ID and Home Theft Made Easy

Leaving the house this weekend? Telling all your Facebook buds about it? You might want to reconsider that. Police in Nashua, New Hampshire broke up a robbery ring this week that was using Facebook to plan their heists. The gang was monitoring Facebook pages to determine when a target would be out of their home and then robbed it. (more)

The moment is special: Your kid just learned how to ride a bike without training wheels. So you fire up your iPhone's camera, snap a photograph, upload the image to TwitPic, and share the evidence of your child's triumph via Twitter. When you post the picture, a subset of the 75 million Twitter users will know the exact location of you and your child. Digital photos automatically store a wealth of information--known as EXIF data--produced by the camera. Most of the data is harmless... 

Cat burglar is also an identity thief.

however... 

Ben Jackson detailed how he found personal details about a man in a photo. Using accompanying geotagging data, Jackson located the man's house on Google Earth. Then he found a name associated with the house where the photo was taken, leading him to a Facebook account that yielded a birth date, marriage status, and friends. A second username listed on the Facebook page led to a second Twitter account, and so forth. The point here is that once you start pulling on the thread of information contained in a geotagged image, a single photo can reveal a whole trove of personal data--far more than you might think. (more)

Tree Bugs Bug MI5 Spies

British government officials in Northern Ireland have ordered 20 trees cut down outside a spying installation, after a number of surveillance cameras were discovered hidden among the tree branches. The trees are located around a multimillion-dollar spying base belonging to MI5, Britain’s primary domestic intelligence organization. (more)

Security Scrapbook Readers' Complaints & Get-It-Done Book

1. "Make the contests harder."

I am not that smart.

2. "Your Security Scrapbook is really interesting, but I don't have time to read it."

Read this... Get-It-Done Guy's 9 Steps to Work Less and Do More and then come back.

The book's official release is tomorrow. 

I have the same 'time' problem, sooo... my copy is already in the mail.

from the web site...

Get-It-Done Guy's 9 Steps to Work Less and Do More is a playful, yet serious guide to working less and doing more. In other words, creating a more productive life. Yes, it's about getting more done at work. It's also about getting more done in life. It lays out nine skills that apply anywhere you want to get greater results with less work. (For the buzzword-inclined, you can think of the book as business process re-engineering applied to individual productivity. I wouldn't say that aloud, however.) (Free downloadable chapters, Steps 1 & 2: Introduction Procrastination) (more)

3. "Don't make the contests so hard. I don't know Poe from poo." 

I hope you mean Winne the Pooh, not poo as in the Shineola adage.

"What's Shineola?"

Thus, proving the old adage true. (click)

"And, the Number One reason to buy your tickets from your friendly neighborhood scalper is..."

...the personal details of some 250,000 fans who bought tickets to the 2006 World Cup in Germany through official Fédération Internationale de Football Association (FIFA) ticket outlets have been stolen and then sold off for some £500,000. The information not only contains financial information on ticket holders, but their passport details. A criminal investigation has been launched... (more)

Quantum Cryptography's Day Off

LAST MONTH 
A team of 15 Chinese researchers from Tsinghua University in Beijing and the Hefei National Laboratory for Physical Sciences... quantum technologies have wide-ranging applications for the fields of cryptography, remote sensing and secure satellite communications. In the near future, the results from this experiment will be used to send encrypted messages that cannot be cracked or intercepted, and securely connect networks, even in remote areas, with no wired infrastructure, even incorporating satellites and submarines into the link. (more)

THIS MONTH 
Norwegian computer scientists have perfected a laser-based attack against quantum cryptography systems that allows them to eavesdrop on communications without revealing their presence. (more)

"Life moves pretty fast. If you don't stop and look around once in a while, you could miss it." ~ F.B.

Contest Answer

The cypher comes from Edgar Allen Poe's short story "The Gold Bug."

Set on Sullivan's Island, South Carolina, the plot follows William Legrand, who was recently bitten by a gold-colored bug. His servant Jupiter fears him to be going insane and goes to Legrand's friend, an unnamed narrator who agrees to visit his old friend. Legrand pulls the other two into an adventure after deciphering a secret message that will lead to a buried treasure.

Poe submitted "The Gold-Bug" as an entry to a writing contest sponsored by the Philadelphia Dollar Newspaper. His story won the grand prize and was published in three installments, beginning in June 1843. The prize also included $100, likely the largest single sum Poe received for any of his works. "The Gold-Bug" was an instant success and was the most popular and most widely-read of Poe's works during his lifetime. It also helped popularize cryptograms and secret writing. (more)

The coded message reads, "A good glass in the bishop's hostel in the devil's seat forty-one degrees and thirteen minutes northeast and by north main branch seventh limb east side shoot from the left eye of the death's-head a bee-line from the tree through the shot fifty feet out."

