India - A sticky tape with a micro-insertion found beneath a table in the office of a top bureaucrat in the ministry has raised suspicion over snooping attempts to tap information on sensitive energy related matters, sources told HT.
“We cannot rule out any possibility... the matter has been brought to the notice of the investigative agencies, who will look into the matter,” a top petroleum ministry bureaucrat told HT requesting not to be identified...
A similar incident of a possible bugging of a government office was reported in June 2011 when suspicion surrounded the office of the then finance minister Pranab Mukherjee. The office of the home ministry and the Intelligence Bureau later confirmed that it was just a suspicion and no bugging took place in the office.
(more)
Monday, February 23, 2015
Indian Corporate Espionage Scandal Deepens
India - A corporate espionage scandal involving allegations of stolen documents
from India’s government deepened this weekend, following the arrests of
employees at conglomerates controlled by four of the country’s most
prominent tycoons, including billionaire brothers Mukesh and Anil
Ambani.
The arrests mark the first time since the election of Narendra Modi as prime minister last year that police have launched an investigation targeting such high-profile industrial businesses, and are set leave the companies and their wealthy owners facing a lengthy and potentially damaging legal investigations.
(more)
The arrests mark the first time since the election of Narendra Modi as prime minister last year that police have launched an investigation targeting such high-profile industrial businesses, and are set leave the companies and their wealthy owners facing a lengthy and potentially damaging legal investigations.
(more)
C.S.I. yi-yi - DNA Can Be Faked!
In a recent story in The New York Times, Andrew Pollack reports that "scientists in Israel have demonstrated that it is possible to fabricate DNA evidence, undermining the credibility of what has been considered the gold standard of proof in criminal cases.
"The scientists fabricated blood and saliva samples containing DNA from a person other than the donor of the blood and saliva. They also showed that if they had access to a DNA profile in a database, they could construct a sample of DNA to match that profile without obtaining any tissue from that person."
“You can just engineer a crime scene,” Dan Frumkin, lead author of the paper, which has been published online by the journal Forensic Science International: Genetics, told the Times. “Any biology undergraduate could perform this.”
(more)
"The scientists fabricated blood and saliva samples containing DNA from a person other than the donor of the blood and saliva. They also showed that if they had access to a DNA profile in a database, they could construct a sample of DNA to match that profile without obtaining any tissue from that person."
“You can just engineer a crime scene,” Dan Frumkin, lead author of the paper, which has been published online by the journal Forensic Science International: Genetics, told the Times. “Any biology undergraduate could perform this.”
(more)
Saturday, February 21, 2015
Smart TVs Are Not The Only Things Eavesdropping On You
When the story broke that certain Sansung television sets were eavesdropping on their owners -- a polite way of saying the sets were spying -- it raised some alarms and forced Samsung to rewrite its privacy policy. But if you think hi-tech TVs are the only things capable of gathering your private information and sharing it with others, think again:
Our smartphones and computers, of course, listen to us when we're making audio and video calls. But the microphones are always there, and there are ways a hacker, government, or clever company can turn those microphones on without our knowledge. Sometimes we turn them on ourselves. If we have an iPhone, the voice-processing system Siri listens to us, but only when we push the iPhone's button. Like Samsung, iPhones with the "Hey Siri" feature enabled listen all the time. So do Android devices with the "OK Google" feature enabled, and so does an Amazon voice-activated system called Echo. Facebook has the ability to turn your smartphone's microphone on when you're using the app.
(more)
This is something my clients don't have to worry about. I give them SpyWarn MicSpike™... free. ~Kevin
Our smartphones and computers, of course, listen to us when we're making audio and video calls. But the microphones are always there, and there are ways a hacker, government, or clever company can turn those microphones on without our knowledge. Sometimes we turn them on ourselves. If we have an iPhone, the voice-processing system Siri listens to us, but only when we push the iPhone's button. Like Samsung, iPhones with the "Hey Siri" feature enabled listen all the time. So do Android devices with the "OK Google" feature enabled, and so does an Amazon voice-activated system called Echo. Facebook has the ability to turn your smartphone's microphone on when you're using the app.
(more)
This is something my clients don't have to worry about. I give them SpyWarn MicSpike™... free. ~Kevin
Friday, February 20, 2015
Spyware Makes Android Phones Play Possum
A particularly devious new Android malware can make calls or take photos even if you shut the device down, according to security research firm AVG.
To achieve this, the malware hijacks the shutting down process — making it appear as though your Android device is shutting down. You see the animation, the screen goes black, but the phone is actually still on.
In this state, the malware can use the phone to send your messages to a third party, record a call or take a photo, essentially turning your phone into a device that spies on you.
AVG, which posted code excerpts showing some of the malware's functionality, names this threat Android/PowerOffHijack.A. According to the company, it infects devices running Android versions below 5.0 and requires root permissions in order to act.
The company spokesperson told us some 10,000 devices were infected so far, mostly in China where the malware was first introduced and offered through the local, official app stores.
(more)
Spywarn™ can detect this.
To achieve this, the malware hijacks the shutting down process — making it appear as though your Android device is shutting down. You see the animation, the screen goes black, but the phone is actually still on.
In this state, the malware can use the phone to send your messages to a third party, record a call or take a photo, essentially turning your phone into a device that spies on you.
AVG, which posted code excerpts showing some of the malware's functionality, names this threat Android/PowerOffHijack.A. According to the company, it infects devices running Android versions below 5.0 and requires root permissions in order to act.
The company spokesperson told us some 10,000 devices were infected so far, mostly in China where the malware was first introduced and offered through the local, official app stores.
(more)
Spywarn™ can detect this.
...and what do you do with electronics returning from International trips?
Officials at the departments of Justice and Homeland Security typically expect employees’ smartphones will be bugged when they travel overseas. So, they are experimenting with various ways to neutralize foreign spy gear.
For years, the FBI has warned government and corporate executives not to use hotel Wi-Fi connections, because of reports that foreign travelers were unknowingly downloading spyware.
When DHS personnel travel, “we understand you go there, you go to Ukraine, you come back, there's a good chance that the BlackBerry or any other device, Androids, iOS, whatever, is probably owned. We get that," said Vincent Sritapan, a cybersecurity division program manager at the DHS Science and Technology Directorate.
To contain the damage, Homeland Security limits what employees can see on their mobile device overseas, and "when it comes back, it's usually quarantined," he added.
(more)
No sure what you should be doing? Call us.
For years, the FBI has warned government and corporate executives not to use hotel Wi-Fi connections, because of reports that foreign travelers were unknowingly downloading spyware.
When DHS personnel travel, “we understand you go there, you go to Ukraine, you come back, there's a good chance that the BlackBerry or any other device, Androids, iOS, whatever, is probably owned. We get that," said Vincent Sritapan, a cybersecurity division program manager at the DHS Science and Technology Directorate.
To contain the damage, Homeland Security limits what employees can see on their mobile device overseas, and "when it comes back, it's usually quarantined," he added.
(more)
No sure what you should be doing? Call us.
Workplace Video Voyeurism: Rabbi Pleades Guilty to 52 Counts
DC - A prominent US rabbi has pleaded guilty to 52 counts of voyeurism after secretly filming women in his congregation's ritual baths.
Barry Freundel, 63, may have recorded as many as 150 women in the changing area at his orthodox synagogue in Washington DC.
Court documents revealed that Freundel set up a recording device
hidden within a digital clock radio in the changing and showering area.
The women were disrobing for the ritual Jewish bath, known as a mikvah.
He has confessed to recording at least 52 nude or partially nude women. Prosecutors say he should be jailed.
They say the actual number of women filmed is likely to have been much higher.
Before his arrest in October 2014, Barry Freundel was a rabbi at the Kesher Israel synagogue in the Georgetown area of the US capital for more than 25 years.
(more)
Barry Freundel, 63, may have recorded as many as 150 women in the changing area at his orthodox synagogue in Washington DC.
Murray Associates case history photo. |
The women were disrobing for the ritual Jewish bath, known as a mikvah.
He has confessed to recording at least 52 nude or partially nude women. Prosecutors say he should be jailed.
They say the actual number of women filmed is likely to have been much higher.
Before his arrest in October 2014, Barry Freundel was a rabbi at the Kesher Israel synagogue in the Georgetown area of the US capital for more than 25 years.
(more)
World's Smallest Voice Recorders
The following is advertising from the manufacturer. It is posted for two reasons.
1. My private investigator and security director readers are interested in investigation tools.
2. My corporate TSCM clients need to know the type of business espionage tools they face.
Smallest sizes, longest
recording time, clearest record sound!
