Saturday, July 28, 2012

SpyCam Story #662 - This Week In SpyCam News

SpyCam stories have become commonplace and the techniques used, repetitive. We continue to keep lose track of the subject for statistical purposes, but won't bore you with too many details. Links supplied.

General
NY - Apple store spycam'er gets exposure. Life 'intimates' art. 
OH - Mr. Nicely indited on video voyeurism charges. No relation to Mr. Rogers.


Hotels

Showers & Changing Rooms
AR - Old Navy changing room spycam'er nailed at Starbucks. Police checking phone.

Bathrooms
WA - Fish hatchery manager/bathroom spycam'er sentenced. Employees smelled something...

The Tanning Guys...

Off their meds...

"Trusted Agents"

Upskirters



Oh, did I mention our voyeurism detection services are being requested more and more often? 

Due diligence makes sense to businesses like: hotels, gyms, swimming pools, country clubs, educational institutions, clothing retailers, and all businesses offering private areas to their employees and guests.

Security Directors: FREE Security White Paper - "Surreptitious Workplace Recording ...and what you can do about it."   

We can not guarantee you will never be on the wrong end of a voyeurism law suit. However, we are sure our services will pay for themselves many times over when damages are assessed. These days, if you're in business, you must proactively protect your employees and the visiting public's privacy. ~Kevin

Outdated Law Clouds Wi-Fi Eavesdropping Privacy Rights

If you don’t protect your Wi-Fi connection with a password, does that mean it’s legal to tap your Internet and monitor what you’re doing?

The key part of the federal anti-wiretap law was written in the 1980s, long before anyone contemplated using Wi-Fi networks, so the answer isn’t clear. In fact, legal experts say, it’s possible that how well you’re protected by the law would depend on what channel your Wi-Fi router is set to. (more) (spybusters link)

Apps: Know Your Rights & Protect Your Rights

Reporters Committee FirstAid app
The Reporters Committee FirstAid app was designed to help journalists who need quick answers to legal issues that arise while covering the news. It is meant as a quick solution during an urgent situation, such as when a judge or other official is keeping you from a hearing or a meeting, or a police officer is threatening you with arrest.

FirstAid also provides quick access to their hotline for any media law issues, either by phone or email. 

Click to enlarge.
The Reporters Committee and this app are available for journalists of all varieties, whether you work for a national news organization or a neighborhood news blog. They never charge for our assistance. (more)


Android app allows citizens to record and store video and audio of police encounters, includes guide to citizens’ rights  

Citizens can hold police accountable in the palms of their hands with “Police Tape,” a smartphone application from the ACLU of New Jersey that allows people to securely and discreetly record and store interactions with police, as well as provide legal information about citizens’ rights when interacting with the police.




The Android “Police Tape” app records video and audio discreetly, disappearing from the screen once the recording begins to prevent any attempt by police to squelch the recording. In addition to keeping a copy on the phone itself, the user can choose to send it to the ACLU-NJ for backup storage and analysis of possible civil liberties violations.

A version awaiting approval from Apple will be available later this summer in the App Store for iOs to audio record encounters with police. (more)

Friday, July 27, 2012

eBlaster Shatters Crystal - $20,000 Loss

The ex-wife of a wealthy businessman must pay him $20,000 for installing spyware on his computers and using it to illegally intercept his emails to try to gain an upper hand in their divorce settlement, a federal judge in Tennessee ruled.

U.S. Magistrate Judge William Carter ordered Crystal Goan to pay ex-husband James Roy Klumb $20,000 for violating federal and state wiretap laws when she used Spectorsoft's eBlaster spyware to intercept Klumb's email. (more)

Thursday, July 26, 2012

Happy Birthday CIA

On July 26, 1947, President Truman signed the National Security Act, creating the Department of Defense, the National Security Council, the Central Intelligence Agency and the Joint Chiefs of Staff. (more)

$50 Hacking Device Opens Millions of Hotel Room Locks

If you're staying at hotel, it might be a good idea to check the manufacturer of your door lock. A black hat hacker has unveiled a method that allows a fairly simple hardware gadget to unlock door locks manufactured by Onity.

Mozilla software developer Cody Brocious recently discovered two vulnerabilities within Onity's locks. Brocious was able to exploit said vulnerabilities with a device that cost him $50 to build. The schematics for the device are open source and available on the Web. Brocious will present his findings at the Black Hat Security Conference in Las Vegas on Tuesday night.

