UK - A national network of cameras and computers automatically logging car number plates will be in place within months...
Thousands of Automatic Number Plate Recognition cameras are already operating on Britain's roads. Police forces across England, Wales and Scotland will soon be able to share the information on one central computer. Officers say it is a useful tool in fighting crime, but critics say the network is secretive and unregulated.
Kent's Chief Constable, Michael Fuller, commented: "We've seen an increase of some 40% of arrests since we've been using this technology. "I'm very confident that we're using it properly and responsibly, and that innocent people have nothing to fear from the way we use it." (more)Remember the uproar over how RFID toll tags (E-ZPass, FasTrak, I-Pass, etc.) were a threat to privacy? No? Oh well, that was back near the top of the slope. Slippery, isn't it? Hey, what's that down there? Wow, a remote DNA reader!
TSCM is an acronym for Technical Surveillance Countermeasures; inspecting for bugs, wiretaps, etc.. It is a standard tool used to protect an organization's information. Thwarting human trickery (social engineering) is also defense tool. Good information security consultants take both into account when designing information protection programs.The BBC recently reported...Have you ever wondered whether that unfamiliar face in the office is actually an intruder about to steal your data? Probably not, but maybe it is time to think again.At one FTSE-listed financial institution the managing director himself opened the door to a stranger who, within 20 minutes of gaining entry to the building, had found a highly sensitive document outlining a half a billion pound merger lying on a desk.Luckily, on this occasion, the data was not used for nefarious purposes because the intruder was Colin Greenlees, a consultant of Siemens Enterprise Communications.He was there at the request of the firm's IT director to test the resilience of the company to social engineering attacks.In a similar experiment conducted at the BBC, Mr Greenlees targeted five BBC employees. Pretending to be an IT engineer - with the prior permission of BBC bosses - he managed to obtain all of their usernames and passwords with a simple phone call. (more)
You are never more vulnerable to information abuse and theft than during a recession. Put your independent information security consultant into overdrive. Skimp on something else to save money.
A cautionary tale...
An insider at the California Water Service Company in San Jose broke into the company's computer system and transferred $9 million into offshore bank accounts and fled the country. Abdirahman Ismail Abdi, 32, was an auditor for the water company, which delivers drinking water throughout the state and is located in San Jose, Calif. Abdi resigned from his position on April 27. Allegedly, that night he went back to work and made three wire transfers totaling more than $9 million from the company's accounts to an account in Qatar.Abdi is not a U.S. citizen and was ordered deported to Somalia in 2005, the Mercury News reported. (Don't skimp on background checks either.)
“The downturn in the economy is raising the internal security threat levels dramatically, as more and more disgruntled ex-employees take advantage of the fact that their ex-employer did not decommission their access credentials,” Torsten George, vice president, worldwide marketing, ActivIdentity, told SCMagazineUS.com on Friday in an email.According to a survey of more than 200 organizations globally conducted by Deloitte Touche Tohmatsu, the number one security problem reported by IT security auditors was “excessive access rights.”The buzz...In addition, only 28 percent of respondents rated themselves as “very confident” or “extremely confident” with regard to internal threats, which is down from 51 percent in 2008. Companies can protect sensitive data by limiting information access to only those employees who must have it, the survey said. (more)
French car-parts maker Valeo SA said it had sued an unidentified person it says secretly recorded some board-member meetings and separately said it would try to recover €3.2 million ($4.3 million) in severance from ousted Chairman and Chief Executive Thierry Morin.The suit, filed with a Paris court, identifies the person responsible for the recordings only as "X." Under French law, a suit can be filed without publicly identifying the accused. However, a person familiar with the matter said the company believed Mr. Morin was responsible for making the recordings. Telephone calls to Mr. Morin weren't returned Monday...French radio station RTL last month reported that Mr. Morin had installed sophisticated recording technology in the boardroom, allowing him to eavesdrop on meetings from which he was excluded and at which he was discussed. (more)
The story you are about to read is real. Names have been dropped to protect the people involved and the city being sued. Just coincidence? You decide. (Dum-da-dum-dum...)Charges were dropped against a ["revered for his expertise" professional] accused of spying on his patients... he was was arrested and spent a night in jail, after a patient falsely accused him of putting a hidden camera in an office bathroom.He says a security lightbulb was used to keep an eye on his children in the backyard of his home, but the bulb was in his office because it was broken and he was ordering a new one.His attorney said a construction worker grabbed the security bulb off the desk, and it was his account that helped drop the charges."The contractor went on his own volition and explained to the district attorney's office that he accidently put the non working security device in the bathroom thinking it was a lightbulb. It's really that simple, but again no one wanted to listen..."The [city police] said they responded to a legitimate complaint.Prosecutors dismissed the case saying in court, they had interviewed several witnesses, one of whom "offered an innocent explanation to the placement of the surveillance light bulb in the office bathroom of the defendant."They went on to say, "[He] did not commit the crime with which he was charged."[He] is suing the city for $[x] million.from another report...[He] said he used the bulb as an outdoor monitoring system to watch his kids while they played outside at home if he got called inside. The surveillance system wasn't a secret, he said."Everybody who knows me knows it didn't happen because everybody knew that I bought this thing for the backyard of my house," he said. "The kids helped me set it up."[His] father was very ill with Parkinson's disease, and the family was in the process of moving from [the suburbs] to [the city], he said.He brought the bulb down to the city to order a new encoder box that transmits the signal to a monitor. The original box was misplaced when the family was packing to move, he said.from another report..."At 5 until 12 I get a call from my secretary saying this guy thinks you're watching him pee. He called 9-11. He called the cops," [he] explained.One of [his] patients called police when he found a light bulb with a small hidden surveillance camera in the men's bathroom.Turns out a contractor doing work at the office accidentally installed the light.[He] took the bulb to work that day to get it fixed.from another report...He said he brought it to work because he needed the code number on the camera to order a new one.A contractor working in the office at night as part of an office expansion project told investigators he could not find a bulb when the light blew out in the bathroom, so he screwed in the broken one he found on [his] desk.
