Excellent (long) article on services that track and sell your movements. Via Kreb's on Security
Not long ago, the ability to digitally track someone’s daily movements just by knowing their home address, employer, or place of worship was considered a dangerous power that should remain only within the purview of nation states. But a new lawsuit in a likely constitutional battle over a New Jersey privacy law shows that anyone can now access this capability, thanks to a proliferation of commercial services that hoover up the digital exhaust emitted by widely-used mobile apps and websites.
Delaware-based Atlas Data Privacy Corp. helps its users remove their personal information from the clutches of consumer data brokers, and from people-search services online. Backed by millions of dollars in litigation financing, Atlas so far this year has sued 151 consumer data brokers on behalf of a class that includes more than 20,000 New Jersey law enforcement officers who are signed up for Atlas services...
Babel Street’s LocateX platform also allows customers to track individual mobile users by their Mobile Advertising ID or MAID, a unique, alphanumeric identifier built into all Google Android and Apple mobile devices.
One unique feature of Babel Street is the ability to toggle a “night” mode, which makes it relatively easy to determine within a few meters where a target typically lays their head each night (because their phone is usually not far away). more
Forensic investigators face significant challenges in securing crucial data from criminals' phones. University of Amsterdam PhD candidate Aya Fukami has identified hardware vulnerabilities in phones to bypass the security of modern devices, allowing her to extract data from phones in a way that was previously not possible...
"Traditional methods of hacking or scraping data from phones still often yield only encrypted data. Researchers then face great difficulty making that encrypted data usable," Fukami says. "It's a process that also takes a long time and doesn't always result in usable evidence."
To overcome this, Fukami explored ways to bypass vulnerabilities in phone system security. And she succeeded. more
... mocks spy agency's old tech! The relationship between journalists and state surveillance is as old as the profession itself, though surveillance methods have evolved with advancing technology. In Pakistan, however, veteran journalist Azaz Syed recently revealed that while the government may be keen on surveillance, the technology remains as outdated as the economic challenges facing the nation.
In a post on social media platform X (formerly Twitter), Syed shared that his mechanic, while installing a new number plate, found a tracking device secretly attached to his vehicle...
Syed poked fun at Pakistan’s intelligence agency for using "old technology." He pointed out that while modern GPS devices are compact and lightweight, the device he encountered was large and cumbersome. Sarcastically, he remarked, “I expect Pakistan’s intelligence agencies to be smart enough so at least I don’t catch your spying devices.” more
An off-the-shelf millimetre wave sensor can pick out the tiny vibrations made by a smartphone's speaker, enabling an AI model to transcribe the conversation, even at a distance in a noisy room.
Spies can eavesdrop on conversations by using radar to detect tiny vibrations in smartphones and employing artificial intelligence to accurately transcribe them. The trick even works in noisy rooms, as the radar homes in on the phone’s movement and is entirely unaffected by background hubbub.
Millimetre wave sensing is a form of radar that can measure movements of less than 1 mm by transmitting pulses of electromagnetic wave energy and detecting the reflected beams.
Suryoday Basak at Pennsylvania State University and his colleagues used a commercially available sensor operating between 77 and 81 gigahertz to pick up the tiny vibrations in a Samsung Galaxy S20 earpiece speaker playing audio clips. They then converted the signal to audio and passed it through an AI speech recognition model, which transcribed the speech. more$
A former counselor at a private school in Riverside County pleaded guilty today to possessing child sexual abuse material (CSAM) and placing a hidden camera inside bathrooms to film boys using the toilet and showers.
Matthew Daniel Johnson, 34, of Bryan, Texas, pleaded guilty to one count of production of child pornography and one count of possession of child pornography. He was remanded into federal custody after he pleaded guilty...
During the search of his residence, Johnson admitted to law enforcement that he had hidden a pen-shaped recording device in a toilet paper holder inside of a school bathroom, across the hall from his office as a school counselor at La Sierra Academy in Riverside. more
Damon gave the single greatest comedic performance of his career in Steven Soderbergh’s dark comedy The Informant!
The Informant! was released during a time in Damon’s career in which he could certainly afford to be a little bit more experimental...