Onity tells PCWorld that it is aware of Brocious' work, but has declined to comment until it reviews additional information on the hack itself. (more)
 
Chilling thought...

Framing hotel staff for murder
"Given the ability to read the complete memory of the lock, it is possible to gain access to the master key card codes. With these -- in combination with the sitecode for encryption -- it is possible to create master cards which will gain access to locks at the property.

Let's look at a hypothetical situation:
• An attacker uses the before-mentioned vulnerabilities to read the memory of the lock
• Attacker uses the site-code and master key card codes to generate one or more master cards
• Attacker uses a master card to enter a room
• Attacker murders the victim in the room
• Attacker escapes

During the course of investigation, it's quite possible that the criminal investigators may look at the audit report for the lock, to see who entered the door at what time. Upon doing so, they will see a specific member of the staff (as the key cards are uniquely identified in the ident field) using a master key card to gain access to the room near the time of death.

Such circumstantial evidence, placing a staff member in the room at the time of death, could be damning in a murder trial, and at least would make that staff member a prime suspect. While other factors (e.g. closed circuit cameras, eyewitnesses, etc) could be used to support the staff member's case, there's no way we can know whether or not the audit report is false."
On the other hand... Brocious's work has just given hotel workers a "Get out of jail" card.

Info-leaks Topple CEO

The chief executive and chief operating officer of Nomura Holdings are stepping down to take responsibility for their company’s involvement in a series of leaks of inside information. 

Chief Executive Kenichi Watanabe
Chief Executive Kenichi Watanabe and Chief Operating Officer Takumi Shibata are planning to resign following admissions that Nomura salespeople allegedly gave information on share offerings to customers before it was public, a person familiar with their thinking said. (more)

FutureWatch - The End of Privacy, Contraband & Cancer?!?!

via gizmodo.com...
Hidden Government Scanners Will Instantly Know Everything About You From 164 Feet Away

Within the next year or two, the U.S. Department of Homeland Security will instantly know everything about your body, clothes, and luggage with a new laser-based molecular scanner fired from 164 feet (50 meters) away. From traces of drugs or gun powder on your clothes to what you had for breakfast to the adrenaline level in your body—agents will be able to get any information they want without even touching you.

And without you knowing it. The technology is so incredibly effective that...

...But the machine can sniff out a lot more than just explosives, chemicals and bioweapons. The company that invented it, Genia Photonics, says that its laser scanner technology is able to "penetrate clothing and many other organic materials and offers spectroscopic information, especially for materials that impact safety such as explosives and pharmacological substances."

...Genia Photonics has 30 patents on this technology, claiming incredible biomedical and industrial applications—from identifying individual cancer cells in a real-time scan of a patient, to detecting trace amounts of harmful chemicals in sensitive manufacturing processes. (more)

See What 6 Months of Your Phone Data Reveals

Green party politician Malte Spitz sued to have German telecoms giant Deutsche Telekom hand over six months of his phone data that he then made available to ZEIT ONLINE. We combined this geolocation data with information relating to his life as a politician, such as Twitter feeds, blog entries and websites, all of which is all freely available on the internet.

Click to enlarge.
By pushing the play button, you will set off on a trip through Malte Spitz's life. The speed controller allows you to adjust how fast you travel, the pause button will let you stop at interesting points. In addition, a calendar at the bottom shows when he was in a particular location and can be used to jump to a specific time period. Each column corresponds to one day. (more)

Wednesday, July 25, 2012

The Incredible Tale of the Spying Broken Heart Surgeon

A Connecticut heart surgeon has been ordered by a civil jury to pay $2 million to his ex-girlfriend after admitting to planting cameras in her home.

"And this year's award goes to..."
Dr. William V. Martinez, a divorced father of nine, admitted to planting surveillance cameras in the home of D'Anna Welsh, a physician's assistant at Hartford Hospital. He also said he planted a tracking device in her car.

The Hartford Courant reported Welsh and Martinez dated from sometime in 2001 to February 2007, when Martinez broke up with Welsh.

Later that year, a plumber discovered "suspicious" equipment embedded in a crawl space beneath the floor of Welsh's home. She first called the police. Then she called Martinez, who admitted to planting the equipment in her home.

"Martinez further admitted to [her] that he had been viewing video of her bedroom and that he had also been eavesdropping from his car via audio devices he installed in her home," says the civil complaint.