Edic-mini Tiny + А77
This is almost weightless and the smallest recorder in the series, enabling it to conduct recording from built-in rechargeable battery for more than two days. The recorder is perfectly suited for everyday use, recording everyday events and unexpected situations in life.
Technical
characteristics:
-
Dimensions: 29x15x12 mm;
-
Weight: 7 g;
-
Battery life in record mode: up to 55 hours;
-
Power supply: rechargeable battery.
Detailed
description here
Edic-mini
Tiny+ B76
Owing to standard battery as a power supply, B76 is flexible and effective in operation. Due to low power consumption the recorder is able to operate in record mode up to 36 hours. It is perfectly suited both for everyday use and for those who keep the Recorder handy without recording too much.
Technical
characteristics:
-
Dimensions: 31x25x6 mm;
-
Weight: 16 g (without battery);
-
Battery life in record mode: up to 55 hours;
-
Power supply: battery of CR2016 type.
Edic-mini
Tiny 16+ A75
Professional voice recorder Edic-mini Tiny16 + A75 is the thinnest among the recorders of the Tiny16 + series. The main distinctive feature of the that model is 16-bit audio codec enable to reduce digital noise. Built-in Automatic Gain Control (AGC) makes it possible to perfectly record very loud sounds and amplify silent ones. It is a professional recording device designed for high- quality audio recording in complicated acoustic environment and from long distance, up to 15 meters.
Technical
characteristics:
-
Dimensions: 77x27x4 mm;
-
Weight: 12 g (without battery);
-
Battery life in record mode: up to 55 hours;
-
Power supply: rechargeable battery.
Detailed description here
Wednesday, February 18, 2015
Is Your Home Security System Putting You at Risk? ...news at eleven.
HP has released results of a security testing study revealing that owners of Internet-connected home security systems may not be the only ones monitoring their homes. The study found that 100 percent of the studied devices used in home security contain significant vulnerabilities, including password security, encryption and authentication issues.
Home security systems, such as video cameras and motion detectors, have gained popularity as they have joined the booming Internet of Things (IoT) market and have grown in convenience... The new HP study reveals how ill-equipped the market is from a security standpoint for the magnitude of growth expected around IoT...
The HP study questions whether connected security devices actually make our homes safer or put them at more risk...
(more)
Home security systems, such as video cameras and motion detectors, have gained popularity as they have joined the booming Internet of Things (IoT) market and have grown in convenience... The new HP study reveals how ill-equipped the market is from a security standpoint for the magnitude of growth expected around IoT...
The HP study questions whether connected security devices actually make our homes safer or put them at more risk...
(more)
Busman's Holiday, or Moonlighting Surveillance
Australia - A police officer installed a tracking device on a woman's car illegally to detail her movements, a magistrates court in Perth has been told.
The detective sergeant, who has been a police officer for more than 20 years, was on holiday at the time of the alleged offence with the woman's boyfriend, also a police officer.
(more)
(Sing-a-long)
The detective sergeant, who has been a police officer for more than 20 years, was on holiday at the time of the alleged offence with the woman's boyfriend, also a police officer.
(more)
(Sing-a-long)
Tuesday, February 17, 2015
Yet another Hollywood Bugging Scandal
CA - A West Hollywood City Council aide has been suspended and is being investigated by sheriff’s detectives on charges of eavesdropping on another council deputy and then e-mailing portions of her private conversations to local bloggers and residents in the city.
Ian Owens, a deputy to Councilman John Duran, is accused of bugging the City Hall office of Fran Solomon, the deputy to Councilman John Heilman, said city officials who requested anonymity because they were not authorized to discuss the matter.
But, wait. There's more...
Last month, City Council candidate Larry Block was sued by celebrity spray tanner Jimmy Jimmy Coco. The professional tanner... claimed in his suit that Block was his landlord, that he wrongly evicted him and that he had installed “spy cameras” to catch him in the nude.
(more)
Ian Owens, a deputy to Councilman John Duran, is accused of bugging the City Hall office of Fran Solomon, the deputy to Councilman John Heilman, said city officials who requested anonymity because they were not authorized to discuss the matter.
But, wait. There's more...
Last month, City Council candidate Larry Block was sued by celebrity spray tanner Jimmy Jimmy Coco. The professional tanner... claimed in his suit that Block was his landlord, that he wrongly evicted him and that he had installed “spy cameras” to catch him in the nude.
(more)
Monday, February 16, 2015
Science Magazine - The End of Privacy
The whole magazine is devoted to privacy.
At birth, your data trail began. You were given a name, your height and weight were recorded, and probably a few pictures were taken. A few years later, you were enrolled in day care, you received your first birthday party invitation, and you were recorded in a census. Today, you have a Social Security or national ID number, bank accounts and credit cards, and a smart phone that always knows where you are. Perhaps you post family pictures on Facebook; tweet about politics; and reveal your changing interests, worries, and desires in thousands of Google searches. Sometimes you share data intentionally, with friends, strangers, companies, and governments. But vast amounts of information about you are collected with only perfunctory consent—or none at all. Soon, your entire genome may be sequenced and shared by researchers around the world along with your medical records, flying cameras may hover over your neighborhood, and sophisticated software may recognize your face as you enter a store or an airport.
(more)
At birth, your data trail began. You were given a name, your height and weight were recorded, and probably a few pictures were taken. A few years later, you were enrolled in day care, you received your first birthday party invitation, and you were recorded in a census. Today, you have a Social Security or national ID number, bank accounts and credit cards, and a smart phone that always knows where you are. Perhaps you post family pictures on Facebook; tweet about politics; and reveal your changing interests, worries, and desires in thousands of Google searches. Sometimes you share data intentionally, with friends, strangers, companies, and governments. But vast amounts of information about you are collected with only perfunctory consent—or none at all. Soon, your entire genome may be sequenced and shared by researchers around the world along with your medical records, flying cameras may hover over your neighborhood, and sophisticated software may recognize your face as you enter a store or an airport.
(more)
Friday, February 13, 2015
Private Investigators Are Being Nailed for Hacking
Private investigators may be the newest front for federal prosecutors in cracking down on the hacker-for-hire business.
In the coming weeks, a private investigator in New York is expected to plead guilty to charges of paying a so-called hacker-for-hire firm to steal email passwords and credentials, said three people briefed on the matter, who spoke on the condition of anonymity because no charges had been filed yet. The guilty plea would wrap up a nearly yearlong investigation by the Federal Bureau of Investigation and federal prosecutors in New York.
Separately, federal prosecutors in San Francisco on Wednesday announced the indictment of two private investigators and two computer hackers on charges that they illegally entered email and Skype accounts to gather information for matters they were working on for clients. Some of the illegally gathered information was intended to support a lawsuit, authorities said.
The identity of the private investigator in New York, who works for a small firm, could not be determined.
(more)
In the coming weeks, a private investigator in New York is expected to plead guilty to charges of paying a so-called hacker-for-hire firm to steal email passwords and credentials, said three people briefed on the matter, who spoke on the condition of anonymity because no charges had been filed yet. The guilty plea would wrap up a nearly yearlong investigation by the Federal Bureau of Investigation and federal prosecutors in New York.
Separately, federal prosecutors in San Francisco on Wednesday announced the indictment of two private investigators and two computer hackers on charges that they illegally entered email and Skype accounts to gather information for matters they were working on for clients. Some of the illegally gathered information was intended to support a lawsuit, authorities said.
The identity of the private investigator in New York, who works for a small firm, could not be determined.
(more)
Study - 16 Million Smartphones Infected with Spyware / Malware
About 16 million mobile devices are infected by malicious software that is secretly spying on users, stealing confidential information and pilfering data plans.
That’s the word from Alcatel-Lucent’s Motive Security Labs, which in a study found that malware infections in mobile devices rose a full 25% in 2014, compared to a 20% increase in 2013. In fact, the uptick is so spectacular that Android devices have now caught up with Windows laptops, which had been the primary workhorse of cybercrime, with infection rates between Android and Windows devices split an even 50/50 in 2014.
“With one billion Android devices shipped in 2014, the platform is a favorite target of cybercriminals who can have lots of infection success without a lot of work,” said Kevin McNamee, director of Motive, in a blog. “Android is more exposed than rivals because of its open platform and by allowing users to download apps from third-party stores where apps are not always well-vetted.”
The mobile infection rate in 2014 was 0.68%. Fewer than 1% of infections come from iPhone and Blackberry smartphones.
