NY gets $11M to promote seat belt use
New York will receive more than $11 million in federal funding to encourage and enforce seat belt use. ... The DOT granted more than $109 million to 17 states, the District of Columbia, Puerto Rico, and four territories. (more)
An outrageous waste of money - to promote the obvious to a few idiots. Announced late on a Friday prior to a holiday weekend. Just coincidence?
Friday, August 31, 2007
This Week's Bad Boys of Eavesdropping (government version)
U.S. Attorney General Alberto GonzalesGonzales also told Congress there was little dissent within the Bush administration about the legality of a warrantless electronic surveillance program launched by the NSA after the Sept. 11 attacks. But that appeared to be contradicted in testimony by a former deputy attorney general, who said several top Justice officials at one point threatened to resign over a disagreement with the White House. (more)
Former Philippine Air Force Sergeant Vidal Doble
...who admitted to having wiretapped former elections commissioner Virgilio Garcillano and President Gloria Macapagal Arroyo at the height of the 2004 elections. (more)
Polish Prime Minister Jarosław Kaczyński
Accused of... "Wiretapping colleagues, using these wiretaps for political goals, in my opinion trying to arrange the detention or arrest of government colleagues - this is not the kind of activity which can be included in the canon of any code of conduct, aside from the gangsters' code," Giertych, leader of the right-wing League of Polish Families (LPR) opposition party, told reporters in Warsaw this week. (more)
Cyprus Competition Commissioner Giorgos Christofides
Police charged him in connection with allegations he was spying on his staff, press reports said yesterday. Since July, Christofides has been caught in the maelstrom’s eye after employees at the Commission for the Protection of Competition complained he used the CCTV system to watch their every move, that he listened in on their phone conversations and even scrutinized their emails. It’s also been alleged that Christofides set up a live web-link from the offices to his laptop so he could keep an eye on his staff while he was out. (more)
Your Employee's Bad Computer Security Habits
- Borrowing Wi-Fi
About one in three corporate employees who work from a laptop sometimes piggyback on a stranger's wi-fi connection they spot with their wireless Internet card, according to InsightExpress' study. While that allows for easy telecommuting without a broadband bill, moving confidential data across an insecure wireless connection can be risky.
- Using USB Drives
Those little USB key chains make for easy file transfers, but when they store sensitive information, they also pose a security risk. Not only are they frequently lost, but they're also built to run certain programs automatically when plugged in. One security researcher, Steve Stasiukonis, planted 20 USB drives in the parking lot of a bank, each with a piece of software that steals passwords and log-ins from employees' computers and sends them to a third party. Fifteen were picked up by employees and plugged in, ferreting off sensitive information and demonstrating the devices' potential for exploitation.
- Forwarding to Third-party Webmail
Services like Gmail or Yahoo! Mail are free, universally accessible and often easier to use than clunky corporate e-mail, tempting workers to forward their work messages to a Webmail account. But when confidential data is copied from your business's e-mail servers and ends up on Google's or Yahoo!'s, it's no longer completely in your control.
- Opening E-mail Attachments
Opening attached files on e-mail from strangers is one risky behavior that seems to have finally become unfashionable. Ninety-three percent of workers now know better than to expose themselves to malware or viruses by opening files from anonymous or unfamiliar messages. But some not so brilliant users actually infect themselves purposefully out of curiosity, says David Perry, director of education at Trend Micro.
- Clicking Hyperlinks in E-mails
Just as employees have started wising up to attachment threats, cyber-criminals have moved on. More common now is malware that installs itself when the user visits a Web page linked in a spam e-mail. Those links can be masked to read as legitimate sites like eBay.com or Amazon.com while sending users somewhere far less desirable.
- Surfing Shady Sites
Allowing employees to visit porn or gambling sites at work is a bad idea for several apparent reasons. But one of the less obvious is the threat of Web-based malware, which often lurks on disreputable sites.
- Not Securing Wireless Devices
As smart phones proliferate, the definition of the word "computer" is blurring at the edges, and so is the security perimeter of a business with wireless employees. Many wireless devices don't come with security software or encryption of data pre-installed. (more)
About one in three corporate employees who work from a laptop sometimes piggyback on a stranger's wi-fi connection they spot with their wireless Internet card, according to InsightExpress' study. While that allows for easy telecommuting without a broadband bill, moving confidential data across an insecure wireless connection can be risky.