At the time Welsh did not press charges. However a year later, Martinez mentioned details of Welsh's life to her that he had no way of knowing about, leading her to believe he was still spying on her, the newspaper said.

Martinez was charged in criminal court with eavesdropping and voyeurism in 2008, and agreed to two years of accelerated rehabilitation.

Welsh, still uneasy, hired a security firm to sweep her home in January 2010, the newspaper said. She filed a civil suit against Martinez in July 2010 after the firm discovered a camera hidden inside her TV. (more)

New Mobile Malware Threat Revealed at Black Hat

Mobile malware is viewed as a growing threat, particularly on the Android platform. To protect Android users and prevent malicious applications from being uploaded to Google Play, Google created an automated malware scanning service called Bouncer.

At Black Hat, Nicholas Percoco and Sean Schulte, security researchers from Trustwave, will reveal a technique that allowed them to evade Bouncer's detection and keep a malicious app on Google Play for several weeks.

The initial app uploaded to Google Play was benign, but subsequent updates added malicious functionality to it, Percoco said. The end result was an app capable of stealing photos and contacts, forcing phones to visit Web sites and even launch denial-of-service attacks.

Percoco would not discuss the technique in detail ahead of the Black Hat presentation, but noted that it doesn't require any user interaction. The malicious app is no longer available for download on Google Play and no users were affected during the tests, Percoco said. (more) (more)

Hey kids, we bought and fixed Skype just for you!

Skype has denied reports that recent changes to its architecture would make calls and messages easier to monitor by law enforcement.

Skype, a worldwide Internet-based voice and video calling service Microsoft acquired last year for $8.5 billion, said Tuesday the changes to its peer-to-peer infrastructure were done to improve the quality of service.

What it did was move "supernodes" into datacenters, Skype said. Supernodes act as directories that find the right recipient for calls. In the past, a user's computer that was capable of acting as a directory was upgraded from a node to a supernode. A node is the generic term for computers on a network. (more)

Attention Getting Security Awareness Information & Posters

Creative security awareness content is difficult to come by, but there is a ton of it at NoticeBored.

NoticeBored is a subscription service. Every month they supply a new module; a fresh batch of awareness materials for businesses staff, managers and IT professionals. Each module covers a different information security topic. 

TSCM inspections with their vulnerability assessments are a core element of the information security strategy, but employee education is equally important. 

Creating your own educational materials is a chore. Fortunately, there is no need to reinvent the wheel. (more)

Monday, July 23, 2012

Egypt Ex-Spy Chief Died of Rare Disease

Egypt's former intelligence chief Omar Suleiman died from a rare disease affecting the heart and kidneys, according to the U.S. clinic where he was undergoing medical tests at the time.

Suleiman, who died at age 76, was fallen Egyptian president Hosni Mubarak's last deputy and one of his most trusted advisers. He stepped briefly into the limelight when he was made vice president days before Mubarak was ousted in a popular uprising last year. 

"General Omar Suleiman ... passed away due to complications from amyloidosis, a disease that affects multiple organs including the heart and kidneys," the Cleveland Clinic said in a statement. (more)




Bugging History - May 13, 1966

Photo Tag: The extent of the business in snooping devices is indicated by the growth in contrivances to detect wiretaps and "bugs". Some merely warn the intended victim, while others jam or scramble the snooping. This telephone de-bugging meter discovers any transmitter (bug) in the phone or in the lines leading to it. De-bugging devices are bought mostly by business executives who suspect espionage by competitors. (AP Photo/Robert Kradin) (more)

It was never unusual for news reporters to get the facts wrong when reporting on business espionage, bugging or general electronic snooping. It still isn't unusual. The photo actually shows how a carbon microphone from the common phone of the day could easily be replaced by one which also transmitted the voice via radio. 

Due to the simple installation, it was generally referred to as a "drop-in bug". To the untrained eye, both looked legitimate, but your ear could tell! The internal carbon granules inside the microphone sounded like sand when shaken. In order to build the bug inside the housing, the carbon had to be emptied out to allow space for the electronics and micro-mic. Those bugged mics were silent when shaken.

Another photo from the same era, shows two ways to tap a phone: the drop-in bug, and the big suction cup induction coil near the earpiece. Both seem crude by today's standards.

Most modern handsets are sealed units. Dropping anything in them is problematic. There are still a few, however, that are screwed together. 

