Surprise! Trade Secret Theft is not automatically Economic Espionage

Corporate espionage used to be rather straight forward as the typical Coke-Pepsi textbook example illustrates. It is a crime when one stole company data/trade secrets and passed it to a business rival.

This was, however, not quite the case of former Goldman Sachs computer programmer Sergey Aleynikov. A US federal appeals court acquitted Aleynikov in mid-February after he had served a year of his eight-year sentence... His acquittal was not only a blow to his former employer but also the Department of Justice.

Most importantly, his case is an acid test of the 16-year old Economic Espionage Act that specifically targets theft of trade secrets.

The Economic Espionage Act makes theft or misappropriation of a trade secret a federal crime, whether it is with the knowledge or intent that the theft will benefit a foreign power or for interstate and/or international commerce with the knowledge or intent that it will hurt the owner of the trade secret.

Coincidentally just a week before Aleynikov was let go, another US court acquitted Chinese-born American software developer Hanjuan Jin for allegedly stealing confidential information from her employer Motorola Inc...

But the judge said while the evidence showed she stole trade secrets...it was not enough to prove she committed economic espionage by selling the information to a foreign government or entity. (more)

Moral: Prevention is more swift and sure than legal protection. Get professional help.

Social Media Spy Trick #101 - Know Who Your Friends Are... really.

Spies opened a fake Facebook account under the name of NATO’s supreme allied commander, Adm. James Stavridis, and fooled senior British defense and government officials into accepting friend requests, it was reported yesterday. 

The incident allowed the reportedly Chinese spies access to the personal e-mail and contact information of some British officials, but it was unlikely any military secrets were compromised, according to The Sunday Telegraph.

“Discussions/chats/postings on Facebook are of course only about unclassified topics,” a NATO official said of the information that was accessed. (more)

Is this Web Site Malicious?

Special thanks to Lenny Zeltser...

Several organizations offer free on-line tools for looking up a potentially malicious website. Some of these tools provide historical information; others examine the URL in real time to identify threats:

• AVG LinkScanner Drop Zone: Analyzes the URL in real time for threats
• BrightCloud URL/IP Lookup: Presents historical reputation data about the website
• Cisco IronPort SenderBase Security Network: Presents historical reputation data about the website
• G-Data MonkeyWrench Beta: Analyzes the URL in real time for threats (about)
• F-Secure Browsing Protection: Presents historical reputation data about the website
• Finjan URL Analysis: Analyzes the URL in real time for threats
• KnownSec: Presents historical reputation data about the website; Chinese language only
• Norton Safe Web: Presents historical reputation data about the website
• ParetoLogic URL Clearing House: Looks up malicious sites discovered using a web honeypot; registration required
• PhishTank: Looks up the URL in its database of known phishing websites
• Malware Domain List: Looks up recently-reported malicious websites
• MalwareURL: Looks up the URL in its historical list of malicious websites
• McAfee Site Advisor: Presents historical reputation data about the website
• McAfee TrustedSource: Presents historical reputation data about the website
• Trend Micro Web Reputation: Presents historical reputation data about the website
• Unmask Parasites: Looks up the URL in the Google Safe Browsing database
• URL Blacklist: Looks up the URL in its database of suspicious sites
• URL Query: Looks up the URL in its database of suspicious sites and examines the site's content
• URLVoid: Looks up the URL in several website blacklisting services
• vURL: Retrieves and displays the source code of the page; looks up its status in several blocklists
• Web of Trust: Presents historical reputation data about the website; community-driven
• Wepawet: Analyzes the URL in real time for threats
• Zscaler Zulu URL Risk Analyzer: Examines the URL using real-time and historical techniques

On Corporate Intellectual Fruit ...and how to keep it.

Dodd-Frank related governance issues such as say-on-pay and proxy access have been well known focal points for boardrooms during the 2012 proxy and annual meeting season, but another issue has topped headlines and is of increasing concern to boardrooms: business intelligence gathering activities...

Effective corporate governance principles dictate that those who conduct unethical or, worse, illegal activities on behalf of a company must be brought to heel. 

The phrase “traditional intelligence gathering” has its roots corporate espionage. 

Popular targets include technology related industries such as software, hardware, aerospace, biotechnology, telecommunications and energy, among others... It is clear, however, that no specific industry or sector is immune to these issues. (more)

Intelligence is the fruit of creativity; the food by which companies grow. Fruit that falls and rolls into the road is picked up by competitive intelligence professionals, legally. But when they come on property and pick fresh, ripe fruit off the trees, it's illegal. With a good fence, you can keep all your fruit.