(more)
That’s the word from Alcatel-Lucent’s Motive Security Labs, which in a study found that malware infections in mobile devices rose a full 25% in 2014, compared to a 20% increase in 2013. In fact, the uptick is so spectacular that Android devices have now caught up with Windows laptops, which had been the primary workhorse of cybercrime, with infection rates between Android and Windows devices split an even 50/50 in 2014.
“With one billion Android devices shipped in 2014, the platform is a favorite target of cybercriminals who can have lots of infection success without a lot of work,” said Kevin McNamee, director of Motive, in a blog. “Android is more exposed than rivals because of its open platform and by allowing users to download apps from third-party stores where apps are not always well-vetted.”
The mobile infection rate in 2014 was 0.68%. Fewer than 1% of infections come from iPhone and Blackberry smartphones.
(more)
Tuesday, February 10, 2015
Build Your Own Invisiability Device for Under $150
Researchers at the University of Rochester create a 3-D, transmitting, continuously multidirectional cloaking device. ... and they say you can too!
(more)
(more)
To build your own Rochester Cloak, follow these simple steps:
(more)
(more)
To build your own Rochester Cloak, follow these simple steps:
- Purchase 2 sets of 2 lenses with different focal lengths f1 and f2 (4 lenses total, 2 with f1 focal length, and 2 with f2 focal length)
- Separate the first 2 lenses by the sum of their focal lengths (So f1 lens is the first lens, f2 is the 2nd lens, and they are separated by t1= f1+ f2).
- Do the same in Step 2 for the other two lenses.
- Separate the two sets by t2=2 f2 (f1+ f2) / (f1— f2) apart, so that the two f2 lenses are t2 apart.
- Achromatic lenses provide best image quality.
- Fresnel lenses can be used to reduce the total length (2t1+t2)
- Smaller total length should reduce edge effects and increase the range of angles.
- For an easier, but less ideal, cloak, you can try the 3 lens cloak in the paper.
Labels:
FutureWatch,
Hack,
miscellaneous,
optics,
Ray-Gun,
weird
Sunday, February 8, 2015
5 Million People Wiretapped in One Year (Must be some sort of record.)
Some 5 million people in Turkey were listened in on in 2012, Interior Minister Efkan Ala has stated, referring to a calculation that around 250,000 people who were wiretapped spoke to at least 20 people on the phone. He blamed officers affiliated with the movement of U.S.-based Islamic scholar Fethullah Gülen for the scandal.
“A decision was made [to wiretap] one person, but that person speaks to tens of people. Imagine that he or she spoke to 20 other people - this adds up to 5 million people,” Ala said told state-run Anadolu Agency.
“All these [conversations] were stored and used for blackmailing or threatening. How can such a thing happen?” he asked.
(more)
“A decision was made [to wiretap] one person, but that person speaks to tens of people. Imagine that he or she spoke to 20 other people - this adds up to 5 million people,” Ala said told state-run Anadolu Agency.
“All these [conversations] were stored and used for blackmailing or threatening. How can such a thing happen?” he asked.
(more)
Why Hotels Check Your ID ...and who gets to see it.
If you’re a privacy-conscious traveler, you may have wondered from time to time why hotels ask for ID when you check in, or why they ask you to give them the make and model of your car and other information that isn’t essential to the transaction. What’s the ID-checking for? ...
Well, in many jurisdictions around the country, that information-gathering is mandated by law. Local ordinances require hotels, motels, and other lodgers (such as AirBnB hosts) to collect this information and keep it on hand. These laws also require that the information be made available to the police on request, for any reason or no reason, without a warrant.
(more)
Extra...
13 Things Your Hotel Front Desk Clerk Won't Tell You
DIY ID card |
(more)
Extra...
13 Things Your Hotel Front Desk Clerk Won't Tell You
Privacy Quote of the Week
"The age of information-sharing is brilliant, as long as you have no secrets."
~ Heather du Plessis-Allan
~ Heather du Plessis-Allan
...your spoken words will be transmitted to a third party via Voice Recognition.
As the number of connected devices — aka the Internet of Things, aka the sensornet — proliferates so too does the number of devices leaning on voice recognition technology as an interface to allow for hands free control...
The potential privacy intrusion of voice-activated services is massive. Samsung, which makes a series of Internet connected TVs, has a supplementary privacy policy covering its Smart TVs which includes the following section on voice recognition:
You can control your SmartTV, and use many of its features, with voice commands... Please be aware that if your spoken words include personal or other sensitive information, that information will be among the data captured and transmitted to a third party through your use of Voice Recognition.
When all the objects in your home have networked ears that are fine-tuned for commercial intelligence gathering, where will you go to talk about “personal” or “sensitive” stuff?
(more)
The potential privacy intrusion of voice-activated services is massive. Samsung, which makes a series of Internet connected TVs, has a supplementary privacy policy covering its Smart TVs which includes the following section on voice recognition:
You can control your SmartTV, and use many of its features, with voice commands... Please be aware that if your spoken words include personal or other sensitive information, that information will be among the data captured and transmitted to a third party through your use of Voice Recognition.
When all the objects in your home have networked ears that are fine-tuned for commercial intelligence gathering, where will you go to talk about “personal” or “sensitive” stuff?
(more)
Labels:
business,
eavesdropping,
FutureWatch,
mores,
privacy,
product,
spybot
Thursday, February 5, 2015
Some Simple Corporate Spy Countermeasures
Some information spies navigate the hiring process with every intention to steal corporate secrets for a competitor or foreign state once inside. Others turn against an employer when angered and leave, lured by job offers and incentives to haul out as much data as they can when they go.
Meanwhile, enterprise efforts to spot traitors and limit their access to sensitive data may not be enough. With the right job and the right access, operatives posing as janitors, mailroom employees, or IT staff can skirt efforts to defend data, using their broad access to walk data out the door.
CSO looks at enterprise barriers to these information sleeper agents, how corporate spies get past the protections, and what security leaders can do technically and otherwise to keep their data vaults safe from prying eyes...
(more)
Summary... Thorough background checks, limit access, keep your eyes open.
Meanwhile, enterprise efforts to spot traitors and limit their access to sensitive data may not be enough. With the right job and the right access, operatives posing as janitors, mailroom employees, or IT staff can skirt efforts to defend data, using their broad access to walk data out the door.
CSO looks at enterprise barriers to these information sleeper agents, how corporate spies get past the protections, and what security leaders can do technically and otherwise to keep their data vaults safe from prying eyes...
(more)
Summary... Thorough background checks, limit access, keep your eyes open.
Security Director Alert - DarkLeaks - The Espionage Bazaar
It looks like the days when concerned individuals share the inner secrets of corporations and governments only due to their nagging consciences are numbered, from here on in they will do so for nothing more than a fast buck.
A new WikiLeaks-style website has recently been announced that will reward its contributors with Bitcoins in exchange for information.
If the most valuable commodity is information then it is about to get its own hypermarket; DarkLeaks will allow uses to sell leaked data to the highest bidder in an anonymous blockchain-powered environment where anything goes.
DarkLeaks is being developed by unSystem who are behind DarkWallet, and DarkMarket an anonymous ebay-style marketplace which unlike Silk Road operates on the P2P model so that there is no central point of failure for law enforcement to take down.
The DarkLeaks system is so secure that it does not even allow communication between the seller and the buyer of information. Their website states: “The software uses bitcoin’s blockchain to encrypt files which are released when payment is claimed by the leaker. Files are split into segments and encrypted. These segments are unlocked only when the leaker reveals the key by claiming his bitcoins.”
There are also no limits on the type of content that can be bought and sold. Everything from evidence of corporate corruption to naked pictures of celebrities is up for grabs. UnSystem developer Amir Taaki has told CoinDesk that platforms like DarkLeaks provide a financial incentive for insiders to reveal information thereby “devaluing business models based around proprietary secrecy”.
(more)
This is going to be a BIG problem for corporations.
Those without a counterespionage strategy will hurt first.
A new WikiLeaks-style website has recently been announced that will reward its contributors with Bitcoins in exchange for information.
If the most valuable commodity is information then it is about to get its own hypermarket; DarkLeaks will allow uses to sell leaked data to the highest bidder in an anonymous blockchain-powered environment where anything goes.
DarkLeaks is being developed by unSystem who are behind DarkWallet, and DarkMarket an anonymous ebay-style marketplace which unlike Silk Road operates on the P2P model so that there is no central point of failure for law enforcement to take down.
The DarkLeaks system is so secure that it does not even allow communication between the seller and the buyer of information. Their website states: “The software uses bitcoin’s blockchain to encrypt files which are released when payment is claimed by the leaker. Files are split into segments and encrypted. These segments are unlocked only when the leaker reveals the key by claiming his bitcoins.”