Here are two examples of what you shouldn't see if you open one of these...

Inspecting today's telephones require more than a trained eye, because there may not be anything to see. 

Conversations from VoIP phones travel as computer bits which may be collected far from the phone instrument. In fact, some VoIP phones transmit room audio even when they are supposedly hung up.

Other business telephone systems have many eavesdropper-friendly features built right into them, no extra hardware needed. Just program the features correctly and listen-in.

Think your phone system is bugged or tapped? Give me a call. ~Kevin

Sunday, July 22, 2012

Thursday, July 19, 2012

Smartphone Spying on the Rise

...how you would you feel if you found out that the smartphone in the palm of your hand was spying on you?

View more videos at: http://nbcconnecticut.com.

"Violated. Violated, very violated," said Andres Torres of East Hartford. "I'd be pretty creeped out, actually," Maddie Weed of Tolland told NBC Connecticut. "That's not cool." "I'm scared now! They could be looking at us," said Magdelena Santiagon of Hartford.

According to Kessler International, cases of malicious smartphone apps posing on markets as free or low-cost applications are on the rise. (more)

Was Skype reworked by Microsoft to make it easier to wiretap?

Skype supernodes are being centralized by Microsoft, but they deny wiretapping. But there's this patent they have to intercept VoIP phone calls...
 
Back in May, skype-open-source reported Skype, owned by Microsoft, had replaced user-hosted P2P supernodes with Linux grsec systems hosted by Microsoft. The shock wasn't that Microsoft is hosing Skype on Linux servers, but that centralization makes it possible to wiretap Skype communications. One big advantage of Skype has always been the decentralized and encrypted service was secure from eavesdropping.

Microsoft denies this, but the company applied for a patent on a technology called Legal Intercept to monitor and record Skype calls. Applied for before they purchased Skype, Microsoft specifically mentions intercepting calls on that service in the patent application. Conspiracy theorists now say they understand why Microsoft paid what seemed to be an unusually high price for Skype. (more)

Monkey Discovers Game Reserve’s ‘Hidden’ Spy Cam, Takes Smug Self-Shot

According to the Houston Zoo, this seemingly self-satisfied monkey has a good reason to "smile": He's uncovered the camera set up by a Borneo-based game reserve to spy on him.

"Looks like someone knew about the 'hidden' cameras," tweeted the zoo. Naturally, monkeys don't bare teeth to express joy or amusement, they do so to communicate anger.

Given that he's being spied on by a game reserve, I'd say he's earned the right to be pissed. (more)

The Other ASIS

Interesting video about a spy agency we don't usually hear about.

William "Bill" Bennett - Friend & Respected Colleague - RIP


The following was composed by a close friend of Bill's and expresses the feelings of many...

With a heavy heart I write this note about the passing of a good friend and a great man William “Bill” Bennett.
  He passed away July 14, 2012 at home after a stint in the hospital. He was 85 years old.

Bill was a former senior Special Agent with the California Department of Justice whose career spanned more than thirty years.  He investigated many of the major crimes that occurred during his tenure including the Charles Manson case and the Sonny Barger – Hell’s Angels investigations.

He retired in 1985 and partnered with John P. Reisinger in Walsingham Associates to perform TSCM services (bug sweeps) and investigations.  Bill was a licensed private investigator.

Upon John’s passing in 2000 Bill kept the firm going.

Bill’s believed in Glenn Whidden’s philosophy of the two day sweep, recording the RF spectrum the day before the sweep and checking it again the day of the sweep.

Bill’s personal TSCM philosophy, which stemmed from his extensive experience in the use of electronic surveillance in his government service, was that searching for bugs was heavy emphasis on the physical search.  He felt that searching for electronic surveillance devices was like searching for narcotics or contraband.

He had a son Patrick who was active in the TSCM business who passed from an accidental drowning in 2009.  He was married to Patricia for 33 years who passed in 2010.

He was a member of the following organizations:

Association of Former Intelligence Officers (AFIO)
American Society for Industrial Security (ASIS)
Business Espionage Control & Countermeasures Association (BECCA)
California Peace Officer Association (CPOA)
California Department of Justice (DOJ, Ret.)
Chief Special Agents Association (CSAA)
California Association of Licensed Investigators (CALI)
Espionage Research Institute (ERI)
High Technology Crime Investigation Association (HTCIA)

He was a true gentleman and a man of integrity whose presence as a friend and in the industry will be missed.