After decoding Captain Kidd's message about where the buried treasure was hidden the main character, William Legrand, explains to his companion how he figured out what the bishop's hostel was...  

"It left me also in the dark," replied Legrand, "for a few days; during which I made diligent inquiry, in the neighborhood of Sullivan's Island, for any building which went by the name of the 'Bishop's Hotel'; for, of course, I dropped the obsolete word 'hostel.' Gaining no information on the subject, I was on the point of extending my sphere of search, and proceeding in a more systematic manner, when, one morning, it entered into my head, quite suddenly, that this 'Bishop's Hostel' might have some reference to an old family, of the name of Bessop, which, time out of mind, had held possession of an ancient manor-house, about four miles to the northward of the island. I accordingly went over to the plantation, and re-instituted my inquiries among the older negroes of the place. At length one of the most aged of the women said that she had heard of such a place as Bessop's Castle, and thought that she could guide me to it, but that it was not a castle, nor a tavern, but a high rock." (more)

Contest Clue

It could be said that this message was: written by two people (The author of the story and, by extension,  one of the characters referenced in the story.); then decoded by two people (Again, the author and the character in the story who decoded the message); that three people were involved in these endeavors (The author, Character 1 and Character 2; and, none of these people ever met each other. 

Even decoded, the message is mysterious. A place mentioned (a hostel), assumed to be a structure, turns out to be something quite different. What was it?

The answer, Monday, September 13, 2010 at noon (EDT).

Spybusters Contest - Level: Difficult

It could be said that this message was: written by two people; then decoded by two people; that three people were involved in these endeavors; and, none of these people ever met each other. Even decoded, the message is mysterious. A place mentioned, assumed to be a structure, turns out to be something quite different. What was it?

Click here to send me your answer.

(Enter your e-mail address, the rest is optional.)

The first three correct answers win.

If necessary, a clue will be posted tomorrow.

Chameleon™ & PrivateEye™ - Two Cool Security Products

Now you can blind shoulder surfers with these two very cool computer security products. Very innovative. Very clever. Very secure. 

PrivateEye™ is active display security software that responds conveniently and automatically to a user. PrivateEye presents a normal clear screen when the user is present and looking at the display, but when the user’s attention moves away from the display the software immediately blurs the screen. Similarly, if PrivateEye detects an eavesdropper it can automatically blur the screen. The solution also includes a facial recognition engine. PrivateEye requires only a standard webcam. (video). 

Chameleon™ is a software and hardware solution from Oculis Labs that addresses the unique security challenge of protecting sensitive and classified materials while it is being displayed on computer screens. The solution protects displayed information against over-the-shoulder eavesdroppers, video recorders, remote electronic surveillance, and TEMPEST style threats. Using a patent-pending, gaze contingent, secure content rendering system, the software allows a trusted user to read a screen normally, but no one else can.

If you agree that this techonolgy is too cool, take a moment and help these folks win the "Hottest Tech in Town" Award. (vote here)

Contest Alert

I received a friendly tap on the shoulder reminding me that it has been a while since our last Security Scrapbook contest.

Previous contest winners know the prizes are worthy of the effort. The contests are also fun and sometimes educational. Be sure to give it a try. 

The next contest will be posted on Saturday, September 11 at noon (12:01 PM EDT).

The challenge level for this contest question will be Difficult.The first three correct answers received via our web site's contact form win (the URL will be posted with the contest). Good luck! ~ Kevin

William Gibson & Fashion's Industrial Espionage

Q.  You make fashion seem mysterious, even a little ominous.

A. The sinister aspect of it in the book doesn’t derive from people wanting to cloth themselves in garments they feel will make them more desirable or distinguish them socially. Part of it comes from the real, observed, war-like seriousness with which the fashion industry largely proceeds. It’s not a friendly, feminine sort of thing. It’s deadly serious. Billions of dollars ride on it. There’s a great deal of industrial espionage going on. It’s a harsh, harsh business. (more)

WIlliam Gibson being interviewed about his new book Zero History.

X-ray vans that can see through walls-and clothes-hits America's streets.

Nervous yet?

AS&E's vans can be driven past stationary vehicles to scan their contents or parked to see the innards of passing cars and trucks.

Privacy-conscious travelers may cringe to think of the full-body scanners finding their way into dozens of airport checkpoints around the country. Most likely aren't aware that the same technology, capable of seeing through walls and clothes, has also been rolling out on U.S. streets.