While it’s understandable why he may have wanted to step outside his comfort zone and try something new, The Informant! is a brilliant deconstruction of espionage thrillers that examines the complexity of American masculinity. moretrailer
In a concerning trend across the corporate world, cases of internal misconduct and corporate espionage are becoming increasingly prevalent, posing significant threats to businesses.
Internal disputes and personal agendas can undermine corporate governance and harm a company’s competitive edge...
Recent events involving senior executives at a Pune-based company, Artur Schade Steel Products India Pvt. Ltd., highlight how internal betrayal and data theft can cause substantial financial damage and disrupt operations. more
According to court documents, the man was accused of attempting to, or successfully entering, a woman’s apartment on 64 occasions... The victim, a woman in her 20s, lived in a one-room apartment owned by the perpetrator's father.
The man tried to break into the apartment by entering random number combinations into the apartment’s electronic lock 26 times. After these failed attempts, he discovered the passcode by watching CCTV footage from the building. He then entered the victim’s home 38 times and installed a spycam to film the victim for sexual purposes...
An appeals court upheld a two-year and six-month prison term, suspended for four years, for a 48-year-old man convicted of illegally breaking into a woman’s apartment numerous times and installing a spy camera for sexual purposes. more
A novel training approach could help older adults stay mentally sharp and physically fit even when fatigued, according to a new study. Researchers at the University of Extremadura in Spain investigated the effects of Brain Endurance Training (BET) on cognitive and physical performance in sedentary older women. The research, led by Jesús DÃaz-GarcÃa and colleagues, compared BET to standard exercise training and a control group over an 8-week period.
One example of BET is the Stroop task, a cognitive test where participants must name the color of a word, while the word itself spells out a different color (e.g., the word "red" printed in blue ink)...
During the Cold War, U.S, intelligence agencies used the Stroop task to identify potential Russian spies by presenting them with a color-word test in Russian, where a native Russian speaker would slow down when encountering incongruent color-word combinations, revealing their ability to read Russian and potentially their true identity as a spy; whereas a non-Russian speaker would not experience the same delay because the words would be meaningless to them. more
GOP primary loser, and loser’s wife charged with secretly recording political rival...
NJ - Two women, including an unsuccessful candidate for Township Committee and the wife of another unsuccessful candidate, were charged Monday in what could be Readington's version of Watergate.
Jacqueline Hindle, 49, who lost in June's hotly contested Republican primary for two Township Committee seats, and Christina Albrecht, 45, the wife of the other unsuccessful candidate, Ben Smith, have been charged by the Hunterdon County Prosecutor's Office with an alleged scheme to record a private conversation between Mayor Adam Mueller and Deputy Mayor Vincent Panico at The Rail restaurant in Whitehouse Station.
According to a report from Hunterdon County Prosecutor Renee Robeson, Readington Township Police received notification July 8 that an audio recording device was found on the metal fence surrounding the patio at The Rail at Readington.
The two were charged with violating sections of the New Jersey Wiretapping and Electronic Surveillance Control Act. more
There was a time when people had to whisper to avoid being heard by the wrong ears. Now, in the era of smart devices, we’ve also got to worry about our smartphones listening to our conversations for advertising purposes.
But the eavesdropping situation seems to be reaching new heights with Ford’s recently published patent, which shows “systems and methods” that assist with showing more targeted ads.
The document also discloses that to achieve this goal, the new technology would listen to conversations that take place among people in the vehicle. more
The National Digital Infrastructure Inspectorate (RDI) has fined Vodafone 2.25 million euros for not properly securing its wiretapping system.
According to the Dutch regulator, Vodafone’s security of this system, which could contain state secrets or criminal information, did not meet the legal requirements in several areas...
Telecom companies must properly secure the physical space in which their wiretapping system is located, secure access to the system, and prevent information from the system from reaching unauthorized persons.