The public is generally aware of only one "lightbulb camera;" code number SVS-1. Sold on ebay and from many Web sites. It does not light. Simply a camera in lightbulb clothing, it transmits video over power lines. A decoder box is required to receive the signal. What is your verdict? (Dum-da-dum-dum-daaa...)
"How many millions are in a trillion?"Give up? Look here for the answer.
You are the victim of identity theft and the fraudster calls your bank to transfer money into their own account. But instead of asking them for your personal details, the bank assistant simply presses a button that causes the phone to produce a brief series of clicks in the fraudster's ear. A message immediately alerts the bank that the person is not who they are claiming to be, and the call is ended.Such a safeguard could one day be commonplace, if a new biometric technique designed to identify the person on the other end of a phone line proves successful. The concept relies on the fact that the ear not only senses sound but also makes noises of its own, albeit at a level only detectable by supersensitive microphones.If those noises prove unique to each individual, it could boost the security of call-centre and telephone-banking transactions and reduce the need for people to remember numerous identification codes. Stolen cellphones could also be rendered useless by programming them to disable themselves if they detect that the user of the phone is not the legitimate owner.Called otoacoustic emissions (OAEs), the ear-generated sounds emanate from within the spiral-shaped cochlea in the inner ear. (more)
Tanzania - Karatu member of parliament Dr Wilbrod Slaa has criticized the police for what he described as their continuing failure to charge anyone in the case of the eavesdropping devices placed in his hotel room during the last National Assembly session in Dodoma back in February. Two such devices were discovered in the adjacent rooms of Dr Slaa, the deputy leader of the opposition camp in parliament on a CHADEMA ticket, and that of another opposition legislator, Dr Ali Tarab Ali (CUF), at Hotel 56 in the designated capital. (more)
Brazil and the U.S. have been arresting people who have been illegally using obsolete, but still functioning, U.S. Navy FLTSATCOM communications satellites...
As the navy stopped using FLTSATCOM in the late 1990s (shifting over to the more efficient UFO satellites), ham radio users in Brazil discovered that the FLTSATCOM satellites had no security on them. 
If you knew the frequency and had a satellite dish, you could send a signal to the FLTSATCOM satellite, that would then automatically be rebroadcast by the satellite over a wide area below...
Brazilians found that they could simply use FLTSATCOM to communicate over a wide area (the interior of the country) that lacked telephones. (more)
Joe Paradiso and Yasuhiro Ono of the Massachusetts Institute of Technology have just patented a system for a roving cone of silence, so that you can walk around your office building without anyone ever eavesdropping on you.
The inventors are trying to fix a common problem in open-plan offices: the sound of conversations that carry across the room, making your every phone call into fodder for other people's gossip sessions.
So they devised a sound-damping sensor, comprised of an infra-red motion-detector, a speaker and a microphone. These would be scattered around the walls of an office.
You can then activate your personal mute button from your computer. The system locks onto you, identifies anyone close enough to eavesdrop, and hits them with a murmur of white noise so they can't hear you.
The downside is that this system requires lots of infrastructure, not to mention the creepiness of having your moves watched by a computer that tags you as a nosey eavesdropper. (more)
If your conversations are really that important, get a room, your own office, a conference room. Sweep your rooms regularly for bugs, of course. ~ Kevin
The Safe House is located on the hard-to-find Front Street, which is basically an alley that runs one block west of Water Street between Wells and Mason Streets. The building -- adorned with a few flags -- does not have a Safe House sign, but does have a small placard that reads "International Exports Ltd."
After trying two other locked doors, the boys finally found an unlocked door that led them into a very small room with a large book shelf.
At night, guests are greeted by a person -- playing the role of "Ms. Moneypenny" from the James Bond films -- who asks for the password. During the day, however, a voice pipes through a speaker (this is a new feature) and asks if you know the password.
The password has not changed in four decades, but if you do not say it exactly right, you are asked to take a special "spy test" proving that you are indeed a spy who deserves entry into the Safe House. At night, the spy test can get a bit sassy, but when kids are involved, the test is G-rated, requiring those that don't know the password to like act like a monkey or hop on one foot.