American Science & Engineering , a company based in Billerica, Mass., has sold U.S. and foreign government agencies more than 500 backscatter X-ray scanners mounted in vans that can be driven past neighboring vehicles or cargo containers to snoop into their contents...

The Z Backscatter Vans, or ZBVs, as the company calls them, send a narrow stream of X-rays off and through nearby objects and read which ones bounce back. Absorbed rays indicate dense material such as steel. Scattered rays show less-dense objects that can include explosives, drugs or human bodies...

The company, which calls the ZBV its flagship product, sold 89 of the vehicles in the 15 months ending in June at $850,000 apiece... (more)

MI6 Spy uses Son of Sam Defense

Daniel Houghton, an MI6 worker who tried to sell secrets for £2 million, has been given a 12-month jail sentence for his "act of betrayal."

It was the “voices” in his head which made Daniel Houghton do it, according to his legal team.

He offered to hand over sensitive computer files containing information about intelligence collection and MI6 staff lists to agents from the Netherlands, the Old Bailey heard.

The judge said he did not know whether it was true, as Houghton claimed, that he was hearing voices that told him to do it but said he was a "strange young man." (more) (Son of Sam)

Squawk Box Eavesdropping - $500. Fine...

...what a hoot!
NY - A former Smith Barney broker was sentenced to no jail time on Wednesday after he cooperated with federal prosecutors in a probe into an alleged scheme to misuse brokerage-firm "squawk" boxes. (Also called "hoot n holler" and "shout down" boxes, these are always-on intercom systems used at financial trading firms. Sending broadcasts from these devices to unauthorized persons is illegal eavesdropping.)

He now works as a car salesman, was ordered to pay a $500 fine by U.S. District Judge I. Leo Glasser in Brooklyn, but the judge imposed no jail term.

The 48 year old pleaded guilty in 2005 to conspiracy to commit securities fraud. He didn't testify at trial, but provided information that prosecutors said led to the conviction of six people last year, including three former supervisors at defunct day-trading firm A.B. Watley Inc.

Prosecutors from the U.S. Attorney's office in Brooklyn had alleged that he placed an open telephone line next to his squawk box for lengthy periods, allowing day traders at A.B. Watley to secretly eavesdrop on block orders by institutional clients. He received cash bribes in return, prosecutors said. (more) (technical details)

Busman's Holiday

(sing-a-long) During the past decade, a New York man stole more than 150 buses from an unsecured Trailway bus depot in Hoboken New Jersey; the doors were open, the key were left in the ignition, and he just drove off the lot, using the coaches for everything from fast-food runs to jaunts to North Carolina; he was finally collared last week after he stole a bus, drove to Manhattan, and took a group of flight attendants to Kennedy Airport.

Police Commissioner Raymond Kelly wants NYPD to look into lax security at a New Jersey depot from which bus-thief Darius McCollum stole more than a hundred buses. (more)

Attention security vendors who sell password access key pads. Opportunity honking.

iPhone Spy Stick - DIY forensics, or worse?

The headline declares...
Recover DELETED iPhone Text Messages, Map Searches, Hidden Contacts, & More
Quickly and Easily Download Even Deleted Information from an iPhone
The iPhone Spy Data Recovery Stick is the ultimate iPhone recovery tool for anyone who wants to capture deleted information from any iPhone (running iOS to 3.x). The iPhone Spy Data Recovery Stick makes it easy to recover deleted text messages, contacts, call and web history, as well as photos, voice memos and calendar appointments -- giving you a unique look into exactly what the user has been searching for, who they’ve been talking to, and even the types of pictures they’ve taken. With features like saved map search history, web searches, and text messages, the iPhone Data Recovery Stick is the only tool you need to catch a cheating spouse, monitor your kids, iPhone recovery or backup your own iPhone data.

Features:
Get access to deleted information
Download text messages and view calls made
Recover deleted contacts and calendar items
View pictures and other multimedia
Get access to map history to see locations searched on the iPhone’s map with exact GPS coordinates
Get access to notes, voice memos, multimedia files, and dynamic text data
Downloading data is as simple as attaching the iPhone and iPhone Data Recovery Stick to a computer and pressing start
iPhone information is saved on any computer and can be moved to other drives as a regular file
Looks like an ordinary USB flash drive
iPhone recovery Stick allows you to recover data from your iPhone you thought was lost forever

Popular Uses:
Catch a cheating spouse
Monitor your kids iPhone text messaging and Internet use
Check on employees using company issues iPhones
Restore deleted files

Includes:
iPhone Spy Data Recovery Stick
USB cable for iPhone
(more)

Why do I mention it?
So you will know what you are up against.
P.S. It only works on the older versions of the software (for now).

