent a Letter of Inquiry (“LOI”) to Spy Camera.

In your June 9, 2008 response to our LOI, you admit marketing wireless video transmitters beginning in early 2006 on your web site, www.spycameras.com, to end users and resellers. You admit that these wireless video transmitters all operate on 1.2 GHz, which is a restricted frequency band under 15.205(a) of the Rules. You also state that you were surprised to learn that these devices could not be marketed in the United States, and upon receipt of our LOI, immediately returned all the 1.2 GHz transmitters in stock to your supplier and ceased. (more) One down, dozens to go.

Clients... Yes we regularly check these frequencies (and other off-beat frequencies) for wireless spycams when we conduct your inspections. ~Kevin

Karsten Nohl showed how easy it is to eavesdrop on GSM-based cell phones

This week brought some bad news for mobile phone users. German security expert Karsten Nohl showed how easy it is to eavesdrop on GSM-based (Global System for Mobile Communications) cell phones, including those used by AT&T and T-Mobile customers in the U.S.

Q: What does this mean for users of GSM phones? What is the real-world threat?
Nohl: Cell phone calls can be intercepted--not just since this week, but more cheaply every month. Sensitive information, say, from politicians, can be overheard from, say, foreign embassies. Others willing to cross the line into illegality and listen in on a call could be industry spies or even private snoops. (more)

Where do pets go? GPS surveillance knows.

To track his wandering cat, Mark Spezio rigged up a cat collar with a lightweight GPS logger. Here's what he discovered about KooKoo's secret habits... (video)

Dude, ThinkGeek.com ...$22.99 (since 2008)

Japanese researchers said Monday they had developed a "hummingbird robot" that can flutter around freely in mid-air with rapid wing movements. 

The robot, a similar size to a real hummingbird, is equipped with a micro motor and four wings that can flap 30 times per second, said Hiroshi Liu, the researcher at Chiba University east of Tokyo.

"The next step is to make it hover to stay at one point in mid-air," Liu said, adding that he also plans to equip it with a micro camera by March 2011.

The robot, whose development cost has topped 200 million yen (2.1 million dollars), may be used to help rescue people trapped in destroyed buildings, search for criminals or even operate as a probe vehicle on Mars, he said. (more)

Meanwhile, over at ThinkGeek.com...

The Black Stealth features 3-channels, allowing it to go up and down, rotate right and left and move forwards and backwards. Unlike most of the small 2-Channel copters on the market which are always moving forward with somewhat twitchy controls, the Black Stealth is a breath of fresh air. You can actually fly it where you want it to go, it's fairly rugged... and surprisingly it's probably the easiest to fly small copter we've ever taken to the office airspace. (more) (video)

FutureWatch... FleaBots!

Tiny robots the size of a flea could one day be mass-produced, churned out in swarms and programmed for a variety of applications, such as surveillance, micromanufacturing, medicine, cleaning, and more... In the future, the researchers hope to move from building academic prototypes to manufacturing the robot on a commercial basis, which is necessary for overcoming some of the technical issues.

By mass-producing swarms of robots, the loss of some robotic units will be negligible in terms of cost, functionality, and time, yet still achieve a high level of performance. Currently, the researchers hope to find funding to reach these goals. (Ask Mr. Liu how he did it.) (more) (Future flea powder.)

SpyKids... The Cell Phone

from the AT&T Web site...

"AT&T FamilyMap provides peace of mind by being able to conveniently locate a family member from your wireless phone or PC and know that your family's information is secure and private. First 30 DAYS FREE! At the end of the free 30 days, you will automatically be subscribed and charged $9.99 per month thereafter to locate up to two family members or $14.99 per month thereafter to locate up to five family members unless you cancel service." (more)

GSM Cell Phone Encryption Code Broken

A German computer scientist has cracked the encryption algorithm that secures 80% of the world's mobile phones, but it's far from a practical attack.

Researcher Karsten Nohl, a former graduate student at the University of Virginia, revealed his decryption methods this week at the Chaos Communication Conference in Berlin, the largest hackers conference in Europe. Nohl and a team of two dozen other experts worked for five months to crack the security algorithm that protects Global System for Mobile communications.

To break the code, Nohl and the other researchers used networks of computers to crunch through the trillions of mathematical possibilities. The result was the development of a code book comprising 2 TB of data that's compiled into cracking tables. The tables can be used as a kind of reverse phone book to determine the encryption key used to secure a GSM mobile phone conversation or text message.

Before the latest hack, hundreds of thousands of dollars of computer equipment was needed to break the GSM code, mostly limiting hacking to government agencies. Nohl told the conference that someone with the code book could eavesdrop on GSM communications using about $30,000 worth of computer gear, making such illegal activity possible by many more criminal organizations. (more) (a5/1 Cracking Project)

Vulnerable VoIP Products Almost Triple Since 2006

VoIP Vulnerabilities, a white paper issued by McAfee Labs, found almost 60 vulnerabilities in voice over internet products, compared to just under 20 vulnerabilities in 2006.