Video cameras are hidden in the wall of the Safe House entry way, so unbeknownst to the new guests, diners are watching their antics on television screens inside the restaurant.
If you whisper the password correctly into the speaker, or once you pass the spy test if you didn't know the password, the faux book shelf opens like a door and allows you to walk down a hallway to the bar / restaurant. The Safe House opened in the late '60s, and since then, very little has changed. (more)
Prove you are a worthy secret agent, man.
Figure out Safe House's home city.
Be seeing you.
~ Kevin
How much information do you think your mobile phone company has about you? Your address, your bank details... what about your religion? Or your sexuality? Does it know if you've been speeding?Well at the moment, probably not.But a new report (from FIDIS - Future of Identity in the Information Society) is warning that if we sign up to agreements without reading them properly, this could become a reality. (more)Give this a few seconds of thought. The phone companies already have a pretty good idea of who you are, where you are and where you go - especially if your phone has GPS capabilities. Valuable info. They would love to sell it. FutureWatch... They will sell it. Keep an eye on future service contracts. You will ride the slippery slope. Think you'll protest? Not if they give you "free" calls in exchange. That's how much your privacy is worth to someone else.
via Netragard, LLC...
Airline passangers' personal computer information can be easily hacked while in flight.
The wireless inflight airline internet access service, GoGo Inflight Internet ("GoGo"), which enables travelers to access the internet while in flight does not encrypt communications between users (passengers) and the Wireless Access Points on the aircraft.
As a result of this lack of encryption it is easy to intercept and record all data sent and received by passengers. This poses significant risk to passengers and their respective businesses as sensitive information is sent over the air without encryption. This information can include, emails, email attachments, email content, usernames and 
passwords,credit card information, social security numbers, methods for accessing business networks, trade secrets, etc.
This information can be intercepted and recorded by anyone on the aircraft with a WiFi capable 
laptop/device. (more)
P.S. Things named GoGo seem to be really cool but don't last. Just sayin'. (Goggo mobile) (GoGo National Airlines) (GoGo dancers) (sing-a-long) (Psycho a Go-Go) (Secret GoGo) (Beat GoGos) (Surf GoGo) (GoGo!7188-C7) (Road Runner GoGo) (88 GoGo) (Tokyo A Go Go) (Goin to a GoGo) (GoGo Brothers) (Ghoul A Go-Go) (GO GO HAPPY DAY) (Penn Gillett Rescuing a Go-Go Dancer NSFW) but I digress.
Remember... Don't do anything more sensitive on the airplane than read USA Today... no email, no accessing your corporate web site, no bidding on ebay, no buying viagra, etc., etc.
UPDATE - Gogo Inflight Internet service deserves equal time. It is, after all, providing a very useful and wanted service. The information released by Netragard, LLC applies to all public Wi-Fi hot spots, and to single out Gogo makes their motives suspect.
The problem of public Wi-Fi spying is why I mentioned Hotspot Shield, a FREE VPN, a while back. (more)
Gogo would like you to know...
"To date, Aircell and its carrier partners have not identified any network security vulnerabilities in the Gogo Inflight Internet service that are threats to our customers. Credit card transactions to access Gogo are encrypted and fully secure. Other Internet traffic on the Gogo network is as secure as any public Wi-Fi hotspot in a hotel, airport or coffee house. For users who wish a higher level of information security, Gogo supports virtually all VPN clients. Aircell is committed to our customers' safety and security both in the air and online and will do all we can to ensure our customers' information remains secure and private."
Go with Gogo and be as cautious as you would at any public Wi-Fi hotspot. VPN it. ~ Kevin
Security Directors - A $10 million dollar loss is being attributed to poor password practices.
Suggest a password management program which forces new and effective password creation regularly. Use this article to back-up your brilliant suggestion. ~ Kevin
NJ - A Long Island man has pleaded guilty to illegal wiretapping in a corporate espionage case that targeted two Bergen County companies.
David A. Goldenberg of Oceanside, N.Y., admitted to accessing internal e-mail at Sapphire Marketing LLC in Woodcliff Lake, a regional sales representative for Crestron Electronics in Rockleigh, which makes audiovisual equipment. He worked for Crestron's rival, Texas-based AMX Corp., at the time.
"He was able to figure out what their default passwords were, which they never changed," said Brian Lynch, chief of the white-collar crime unit in the Bergen County Prosecutor's Office.
Goldenberg was arrested in March 2008, accused of stealing e-mail and information over a nine-month period, allowing AMX to underbid Crestron on competitive contracts. Crestron has said it lost more than $10 million in business as a result. (more)
Thousands of Automatic Number Plate Recognition cameras are already operating on Britain's roads. Police forces across England, Wales and Scotland will soon be able to share the information on one central computer. Officers say it is a useful tool in fighting crime, but critics say the network is secretive and unregulated.
Kent's Chief Constable, Michael Fuller, commented: "We've seen an increase of some 40% of arrests since we've been using this technology. "I'm very confident that we're using it properly and responsibly, and that innocent people have nothing to fear from the way we use it." (more)