Business Espionage - A Spy Comes Clean

South Africa - A corporate spy (Briel) has admitted in sensational court papers that he illegally tapped telephones at the behest, he says, of Investec bank.

"I always wore my Telkom overalls, as then no one queried what I was doing." ~ Briel

In his affidavit, Briel makes some devastating claims.

Briel worked for Associated Intelligence Networks (AIN) run by Warren Goldblatt, which has since morphed into Specialised Services Group, and says he received his instructions in the Investec case from former Recce Johann Rademeyer.

Briel says "Goldblatt told me that he had a big job to do in Cape Town. He mentioned that it was for Investec, and that there were bad people in their company that they wished to monitor."

He says he posed as a Telkom technician to install phone taps at Investec, as well as at private residences in Hout Bay, and a company premises near the Protea Hotel at the Waterfront.

In court papers, the Chaits say one of the places Briel tapped phones was the offices of their company, Fairweather Trust, which was developing the Victoria Junction Hotel in Cape Town at the time.

"Detailed information regarding the telephone tapping of (our) offices ... have enabled us to physically locate and recover equipment used in the tapping, which in due course will be provided in evidence," the Chaits say in papers.

The Chaits are furious - particularly because their property business was competing with Investec's own property business.

But Investec's Nobrega...described Briel's claim as an "overzealous expansion of the true facts in order to extort a settlement from Investec Bank." (more)

Substitute the word SPY for FRAUD

Special note to corporate security directors: This Certified Fraud Examiners survey is excellent. The findings parallel my internal corporate counterespionage experiences, another form of fraud... with much larger monetary losses. Swap a few words. Expand your thinking. Learn where to look. Become a wiser counsellor for your company.

A fraud spy suspect might not be easy to pick out of a crowd -- or from a rap sheet.

The average fraud spy perpetrator has no prior fraud spy charges or convictions, according to new research by the Association of Certified Fraud Examiners (ACFE), the world's largest provider of anti-fraud spy training and education. The offender is commonly between the age of 31-45, and somewhat more likely to be male than female.

More insights gleaned from the study help fill out the profile, however. Behavioral red flags, tenure at an organization, position and educational background are all criteria examined in the ACFE's 2010 Report to the Nations on Occupational Fraud & Abuse. The Report is drawn from a survey of Certified Fraud Examiners (CFEs) who investigated fraud cases between January 2008 and December 2009.

Here are some of the key findings
about fraud perpetrators
in the 84-page Report:

High-level perpetrators cause the greatest damage to their organizations. Frauds Spying committed by owners/executives were more than three times as costly as frauds spying committed by managers, and more than nine times as costly as employee frauds spying. Executive-level frauds spying also took much longer to detect.

Fraud offenders Spies were likely to be found in one of six departments. More than 80% of the frauds spying in the study were committed by individuals in accounting, operations, sales, executive/upper management, customer service or purchasing.

More than half of all cases in the study were committed by individuals between the ages of 31 and 45. Generally speaking, median losses tended to rise with the age of the perpetrator.

Most of the fraudsters spies in the study had never been previously charged or convicted for a fraud-related spying-related offense. Only seven percent of the perpetrators had been previously convicted of a fraud spying offense. This finding is consistent with prior ACFE studies.

Fraud perpetrators Spies often display warning signs that they are engaging in illicit activity. The most common behavioral red flags displayed by the perpetrators in our study were living beyond their means (43% of cases) and experiencing financial difficulties (36% of cases). (more)

Security Alert - HP Printer / Scanners

Security Alert: Low (But you should be aware of it.)

Certain models of HP combination printer and scanner devices contain a feature that could allow for corporate espionage, according to researchers at web security firm Zscaler. 

The feature, called WebScan, allows a user to remotely trigger the scanning functionality and retrieve scanned images via a web browser. This capability could allow anyone on the local area network (LAN) to remotely connect to the scanner and retrieve documents that have been left behind on the scanner, Michael Sutton, vice president of security research at Zscaler, told SCMagazineUS.com on Thursday. 

The feature generally is turned on by default and, in many cases, is not password protected.(more)

TSCM Sweep Finds Cop Bugged

IN - Eavesdropping devices have been found in the office of an Indianapolis deputy police chief believed to be under investigation by the FBI.

Members of the department's Criminal Intelligence Unit were asked Thursday night to conduct an electronics sweep of the office of Deputy Chief of Investigations William Benjamin and found a pinhole camera and a listening device inside a desk drawer...