Pursuit Magazine Book Review - "Is My Cell Phone Bugged?"

By Stephanie Mitchell, CompassPoint Investigations / Pursuit Magazine

"'Nearly everyone carries instant access to phone service, and tapping has become a personal concern.' The well documented comprehensive guide Is My Cell Phone Bugged, by Kevin D. Murray, provides well-documented information and research addressing cell phone privacy issues.

I found the book well written and superbly formatted. Even those who are not technologically savvy will find it to be very user-friendly. At no time during my reading did I feel bogged down with complicated technical language! Mr. Murray’s explanation and thorough direction assists the reader in regaining their privacy and the security of their personal information. Mr. Murray’s guidance ensures the reader that cell phone security and privacy can be achieved even if you are not a counterespionage expert.

I was impressed with the wealth of information and knowledge I gained from this book. Topics include: communications technology, purchasing secure cordless devices, how to avoid pre-bugged cell phones, understanding and identifying spyware, preventing tapping and information leaks, caller-ID technology, and identifying when your phone is under surveillance. As an investigator, I was particularly appreciative of the Legal Issues chapter covering privacy laws in a clear and precise manner." (complete review)


Thank you — Kevin

From that wonderful state that brought you the Hatfield–McCoy feud... The Rat App

“If every West Virginia resident that owns a smart phone (and knows how to use it) gets this app . . . you'll literally have 10 (sic) citizen spy's working for you!” – a review at the Google Android app store

Snitching has eventually entered the digital age thanks to a new smartphone app that lets anyone, anywhere tell the police: “Hey! That’s kind of weird!”

Authorities in the state of West Virginia are encouraging residents to install an Android and iPhone application that lets alerting law enforcement of suspicious activity become as easy as a click of a button — or, for some smartphone owners, the touch of a screen.

The official government website for the state of West Virginia now prominently features a product available for download on select mobile devices. It’s the Suspicious Activity Reporting mobile application and it lets users type up notes about any mundane yet worrisome incident they witness and send it straight over to local law enforcement. The app even allows the user to capture and upload a photo of someone they might consider suspicious, only to then provide the police with a detailed visual description of someone who may — or may not — be up to no good...

The device’s manufacturers add that any tips, such as suspicious vehicles or mysterious packages, can be reported anonymously if the user opts for that choice. (more)

FutureWatch - The actual process of filing a report with a live police official filtered out most casual / grudge / unfounded / harassment complaints in the past. With app-happy ease and the promise of anonymity might not the floodgates of neighborly bile open? And, should we really believe that identifying information (phone number, GPS, etc.) won't get transmitted just because you pressed an app's anonymous button? When you call 911, caller ID blocking doesn't block.

Van Eck 2012 - Brain Sucking Cell Phone Spiders

The processors in smart phones and tablets leak radio signals that betray the encryption keys used to protect sensitive data. 

At the RSA computer security conference last week, Gary Kenworthy of Cryptography Research held up an iPod Touch on stage and looked over to a TV antenna three meters away. The signal picked up by the antenna, routed through an amplifier and computer software, revealed the secret key being used by an app running on the device to encrypt data. An attacker with access to this key could use it to perfectly impersonate the device he stole it from—to access e-mail on a company server, for example.

The antenna was detecting radio signals "leaking" from the transistors on the chip inside the phone performing the encryption calculations. Transistors leak those signals when they are active, so the pattern of signals from a chip provides an eavesdropper a representation of the work the chip is doing. When Kenworthy tuned his equipment to look in the right place, a clear, regular pattern of peaks and troughs appeared on his computer screen. They could be seen to come in two varieties, large and small, directly corresponding to the string of digital 1s and 0s that make up the encryption key.

"You could build an antenna into the side of a van to increase your gain—well, now you've gone from 10 feet to 300 feet." (more) (creepy computerized audio version) (Van Eck)

Info Security in 2 Steps - Train Your Humans, Have Your Technical Vulnerabilities Checked and Patched

There’s a famous saying that “amateurs hack systems, while professionals hack people.” The point is that security technology designed to stop hackers, spies, phishers and frauds are always compromised by timeless human weaknesses: inattention, incompetence and complacency.

Click to enlarge.

The only thing standing between your company’s information systems and the people who are out to compromise them is employees. Technical security vulnerabilities can be patched but humans are always vulnerable. (more) (need patching?)

Do Company Execs Know Sensitive Data When They See It? Many in IT Say No

Today’s companies, clearly very good at collecting data, seem “less savvy when it comes to how to classify and manage it.”