"We can credit part of this increase to better tools for finding VoIP vulnerabilities, yet this upward trend should be largely attributed to the growing number of VoIP installations", the white paper said...

Eavesdropping on VoIP conversations is possible when the default implementation of the Real Time Protocol (RTP) used to carry VoIP traffic is not encrypted, for example. Tools such as VOMIT have been published to dump unencrypted traffic between phones and turn it into playable sound. (more)

Advice from McAffee on eavesdropping attacks... For a superior solution, you should use secure RTP (SRTP), which provides both encryption and authentication. (more)

McDonald's... "Over 4 Million Stolen"

Australia - Two men are being extradited to Perth to face charges of stealing more than $4 million from customers at fast food outlets in what police say is Australia's biggest-ever EFTPOS card skimming operation...

Officer-in-charge of the major fraud squad, Detective Senior Sergeant Don Heise, said the skimming occurred through September after the pin pads at the drive-thru counters of more than 20 McDonald's restaurants in the Perth metropolitan area were replaced with compromised machines.

The bogus keypad would then transmit the card's information to a nearby mobile or laptop.

The accounts of 4000 victims have been hacked into after the first withdrawal took place on October 5, with one suffering a loss of about $6000 to $7000.

During October, more than $4 million was stolen from bank accounts, using ATMs in NSW, Victoria, Canada, Great Britain, the USA, India and Malaysia. (more)

The device is the Ingenico PX328 pinpad, a decade-old terminal type, which is not tamper proof. Upgrade, if you got them! (more)

"Talk is over-rated as a means of settling disputes."

Tom Cruise is being sued for allegedly hiring a private investigator to illegally wiretap a magazine editor's phone, according to documents obtained by TMZ.com.

Michael Davis Sapir claims the movie star, along with attorney Bert Fields and jailed private investigator Anthony Pellicano, conspired to spy on him. (more) (more)

The One Minute TSCM Quiz

Our corporate clients are pretty smart. They learn quite a lot when they retain us. (They can ace this quiz.)

Think you know as much about TSCM and spybusting as they do?

Find out, take The One Minute TSCM Quiz.

If our quiz leaves you feeling up a pole, without a clue, you're not alone. Everyone starts that way.  Solution: Retain us in 2010.

FutureWatch - Video Surveillance Predictions

It is really not too hard to predict the future of CCTV. 

The future is here...

2010 - The end of the "Video Wall"

"Clean and green," is coming to the security center Situational Awareness Center. Video analytics is the brain in the box catalyst of change. 

One human. One screen. One unblinking computer, watching every video feed; analyzing everything it sees and popping it onto the "Situational Awareness Officer's" screen (or internal projection node) only when deemed necessary.

Video analytics is smart. Facial recognition with file linking, movement interpretation, psychological action profiling, letter/number/bar code reading, RFID tag sensor incorporation, intelligent threat assessment, people/vehicle counting, congestion/loitering assessment, and more.

Not impressed yet?
Look at it from management's point of view...
• Lower hardware investment.
• Lower maintenance costs.
• Lower electric bill.
• Lower payroll.
(more)

Scalable Situational Awareness

The Port of Brisbane is turning itself into a 3D video game. Brian Lovell, project surveillance leader, explains...

"You could imagine a single desktop interface that gives you all the information you need at a port, like the Port of Brisbane," he said. "The reason to go single desktop is that is the modern trend. It also means you can provide that information to emergency responders so if there is an incident at the Port of Brisbane you can provide not just the video feed but all the context information to emergency providers like the police, etc.

"What we do is have all the video feeds, which are placed [superimposed] on a 3D texture map surface – sort of like a game of Doom or a video game environment. The beauty of that is you don't need to know the camera numbers or where they are positioned because it is implicit in the display. So if you go, for example, to the oil bunkering facility on the map you just scroll along with your mouse and then zoom in and if there is any video camera present you can see, live, what is happening at that spot. It is a little like Google Street View except when you go in you are seeing a live camera feed." (more)

Slip the Mouse a Mickey

We are rapidly approaching 3D video... no, I am not talking about the kind with the goofy red/green glasses. This 3D will be extremely useful to the person monitoring the "Situational Awareness Center" of the future. No mouse in this person's hand. A tilt of the head will move them around their semi-virtual world. Apple's latest patent clued me in...