After the bugging devices were found, Chief Paul Ciesielski issued a statement saying he was going to launch an internal investigation."I did not put it there, did not have anyone put it there, nor did the director," the statement read. "I have opened an internal investigation to find out who did." (more)

UPDATE - The bug found in an IMPD leader's office was not used to eavesdrop on him, police said today.

The device did not work, and it had been left by a previous occupant of the office, according to an e-mail from Indianapolis Metropolitan Police Department Chief Paul Ciesielski...

The listening device was found in Deputy Chief William Benjamin's office during a sweep he requested this week... It was unclear what prompted Benjamin to request the sweep of his third-floor office; he did not return a phone call from The Indianapolis Star on Friday. (more)

Soooo... Who was the previous occupant? Why did they have the room bugged? Will that be investigated? And, why did Benjamin request a bug sweep in the first place?

Spybuster Tip #582 - Keystroke Logger Killer

KeyScrambler Personal is a free plug-in for your Web browser that protects everything you type from keyloggers. It defeats keyloggers by encrypting your keystrokes at the keyboard driver level, deep within the operating system. When the encrypted keystrokes reach your browser, KeyScrambler then decrypts them so you see exactly the keys you've typed. Keyloggers can only record the encrypted keys, which are completely indecipherable. (more)

RIM Shot... and you're next Skype

International Telecommunications Union (ITU) secretary-general Hamadoun Toure said BlackBerry maker Research in Motion (RIM) should supply customer data to law enforcement agencies around the world, characterizing the governments’ needs as “genuine” concerns that cannot be ignored.

The ITU is primarily concerned with regulating global radio spectrum usage, supervising telecommunications standards processes, and helping regulate communication satellite orbits and transmission... the agency has no formal regulatory.. however, Toure’s comments certainly reflect the general sentiments of the ITU’s 192 members.

Canada’s RIM has recently faced regulatory issues in a number of countries over encrypted communications handled by its BlackBerry services, with governments like Saudi Arabia, the United Arab Emirates, India, Indonesia, and Lebanon all insisting that their governments be permitted access to BlackBerry users’ communications. (more)

Tabloid's Royal Eavesdrop Keeps Making News

UK - In November 2005, three senior aides to Britain’s royal family noticed odd things happening on their mobile phones. Messages they had never listened to were somehow appearing in their mailboxes as if heard and saved. Equally peculiar were stories that began appearing about Prince William in one of the country’s biggest tabloids, News of the World.

The stories were banal enough (Prince William pulled a tendon in his knee, one revealed). But the royal aides were puzzled as to how News of the World had gotten the information, which was known among only a small, discreet circle. They began to suspect that someone was eavesdropping on their private conversations. 

Scotland Yard collected evidence in 2006 indicating that hundreds of celebrities, government officials, soccer stars – anyone whose personal secrets could be tabloid fodder – might have had their phone messages hacked by reporters at News of the World. Only now, more than four years later, are most of them beginning to find out. (more)

SpyCam Story #583 - Veal

A hidden-camera video that shows severe confinement and other abuses of calves has caused Bob Barker to ask consumers to stop buying veal and dairy products.

The Emmy Award-winning former host of The Price is Right and a longtime animal advocate, Barker narrated the Mercy for Animals (MFA) video and joins the group in asking Americans nationwide to boycott the products that he says sentence animals to “a life of extreme deprivation and suffering.” (more)

How to Kill Flash Zombies

Flash cookies can be used to track you across the Web without telling you. Advertisers are using it to track your movements across the Web.

Or so claims a lawsuit filed by privacy attorney Joseph Malley, one of three he's filed in the last two months against some of the biggest media heavyweights in the world -- Disney, ABC, NBC, MTV, and a host of others.

All use them employ Web ad companies like Quantcast, Specificmedia, and Clearspring to deliver Flash ads, and all of those ads store Flash cookies on your hard drive.

So what's wrong with that? For one thing, most people aren't aware Flash even stores cookies. These cookie files are ridiculously hard to find and manage: You can't get at them from your browser, and they're buried several layers deep inside your Application Data folder on Windows PCs. They can store up to 100K of data per cookie, or about 25 times what a browser cookie can store. And they can be used to recreate tracking cookies you've deleted.

In other words, if you've told an advertiser you don't want to be followed around the Web by deleting its tracking cookie, that advertiser can use Flash to 'respawn' that deleted cookie without telling you -- and continue to track you in secret. Thus Malley's lawsuits, which accuse all of those companies of breaking federal laws against computer intrusion and surveillance.