That’s the conclusion of a survey among 100 IT executives and others conducted by global consulting firm Protiviti, which finds that there is “limited or no understanding of the difference between sensitive information and other data” at nearly a quarter of the companies participating in its survey.

The report is titled “The Current State of IT Security and Privacy Policies and Practices." Its topics: how organizations classify and manage the data they accumulate; specifically how they ensure customer privacy when they handle sensitive data, and how they comply with federal and state privacy laws and regulations. (more)

Jamming on the Bus, or The Cell Phone Vigilante

PA - A man in Philadelphia decided he'd had enough with listening to his fellow bus passengers blab away on their cellphones. But instead of buying himself some noise-cancelling headphones or politely asking people to pipe down, he chose to fight back with a handheld device that jams their signals.

"I guess I'm taking the law into my own hands," he told NBC10, which caught him red-handed with the illegal jammer, "and quite frankly, I'm proud of it."

Those who ride the bus with the man say he should be ashamed, not proud. (more)

Certified Ethical Hacker (CEH) Course Growing

India - "We started ethical hacking courses in 2009 with five students which has increased to approx 200 students today," said Jyoti Chandolia, assistant manager, corporate education sales at Udyog Vihar-located Mercury Solutions Ltd, the first ethical hacking training centre to come up in the city authorised by the International Council of E-Commerce consultants (EC-Council).

"Hacking is not legal in India and this particular course can distinguish black hat hackers (bad guys) and white hat hackers (good guys) after being certified as a Certified Ethical Hacker (CEH). The main objective behind this is to make people aware that CEH course is not all about how to hack but also to scan and protect IT systems and networks of an organisation," she added.

The EC-Council is a member-based organisation that certifies individuals in various e-business and information security skills. It is the owner and creator of the world-famous CEH, Computer Hacking Forensics Investigator (CHFI) as well as many others programmes, that are offered in over 60 countries through a training network of more than 450 training partners globally. (more)

Former US Marine, Accused CIA Spy, to be Re-tried in Iran

Click to enlarge.

Iran’s Supreme Court has overturned a death sentence for spying handed down to a former U.S. Marine, Amir Mirzai Hekmati, ISNA news agency reported on Monday quoting a top judiciary official.

“The sentence was overturned by the Supreme Court … The case has been sent back” to the court for retrial, prosecutor general Gholam Hossein Mohseni Ejei told a press conference, ISNA reported. (more)

Poison Text Messages and Malicious Mobile Apps on the Rise

Nearly one in five mobile phone users have experienced some type of security threat with their device. That's the finding of a Cloudmark survey of 1,000 cellphone users, scheduled to be released Tuesday.

Poison text messages, nearly non-existent in the U.S. a few years ago, grew 300% in 2010 and 400% in 2011, accounting for about 1% of all text messages. "We've gone from totally clean to a trickle," says Rachel Kinoshito, head of Cloudmark's security operations. "Most people are seeing about one a month."

That foothold is part of a broader concern. Variations of scams that infest the Internet, through PC browsers, have begun spreading on a meaningful scale through mobile devices. And it looks like the bad guys are just getting warmed up. (more)

Business Espionage: Spy Who Stole DuPont's Secrets Pleads Guilty

A former DuPont Corp. scientist has pleaded guilty to conspiring to commit economic espionage for a company controlled by the Chinese government and agreed to testify against others charged with stealing secrets of a manufacturing process sought by China.

Tze Chao, 77, a DuPont employee from 1966 to 2002, admitted Thursday in a San Francisco federal court that he had provided confidential information about DuPont's titanium dioxide process to the Chinese-controlled Pangang Group Co. (more)

Japanese Acoustic Ray Gun Silences Blabbing Godzillas

Tired of listening to a boring talk, a lecture or a colleague rattling in the office? The Japanese have found an answer to your woes. You can now silence the talk with a speech jamming gun.

The device developed by Kazutaka Kurihara at the National Institute of Advanced Industrial Science and Technology and Koji Tsukada at Ochanomizu University can silence any person talking from about 100 feet distance.

When used the gun, an inbuilt microphone picks up the words being said and then plays it back 0.2 seconds later. According to an explanation provided by the two inventors, the human brain interprets this echo effect as silence. (more) (Kazutaka Kurihara's Website) (Speech Jammer Research Paper)

Kazutaka also has a flare for the dramatic. Watch as the jammer comes into view to do its deed. Reminds me of those wonderful Japanese 1950's horror movies.