There are also no limits on the type of content that can be bought and sold. Everything from evidence of corporate corruption to naked pictures of celebrities is up for grabs. UnSystem developer Amir Taaki has told CoinDesk that platforms like DarkLeaks provide a financial incentive for insiders to reveal information thereby “devaluing business models based around proprietary secrecy”.
(more)
This is going to be a BIG problem for corporations.
Those without a counterespionage strategy will hurt first.
Labels:
advice,
business,
counterespionage,
employee,
ethics,
FutureWatch,
leaks,
mores
Tuesday, February 3, 2015
Night Janitor Admits to Hiding Spycam in Staff Bathroom
NV - A former school district janitor told police he hid a video camera in a staff bathroom with the intent to record people using the bathroom in various stages of undress, according to the arrest report.
Gary Wayne Higbee, who has only been employed part-time with the district since September 2014, is facing three counts of capturing an image or the private area of another person...
The video camera was discovered when an employee at Givens Elementary School noticed what appeared to be something hidden next to a silk plant on the bathroom sink.
Another employee told police she noticed Higbee checking out the unisex bathroom every time someone came out of it.
According to the arrest report, Higbee told police he took the camera from his other job at Southwest Airlines, where he works as a ramp agent. He said, he researched on the Internet how to do hidden recordings of people.
(more)
Chinuts - Move Here, Give Us Source Code and Build Some Back Doors (wtf?!?!)
China plans to unveil new cybersecurity rules that require tech companies to hand over source code and build back doors in hardware and software for government regulators. The rules only apply to companies selling computer products to Chinese banks, but they have already sparked anxiety on the part of Western tech companies about being trapped between either giving up intellectual property or not doing business in China.
The new rules—part of cybersecurity policies intended to protect China’s critical industries—first appeared in a 22-page document at the end of 2014, according to a New York Times report. Such rules have not been officially announced yet. But the U.S. Chambers of Commerce joined a number of other foreign business groups in sending a letter [pdf] to the Central Leading Group for Cyberspace Affairs, chaired by President Xi Jinping, that called for “urgent discussions” about the policies. Tech giants such as Microsoft, Cisco, and Qualcomm have also independently voiced their concerns.
Under the bank rules, tech companies would have to hand over source code, set up research and development centers in China, and build hardware and software back doors that would permit Chinese officials to monitor data within their computer systems.
(more)
The new rules—part of cybersecurity policies intended to protect China’s critical industries—first appeared in a 22-page document at the end of 2014, according to a New York Times report. Such rules have not been officially announced yet. But the U.S. Chambers of Commerce joined a number of other foreign business groups in sending a letter [pdf] to the Central Leading Group for Cyberspace Affairs, chaired by President Xi Jinping, that called for “urgent discussions” about the policies. Tech giants such as Microsoft, Cisco, and Qualcomm have also independently voiced their concerns.
Under the bank rules, tech companies would have to hand over source code, set up research and development centers in China, and build hardware and software back doors that would permit Chinese officials to monitor data within their computer systems.
(more)
Workplace Video Voyeurism - Streaming Covert Dressing Room Camera
Reality TV star and Las Vegas showgirl Holly Madison said managers at Mandalay Bay’s 1923 Bourbon and Burlesque watched secret, intimate recordings of her and other women in their dressing room.
Madison and her company, Awesometown Inc., filed a lawsuit Monday against multiple individuals involved with her show, 1923 Bourbon and Burlesque by Holly Madison. A second suit was filed on behalf of the other dancers by the same Las Vegas firm, Garcia-Mendoza and Snavely.
The court documents allege that the corporations and managers who hired Madison and ran the venue filmed, transmitted and disseminated images of the women naked and changing costumes for about five months last year without the women’s knowledge or consent.
Robert W. Sabes, Noel Bowman, Robert Fry and Avi Kopelman, the individuals named in the suit, are accused of secretly placing a digital video recorder capable of storing 17 days of film in the women’s changing room. Video was then streamed to the men’s computers and other digital devices, according to the lawsuit...
In addition to the men named in the lawsuit, the action targets the corporations involved, Fat Hat LLC, ICE Lounge Las Vegas LLC and J. F. Sabes Investment Inc, as well as 20 unnamed people and corporations, which were involved in building the dressing room and setting up the surveillance camera.
(more)
Madison and her company, Awesometown Inc., filed a lawsuit Monday against multiple individuals involved with her show, 1923 Bourbon and Burlesque by Holly Madison. A second suit was filed on behalf of the other dancers by the same Las Vegas firm, Garcia-Mendoza and Snavely.
The court documents allege that the corporations and managers who hired Madison and ran the venue filmed, transmitted and disseminated images of the women naked and changing costumes for about five months last year without the women’s knowledge or consent.
Robert W. Sabes, Noel Bowman, Robert Fry and Avi Kopelman, the individuals named in the suit, are accused of secretly placing a digital video recorder capable of storing 17 days of film in the women’s changing room. Video was then streamed to the men’s computers and other digital devices, according to the lawsuit...
In addition to the men named in the lawsuit, the action targets the corporations involved, Fat Hat LLC, ICE Lounge Las Vegas LLC and J. F. Sabes Investment Inc, as well as 20 unnamed people and corporations, which were involved in building the dressing room and setting up the surveillance camera.
(more)
Sunday, February 1, 2015
Australian PI Goes Undercover and Gets Sacked (no, really)
Australia - A private investigator who gets paid by councils to have undercover sex inside illegal brothels has been fired after withholding information about a prostitute whom he met on a job.
Over the past four years, "Fred Allen" has received tens of thousands of dollars from at least 10 Sydney metropolitan councils in exchange for evidence that is required, in court, to help close underground parlours.
But in October the investigator was accused, by Sydney-based consultancy firm Brothel Busters, of having "deliberately omitted" important details from a brief of evidence to "protect" an illegal sex worker, with whom he had become "enchanted", while working covertly inside an underground vice den.
(more)
Over the past four years, "Fred Allen" has received tens of thousands of dollars from at least 10 Sydney metropolitan councils in exchange for evidence that is required, in court, to help close underground parlours.
But in October the investigator was accused, by Sydney-based consultancy firm Brothel Busters, of having "deliberately omitted" important details from a brief of evidence to "protect" an illegal sex worker, with whom he had become "enchanted", while working covertly inside an underground vice den.
(more)
Three Grumpy Spies Nailed with Bugs and Taps
Three men accused in the latest Russian spy case didn't hide behind fake identities and weren't stealing military secrets. The evidence even suggests they were annoyed that their assignment wasn't more like a James Bond film.
Their alleged plot to dig up "economic intelligence" on possible banking penalties and alternative energy sources may not be the stuff of Hollywood movies, but U.S. authorities insist the case is proof that Russian spying is thriving in America more than two decades after the end of the Cold War.
It also shows the time and resources the U.S. still throws at those suspected of being Putin-era spies, using methods developed before many of them were born: listening bugs, hidden cameras and intercepted phone calls.
(more)
Their alleged plot to dig up "economic intelligence" on possible banking penalties and alternative energy sources may not be the stuff of Hollywood movies, but U.S. authorities insist the case is proof that Russian spying is thriving in America more than two decades after the end of the Cold War.
It also shows the time and resources the U.S. still throws at those suspected of being Putin-era spies, using methods developed before many of them were born: listening bugs, hidden cameras and intercepted phone calls.
(more)
Ex-Spy Chief Wanted on Charges of... Spying
Colombia — The former head of Colombia’s intelligence agency ended several years on the run and surrendered to face charges of spying on opponents of former President Alvaro Uribe.
Maria del Pilar Hurtado late Friday turned herself over to authorities in Panama, where she fled in 2010. She was taken on a pre-dawn flight to Bogota, where a judge ordered her to be jailed at the chief prosecutor’s office while charges are considered.
Chief prosecutor Eduardo Montealegre said Hurtado was being processed for at least five offenses that could bring 15 to 20 years in prison for a conviction. He said he would urge Hurtado to cooperate and reveal “who gave the order for the illegal wiretapping.”
(more)
Maria del Pilar Hurtado late Friday turned herself over to authorities in Panama, where she fled in 2010. She was taken on a pre-dawn flight to Bogota, where a judge ordered her to be jailed at the chief prosecutor’s office while charges are considered.
Chief prosecutor Eduardo Montealegre said Hurtado was being processed for at least five offenses that could bring 15 to 20 years in prison for a conviction. He said he would urge Hurtado to cooperate and reveal “who gave the order for the illegal wiretapping.”