That respawning bit is why Flash cookies are also called "zombie" cookies. However, like real zombies, they can be stopped -- and you don't even have to cut off their heads (or use cricket bats and vinyl LPs, like in Shaun of the Dead ). You just need to use Adobe's Flash Player Settings Manager. (more)

Click the Adobe link above and set your preferences on the Global Settings Panel. It is easy to do and very worthwhile.

"Yes, you can record. Yes, you can decide not to."

Australia - Alliance Craton Explorer (a company involved in developing a uranium mine) told the Supreme Court it wanted to use recording devices in committee meetings with Quasar Resources. The companies have a joint venture agreement for the Four Mile uranium project.

Alliance claimed it wanted to protect its interests but Quasar countered that the confidentiality of the meetings could be put at risk. Quasar used its numbers at the meetings to vote against the recordings. It argued in court the use of such devices was in breach of listening and surveillance laws. 

So far, so good.

But Justice John Sulan disagreed, finding it was legitimate for Alliance to use recording devices.

However he also ruled it was acceptable for the committee to decide by a vote whether recording devices could be used. (more)

Security Scrapbook Exclusive

Possible secret recording from the meeting leaked:

"Uranium. Three Mile. Duh!" 

"No, no. Four Mile is a brilliant name. Like, mate... we go the extra mile." 

"Or, a disaster would be that much bigger, you dingo."

"I say we use kilometers instead."

The Byte of the Web Bugs

The Wall Street Journal has been running a series of very interesting - and disturbing - articles the past few days investigating Internet spying and its impact on your privacy.

For instance, did you know that the top fifty US web sites (which account for about 40% of Web pages visited by Americans) install, on average, 64 pieces of tracking technology onto the computers of their visitors? Or, that two-thirds of those tracking files were created by 131 companies, many, if not most, of which are in the business of selling the information they capture from you and me?

Of course, the companies installing the web site tracking software say it is all harmless. In fact, they argue, the information captured about us allows them to create a better on-line experience since the Web ads that we see are tailored to fit our individual interests...

As a result, tracking software on web sites has increased in sophistication to where - using so-called "Web bugs" - your cursor movements on a web page along with what you are typing are being analyzed to create profile of you (or better, your computer) that can be also tracked across web sites. (more)

SpyCam Story #582 - Don't ask, don't tell.

Australia - An army employee alleged to have put a covert filming device in change rooms at his barracks will stand trial. Nathan William Freeman, 27, is charged with indecent filming.

It will be alleged a secret camera resembling a car's key remote was put in change rooms at the Woodside barracks in the Adelaide hills. Police say the item was handed in as lost property and then discovered to be a secret camera on closer inspection. (more)

Reykjavik's Gargoyle SpyCam

Seen during my travels in Iceland this week...

Gargoyle watches the watchers.



Who says Vikings don't have a sense of humor?

The Eight Most Secretive Companies...

...are also some of the most successful. 

Follow their lead. 

Engage a good counterespionage specialist.

The need for secrecy in business has led to a shadow industry known as industrial espionage. The practices of “spying” used to be physical. A spy would have to be near the product to describe or photograph it. Electronic surveillance replaced this in the second half of the 20th century and “bugs,” wire taps, and digital theft of documents became more popular. Today, espionage is incredibly sophisticated... 

This is a list of eight of the most secretive companies in America, firms which rely heavily on keeping secrets. A breach of their most confidential products or services could damage their current business value and, over time, even destroy a company.
• Apple, Inc.
• Xe Services LLC (formerly Blackwater)
• Renaissance Technologies LLC
• Google, Inc.
• Boeing, Co.
• Monsanto, Co.
• PGP
• The Coca-Cola Company
(more)

HSH Nordbank Chief Nonnenmacher Says He Never Approved or Tolerated Spy

Germany - HSH Nordbank AG Chief Executive Officer Dirk Jens Nonnenmacher said he never approved or tolerated spying at the bank and that the lender will “do everything” to examine allegations that spying took place...

German magazine Der Spiegel reported on Aug. 21 that officials at the bank asked a security company to investigate former HSH Nordbank Chief Operating Officer Frank Roth, who was fired last year. The magazine relied on a document citing an unidentified former security adviser.

Nonnenmacher said the security adviser has since made a statement revoking the allegations... (more)

SpyCam Story #581 - Hill Out

MI - Former Egelston Township Treasurer Brian Lee Hill is free on bond after spending three years in prison on a batch of now-reduced child-pornography convictions...