Computer Mouse with Ears ...and its own Cell Phone

UK - Innocent-looking, regular office equipment are now increasingly being used by employers to monitor staff in Britain.

Employers use tools such as calculators and clocks that come with built-in cameras and listening device, to keep a track of their employees.

Now, even the regular PC mouse is no longer innocent. A variant, spy mouse, that looks the same as the normal mouse, comes with a listening device and a SIM card embedded in it. A phone call is used to activate the device, which then captures sounds and conversations within a 10-metre radius. (more) (many spy mice)

SpyCam Story #656 - This Week in SpyCam News

SpyCam stories have become commonplace and the techniques used, repetitive. While I will continue to keep lose track of the subject for statistical purposes, I won't bore you with the details. Only links to the stories will be supplied unless there is something useful to be learned.

SC - Teen in school Girl's Room with camera.

OR - Man in theater dressing room with camera.
IN - Former Notre Dame assistant registrar - video in bathrooms and dressing rooms.

WA - Missing Susan Powell's husband, and his father, video voyeurism.

SC - Two indictments in Myrtle Beach on voyeurism charges.

NJ - Rutgers spycam trial continues.

IN - Shoecam man sentensed to six months.

ID - Sister-in-law spycam'er appeals.

NC - Middle school teacher spycam'ing bathroom.

WA - High school teacher charged with voyeurism resigns.

ID - Man charged with video voyeurism; no details.

IN - High school custodian spycam's Boy's locker room.

FL - Man charged with through-the-bedroom-window video voyeurism.

UK - Camera in business washroom charged filed.

NY - Man spycam'ing in local tanning salon.

OH - Man videos woman in shower, three times.

IN - New trial date for swim coach accused of locker room filming.

FL - New video voyeur legislation making progress.

NM - Spycam in business bathroom; allegedly installed by owner.

Spy School - Monitor a Twitter Account Without Following It

Investigator's Tip: "Monitoring an opponent’s Twitter account is an important part of opposition research. If you would like to keep up with someone’s Tweets, but not actually publicly follow the author, try using Twitter to RSS. This service allows you to enter the name of a public Twitter account and create an RSS feed for popular RSS readers like Google Reader, Yahoo, Bloglines, and Newsgator." — Larry Zilliox, Investigative Research Specialists, LLC

Privacy Tip:  
Don't be a twit. Make your sweet tweets private.

Read up on how to protect your tweets here, 

and don't approve any "twitter to RSS" requests.

NSA-Level Cell Phone Security (No, you can't have one.)

The US National Security Agency has modified Google’s Android operating system to create smart phones that use powerful encryption to protect every call. The “Fishbowl” devices were announced today at the RSA security conference in San Francisco by Margaret Salter, the agency’s Technical Director, who said she hoped to encourage companies to adopt some of ideas used in the system.

Such was the interest in the NSA’s presentation that this reporter – and most others – weren't able to gain access to the room where the demo was held. Australian IT publication SC Magazine did, though, reporting that Salter said 100 Fishbowl phones are being used to test the new technology. The Fishbowl phones allow fully encrypted calls that can be used to discuss the most classified information. Commercially available phones would require NSA employees to “speak in code”, SC say.
 

The NSA has made rough specifications of the system available online. They show that Fishbowl phones make calls using a Skype-style VOIP app that routes connections through NSA servers. (more)

Just in time to celebrate "International Speak Like A Spy Day"

THE DICTIONARY OF ESPIONAGE: SPYSPEAK INTO ENGLISH

We use words to tell each other what we mean. Words illuminate reality. But sometimes, and it seems increasingly so in these troubled times, words can be used to conceal truth.

This is why “The Dictionary of Espionage” is so timely and will appeal to the average citizen who is made vaguely uneasy when he is told that his government is engaged in “surgical strikes” against our enemies, which on occasion, unfortunately, result in “collateral damage” - that is, the U.S. government set out to kill someone but ended up killing someone else.

In this accessibly written book, Washington author Joseph C. Goulden illuminates and defines much of the standard jargon of the intelligence community with refreshing asides about many of spying’s urban legends - many of which may or may not be true. 

Informed by remarkable access to the intelligence community, the book, first issued in 1986, has been significantly updated and contains a foreword by Peter Earnest, the founding executive director of the International Spy Museum in Washington and a former CIA operations officer. (more)

Smartphone Spyware Reaches the Drive-By Infection Stage

(summary) A team of researchers infected a Google Android smartphone, live, in front of a packed audience of computer security buffs to prove how mobile malware is now on the cusp of the big time... "drive-by" attack...the attack did not require a phone be jailbroken and would work on any of the devices using Webkit*...such an attack would be possible on the iPhone because of the root access obtained via the browser vulnerability...the point we are making: drive-by attacks will hit the phone just like the PCs. 