- Using USB Drives
Those little USB key chains make for easy file transfers, but when they store sensitive information, they also pose a security risk. Not only are they frequently lost, but they're also built to run certain programs automatically when plugged in. One security researcher, Steve Stasiukonis, planted 20 USB drives in the parking lot of a bank, each with a piece of software that steals passwords and log-ins from employees' computers and sends them to a third party. Fifteen were picked up by employees and plugged in, ferreting off sensitive information and demonstrating the devices' potential for exploitation.
- Forwarding to Third-party Webmail
Services like Gmail or Yahoo! Mail are free, universally accessible and often easier to use than clunky corporate e-mail, tempting workers to forward their work messages to a Webmail account. But when confidential data is copied from your business's e-mail servers and ends up on Google's or Yahoo!'s, it's no longer completely in your control.
- Opening E-mail Attachments
Opening attached files on e-mail from strangers is one risky behavior that seems to have finally become unfashionable. Ninety-three percent of workers now know better than to expose themselves to malware or viruses by opening files from anonymous or unfamiliar messages. But some not so brilliant users actually infect themselves purposefully out of curiosity, says David Perry, director of education at Trend Micro.
- Clicking Hyperlinks in E-mails
Just as employees have started wising up to attachment threats, cyber-criminals have moved on. More common now is malware that installs itself when the user visits a Web page linked in a spam e-mail. Those links can be masked to read as legitimate sites like eBay.com or Amazon.com while sending users somewhere far less desirable.
- Surfing Shady Sites
Allowing employees to visit porn or gambling sites at work is a bad idea for several apparent reasons. But one of the less obvious is the threat of Web-based malware, which often lurks on disreputable sites.
- Not Securing Wireless Devices
As smart phones proliferate, the definition of the word "computer" is blurring at the edges, and so is the security perimeter of a business with wireless employees. Many wireless devices don't come with security software or encryption of data pre-installed. (more)
Thursday, August 30, 2007
Colorado Parents Can Now Spy On Teen Drivers
An insurance company is providing parents with another tool to track how their teenagers are driving. American Family Insurance began offering a program to put cameras in cars in August.
...the camera only records 10 seconds before and after an out-of-the-ordinary driving event like a swerve, speeding, not coming to a full stop or a collision.
"Nobody can view the video except for the parents, with a password that's proprietary to them," said Tom Walker, an agent with American Family Insurance. (more)
...the camera only records 10 seconds before and after an out-of-the-ordinary driving event like a swerve, speeding, not coming to a full stop or a collision.
"Nobody can view the video except for the parents, with a password that's proprietary to them," said Tom Walker, an agent with American Family Insurance. (more)
Do It Yourself Sky Spies - The Draganflyer
Unmanned Aerial Vehicles (UAVs) like the military's MQ-1 Predator and local government's SkySeer are meant to protect us. They cost a lot of money.
The flip side of the coin... Industrial Espionage on the cheap!
UAVs are easy to make. Many hobbyists are already doing so - and showing off their aerial surveillance videos on YouTube! Many of these videos were shot using a Draganflyer - a hobbyist helicopter outfitted with a wireless video camera.
From Draganflyer's advertising... "Whether you need high quality aerial video for a sporting event, advertising, or any other purpose you will get it done efficiently and professionally with the Draganflyer SAVS."
While we don't believe they were thinking about industrial espionage 'other purposes', just imagine one flying over your sensitive production facilities, new construction site, or a personally private area. (more video)
Wednesday, August 29, 2007
Key Eavesdropping Cracks Car Locks
A group of computer security researchers in Israel and Belgium say they've discovered the electronic equivalent of a Slim Jim -- a way to pop the electronic door locks on most cars without ever touching them.
By listening in on the wireless “conversation” between a car and its key, the researchers found they could crack the code that keeps the communication secret. Then they were able to emulate the electronic key and trick the car into unlocking itself.
The research paper, called “How to Steal Cars, (PDF)” was presented at the Crypto 2007 conference at the University of California, Santa Barbara, last week. (more)
By listening in on the wireless “conversation” between a car and its key, the researchers found they could crack the code that keeps the communication secret. Then they were able to emulate the electronic key and trick the car into unlocking itself.
The research paper, called “How to Steal Cars, (PDF)” was presented at the Crypto 2007 conference at the University of California, Santa Barbara, last week. (more)
Electronic Surveillance - "There’s money to be made..."