The longtime elected official spent three years behind bars, almost to the day. He was sentenced Aug. 24, 2007, to 10 concurrent terms of 4 3/4 years to 20 years, as well as shorter concurrent terms -- already served -- for electronic eavesdropping. The eavesdropping convictions were for spying on showering foreign exchange students with a videocamera hidden in his bathroom. (more)

SpyCam Story #580 - The Curtains Caper (UPDATE)

Malaysia - Selangor Mentri Besar Tan Sri Khalid Ibrahim played detective today when he revealed the origins of a spy camera found in his office on August 10.

He said internal investigations by his office have located the factory that made the camera and the store where it had been bought. Khalid also dismissed allegations that it was a “political plot” to not lodge a police report.

The mentri besar had discovered a Fuji-brand camera on a ledge behind the curtains in his office on August 10. He had said checks had also been carried out in the state executive councillors’ offices to detect if there were more hidden cameras. (more)

The Spying on the Neighbor Fiasco

Don't watch this at work. 
Save it for later. 
Have a nice weekend. (video)

Yet another challenge to the 2-party consent eavesdropping laws

Using an iPhone to secretly record a conversation is not a violation of the Wiretap Act if done for legitimate purposes, a federal appeals court has ruled.

“The defendant must have the intent to use the illicit recording to commit a tort of crime beyond the act of recording itself,” (.pdf) the 2nd U.S. Circuit Court of Appeals ruled.

Friday’s decision by the 2nd U.S. Circuit Court of Appeals, which involves a civil lawsuit over a secret audio recording produced from the 99-cent Recorder app, mirrors decisions in at least three other federal appeals courts.

The lawsuit concerns a family dispute over the making of a dying mother’s will. Days before the Connecticut woman died, her son secretly recorded a kitchen conversation between the son, mother, stepfather and others over how to handle her estate after her death. (more)

SpyCam Story #580 - It's curtains for the staff.

East Malaysia - Selangor Menteri Besar Tan Sri Abdul Khalid Ibrahim has denied a suggestion that he would reshuffle his office staff following the discovery of a hidden video camera in the office.

He said the State Government would first find out why the staff in his office had not detected the device. "If we find out it involved the staff in the Menteri Besar's office, then action will be taken against them.

Abdul Khalid stumbled upon a hidden video camera in a gap between the thick curtains in his office on Tuesday. (more)

Did you know... most eavesdropping devices are found by accident?

Imagine the results if people looked occasionally.
Don't want to do it yourself? 
Call the folks who bring you Kevin's Security Scrapbook.
It's what they do best.

Life, art and duffel bags...

Body of Missing British Spy
Found Stuffed in Bag 
in His Apartment
The body of an employee of Britain's spy agency MI6 has been found in a bag in a central London apartment where he may have been murdered two weeks ago, British media reports.

The body of Gareth Williams, 31, was found Monday stuffed in a large sports bag in his bath only a few hundred yards from MI6 headquarters, the Daily Mail reports.

MI6 gathers secret information about Britain's overseas enemies, making the spy a possible target of terrorists, the Mail says.

BBC's security correspondent says it is not clear what the victim did for MI-6, but that it is reported that he was on loan from the Government Communications Headquarters, the electronic eavesdropping agency, implying he was a technical expert. (more)

(more)

ACLU challenges Illinois eavesdropping act

Over the past few years, there have been several cases of people being arrested for recording police. The issue is the audio part of the recording. In some states, the law requires the consent of all parties to the conversation. The ACLU has taken notice... and exception to what they see as a double standard and a violation of the First Amendment to the Constitution.

It's not unusual or illegal for police officers to flip on a camera as they get out of their squad car to talk to a driver they've pulled over.

But in Illinois, a civilian trying to make an audio recording of police in action is breaking the law.

"It's an unfair and destructive double standard," said Adam Schwartz, a lawyer with the American Civil Liberties Union of Illinois.

In its lawsuit, the ACLU pointed to six Illinois residents who have faced felony charges after being accused of violating the state's eavesdropping law for recording police making arrests in public venues.

On Wednesday, the ACLU filed a federal lawsuit in Chicago challenging the Illinois Eavesdropping Act, which makes it criminal to record not only private but also public conversations made without consent of all parties. (more)

---

That Anthony Graber broke the law in early March is indisputable. He raced his Honda motorcycle down Interstate 95 in Maryland at 80 mph, popping a wheelie, roaring past cars and swerving across traffic lanes... Anthony Graber was arrested for posting a video of his traffic stop on YouTube. (video and report)

YouTube still features Graber’s encounter along with numerous other witness videos. "The message is clearly, ‘Don’t criticize the police,’" said David Rocah, an attorney for the American Civil Liberties Union of Maryland who is part of Graber’s defense team. "With these charges, anyone who would even think to record the police is now justifiably in fear that they will also be criminally charged." Carlos Miller, a Miami journalist who runs the blog "Photography Is Not a Crime," said he has documented about 10 arrests since he started keeping track in 2007. (more)

"Bugging teacher... sweet-ish, fer sure."