The technique: The attack followed several steps: the first was a text message delivered to the smartphone appearing to come from the mobile carrier requesting a system update via a link. Once clicked, the drive-by link delivered the first part of the malware to the phone to elevate access (root) privilege, then cause it to crash. It then automatically rebooted, executing the second part of the malware and hijacking the phone's communications. (more)

* Webkit - "Webkit is a tool used by Apple, Google and RIM to render HTML websites in Safari, Chrome and Android, and the latest versions of the BlackBerry."

Now that you know how this works, I'm sure you won't click on any text links unless you are 100% certain are safe. ~Kevin

Young Lawyers Win Suit Against Secret Wiretapping Powers

Georgia’s Constitutional Court has decided that parliament did not have the right to give prosecutors powers to conduct secret wiretappings.

Tamar Khidasheli and Georgian Young Lawyers Association filed a lawsuit at the Constitutional Court regarding the law of Georgia on Operational Investigative Activities, which gave the police extended powers during investigation. (more)

Colombia-Gate Continues

Colombia - Bernardo Moreno, former President Alvaro Uribe's then-chief of staff ordered the illegal wiretapping of judges, senators, and journalists, the former intelligence chief of Colombia's now-defunct intelligence agency DAS told the court Wednesday.

Former DAS executive Fernando Tabares reiterated the accusations in the trial against Mario Arangunen, the former director of Colombia's financial intelligence agency UIAF who is on trial for his alleged involvement in the wiretap scandal. (more)

Fernando Tabares news archive / Wiretap scandal news archive

Judge Declares Illinois Eavesdropping Law Unconstitutional

IL - A Cook County Judge declared the state’s eavesdropping law unconstitutional Friday.

Judge Stanley J. Sacks read his ruling in the case of Christopher Drew, a Chicago artist who was charged with felony eavesdropping after he recorded his Dec. 2, 2009, arrest on State Street by Chicago Police.

“The Illinois Eavesdropping Statute potentially punishes as a felony a wide array of wholly innocent conduct,” he read. “A parent making an audio recording of their child’s soccer game, but in doing so happens to record nearby conversations, would be in violation of the Eavesdropping Statute.” (more)

$140 Million Surveillance Balloon Popped

After spending more than $140 million, the Air Force is poised to pull the plug on its ambitious project to send a king-sized, all-seeing spy blimp to Afghanistan. Which is a bit of a strange move: Not only is the scheduled first flight of the 370-foot-long “Blue Devil Block 2” airship less than six weeks away...

Not long ago, Blue Devil and its kind were being pushed as the future of aerial surveillance. Instead of a drone’s single sensor, Blue Devil would employ an array of cameras and eavesdropping gear to keep tabs on entire villages for days at a time. And with so much space aboard the airship, racks and racks of processors could process the data generated by those sensors in the sky, easing the burden on intelligence analysts currently overloaded by drones’ video feeds. Now, that lighter-than-air future could be in jeopardy, thanks to a series of schedule delays, technical complications and, above all, inflated costs. (more)

New Delhi Gummy Bugs

India - BJP on Friday dubbed the reports of alleged bugging of Defence Minister AK Antony's office as a "serious" matter which should be thoroughly probed and wondered what the reasons were for spying on the cabinet minister.

"The Defence Minister who is responsible for defending our borders, his own office borders are not secure. The reports of the bugging of his office is a matter of serious concern," BJP spokesperson Prakash Javadekar said.

The BJP pointed out that this is not the first case of bugging of the office of a Cabinet minister as there were earlier reports that Finance Minister Pranab Mukherjee's office was also bugged.

"Then, it was maintained that chewing gums were stuck at 12 places in the Finance Minister's office. We hope this time too, the same excuse is not made. This matter cannot be taken lightly and the truth should be told to the country," Javadekar said. (more) 

Sing along...

Menwith Hill Eavesdropping Base Undergoes Massive Expansion

UK - America's largest eavesdropping centre in Britain, Menwith Hill in North Yorkshire, is being expanded in a multimillion-pound programme as it becomes increasingly vital to US intelligence and military operations, according to a study of the controversial base released on Thursday. 