...And so a new industry was born, known in the trade as ‘Intelligence Support Systems’, complete with its own annual conference. If you’re in Dubai next February, drop by. Since there’s money to be made, panels cover such areas as ‘Electronic Surveillance Cost Recovery Solutions’ and – for the benefit of those who prefer to carry out the intercepts in-house before passing the data on ready-analysed to the relevant government agencies – the key topic of ‘how to transform packet intercept into intelligence’ (more)
Eavesdropping on VoIP Calls—Part 2
In Part 1 of this opus, I (hopefully) painted a scary picture of how easy it is to eavesdrop on VoIP traffic. So what can you to protect your own VoIP traffic? Let's take a look at some of your options.
-- Use Skype
Skype is famous for its excellent call quality and reliability. Its call security is pretty good, and is used on all Skype services—VoIP calls, text chat, and video and file transfers. Skype uses a digital certificate authority and signed certificates, peer authentication, and strong encryption.
-- ZRTP encrypts all VoIP
PGP is the most widely used e-mail encryption software. It now exists in two main forms: a commercial implementation maintained by the PGP Corp., and the free software version, GNU Privacy Guard (GPG). (more)
-- Use Skype
Skype is famous for its excellent call quality and reliability. Its call security is pretty good, and is used on all Skype services—VoIP calls, text chat, and video and file transfers. Skype uses a digital certificate authority and signed certificates, peer authentication, and strong encryption.
-- ZRTP encrypts all VoIP
PGP is the most widely used e-mail encryption software. It now exists in two main forms: a commercial implementation maintained by the PGP Corp., and the free software version, GNU Privacy Guard (GPG). (more)
Goodby, Talking Clock
It's the end of time, at least as far as AT&T is concerned. The brief note in customers' bills hardly does justice to the momentousness of the decision. "Service withdrawal," it blandly declares. "Effective September 2007, Time of Day information service will be discontinued."In the 1930s, an Atlanta company called Audichron devised a system for the time to be provided automatically. Audichron leased its technology to phone companies nationwide, often with sponsorship from local businesses.
Time ladies -- and a few gentlemen -- came and went over the years. Then, in the 1950s, a woman named Mary Moore emerged as the nation's leading time-teller. Her reading of hours, minutes and seconds was delivered in a distinctive if somewhat prissy tone. Moore's odd pronunciation of the numbers 5 ("fiyev") and 9 ("niyun") influenced a generation of operators, much as flying ace Chuck Yeager's West Virginia drawl is said to have been adopted by innumerable airline pilots.
By far the most prominent time lady was Jane Barbe, who succeeded Moore at Audichron in the 1960s. A former big band singer, Barbe (pronounced "Barbie") went on to become the voice of recorded telephone messages in the 1970s and '80s in the United States and elsewhere.
Joanne Daniels started recording the time and other messages for Weatherchron about 25 years ago, and ultimately became the voice Californians hear when they call the service. “I was told at one time that my voice would last until well into the 21st century,” the 65-year-old said. “Now it looks like I’m about to be laid to rest.” (more)
Poland's Eavesdropping Scandal Shuts Down Parliament
The testimony by Poland's Former Minister of Interior about Polish Government use of special services organizations to spy on political opponents has stopped proceedings of the Polish Parliament. And the stoppage may end up being long term. Parliamentary Speaker Ludwig Dorn said if the opposition continues to demand breaks the current session could "go on for months".
Yesterday, during the reading of the secret testimony of Former Minister of Interior Janusz Kaczmarek, Former Minister of Education Roman Giertych exploded when he learned that conversations between him and Former Deputy Prime Minister Andrzej Lepper were recorded and transcripts of their conversations given to Prime Minister Jaroslaw Kaczynski.
Making accusations of a "Polish Watergate", Giertych demanded a delay in Parliamentary proceedings until next Tuesday.
The delay stops all work of the Parliament. (more)
Yesterday, during the reading of the secret testimony of Former Minister of Interior Janusz Kaczmarek, Former Minister of Education Roman Giertych exploded when he learned that conversations between him and Former Deputy Prime Minister Andrzej Lepper were recorded and transcripts of their conversations given to Prime Minister Jaroslaw Kaczynski.
Making accusations of a "Polish Watergate", Giertych demanded a delay in Parliamentary proceedings until next Tuesday.
The delay stops all work of the Parliament. (more)
SpyCam Story #374 - Porno Prof
'Hidden camera' teacher faces more charges
Australia - Police have laid more charges against Cromer High School teacher, Robert Ian Drummond - accused of secretly filming up the skirt of a teenage girl on Sydney's Northern Beaches. Manly Local Court today heard Drummond faces two new charges of producing and possessing child pornography, which relate to the recording made of the girl. (more)
Australia - Police have laid more charges against Cromer High School teacher, Robert Ian Drummond - accused of secretly filming up the skirt of a teenage girl on Sydney's Northern Beaches. Manly Local Court today heard Drummond faces two new charges of producing and possessing child pornography, which relate to the recording made of the girl. (more)
Point, Click, TAP! - How the FBI does it...