Sweden - Two Stockholm schoolgirls have been taken to court for trying to bug their teachers during a grading conference. They were found out after one of them revealed all on Facebook.

The pair, who are in their early teens, came up with the idea after finding a key to the staff common room. They bought basic bugging equipment in a gadget shop, waited until the end of the school day, and planted the device in the staff room.

The girls, who attend a middle school in the capital, planned to listen in on a meeting the following day at which teachers would decide their grades. They were hoping to glean information that would enable them to get their grades improved.

The plan might have gone off without a hitch if one of the girls in her enthusiasm had not revealed all on Facebook, according to Metro. The girls were prosecuted for trespass and arbitrary conduct and fined 2,000 kronor ($270) each by Stockholm District Court. (more)

Business Espionage - Walt Disney Co.

The boyfriend of a former Walt Disney Co. administrative assistant admitted to engaging in a scheme to sell early access to the company's earnings report in U.S. district court in Manhattan Monday.

Yonni Sebbag, 30 years old, and his girlfriend Bonnie Hoxie, the former assistant to Disney's head of communications, allegedly contacted more than a dozen hedge funds and investment companies anonymously in March, offering to provide an early look at Disney's earnings.

"I disclosed material and nonpublic information about the Walt Disney Co. to outside investors," Mr. Sebbag said. (more)

Business Espionage - The Counterfeiters

A shopkeeper in Italy placed an order with a Chinese sneaker factory in Putian for 3,000 pairs of white Nike Tiempo indoor soccer shoes. It was early February, and the shopkeeper wanted the Tiempos pronto. Neither he nor Lin, the factory manager, were authorized to make Nikes. They would have no blueprints or instructions to follow. But Lin didn’t mind. He was used to working from scratch. A week later, Lin, who asked that I only use his first name, received a pair of authentic Tiempos, took them apart, studied their stitching and molding, drew up his own design and oversaw the production of 3,000 Nike clones. A month later, he shipped the shoes to Italy. “He’ll order more when there’s none left,” Lin told me recently, with confidence...

Counterfeiters played a low-budget game of industrial espionage, bribing employees at the licensed factories to lift samples or copy blueprints. Shoes were even chucked over a factory wall, according to a worker at one of Nike’s Putian factories. It wasn’t unusual for counterfeit models to show up in stores before the real ones did. (more)

Mandela's house 'was bugged'

It has been revealed that former president Nelson Mandela's Houghton house was bugged ahead the African National Congress's 2007 national conference. ...the listening device bug was discovered in the old Statesman's house by the police's VIP protection unit during a sweeping exercise. (more)

Oo-ee, oo-ee baby. Won't ya let me take you on a spy cruise?

Old man Panetta is runnin' my shoes
No use t'sittin' and a'singin' the blues
So be my snitch, you got nothin' to lose
Won't ya let me take you on a spy cruise? 
Hope aboard the S.S. Surreal below and sing-a-long.

Michael Hayden, the former CIA Director, has always asserted that “the war on terrorism is inherently an intelligence war.” This November, the “SPY CRUISE” will be sailing. On the cruise everything you wanted to know about intelligence but could not ask will be discussed, that is except classified information. NewsReal Blog interviewed four of the speakers to get their take on what will be discussed. (more)

SpyCruise® is a private group aboard a cruise ship where members attend exclusive lectures and talks on espionage, spies, intelligence, counterterrorism and more. Speakers are intelligence experts, leaders, officers, operatives, analysts, authors and historians, many of whom served in the US Intelligence Community. Each cruise we choose a different ship, a different destination and a different agenda.

SpyCruise® is a unique opportunity for anyone interested in the topic of intelligence to meet and learn from real experts in the intelligence field as well as others who share the same interest in this topic and history, world affairs, intelligence, military, books, etc. Lectures are normally once a day and the rest of the time is yours to enjoy the cruise ship and its excursions at different destinations. (more)

NEXT SPYCRUISE: November 13-20, 2010 in the Caribbean

Extra credit: Intellectual property transfer, or not? 

You decide.

Sea Cruise & Rockin' Pneumonia 

Sweet Little Sixteen & Surfin' USA