The base, which plays a key role in the global network of the National Security Agency (NSA), GCHQ's American partner, now includes 33 radomes – commonly called "golf balls" after the white sheeting protecting the satellite receiving and transmission stations – and is undergoing a big construction programme.

The study describes the programme, called Project Phoenix, as "one of the largest and most sophisticated high technology programmes carried out anywhere in the UK over the last 10 years". Work on it has been reserved for US-based arms corporations including Lockheed Martin and Northrop Grumman, and their personnel with high-level security clearance, it notes. (more)

"Houston, we have a problem."

The "algorithms used to command and control the International Space Station" were lost when an unencrypted NASA laptop computer was stolen in March 2011. 

That tidbit came in testimony Wednesday delivered by NASA Inspector General Paul K. Martin as he reported on the space agency's IT security track record. The loss of the ISS command code was symbolic of one glaring deficiency: a lack of data encryption on mobile devices. (more)

IKEA Spy Inquiry

A French union on Thursday lodged a formal legal complaint against Swedish furniture giant IKEA accusing it of illegally spying on staff and customers, legal sources said. (more)

In the latest twist in a damaging ‘spying’ scandal, Swedish furniture giant IKEA was on Thursday accused of “harassing” its employees after media reports emerged Wednesday that the company had illegally obtained police files on French workers, clients and union leaders.
The latest allegations centre on a former employee who told Europe 1 radio that she had been asked to profile her colleagues and to keep the information on a USB key and to avoid leaving it on company computers “for security reasons”. (more)

Privacy Check: Google's Privacy Policy Changes on March 1

via pcworld.com...

If you use Gmail, Google Docs, or any other popular G-service, you’re about to surrender a lot more personal information to the Googleplex...unless you take these steps to prevent it. 
1. Check the Dashboard
Your first destination is Google Dashboard. It provides an overview of the information Google has stored on your account across many of its most popular services. To get started, go to google.com/dashboard and log in with your Google account (typically an email address). There, you can see much of the data that Google has on you--from your Google+ account to your Gmail account.

Take a few minutes to click through the various services and to review the information Google is storing. Then clear out any data you no longer want associated with your account.

2. Clear Your Google Web History

3. Tweak Your Ads Preferences

4. Liberate Your Data
If you want to remove some (but not all) of your personal data from multiple Google services, head over to Google Takeout, which lets you download a copy of your data from Google Buzz, Circles, Docs, Picasa Web Albums, Gmail contacts, and other tools and services. Get started by logging in to the Google Takeout page.

5. The Nuclear Option: Delete Your Google Account
(more)

Security Chief Sentenced in Explosion Probe

WV - A federal judge sentenced a former Massey Energy Co. security chief to three years in prison for obstructing a criminal probe into the 2010 explosion that killed 29 miners in the worst U.S. coal-mining disaster in four decades.

A jury in October convicted Hughie Elbert Stover of lying to federal investigators about a company policy of providing advance notice of federal inspections and of obstructing a federal criminal investigation into the blast by ordering the destruction of more than 50,000 documents. Mr. Stover, 60 year old, was the top security official at Massey's Upper Big Branch mine in Montcoal, W.Va., at the time of the explosion. (more)

FutureWatch - Light Field Cameras

The first consumer light field camera has just been released. You'll never take another out-of-focus picture again.

"The very first light fields were captured at Stanford University over 15 years ago. The most advanced light field research required a roomful of cameras tethered to a supercomputer. Today, Lytro completes the job of taking light fields out of the research lab and making them available for everyone, in the form of the world’s first Lytro Light Field Camera" 

FutureWatch: Imagine this technology incorporated into CCTV surveillance cameras. No more waiting for the lens to focus. No more out of focus license plates, no more windy day auto-focus cognitive dissonance, no more fuzzy pictures of perps. Instant point, shoot and gottcha pix.

Click to enlarge.

Special Agent T-Shirt Contest #3

Contest Closed - We have a winner.

Who is this famous wiretapper? (Enter here.)
(Hint: the answer can be found at spybusters.com)

Click to enlarge.

The prize - our Limited Edition Special Agent Black T-Shirt. (Size: X-Large)


Answer: Gerard "Cheesebox" Callahan

("How limited," I hear you say.)  

Well, there are only three in the whole world! (one medium, one large, one x-large) And, they will be awarded in that order. So if you're a big Special Agent, this is YOUR contest.

We designed this custom t-shirt ourselves! It's easy, go to ooShirts.com. They have a DIY on-line design lab! All types of t's, all colors, all prices. These are the Champion brand with the logo on the left sleeve.