According to the RDI, Vodafone’s security plan did not meet the requirements. The telecom provider also did not properly screen the personnel who had access to the system. “A large number of them lacked an adequate job description, a signed confidentiality statement, and a certificate of good conduct,” the inspectorate said. The physical security of the system itself was also inadequate, making it vulnerable to unauthorized access, the RDI said. more
In a world where corporate espionage and data breaches are increasingly common, protecting your company’s intellectual property is more vital than ever.
Recent developments surrounding the FTC’s Non-Compete Ban, currently stalled in litigation, highlight the need for proactive measures. This webinar will help you navigate these regulatory shifts and strengthen your IP protection strategies.
Join Lauren Leipold, Eddy Salcedo, and James Yu for the next installments of Seyfarth Shaw’s 2024 Trade Secrets Webinar Series. This webinar offers crucial insights into enhancing your IP defenses and preparing for future regulatory changes.
In our recent webinar, “Trade Secrets Audits: Strengthening Your Company’s IP Protection,” Seyfarth’s Intellectual Property Partner, Lauren Leipold, along with Trade Secret Attorneys Eddy Salcedo and James Yu, shared essential strategies for enhancing IP protection in today’s complex landscape.
As corporate espionage and data breaches become increasingly prevalent, the session provided valuable insights on effective methods for safeguarding your company’s intellectual assets. Notably, recent developments surrounding the FTC’s Non-Compete Ban—currently stalled in litigation—highlight the pressing need for proactive measures to secure your business against emerging threats.
AI generated image to video sizzle reel. And, more...
Want to seehear what the future sounds like?Check out these 10 examples:
Camera bot: Dr. Bobby Gomez-Reino engineered a voice controlled tour of his virtual data center, where he changes camera angles by chatting with his bot.
Browser whisperer: Sawyer Hood built a voice-controlled web browser. “Google, show me cat videos" just got a whole lot easier.
Speech to Picasso: Jordan Singer splashed together a voice-controlled painting app.
PDF mind reader: Marcus Schiesser created a voice chat for documents. “Hey term paper, what's your main argument?” Yes, please.
5-minute assistant: Pietro Schirano whipped up a voice assistant with Claude in “one shot.”
Interview prep pal: Kenn Ejima prepared an AI interviewer to conduct a 2 minute mock interview, quizzing you on your resume experience.
Smart voice agent: LangChain, an AI agent developer, crafted a voice assistant that can use tools like a calculator (code).
Website dialogue: Nicolas Camara made it possible to chat with anywebsite (like get the latest headlines from Hacker News, for example).
Stock tracking assistant: Willy Douhard made a voice assistant that can chart the price movements of multiple stocks with only your voice.
Real time animated friend: Bryan Pratte shared how to combine OpenAI’s voice AI with ExpressionEngine to bring his animated characters to life.
A spy plane retrofitted with research equipment has discovered some very intriguing things while observing thunderstorms in the tropics.
According to a new paper published by the researchers behind the retrofitted spy plane, it appears that storms in the tropics are actually littered with medium-duration gamma rays, which could completely change what we know about how lightning forms.
The new papers, which were published in the journal Nature this month, describe in great detail the data that the researchers gathered while observing the atmosphere during tropical thunderstorms. According to that data, the lightning within those storms could very well be caused by long-duration gamma-ray emissions that sweep across parts of the atmosphere throughout the storm’s duration. more
via The Neuron A few weeks ago, Meta announced the ability to use its new Ray-Ban Meta glasses to get information about your surroundings. Innocent things, like identifying flowers.
Well, two Harvard students just revealed how easy it is to turn these new smart glasses into a privacy nightmare.
Here’s what happened: students Anhphu Nguyen and Caine Ardayfio cooked up an app called I-XRAY that turns these Ray-Bans into a doxxing machine. We're talking name, address, phone number—all from looking at someone with the glasses.
This video is streamed to Instagram, where an AI monitors the feed.
I-XRAY uses PimEyes (a facial recognition tool) to match these faces to public images, then unleashes AI to dig up personal details from public databases.
Their demo had strangers freaking out when they realized how easily identifiable they were from public online info.
-----I-XRAY Antidote-----
How to Remove Your Information
Fortunately, it is possible to erase yourself from data sources like Pimeyes and FastPeopleSearch, so this technology immediately becomes ineffective. We are outlining the steps below so that you and those you care about can protect themselves.