Tuesday, July 17, 2012

Death of an Icon - The Master Padlock

Just to look at it brings back the smell of your high school locker room, but like your old U.S. Keds, it is not the new kid Keds of today. Both have morphed into the 21st Century, new and improved.

Master Padlock no more, they call it 1500eDBX, but you "person of the future" may call it dialSpeed!

Product Features:
• Electronic directional interface offers speed, ease of use, & multiple personalized codes
Organize and protect personal and valuable information with secure, convenient, digital storage at the Master Lock Vault
Vault enabled - permanent Backup Master Code at masterlockvault.com. Never Forget Your Combination Again!
Comes with resettable Primary Code & option for 3 additional Guest Codes
Ready to use – includes installed, replaceable CR2032 battery for 5 years of life
2-1/16" (51mm) wide metal body can be opened one-handed without looking
Maximum security with anti-shim technology
Boron carbide shackle for increased cut resistance
For INDOOR USE only. Do not allow lock to get wet

Best Used For:
School, Employee, & Athletic Lockers
Cabinets
Indoor Storage Lockers
 (more) (sing-a-long)

How Cabbies Cheat the Fare Dispatch System

Australia - A Melbourne taxi driver has exposed a sophisticated scam that some operators are using to override taxi meters and stay at the top of the fare dispatch system. 

The Silver Top driver has told the ABC that some drivers are using remote electronic devices and radio frequency jammers to trick the cab companies into giving them work when they are not in the area.

The equipment is easily purchased at online sites like eBay.

Neil Sach from the Victorian Taxi Association fears hundreds of drivers could be in on the scam. (more with video)


The scam is likely being used by cabbies, truckers, police and others worldwide; wherever GPS tracking is being used. 

Note: eBay has recently policed the sale of these devices on their site, however, they remain available on other sites

Or, DIY...
Click to enlarge.
 

Increasing Government Surveillance Powers Meets Backlash

Australia - Any proposal by the government to increase its own power should be treated with scepticism.

Double that scepticism when the government is vague about why it needs that extra power. Double again when those powers are in the area of law and order. And double again every time the words "national security" are used.

So scepticism - aggressive, hostile scepticism, bordering on kneejerk reaction - should be our default position when evaluating the long list of new security powers the Federal Government would like to deal with "emerging and evolving threats".

The Attorney-General's Department released a discussion paper last week detailing security reform it wants Parliament to consider. (more)

Saturday, July 14, 2012

Another SpyCam'er Shoots Himself - Darwin Award

The Wallingford Police Department released a photograph of the person who they said they would like to speak with after a camera was discovered inside a Walmart dressing room in early June. 

Click to enlarge.
Police said the camera was set up inside the dressing room and was only recording for a short period of time before it was discovered by an employee.

Police said there was no indication that anyone was actually filmed while undressing.

He is described as a man in his early 20s and was wearing a light green-striped shirt and a Hartford Whalers tan colored hat.
 (more)

Own Your Own Spy Plane Drone - Costs Less Than an iPad

Remote control helicopters were a fad not too long ago, but who needs that when you can fly a remote control plane, which also acts as spy vehicle collecting video (and audio) as you fly. 

Red5 has just introduced its Spy Hawk plane, which comes with a 5 megapixel camera attached to the nose. The aircraft beams the video back to your 3.5-inch screen which is embedded in the controller. The plane can be controlled within a 600 feet radius and comes with 4GB of SD card storage.


The Spy Hawk also features a stabilization system which makes it much easier to fly as well as an autopilot switch which will keep the plane at the correct altitude. The aircraft can stay in the air for about 30 minutes thanks to its 7.4v lithium-ion polymer. (more)

14 incredibly creepy surveillance technologies that Big Brother will be using to spy on you

"14 incredibly creepy surveillance technologies that Big Brother will be using to spy on you"

Q. How could you pass up a headline like that?
A. You can't.
(more)

My favorite...
Hijacking Your Mind

The U.S. military literally wants to be able to hijack your mind. The theory is that this would enable U.S. forces to non-violently convince terrorists not to be terrorists anymore. But obviously the potential for abuse with this kind of technology is extraordinary. The following is from a recent article by Dick Pelletier…