The FBI has quietly built a sophisticated, point-and-click surveillance system that performs instant wiretaps on almost any communications device, according to nearly a thousand pages of restricted documents newly released under the Freedom of Information Act.
The surveillance system, called DCSNet, for Digital Collection System Network, connects FBI wiretapping rooms to switches controlled by traditional land-line operators, internet-telephony providers and cellular companies. It is far more intricately woven into the nation's telecom infrastructure than observers suspected.
...the surveillance systems let FBI agents play back recordings even as they are being captured (like TiVo), create master wiretap files, send digital recordings to translators, track the rough location of targets in real time using cell-tower information, and even stream intercepts outward to mobile surveillance vans. (more)
The surveillance system, called DCSNet, for Digital Collection System Network, connects FBI wiretapping rooms to switches controlled by traditional land-line operators, internet-telephony providers and cellular companies. It is far more intricately woven into the nation's telecom infrastructure than observers suspected.
...the surveillance systems let FBI agents play back recordings even as they are being captured (like TiVo), create master wiretap files, send digital recordings to translators, track the rough location of targets in real time using cell-tower information, and even stream intercepts outward to mobile surveillance vans. (more)
Tuesday, August 28, 2007
Listen to VoIP Phones - Even When On the Hook
Recently disclosed information suggests that it is a relatively simple matter to remotely eavesdrop on a broad range of SIP-enabled devices. For readers who aren't aware of what SIP-enabled devices are, SIP (Session Initiation Protocol) is a protocol that is used by a lot of VoIP software and associated telephone handsets to establish, modify, and control a VoIP connection between two parties.
The research that was published indicates that, for at least one vendor, it is possible to automatically call a SIP device from that vendor and have it silently accept the call, even if it is still on the hook - instantly turning it into a classic bugged phone. Whereas historic telephony bugs needed physical targeting of the line running to a property or place of business, the presence of VoIP in the equation allows bugging from anywhere in the world with equal ability.
Now anyone can do from their armchair what only spies and law enforcement used to be able to do from inside the telephone switch / pit / distribution board, though it's still illegal to do so. (more)
The research that was published indicates that, for at least one vendor, it is possible to automatically call a SIP device from that vendor and have it silently accept the call, even if it is still on the hook - instantly turning it into a classic bugged phone. Whereas historic telephony bugs needed physical targeting of the line running to a property or place of business, the presence of VoIP in the equation allows bugging from anywhere in the world with equal ability.
Now anyone can do from their armchair what only spies and law enforcement used to be able to do from inside the telephone switch / pit / distribution board, though it's still illegal to do so. (more)
Pew! What's that smell? A progressive spying technique?
The head of one of the leading insurers in non-standard, high-risk personal auto insurance apologized on Thursday for some substandard behavior - spying in church on people who had the sued the company.
Progressive Corp Chief Executive Glenn Renwick apologized for the use of private detectives, who went undercover to join an Atlanta church group in order to discredit a couple suing the insurer. (more)
Progressive Corp Chief Executive Glenn Renwick apologized for the use of private detectives, who went undercover to join an Atlanta church group in order to discredit a couple suing the insurer. (more)
Monday, August 27, 2007
Which one is the bug?
Photo #1 is one of these.
Photo #2 is one of these.
Plug Bugs Are Heard Around the World
• GSM SIM card inside enables dial in from anywhere in the world
• Listen to conversations from a distance
• Looks like a standard 3-way adaptor plug
"Using the GSM network we can convert any normal 3-way plug into a sophisticated listening device. The plug can be used in your own home or office to gather audio intelligence from across the globe.
Cleverly constructed inside is a GSM SIM card combined with a powerful Knowles microphone which will silently open the connection when you dial in from anywhere in the world, thus allowing you to listen to the surrounding sounds and conversations.
The plug is NOT a working model and can be used to monitor a particular area for periods of audio surveillance.
Note: This unit can be used legally within the EU."
Don't let the foreign look of this bug fool you. It can be built into any type of electrical connector, power strip, radio, TV, lamp, clock, computer, coffee pot or anything which has a source of power.
Subscribe to:
Posts (Atom)