(more)
Saturday, January 31, 2015
Weird Science - Eavesdropping 3,000 miles away while underwater
1944 - Maurice Ewing and a team of American scientists... believed there may be a layer in the ocean where a combination of pressure and temperature create a narrow channel where certain low-frequency sounds would travel long distances.
In the deep waters of the Atlantic, researches dropped several explosives containing four pounds of dynamite, each timed to detonate at a different depth. Using an underwater microphone called a hydrophone, a second boat stationed 900 miles away successfully detected the sounds.
Subsequent tests picked up the signal at a distance of 3,000 miles.
The discovery of the SOFAR sound channel opened up a new way to study the world's oceans, as well as a unique tool in the nation's defense.
(more)
In the deep waters of the Atlantic, researches dropped several explosives containing four pounds of dynamite, each timed to detonate at a different depth. Using an underwater microphone called a hydrophone, a second boat stationed 900 miles away successfully detected the sounds.
Subsequent tests picked up the signal at a distance of 3,000 miles.
The discovery of the SOFAR sound channel opened up a new way to study the world's oceans, as well as a unique tool in the nation's defense.
(more)
Four of the Newest (and lowest) Social Engineering Scams
1. Phishing with new lethal-strains of ransomware
Ransomware caught businesses’ attention in 2013 with Cryptolocker, which infects computers running Microsoft Windows and encrypts all of its files, as well as files on a shared server. The extortionists then hold the encryption key for ransom (about $500 USD), to be paid with untraceable Bitcoin. The longer the victim waits to pay, the higher the price, or the data can be erased. Now, copycat CryptoDefense has popped up in 2014 and targets texts, picture, video, PDF and MS Office files and encrypts these with a strong RSA-2048 key, which is hard to undo. It also wipes out Shadow Copies, which are used by many backup programs...
2. Phishing with funerals
Perhaps a new low - social engineering gangs have been caught sending people phishing emails that appear to be from a funeral home telling the reader that a close friend of yours is deceased and the burial ceremony is on this date. They have already penetrated and compromised the funeral home’s website, so the moment that the concerned friend clicks on the compromised website they get redirected to a bad guy’s server...
3. IVR and robocalls for credit card information
Similar Articles group masks Social engineering attacks from the front lines attention. Bad guys steal thousands of phone numbers and use a robocaller to call unsuspecting employees. “It’s fully automated, Sjouwerman says. “The message goes something like – ‘This is your credit card company. We are checking on a potential fraudulent charge on your card. Did you purchase a flat screen TV for $3,295? Press 1 for yes or 2 for no.’” If the person responds no – the script then asks the victim to enter his credit card number, expiration date and security code. In some cases, employees worry that their company credit card has been compromised and they might get into trouble, so they play along...
4. Healthcare records for spear-phishing attacks
With massive data breaches in 2013, the criminal element has reached a point where they can grab personally identifiable information and start merging records – including healthcare records. For instance, a bogus email looks like it’s coming from your employer and its healthcare provider announcing that they’ve made some changes to your healthcare program. They’re offering preferred insurance rates for customers with your number of children. Then they invite the email reader to check out a link that looks like it goes to the health insurer’s web page. “Because the email is loaded with the reader’s personal information, there’s a high likelihood of one click – and that’s all it takes” to infiltrate company systems...
(more)
Ransomware caught businesses’ attention in 2013 with Cryptolocker, which infects computers running Microsoft Windows and encrypts all of its files, as well as files on a shared server. The extortionists then hold the encryption key for ransom (about $500 USD), to be paid with untraceable Bitcoin. The longer the victim waits to pay, the higher the price, or the data can be erased. Now, copycat CryptoDefense has popped up in 2014 and targets texts, picture, video, PDF and MS Office files and encrypts these with a strong RSA-2048 key, which is hard to undo. It also wipes out Shadow Copies, which are used by many backup programs...
2. Phishing with funerals
Perhaps a new low - social engineering gangs have been caught sending people phishing emails that appear to be from a funeral home telling the reader that a close friend of yours is deceased and the burial ceremony is on this date. They have already penetrated and compromised the funeral home’s website, so the moment that the concerned friend clicks on the compromised website they get redirected to a bad guy’s server...
3. IVR and robocalls for credit card information
Similar Articles group masks Social engineering attacks from the front lines attention. Bad guys steal thousands of phone numbers and use a robocaller to call unsuspecting employees. “It’s fully automated, Sjouwerman says. “The message goes something like – ‘This is your credit card company. We are checking on a potential fraudulent charge on your card. Did you purchase a flat screen TV for $3,295? Press 1 for yes or 2 for no.’” If the person responds no – the script then asks the victim to enter his credit card number, expiration date and security code. In some cases, employees worry that their company credit card has been compromised and they might get into trouble, so they play along...
4. Healthcare records for spear-phishing attacks
With massive data breaches in 2013, the criminal element has reached a point where they can grab personally identifiable information and start merging records – including healthcare records. For instance, a bogus email looks like it’s coming from your employer and its healthcare provider announcing that they’ve made some changes to your healthcare program. They’re offering preferred insurance rates for customers with your number of children. Then they invite the email reader to check out a link that looks like it goes to the health insurer’s web page. “Because the email is loaded with the reader’s personal information, there’s a high likelihood of one click – and that’s all it takes” to infiltrate company systems...
(more)
How the Hell Are These Popular Spying Apps Not Illegal?
(a long and excellent article)
Here are some sordid scenarios. Your ex-girlfriend can see every time you swipe right while using Tinder. Your former husband is secretly listening to and recording your late-night Skype sessions with your new boyfriend. Some random slippery-dick is jacking off to the naked photos in your private photo library. For millions of people, it's not hypothetical.
Someone could be spying on every call, Facebook message, snapchat, text, sext, each single keystroke you tap out on your phone, and you'd never know. I'm not talking about the NSA (though that too); I'm talking about software fine-tuned for comprehensive stalking—"spyware"—that is readily available to any insecure spouse, overzealous boss, overbearing parent, crazy stalker or garden-variety creep with a credit card. It's an unambiguously malevolent private eye panopticon cocktail of high-grade voyeurism, sold legally. And if it's already on your phone, there's no way you can tell.
Spyware companies like mSpy and flexiSPY are making money off the secret surveillance of millions of people's devices. Literally millions of people, according to the sales figures provided by these spyware companies, are going about their days not knowing that somewhere, some turdknockers are scouring their photo libraries and contacts and WhatsApp messages, looking for digital misdeeds.
Spyware has been around for decades, but the current crop is especially invasive. They make money by charging people—from $40 a month for a basic phone spying package on mSpy up to $200 a month on one of flexiSPY's bigger plan—for siphoning activity off their target's devices.
(more)
Here are some sordid scenarios. Your ex-girlfriend can see every time you swipe right while using Tinder. Your former husband is secretly listening to and recording your late-night Skype sessions with your new boyfriend. Some random slippery-dick is jacking off to the naked photos in your private photo library. For millions of people, it's not hypothetical.
Spyware companies like mSpy and flexiSPY are making money off the secret surveillance of millions of people's devices. Literally millions of people, according to the sales figures provided by these spyware companies, are going about their days not knowing that somewhere, some turdknockers are scouring their photo libraries and contacts and WhatsApp messages, looking for digital misdeeds.
Spyware has been around for decades, but the current crop is especially invasive. They make money by charging people—from $40 a month for a basic phone spying package on mSpy up to $200 a month on one of flexiSPY's bigger plan—for siphoning activity off their target's devices.
(more)
Friday, January 30, 2015
The Sundance Film the FBI Doesn't Want You to See
(T)ERROR is the first film to document an active FBI counterterrorism sting investigation.
In the feature documentary (T)ERROR, which premiered this week at the 2015 Sundance Film Festival, everyone is spying on everyone: the informant on the target, the target on the informant, the FBI on the informant, the filmmakers on the FBI.
Incredibly, directors Lyric R. Cabral and David Felix Sutcliffe manage to film not just the one doing the surveilling but also the one being surveilled — without either subject knowing the other is also appearing on-camera.
It’s a daring feat made even more impressive when you realize the FBI has no idea that the informant they’re using is in fact simultaneously using them.
But unlike Homeland or some John le Carré novel, where spying is sexy and the characters are all perspicacious, (T)ERROR depicts the reality of today’s domestic intelligence gathering: it is not glamorous, the vernacular is informal, the surveillance techniques utilized include “advanced” approaches like trying to befriend someone on Facebook, and incompetence abounds (at one point a confidential phone number is discovered by typing it into Google).