"An electronic device for displaying three-dimensional objects, comprising control circuitry, a display and a sensing mechanism, the control circuitry operative to:direct the display to display a three-dimensional object;direct the sensing mechanism to detect the current position of the user; transform the object to appear to be viewed from the detected current position; anddirect the display to display the transformed object."  (this worthwhile video will give you the idea)

Some of these things are already here and the really cool stuff is coming soon. ~Kevin

The Great Seal Bug - Part II

"The Thing" - World's Most Famous Bugging Device
This spybusters.com history page now has a Part II.
Here is some background from The Great Seal Bug (Part I)...

"In 1946, Soviet school children presented a two foot wooden replica of the Great Seal of the United States to Ambassador Averell Harriman. The Ambassador hung the seal in his office in Spaso House (Ambassador's residence). During George F. Kennan's ambassadorship in 1952, a routine security check discovered that the seal contained a microphone and a resonant cavity which could be stimulated from an outside radio signal."

Part I explains "The Thing" (as it was originally called), its first public display by Henry Cabot Lodge, Jr. at the United Nations General Assembly, an exploded view of the novel device, background on the inventor - Leon Theremin, and information from confidential sources.

Part II (released 12/17/09) is about, John W. Ford, the man who lead the TSCM team (of one) who discovered the device; Joseph Bezjian was his technician. Mr. Ford was well-regarded by diplomats and presidents and had many other exploits during his career. Some of these are included in The Great Seal Bug - Part II. Here is a quick example...
"Scott McLeod, suspecting that a certain safe in the Dept of State contained material compromising and embarrassing to a member of Congress, called in a safe expert to attempt to open the safe, after hours. Damaging the safe drawer beyond repair, and fearing an FBI or police inquiry, the damaged drawer was dumped off the 14th Street bridge into the Potomac."

Stop by, and pass the word. It is a great read.
The Great Seal Bug - Part I
The Great Seal Bug - Part II
-----------
Help document this historic bug in greater detail. If you have any knowledge, personal recollections, photographs, or know the current whereabouts of the original Great Seal or its bug, please contact me.

And, a big thank you to everyone who has already contributed! ~Kevin

Why ‘In-House TSCM’ Reminds Me of Trepanation

...published this month in WhiteNews
2010 is upon us and TSCM in the United States has changed dramatically since 2000. Yet, once in a while, I still hear from a client who wants to start an in-house electronic countermeasures department!

Seems a quaint notion today. But, who can blame them? In-house efforts were once commonplace. In fact, we used to provide training, and specified instrumentation purchases.

Over these past ten years, the landscape changed and organizations phased out their in-house efforts. In-house TSCM is pretty much a dead issue now. There are several good reasons for this...

1. These are not your father’s surveillance devices. Eavesdropping and recording devices these days may be purchased in a wide variety of excellent covert disguises. A physical inspection by an amateur (even with training) will miss all but the most obvious surveillance items. Today, an in-house search is barely adequate even for a small company with a few spartan conference rooms. At a multinational corporate headquarters, who’s executive floors are showplaces of technology, an in-house inspection is not just inadequate, it is negligent.

2. Human nature works against an in-house staff inspection. Physical searching is work. It involves bending, stooping, looking under tables. This is not to slight an otherwise excellent staff, but consider the reality...
- If you give someone more work, longer hours, they will want more money to do it. No money, no serious search.
- If you give someone the job of finding something they can’t recognize even if they see it, they will start thinking “there is nothing to see, so why look.”
You may get them to do it a few times, but it will fizzle out.

3. Unless a technician is active several days each week, the initial training will be forgotten. Inspecting the same, limited environment is mind-numbing as well.

A few years ago, one of our clients called us in for “advanced” training. They had purchased equipment and initial training from a manufacturer 3-4 years prior. Turned out their spectrum analyzer was working at only 30% sensitivity... and they weren’t aware they had a problem! “It always worked like this as far as I recall.”

4. Executives are sensitive about their privacy. On one hand executives want protection against electronic surveillance. On the other hand, they would be pleased if this could be accomplished without someone poking around their office... Especially, a lower-level, company employee who has a vested interest in, and understanding of, all the paperwork in their drawers.

Engaging a professional counterespionage research team addresses these issues.
- They know how to look, and what they are looking for.
- Their instrumentation is more likely to be the most current.
- Their searches are focused. They have no interest in company politics, and won’t be there the next day to gossip with other employees.
- They are acclimated to being in executive offices, i.e. they don’t play with the shelf toys.
- Most importantly, a professional team brings with them a wealth of field experience and knowledge that no part-time, in-house “tech” can possibly possess.

An in-house TSCM effort is a mental band-aid that doesn’t adhere well. It can only make the security department look bad in the long run. ~Kevin

SkyGrabber Snags Drone Feeds

Militants in Iraq have used $26 off-the-shelf software to intercept live video feeds from U.S. Predator drones, potentially providing them with information they need to evade or monitor U.S. military operations. (more)

FutureWatch - This will be fixed, but it was fun watching the video feeds (here in the U.S.) when drones were first being developed.