Shady Rat - Cell Phone Malware

A former McAfee researcher has used a previously unknown hole in smartphone browsers to plant China-based malware that can record calls, pinpoint locations and access user texts and emails. 

Just as U.S. companies are coming to grips with threats to their computer networks emanating from cyber spies based in China, a noted expert is highlighting what he says is an even more pernicious vulnerability in smartphones.

Dmitri Alperovitch, the formerMcAfee Inc. cyber security researcher best known for identifying a widespread China-based cyber espionage operation dubbed Shady Rat, has used a previously unknown hole in smartphone browsers to plant China-based malware that can commandeer the device, record its calls, pinpoint its location and access user texts and emails. He conducted the experiment on a phone running Google Inc.'s Android operating system, although he says Apple Inc.'s iPhones are equally vulnerable. (more)

Parasites are Not Supposed to Kill Their Hosts

Canada - An electronic stealth operation allegedly based in China hacks into Nortel Networks Inc., Canada's high-flying telecom superstar, loots its secrets for a decade and, says one cyber-security expert, contributes to the company's fatal implosion. 

Queen's University professor David Skillicorn points out that after the hackers penetrated Nortel around 2000, they began stealing technical papers, research and development reports, and strategic business plans.

After that, Nortel couldn't compete for contracts "because the hackers had their technical knowledge, their financials, their bids, before they submitted them," Skillicorn told Postmedia News. "How can you compete in an environment like that? These hackers weren't into Nortel just out of curiosity. They were using the stuff they got."

A Wall Street Journal report quotes Brian Shields, a 19-year Nortel veteran who led the internal investigation into the hacking. Shields apparently found spy software so deeply embedded in company computers that it took years to realize the size and pervasiveness of the problem. (more)

Political Pots Calling Kettle Black?

via China Daily...

The United States Federal Bureau of Investigation is advertising for automated computer softwares (sic) that will monitor people's posts on social networking sites, including Facebook and Twitter.

The FBI's Strategic Information and Operations Center (SOIC) posted a tender for a "Social Media Application" on FedBizOpps.gov web on January 19.

The advertisement says the application will collect "open source" information and should be capable of sniffing through online media sites like news and social networking sites for keywords to help improve its real-time intelligence when it comes to current and emerging security threats.

Sources said some US government institutions have already used similar software to collect "open source" information, a practice that have been kept out of the knowledge of the public.

It is believed to be the first time the US government has admitted it will apply advanced technologies to monitor the public media. (more)

FutureWatch: Looking forward to an article about how this compares to their surveillance initiatives.

Android Toilet Paper - Five Apps for Wiping Data from Your Androids

If your phone gets lost or stolen — or if you decide to return or recycle it — you need to wipe it clean of your private data.

1: Built-in Android reset - This built-in functionality is the easiest to use. Go to the restore from the Settings menu and reset.

If you lost your phone, or need some extra features, have one of these on board.
2: Mobile Security
3: Autowipe
4: Android Lost
5: Lookout Security & Antivirus
(more)

Smartphone Apps Your Personal Information

Every time you use your smartphone app your personal information – emails, phone numbers and even photos – is sent off to dozens of Internet companies all over the world. And you are the one who is allowing them access.

­Most users are aware that Internet companies like to collect information on their clients so that they can target their adverts better. But the sheer extent of their spying is shocking. And it’s all buried in the small print of the license agreement few bother to read. Often the information collected has nothing to do with function of the application. (more)

News of the World phone hacking scandal could deepen and spread to the U.S.

The phone hacking scandal could deepen and spread to the U.S. after claims the private detective who hacked phones for the News of the World had American telephone numbers in his notes.

Glenn Mulcaire, who was jailed in 2007 for illegally accessing mobile-phone messages, had the numbers of singer Charlotte Church’s Los Angeles agent and New York publicist among thousands of pages of notes seized by Scotland Yard detectives, it has been claimed.

Miss Church, 26, whose personal phones and those of her parents were hacked by Mulcaire for at least four years, settled a lawsuit against News International on February 23.

News International, which closed the News of the World in July in an attempt to contain public anger, still faces possible claims by more than 800 'likely' victims identified by police as they sift through 11,000 pages of Mulcaire’s notes. (more)

CONTEST ALERT - Wednesday Noon (EST) - Last Special Agent Shirt

The famous Security Scrapbook contest back! 

Next Wednesday (noon EST) we will post a spy question. The first correct answer received wins! 

Click to enlarge.