The Pentagon's Defense Advanced Research Projects Agency (DARPA) wants to understand the science behind what makes people violent, and then find ways to hijack their minds by implanting false, but believable stories in their brains, with hopes of evoking peaceful thoughts: We're friends, not enemies. Critics say this raises ethical issues such as those addressed in the 1971 sci-fi movie, A Clockwork Orange, which attempted to change people's minds so that they didn't want to kill anymore. Advocates, however, believe that placing new plausible narratives directly into the minds of radicals, insurgents, and terrorists, could transform enemies into kinder, gentler citizens, craving friendship. Scientists have known for some time that narratives; an account of a sequence of events that are usually in chronological order; hold powerful sway over the human mind, shaping a person's notion of groups and identities; even inspiring them to commit violence.

Mobile Phones and Privacy

Mobile phones are a rich source of personal information about individuals. Both private and public sector actors seek to collect this information. 

Facebook, among other companies, recently ignited a controversy by collecting contact lists from users’ mobile phones via its mobile app. A recent Congressional investigation found that law enforcement agencies sought access to wireless phone records over one million times in 2011. As these developments receive greater attention in the media, a public policy debate has started concerning the collection and use of information by private and public actors.

To inform this debate and to better understand Americans’ attitudes towards privacy in data generated by or stored on mobile phones, we commissioned a nationwide, telephonic (both wireline and wireless) survey of 1,200 households focusing upon mobile privacy issues. (more) (download Mobile Phones and Privacy)

Friday, July 13, 2012

Silent Circle is Coming - Guess who won't be pleased.

Silent Phone, Silent Text, Silent Mail, and Silent Eyes - are all neck deep in final tweaks and we have to say, they are even better than we expected! We plan to go live September 17, 2012. 

Click to enlarge.
Each Silent Circle subscriber will receive a personal phone number and of course all calls within the Circle are 100% free worldwide. 

We've even added on a Secure Calling Plan option to allow Silent Circle subscribers to communicate with people outside the Circle. Get them in the Circle and you'll be secure end to end. (more)

Who is the mastermind behind this audacious foray into total privacy? Who is the stick-in-the-eye of eavesdropping and wiretapping? 
Click to enlarge.

None other than our hero... Phil Zimmerman!
 
"Phil is the creator of PGP, the most widely used email encryption software in the world, and the Zfone/ZRTP secure VoIP standard. PC World named him one of the Top 50 Tech Visionaries of the last 50 years. He has received Privacy International's Louis Brandeis Award, CPSR's Norbert Weiner Award, the EFF Pioneer Award, the Chrysler Award for Innovation in Design, and inducted into the Internet Hall of Fame."

This will be big. ~Kevin


Australia - Spies Seek More Data

Australia's intelligence community is proposing the biggest shake-up in more than a decade. 

On the wish list is a plan to force telecommunications providers operating in Australia to retain users' phone and internet data for up to two years.

Other plans include allowing security agencies to get more access to social media sites like Facebook, and expanding powers for ASIO agents.

The ideas are in a discussion paper written by the Attorney-General's Department for a parliamentary joint committee looking at reforms to national security legislation. (more) (discussion paper)

Security Alert for Yahoo Voice users.

Hackers posted what appear to be login credentials for more than 453,000 user accounts that they said they retrieved in plaintext from an unidentified service on Yahoo. 

To support their claim, the hackers posted what they said were the plaintext credentials for 453,492 Yahoo accounts, more than 2,700 database table or column names, and 298 MySQL variables, all of which they claim to have obtained in the exploit. "We hope that the parties responsible for managing the security of this subdomain will take this as a wake-up call, and not as a threat," a brief note at the end of the dump stated. (more)

Check here to see if you are on the list. Use your browser's search tool. If so, it's time to change your password... at every place you use it. ~ Kevin

Security Alert for Cisco TelePresence users.

If you rely on Cisco TelePresence products for sensive business communications, you might want to stop what you are doing and pay attention to a new warning that hackers can exploit security flaws to execute arbitrary code, cause a denial-of-service condition, or inject malicious commands.

Cisco released four separate security advisories today to warn of the risks and urge TelePresence users to deploy patches, especially in sensitive business environments. (more)

Advisory 3
Advisory 4

Of course...
• Don't set up any teleconferencing system outside of your firewall.
• Don't turn the auto-answer feature on.
• Don't forget to set "mute mic" as a default.
In fact, just shut the whole thing off until you need it.