(more)
In the feature documentary (T)ERROR, which premiered this week at the 2015 Sundance Film Festival, everyone is spying on everyone: the informant on the target, the target on the informant, the FBI on the informant, the filmmakers on the FBI.
Incredibly, directors Lyric R. Cabral and David Felix Sutcliffe manage to film not just the one doing the surveilling but also the one being surveilled — without either subject knowing the other is also appearing on-camera.
It’s a daring feat made even more impressive when you realize the FBI has no idea that the informant they’re using is in fact simultaneously using them.
But unlike Homeland or some John le Carré novel, where spying is sexy and the characters are all perspicacious, (T)ERROR depicts the reality of today’s domestic intelligence gathering: it is not glamorous, the vernacular is informal, the surveillance techniques utilized include “advanced” approaches like trying to befriend someone on Facebook, and incompetence abounds (at one point a confidential phone number is discovered by typing it into Google).
(more)
Cell Phone Spying Case to Court - Force Sheriff to Reveal Secrets
NY - The Erie County Sheriff's Office is scheduled to be in court next week as it refuses to hand over information regarding its use of cell phone spying equipment.
2 On Your Side was first to report on the agency's use of so-called cell site simulator equipment. The machines -- often used under the names "Stingray" and "KingFish" -- mimic cell phone towers and trick phones into sending over information.
As we reported exclusively, the county paid more than $350,000 for the machines.
(more)
2 On Your Side was first to report on the agency's use of so-called cell site simulator equipment. The machines -- often used under the names "Stingray" and "KingFish" -- mimic cell phone towers and trick phones into sending over information.
As we reported exclusively, the county paid more than $350,000 for the machines.
(more)
The Top 5 Soviet Bugs & Wiretaps During the Cold War
In an interview Leonid Shebarshin, a former head of the First Chief Directorate of the KGB said, “Our good fortune will only be made known after we suffer a major defeat. Our real success will be made known no earlier than 50 years down the line.” Successful spy operations are already a thing of the past, with modern-day intelligence seeming to consist of a series of failures...
1. Operation “Information of Our Times”
2. The wiretapping of Franklin D. Roosevelt in Tehran
3. A bug in the U.S. coat of arms (The Great Seal Bug)
4. Bugs in Moscow and beyond
5. The Soviet Union’s Cuban ears
(more)
1. Operation “Information of Our Times”
2. The wiretapping of Franklin D. Roosevelt in Tehran
3. A bug in the U.S. coat of arms (The Great Seal Bug)
4. Bugs in Moscow and beyond
5. The Soviet Union’s Cuban ears
(more)
Thursday, January 29, 2015
This Week in World Eavesdropping Wiretapping Surveillance & Spying
Australia - Deputy Police Commissioner Nick Kaldas will front a parliamentary inquiry into a long-running NSW police bugging scandal. Mr Kaldas was one of more than 100 police alledgedly spied on more than a decade ago as part of a covert internal corruption investigation.
(more)
IL - Illinois legislators provoked public outrage by reviving an eavesdropping law that the Supreme Court of Illinois struck down earlier in the year—in part because it prohibited citizens from recording public interactions with police. Sponsors and supporters of the new version of the law... insisted that the new statute would allow citizens to record police and that the public's concern was unwarranted. In fact however, Illinois' new eavesdropping law is confusing and harsh. Although it does not ban all recording of police—the court took that off the table—it discourages it about as much possible
(more)
US - A program used by U.S. and British spies to record computer keystrokes was part of sophisticated hacking operations in more than a dozen countries, security experts said on Tuesday, after former NSA contractor Edward Snowden reportedly leaked the source code for the program.
(more)
Canada - On Monday, a new report was released, based on leaked documents from Edward Snowden, showing that Canadian intelligence agencies—part of the Five Eyes spying conglomerate that includes the US, the UK, Australia and New Zealand—partnered with UK spies to siphon sensitive data from thousands of smartphones by sniffing traffic between applications on the phones and the servers owned by the companies that made the applications. The so-called Badass program is designed to sniff the normal unencrypted communication traffic of certain smartphone apps to glean location information, the unique identifier of the phone and other data that can help spies learn the identity of phone users, among other things. It can also be used to uncover vulnerabilities in a phone to help spies hack it.
(more)
US - Former U.S. nuclear scientist gets 5 year sentence for spying.
(more)
US - The Department of Justice is using an expanded license plate collection program -- originally intended to track drug crime -- to monitor ordinary citizens without criminal records, government documents reveal, raising questions about how widely surveillance data is shared among agencies and companies.
(more)
NYC - A contractor for Johnson & Johnson was arrested for placing a hidden spy camera in a company bathroom that recorded multiple people using the toilet, authorities said. Stephen Lewins, 42, of Brooklyn, was arrested for unlawful surveillance on January 23, after the pinhole camera was discovered in the restroom a week earlier, the NYPD said. A Johnson & Johnson employee found the camera and an SD card hidden in a wall above a light switch inside the unisex bathroom Jan. 16. The company said it alerted the NYPD immediately.
(more)
WI - A ban on undercover videos on Wisconsin farms is being considered at the state Capitol. Though the bill is expected in the next week or so, laws known as “ag gags” have been proposed all over the country. According to the ASPCA, 26 state legislatures have looked at bans on covert video and pictures. That footage is typically used by animal rights groups to expose animal cruelty and mistreatment.
(more)
Canada - A cast member of CTV sitcom Spun Out has been accused of voyeurism after two women alleged they found hidden cameras in a Toronto condo. Jean Paul "J.P." Manoux, 45, was charged Tuesday by Toronto Police with one count of voyeurism. Last week, Police officers responded to a call from two women -- ages 27 and 25 -- at a Queen St. W. condominium building. The two women allegedly "discovered hidden cameras and video equipment connected to the Internet" in a condo they rented from a man, according to a police statement.
(more)
(more)
IL - Illinois legislators provoked public outrage by reviving an eavesdropping law that the Supreme Court of Illinois struck down earlier in the year—in part because it prohibited citizens from recording public interactions with police. Sponsors and supporters of the new version of the law... insisted that the new statute would allow citizens to record police and that the public's concern was unwarranted. In fact however, Illinois' new eavesdropping law is confusing and harsh. Although it does not ban all recording of police—the court took that off the table—it discourages it about as much possible
(more)
R. Crumb prediction (1967) |
(more)
Canada - On Monday, a new report was released, based on leaked documents from Edward Snowden, showing that Canadian intelligence agencies—part of the Five Eyes spying conglomerate that includes the US, the UK, Australia and New Zealand—partnered with UK spies to siphon sensitive data from thousands of smartphones by sniffing traffic between applications on the phones and the servers owned by the companies that made the applications. The so-called Badass program is designed to sniff the normal unencrypted communication traffic of certain smartphone apps to glean location information, the unique identifier of the phone and other data that can help spies learn the identity of phone users, among other things. It can also be used to uncover vulnerabilities in a phone to help spies hack it.
(more)
US - Former U.S. nuclear scientist gets 5 year sentence for spying.
(more)
US - The Department of Justice is using an expanded license plate collection program -- originally intended to track drug crime -- to monitor ordinary citizens without criminal records, government documents reveal, raising questions about how widely surveillance data is shared among agencies and companies.
(more)
NYC - A contractor for Johnson & Johnson was arrested for placing a hidden spy camera in a company bathroom that recorded multiple people using the toilet, authorities said. Stephen Lewins, 42, of Brooklyn, was arrested for unlawful surveillance on January 23, after the pinhole camera was discovered in the restroom a week earlier, the NYPD said. A Johnson & Johnson employee found the camera and an SD card hidden in a wall above a light switch inside the unisex bathroom Jan. 16. The company said it alerted the NYPD immediately.
(more)
WI - A ban on undercover videos on Wisconsin farms is being considered at the state Capitol. Though the bill is expected in the next week or so, laws known as “ag gags” have been proposed all over the country. According to the ASPCA, 26 state legislatures have looked at bans on covert video and pictures. That footage is typically used by animal rights groups to expose animal cruelty and mistreatment.
(more)
Canada - A cast member of CTV sitcom Spun Out has been accused of voyeurism after two women alleged they found hidden cameras in a Toronto condo. Jean Paul "J.P." Manoux, 45, was charged Tuesday by Toronto Police with one count of voyeurism. Last week, Police officers responded to a call from two women -- ages 27 and 25 -- at a Queen St. W. condominium building. The two women allegedly "discovered hidden cameras and video equipment connected to the Internet" in a condo they rented from a man, according to a police statement.