Removal from Reverse Face Search Engines:
The major, most accurate reverse face search engines, Pimeyes and Facecheck.id, offer free services to remove yourself.
Most people don’t realize that from just a name, one can often identify the person’s home address, phone number, and relatives’ names. We collected the opt out links to major people search engines below:
Preventing Identity Theft from SSN data dump leaks
Most of the damage that can be done with an SSN are financial. The main way to protect yourself is adding 2FA to important logins and freezing your credit below:
Chinese hackers accessed the networks of U.S. broadband providers and obtained information from systems the federal government uses for court-authorized wiretapping, the Wall Street Journal reported on Saturday.
Verizon Communications, AT&T and Lumen Technologies), are among the telecoms companies whose networks were breached by the recently discovered intrusion, the newspaper said, citing people familiar with the matter.
The hackers might have held access for months to network infrastructure used by the companies to cooperate with court-authorized U.S. requests for communications data, the Journal said. It said the hackers had also accessed other tranches of internet traffic. more
With steel hooks for hands and a flamboyant personality, Mr. Armes captured the attention, and scrutiny, of reporters across the nation.
Jay J. Armes, a flamboyant private investigator who lived on an estate with miniature Tibetan horses, traveled in a bulletproof Cadillac limousine with rotating license plates and had steel hooks for hands, including one fitted to fire a .22 caliber revolver, died on Sept. 18 in El Paso. He was 92.
His death, at a hospital, was caused by respiratory failure, his son Jay J. Armes III said.
Described by People magazine as “armless but deadly,” Mr. Armes appeared to live the life of a superhero. In the 1970s, the Ideal Toy Corporation even reproduced him as a plastic action figure, with hooks like those he began wearing in adolescence after an accident in which railroad dynamite exploded in his hands. more
If you could see radio waves it would make finding your misplaced mobile phone easier. It would also make finding eavesdropping bugs and covert spy cameras easier to find, too.
We are not quite there yet, but progress is being made. A French company, Luxondes, is working on this now. Their focus, however, is not consumer or TSCM oriented. The immediate profit market is product testing.
In this video, they show a transmitting device being waved in front of a panel with 64 sensors operating between 50 MHz and 3 GHz.
Being able to visualize radio waves is necessary for many reasons. As TSCM practitioners, we want this technology to evolve.
Initially, by developing a hand-held screen which can be moved around a room or vehicle.
Eventually, by developing a device—maybe a spatial headset—that displays radio-frequency energy as a 3-D fog, lidar-map the room, and document both for review and as evidence.
And, whenever possible, add AI capabilities. Determine the frequency. List what is legally allowed to use that frequency. Analyze and identify the waveform. Display the results, and highlight any anomalies.
With any luck, REI is also working on this for us.
Eavesdropping via lip reading has been around a long time, probably since Og saw Charlie mouth "shhhh" when a bear approached their cave.
My introduction to eavesdropping via lip reading came around 1976. A company president asked for a sweep of his upper floor corner office for bugs. None found. He asked about the possibility of laser eavesdropping. Very unlikely, however, a careful visual scan of nearby buildings directly across on both streets discovered, one floor down, and just off center, there was the glint of a lens, and a darkened room with a desk, and two people. Further investigation established, yes, it was eavesdropping via lip reading.
The concept of AI lip reading actually predated this case. It was 1968, in the movie, 2001, A Space Odyssey. Remember this scene? "Concerned about HAL's behaviour, Bowman and Poole enter an EVA pod so they can talk in private without HAL overhearing. They agree to disconnect HAL if he is proven wrong. HAL follows their conversation by lip reading."
It is now 2024 and real AI lip reading has just arrived fromSymphonic Labs. I took advantage of their offer to test the beta app. Of course, it was not 100% accurate, but massively impressive nonetheless.
For the test, I selected a random YouTube video. (Nate, at the Daily Drop https://www.youtube.com/watch?v=fy2a899yYec) A 10-second video clip was extracted. The clip was processed through Apple's Quicktime to remove the audio track before submitting it to the Symphonic Labs' app.