We post this alert to give everyone an equal chance, as readers of the e-mail version receive these posts the following next day.

The prize - our Limited Edition Special Agent Black T-Shirt. 

("How limited," I hear you say.)  

Well, there are only three in the whole world! (one medium, one large, one x-large) And, they will be awarded in that order. So if you're a big Special Agent this is YOUR contest.

Did you know you could design custom t-shirts yourself? It's easy. I made these myself at ooShirts.com. They have a DIY on-line design lab! All types of t's, all colors, all prices. These are the Champion brand with the logo on the left sleeve.

ooShirts also provides design help, if needed. They suggested I use brighter colors to have the logo stand out better. They were 100% correct, but I went with muted gray and red for a subtle look (Special Agents don't have to shout it.) The shirt shows the colors correctly. The enlargement is brightened to show the fine detail of the printing, just look at the dots! This was a test run for us. We're thrilled.

SpyCam Story #655 - This Week in SpyCam News

NY - Corning police have made an arrest in connection with an alleged case of voyeurism at a Market Street tanning salon. Jesse R. Cady, 23, of Creek Side Drive, Cameron, is accused of secretly video-taping a woman while she was tanning at Beach House Tanning. (more)

UK - A Carlisle man has been accused of fitting secret cameras in bathrooms to spy on women and young girls. Mark Klein, 45, of Charles Street, appeared before the city’s magistrates’ court where he was charged with voyeurism and two counts of engaging in sexual activity with a 15-year-old girl. (more)

KY - A bizarre and disturbing incident is playing out in Kentucky, where a star basketball player has been charged in connection with a video of a nude minor in his school's locker room and sharing the video to a host of other teenagers... 18-year-old Henderson County (Ky.) High senior basketball player Gavont Baker has been charged with video voyeurism and unlawful transaction with a minor in connection with a video of a nude teenager which was filmed in the Henderson locker room. (more)

GA - The voyeurism case involving the former deputy registrar of the Marietta office of the Bureau of Motor Vehicles is nearing a conclusion, with a plea agreement possible this week... The case began when the BMV office, located in the Frontier Shopping Center, was closed Sept. 23 by the Ohio State Highway Patrol after someone reported the discovery of a hidden camera in a bathroom at the office. (more)

NY - Tracy Gurnett, a Recreation Department staffer who has already sued the Town of Wheatfield once, has filed another notice of claim accusing town officials of spying on her by installing a video camera in her office. Supervisor Robert B. Cliffe and Town Attorney Robert O’Toole said this week that the surveillance camera was installed for security reasons and followed other cameras previously set up at other Recreation Department locations. Political sources told The Buffalo News that the camera was installed in the wake of suspicion that Gurnett was using the town photocopier in her office to run off copies of election fliers last fall for her live-in boyfriend, former Supervisor Timothy E. Demler (more)

NJ - Opening statements Friday in the trial of a former Rutgers student accused of using a webcam to spy on his roommate making out with another man focused on whether the defendant was malicious or just an 18-year-old boy acting his age. (more)

FL - Before Steinberg was investigated for cyberstalking, he voted against it. Rep. Richard Steinberg, a Miami Beach Democrat accused of cyberstalking a married Miami female prosecutor, has voted for several laws that crack down on stalking-–one as recently as this week. (such as) 2012 -- HB 215 – Video Voyeurism – (Vote: 1/25/2012, Judiciary Committee): The bill increases the penalties associated with video voyeurism offenses. The penalty for a first-time violation of “video voyeurism,” “video voyeurism dissemination,” or “commercial video voyeurism dissemination” is increased from a 1st degree misdemeanor to a 3rd degree felony. The penalty for a second or subsequent violation is increased from a 3rd degree felony to a 2nd degree felony. (more)

Spyware Is Everywhere

You are being watched. What you consider private moments may be anything but. Whether it’s a family fight, tiff with your spouse, plan for a new business, pile of cash swiped behind your business partner’s back, or a kickback you have asked of a supplier, you are being watched...

Spyware is everywhere. Ask the experts. Almost every space can be bugged, and sting operations are easier than ever to carry out. Thanks to the Chinese genius for making vast volumes of low-cost gadgetry, spyware has become cheap, convenient and mean. It’s a great leveler of sorts: everyone can snoop on everyone else...

The bad news is that the corporate sector is the most eager user of spyware. It also has the money to use the most sophisticated devices available. ...

...there are 1,200 known ordinary telephone surveillance devices imported over the last couple of years by individuals, companies, private detective agencies and some State-owned firms... (more)