(more)
Wednesday, January 28, 2015
Panama’s Ex-president’s Hunger for Gossip Fueled Tapping
When the United States rejected former Panamanian President Ricardo Martinelli’s request for spying equipment to eavesdrop, U.S. diplomats feared, on his political enemies, the former supermarket baron turned to another source: Israel.
Now scores of Panama’s political and social elite are learning that the eavesdropping program that Martinelli’s security team set in place sprawled into the most private aspects of their lives – including their bedrooms. Rather than national security, what appears to have driven the wiretapping was a surfeit of the seven deadly sins, particularly greed, pride, lust and envy.
Nearly every day, targets of the wiretapping march to the prosecutors’ office to see what their dossiers contain, often emerging in distress. Martinelli, who left office in July, is facing a rising tide of outrage not only over the wiretapping, but also over reports of vast corruption. His personal secretary has left the country. The eavesdropping equipment has vanished.
(more)
Now scores of Panama’s political and social elite are learning that the eavesdropping program that Martinelli’s security team set in place sprawled into the most private aspects of their lives – including their bedrooms. Rather than national security, what appears to have driven the wiretapping was a surfeit of the seven deadly sins, particularly greed, pride, lust and envy.
Nearly every day, targets of the wiretapping march to the prosecutors’ office to see what their dossiers contain, often emerging in distress. Martinelli, who left office in July, is facing a rising tide of outrage not only over the wiretapping, but also over reports of vast corruption. His personal secretary has left the country. The eavesdropping equipment has vanished.
(more)
Town Supervisor Accused of Eavesdropping on Employees
NY - State Police arrested the Windham Town Supervisor after they say she used video and audio recording devices to eavesdrop on employees.
Stacy Post, 51, put the recording devices in the Windham Town Office Building after being elected to Town Supervisor, according to police.
They say Post eavesdropped on employees and other users of the town offices.
Post has been charged with felony eavesdropping and possessing eavesdropping devices.
(more)
Stacy Post, 51, put the recording devices in the Windham Town Office Building after being elected to Town Supervisor, according to police.
They say Post eavesdropped on employees and other users of the town offices.
Post has been charged with felony eavesdropping and possessing eavesdropping devices.
(more)
You Only Live Once, or Die Another Day
The former Russian spy Alexander Litvinenko may have survived a previous poisoning attempt before a lethal dose of polonium was slipped into his tea at a London hotel, a long-awaited judicial inquiry into his death was told Tuesday.
The former KGB officer, an outspoken critic of Russian President Vladimir Putin, was living in Britain and doing consultancy work for the British intelligence service MI-6 when he met two Russians for a drink at the Millennium Hotel in November 2006. Weeks later, he suffered an agonizing death, apparently from the effects of radiation poisoning.
The strange case soured relations between Britain and Russia for years. On his deathbed, Litvinenko claimed that he had been poisoned on Putin’s orders.
(more)
The former KGB officer, an outspoken critic of Russian President Vladimir Putin, was living in Britain and doing consultancy work for the British intelligence service MI-6 when he met two Russians for a drink at the Millennium Hotel in November 2006. Weeks later, he suffered an agonizing death, apparently from the effects of radiation poisoning.
The strange case soured relations between Britain and Russia for years. On his deathbed, Litvinenko claimed that he had been poisoned on Putin’s orders.
(more)
Need A Secure Portable 1 or 2TB Hard Drive? (Yeah, you do.)
iStorage diskAshur Pro 1TB review: one of the most secure and encrypted portable hard drives you can buy...
If you use a portable drive for business, there's a very strong case for keeping that data secure with a hardware-encrypted drive. And when customer data is at stake, there's a legal obligation to button it down to keep it confidential in the event of the drive being lost or otherwise compromised.
Even home users may prefer to keep their files and data to themselves. Which is why encrypted portable drives like the iStorage diskAshur Pro can be such a great idea, with their built-in keypads that need a numerical PIN to be entered before they give up their secrets.
The diskAshur Pro follows a line of similar drives sold in this country (UK) by iStorage Limited, which are rebranded and renamed drives designed by and made for Apricorn Inc in the USA. This latest version is called the diskAshur Pro, otherwise known as the Apricorn Aegis Padlock Fortress, and has been given a FIPS 140-2 security rating.
(more)
If you use a portable drive for business, there's a very strong case for keeping that data secure with a hardware-encrypted drive. And when customer data is at stake, there's a legal obligation to button it down to keep it confidential in the event of the drive being lost or otherwise compromised.
Even home users may prefer to keep their files and data to themselves. Which is why encrypted portable drives like the iStorage diskAshur Pro can be such a great idea, with their built-in keypads that need a numerical PIN to be entered before they give up their secrets.
The diskAshur Pro follows a line of similar drives sold in this country (UK) by iStorage Limited, which are rebranded and renamed drives designed by and made for Apricorn Inc in the USA. This latest version is called the diskAshur Pro, otherwise known as the Apricorn Aegis Padlock Fortress, and has been given a FIPS 140-2 security rating.
(more)
Tuesday, January 27, 2015
Avoid Video Surveillance Liability
via Eric Pritchard, Esq...
Summary: Here are five keys to limiting your liability when using and deploying video:
1. Understand and obey wiretap laws. Federal wiretap laws prohibit the interception of oral communications with limited exceptions.
2. Obey state laws prohibiting video cameras. Several states prohibit or regulate video surveillance.
3. Obey state laws respecting privacy rights. Every state has law concerning an individual’s privacy rights.
4. (Installers) Use an effective, enforceable contract to allocate the risk of loss. An effective contract for the provision of video-related services and equipment should limit your company’s liability just like it does for other services.
5. (Installers) Installing video without a recurring contract is a missed opportunity. Develop a policy of not selling or installing video cameras without a contract for some form of recurring revenue.
• Side note: If you are the user, keep the system maintained so you are not accused of providing a false sense of security.
Summary: Here are five keys to limiting your liability when using and deploying video:
1. Understand and obey wiretap laws. Federal wiretap laws prohibit the interception of oral communications with limited exceptions.
2. Obey state laws prohibiting video cameras. Several states prohibit or regulate video surveillance.
3. Obey state laws respecting privacy rights. Every state has law concerning an individual’s privacy rights.
4. (Installers) Use an effective, enforceable contract to allocate the risk of loss. An effective contract for the provision of video-related services and equipment should limit your company’s liability just like it does for other services.
5. (Installers) Installing video without a recurring contract is a missed opportunity. Develop a policy of not selling or installing video cameras without a contract for some form of recurring revenue.
• Side note: If you are the user, keep the system maintained so you are not accused of providing a false sense of security.
NYC - Spycam Found in Bathroom Used by Top Corporations
The New York City Police Department reported today that a pinhole camera was found in a unisex bathroom at Johnson & Johnson (JNJ)’s corporate offices in NYC last week. A designer with the company discovered the camera, located above the light switch.
Johnson & Johnson ’s building maintenance supervisor reported the camera to the New York Police Department after it was discovered on Jan. 16, 2015. After examination, the camera was found to contain an SD card used for video storage. Johnson & Johnson’s Carol Goodrich said the company had immediately contacted the NYPD after the camera’s discovery...
“The device was hidden above a light switch in the bathroom next to offices that include Ralph Lauren and Haynes Roberts...” reported the New York Post. “The bathroom with the hidden device is open and accessible to all tenants and guests on the floor. It wasn’t clear whether the potty perv who put it there captured customers or models who do photo shoots nearby in RR Donnelley’s Studio W26. Investigators had yet to review the storage drive recovered with the camera.”...
Today’s story about the pinhole camera is part of what appears to be a trend. * NBC ran a story on March 27, 2014 about numerous reports of cameras being found in public bathrooms...
The NYPD indicates they are investigating the J&J camera as a sex crime and unlawful surveillance, with the added possibility of obscene material involving people under the age of 17.
(more)
*More like pandemic based on news reports and sweep requests received here.
• That USB stick spycam... only $8.76 here.
Johnson & Johnson ’s building maintenance supervisor reported the camera to the New York Police Department after it was discovered on Jan. 16, 2015. After examination, the camera was found to contain an SD card used for video storage. Johnson & Johnson’s Carol Goodrich said the company had immediately contacted the NYPD after the camera’s discovery...
Spycams are disguised as many things. This one is a USB stick. |
“The device was hidden above a light switch in the bathroom next to offices that include Ralph Lauren and Haynes Roberts...” reported the New York Post. “The bathroom with the hidden device is open and accessible to all tenants and guests on the floor. It wasn’t clear whether the potty perv who put it there captured customers or models who do photo shoots nearby in RR Donnelley’s Studio W26. Investigators had yet to review the storage drive recovered with the camera.”...