This is what Nate is really saying about airport screening: "But if you decide to get Clear and if you do see one of the signs at the airport that has Clear and TSA Precheck then don’t assume that is your fastest option, All right, so hopefully I did a…"
Here is what the AI app reconstructs what Nate is saying:
This is an impressive start, and expected to become much more accurate as the number of training models increases. And, it’s not all for spies. Think about talking to your computer or smartphone without others eavesdropping on you.
Better start thinking about what you say, where you say it, and establishing a relationship with a technical information security consultant to protect your business.
IT WAS PAST CURFEW. My friend cut his headlights and dropped me off in my driveway. From the little peaked window atop the garage, yellow light filtered.
Someone was in the attic.
I walked up the pebble path that bordered the house, opened the side door, and stepped into the garage.
It was hot. It was dark. The ladder to the attic was folded down, and from the ceiling-access square a faint light glowed. I heard my mother's voice. I took a step closer to catch what she was saying.
"Mom?" I said.
I heard a click. She stopped talking.
"Beth Anne?" my dad said from above.
"Dad? What are you doing?" "I'll be in in a little bit." I walked into the house and down the hallway and peeked into my parents' room. My mother was asleep on her side of the bed.
A FEW YEARS LATER, when I was away at college, I learned that my father had been tapping the phone lines.more$
Gennaro Sangiuliano’s spurned former lover took to social media to reveal details of their affair.
Gennaro Sangiuliano, the culture minister who is married, met Maria Rosaria Boccia, a former men’s fashion retailer from Pompeii, at a political rally a year ago.
She subsequently attended ministerial meetings, gained access to the Palazzo Montecitorio, home to one of Italy’s two parliamentary houses, and accompanied Sangiuliano, 62, at official events around the country, from Taormina in Sicily to Riva Ligure in Liguria.
Boccia has accused her former lover of misusing public funds to pay for her trips, providing access to confidential information and appointing her as an adviser despite a conflict of interest.
She has supported her assertions with audio recordings of phone calls with ministerial officials, screenshots of emails and flight tickets, and photos of confidential programmes for official events.
Throughout their affair she recorded an unknown number of private conversations, using her phone and a pair of Ray-Ban Stories sunglasses, which have a built-in camera and microphone. Footage taken also shows the corridors of the Palazzo Montecitorio, where it is forbidden to film. more
Santa Barbara County sheriff’s deputies were called for a report of mail theft. This was not the first time the woman's box was hit.
She decided to take matters into her own hands and mailed herself a package containing an Apple AirTag, a tracking device that can be used to help people find their personal items through a Bluetooth signal.
Her mail was stolen Aug. 19, according to the Sheriff’s Office, including the package with the tracking device. The woman showed deputies that she was able to track the package to the 600 block of East Sunrise Drive in Santa Maria. Deputies found the woman’s mail, including the package with the AirTag along with items that were probably stolen from more than a dozen additional victims, according to the Sheriff’s Office. more
A plastic prank device that can be purchased on Amazon for $13.97 was the cause of the problem.
A police report from the West Palm Beach police department, obtained by The New York Times, detailed the incident. Devices were found on Thursday after people heard beeping under a staff member’s desk at the Trump campaign offices. When Trump officials searched, they found additional devices, for a total of three. more
Weird items that people think are bugs is an issue more common than you might think.
The beluga whale, who was first spotted in 2019 wearing what looked like a camera harness, was seen floating in Norwegian waters on Saturday.
Hvaldimir, a beluga whale who had captured the public’s imagination since 2019 after he was spotted wearing a harness seemingly designed for a camera, was found dead on Saturday in Norway, according to a nonprofit that worked to protect the whale.
Sebastian Strand, the founder of the nonprofit, Marine Mind, said that he saw the dead whale floating near Risavika in southwestern Norway on Saturday afternoon. Its cause of death was not immediately clear, he said. morePrevious posts.
A new camera could prevent companies from collecting embarrassing and identifiable photos and videos from devices like smart home cameras and robotic vacuums. It’s called PrivacyLens and was made by University of Michigan engineers.