Today’s story about the pinhole camera is part of what appears to be a trend. * NBC ran a story on March 27, 2014 about numerous reports of cameras being found in public bathrooms...
The NYPD indicates they are investigating the J&J camera as a sex crime and unlawful surveillance, with the added possibility of obscene material involving people under the age of 17.
(more)
*More like pandemic based on news reports and sweep requests received here.
• That USB stick spycam... only $8.76 here.
Economic Espionage - NYC Russian Banker Arrested by FBI
Federal prosecutors arrested a Russian banker in New York on Monday and charged him as a spy, accusing him and two others of secretly gathering information about the New York Stock Exchange, U.S. energy resources and sanctions against Moscow.
Prosecutors described clandestine meetings and coded communications between the banker and his handlers, one of whom worked as a trade representative of the Russian Federation in New York, the other as an attaché to the Permanent Mission of the Russian Federation to the United Nations.
The spycraft alleged in the complaint reads like a throwback to the Cold War. Yet the alleged operatives’ target was more modern: economic intelligence...
The most interesting part...
Mr. Buryakov suggested they ask about the NYSE’s use of exchange-traded funds, potential limits on the use of automated high-frequency trading systems... NYSE spokesman declined to comment.
(more)
• The movie Blackhat illustrates market manipulation, and why it would interest them.
• Classic spycraft is alive and well. It ain't all IT-based.
• Nice job, FBI!
Prosecutors described clandestine meetings and coded communications between the banker and his handlers, one of whom worked as a trade representative of the Russian Federation in New York, the other as an attaché to the Permanent Mission of the Russian Federation to the United Nations.
The spycraft alleged in the complaint reads like a throwback to the Cold War. Yet the alleged operatives’ target was more modern: economic intelligence...
Mr. Buryakov suggested they ask about the NYSE’s use of exchange-traded funds, potential limits on the use of automated high-frequency trading systems... NYSE spokesman declined to comment.
(more)
• The movie Blackhat illustrates market manipulation, and why it would interest them.
• Classic spycraft is alive and well. It ain't all IT-based.
• Nice job, FBI!
Can You Be Insecure Playing for the NFL? Sure, if you're an app.
The National Football League's official app for both iOS and Android puts users at risk by leaking their usernames, passwords, and e-mail addresses in plaintext to anyone who may be monitoring the traffic, according to a report published just five days before Superbowl XLIX, traditionally one of the world's most popular sporting events.
(You can stop reading here. Trust me, it just gets worse.)
As Ars has chronicled in the past, large numbers of people use the same password and e-mail address to log into multiple accounts. That means that people who have used the NFL app on public Wi-Fi hotspots or other insecure networks are at risk of account hijackings. The threat doesn't stop there: the exposed credentials allow snoops to log in to users' accounts on http://www.nfl.com, where still more personal data can be accessed, researchers from mobile data gateway Wandera warned. Profile pages, for instance, prompt users to enter their first and last names, full postal address, phone number, occupation, TV provider, date of birth, favorite team, greatest NFL Memory, sex, and links to Facebook, Twitter, and other social networks. Combined with "about me" data, the personal information could prove invaluable to spear phishers, who send e-mails purporting to come from friends or employers in hopes of tricking targets into clicking on malicious links or turning over financial data. Adding to the risk, profile pages are transmitted in unencrypted HTTP, making the data susceptible to still more monitoring over unsecured networks, the researchers reported.
"Wandera's scanning technologies have discovered that after the user securely signs into the app with their NFL.com account, the app leaks their username and password in a secondary, insecure (unencrypted) API call," a report published Tuesday warned. "The app also leaks the user’s username and e-mail address in an unencrypted cookie immediately following login and on subsequent calls by the app to nfl.com domains." The app allows users to make a variety of in-app purchases.
(more)
(You can stop reading here. Trust me, it just gets worse.)
"Wandera's scanning technologies have discovered that after the user securely signs into the app with their NFL.com account, the app leaks their username and password in a secondary, insecure (unencrypted) API call," a report published Tuesday warned. "The app also leaks the user’s username and e-mail address in an unencrypted cookie immediately following login and on subsequent calls by the app to nfl.com domains." The app allows users to make a variety of in-app purchases.
(more)
Monday, January 26, 2015
U.S. Spies on Millions of Cars
DEA Uses License-Plate Readers to Build Database for Federal, Local Authorities
The Justice Department has been building a national database to track in real time the movement of vehicles around the U.S., a secret domestic intelligence-gathering program that scans and stores hundreds of millions of records about motorists, according to current and former officials and government documents.
The primary goal of the license-plate tracking program, run by the Drug Enforcement Administration, is to seize cars, cash and other assets to combat drug trafficking, according to one government document. But the database’s use has expanded to hunt for vehicles associated with numerous other potential crimes, from kidnappings to killings to rape suspects, say people familiar with the matter.
(more)
The Justice Department has been building a national database to track in real time the movement of vehicles around the U.S., a secret domestic intelligence-gathering program that scans and stores hundreds of millions of records about motorists, according to current and former officials and government documents.
The primary goal of the license-plate tracking program, run by the Drug Enforcement Administration, is to seize cars, cash and other assets to combat drug trafficking, according to one government document. But the database’s use has expanded to hunt for vehicles associated with numerous other potential crimes, from kidnappings to killings to rape suspects, say people familiar with the matter.
(more)
EP Team Alert - Dating Apps Let Snoopers Track Users
Snoopers have spied on massive numbers of amorous singletons by exploiting security flaws in dating apps.
Luckily, the spies were not creepy stalkers or violent perverts, but a group of cybersecurity experts on a mission to make life safer for daters.
They were able to track volunteers' every move in a discovery which should send chills down the spine of anyone using apps to find love...
This weekend, Colby Moore (security researcher at Synack) will present a talk at the tech conference ShmooCon, where he will discuss how he managed to track "tens of thousands" of amorous app users at the same time.
He suggested dating app security holes could even be used to spy on celebs.
"We [will] show just how easy it might be to reveal the identity of and track your favorite athlete, politician, or movie star," Moore wrote.
(more)
Luckily, the spies were not creepy stalkers or violent perverts, but a group of cybersecurity experts on a mission to make life safer for daters.
They were able to track volunteers' every move in a discovery which should send chills down the spine of anyone using apps to find love...
This weekend, Colby Moore (security researcher at Synack) will present a talk at the tech conference ShmooCon, where he will discuss how he managed to track "tens of thousands" of amorous app users at the same time.
He suggested dating app security holes could even be used to spy on celebs.
"We [will] show just how easy it might be to reveal the identity of and track your favorite athlete, politician, or movie star," Moore wrote.
(more)
Snow Day Project - Make a Sneaky Snake Spycam for <$20.
It's snowing here in the Northeast United States. Tomorrow will be a down day. Need a spy project to combat cabin fever? This guy shows you how...
Tom Cruise Bugged Nicole Kidman's Phone, says Scientology movie
Church of Scientology leaders ordered the wiretapping of Nicole Kidman's telephones
...during her marriage to Tom Cruise as part of a campaign to break up the couple, according to an explosive new documentary.
Marty Rathbun, formerly the religion's second highest-ranking official, told Oscar-winning film-maker Alex Gibney, that his role was to "facilitate the break-up" for church leader David Miscavige.
The church on Monday said that the "accusations made in the film" were "entirely false".
(more) (more)
...during her marriage to Tom Cruise as part of a campaign to break up the couple, according to an explosive new documentary.
Marty Rathbun, formerly the religion's second highest-ranking official, told Oscar-winning film-maker Alex Gibney, that his role was to "facilitate the break-up" for church leader David Miscavige.
The church on Monday said that the "accusations made in the film" were "entirely false".
(more) (more)
SpyCam News - Internal Affairs Agent Overly Into His Job
CA - A camera found in the women's bathroom at the Border Patrol compound in San Ysidro has one agent in a lot of trouble.
San Diego police told Team 10 that a ranking agent hid the camera and someone found it.
Officers confronted the agent at the Border Patrol administrative offices on West Ash Street in downtown San Diego.
Two separate Team 10 sources confirmed the agent works with internal affairs.
(more with video)
Officers confronted the agent at the Border Patrol administrative offices on West Ash Street in downtown San Diego.
Two separate Team 10 sources confirmed the agent works with internal affairs.
(more with video)
Subscribe to:
Posts (Atom)