PrivacyLens uses both a standard video camera and a heat-sensing camera to spot people in images from their body temperature. The person’s likeness is then completely replaced by a generic stick figure, whose movements mirror those of the person it stands in for. The accurately animated stick figure allows a device relying on the camera to continue to function without revealing the identity of the person in view of the camera.
That extra anonymity could prevent private moments from leaking onto the internet, which is increasingly common in today’s world. more
Generative AI has proven it can spit out a sound, an image, and written thoughts in mere seconds. But what about smells?
Osmo — a startup founded by a former Google researcher and backed by Google Ventures — thinks that scent is the next frontier for our computers. more
Wait… What do we need this for, other than the obvious applications in the fragrance industry, and medical uses, like detecting cancer. Perhaps the technology could also have electronic eavesdropping detection uses, like sniffing our covert surveillance devices.
Kevin's analysis... Specially trained dogs have been used to sniff out covert electronic items, like cell phones in prisons, for quite a while now. The secret to detection is the device's electronic circuit boards. They contain these compounds: triphenylphosphine oxide (TPPO) and hydroxycyclohexyl phenyl ketone (HPK). This second compound is also found on CDs, DVDs, Blu-Rays, the old tech floppy disks.
FutureWatch: Technical Surveillance Countermeasures (TSCM) professionals have many types of technologies at their disposal for detecting illegal electronic surveillance devices. To name a few... Non-Linear Junction Detection,Infrared Thermography, and Radio-frequency Spectrum Analysis. We are now well on our way to adding EDN to our kit.
Gaurav Srivastava dreamed of being a player in the murky world of clandestine operations.
His goal was to build a private military and intelligence operation, funded by natural resources, he told business partners. It would be akin to the notorious Wagner Group, only with the blessing of the U.S. instead of Russia. Leaving associates with the impression he had high-level contacts in the intelligence community, he said he wanted to do business in difficult places and muscle bad guys out of strategic markets... In reality, Srivastava wanted to use some of the money to pay for a villa in swanky Pacific Palisades... more
Here is the comedienne relating this anecdote to talk show host Dick Cavett in 1974:
But is this story true?
That assessment hinges on two elements: Did Lucille Ball really pick up some type of radio transmission through her dental fillings, and did that event lead to the discovery and capture of Japanese spies operating an underground radio station? Fact checked by Snopes
If you know where to look, plenty of secrets can be found online. Since the fall of 2021, independent security researcher Bill Demirkapi has been building ways to tap into huge data sources, which are often overlooked by researchers, to find masses of security problems. This includes automatically finding developer secrets—such as passwords, API keys, and authentication tokens—that could give cybercriminals access to company systems and the ability to steal data.
In total, Demirkapi has found more than 15,000 active secrets of all kinds.
Within the vast number of exposed keys were those that could give an attacker access to the digital assets of companies and organizations, including the potential to obtain sensitive data. For instance, a member of Nebraska’s Supreme Court had uploaded details of usernames and passwords linked to its IT systems, and Stanford University Slack channels could be accessed using API keys. more
The MP02 4G phone from Punkt .... It's a 'dumbphone' in the true sense of the word – it can make calls and send messages (though SMS or Pigeon), and offers a calendar too.
But the Punk MP02's secret weapon is its 4G hotspot. This means when I want to switch off, I can stick my sim card in the Punkt phone and 'disconnect'. But if I'm carrying, say, my iPad mini in my bag, I can tether the 4G connection to it at the press of a button, giving my access to the likes of music and maps when needed.
But perhaps the best thing about the Punkt MP02 is the aesthetic. Conceived by industrial designer Jasper Morrison, the phone has a delightful retro and somewhat brutalist 1970s-inspired look. I've been asked whether it's a calculator, which just about sums it up. In a world of 'Y2K' dumbphone designs, it's refreshing to see something that stands out. more
Bonus: The MP02 is the first voicephone to offer a downloadable privacy feature that uses the Signal protocol to provide free, encrypted Internet-based calls and texts worldwide via Wi Fi or mobile data (subject to data charges).
