Saturday, August 27, 2011

Woman acquitted on eavesdropping counts

IL - Tiawanda Moore went to Chicago police headquarters last August to file a complaint against a patrol officer for allegedly fondling her during a domestic disturbance call.

According to Moore, however, two police investigators assigned to investigate the officer's conduct instead tried to talk her out of pursuing the complaint. Frustrated, she put her BlackBerry on her lap and quietly flipped on its recorder.

But the former stripper was the one who ended up in trouble - criminally charged with violating an obscure state eavesdropping law that makes audio recording of police officers without their consent a felony offense.

In a quick repudiation Wednesday of the prosecution case, though, a Criminal Court jury took less than an hour to acquit Moore on both eavesdropping counts. (more)

Others have not been so lucky in escaping this double-standard Kafkaesque selective application of the eavesdropping law in "two-party consent" states.

U.S. Electronic Surveillance Laws

Federal law includes all interstate calls, and there are several sources of authority for electronic surveillance in the U.S. The Wire and Electronic Communications Interception and Interception of Oral Communications Act (formally known as the "Title III" Wiretap Act, 18 U.S.C §§ 2510-2520), typically requires a court order issued by a judge who must decide that there is probable cause to believe that a crime has been, is being or is about to be committed. 

Wiretaps can also be ordered in suspected cases of terrorist bombings, hijackings and other violent activities are crimes. The government can wiretap in advance of a crime being perpetrated. 

Judges seldom deny government requests for wiretap orders. 

Electronic surveillance involves the traditional laws on wiretapping--any interception of a telephone transmission by accessing the telephone signal itself--and eavesdropping--listening in on conversations without the consent of the parties. More recently, states have extended these laws to cover data communications as well as telephone surveillance. 

For example, in Florida, interception and disclosure of wire, oral, or electronic communications is prohibited. State and federal policymakers face the challenge of balancing security needs via electronic surveillance against individual privacy.

The list of laws was last revised one year ago, but remains a worthwhile reference. U.S. Electronic Surveillance Laws

Friday, August 26, 2011

UK Private Investigators - "...just can't get no respect."

via the Financial Times...
They eavesdrop on your conversations, rifle through dustbins and pretend to deliver pizzas while taking covert photographs with a disguised camera. They hide, watch and wait, and hang around for hours in the freezing cold, crouched down in the back of a parked car dying to use the bathroom.

This is the real life of Britain’s private investigators. There are between 4,000 and 5,000 of them now active. The stereotype is of the disgraced police officer, thrown off the force, all grubby raincoat and cigarette dangling from his lower lip; or the lithe, brooding, silent panther, with eyes in the back of his head, capturing the bad guys. Neither is quite right, nor quite wrong. (more) (Duckman - American private investigator stereotype)

SpyCam Story #619 - "Hey, I'm depraved on account I'm deprived."

Australia - A Sydney architect who filmed up a teenage girl's skirt has escaped jail, after the court heard he was under stress from political events in his native Sri Lanka at the time.

Sabapathy Chandrahasan, 57, was caught in February this year filming up a girl's skirt at Sydney's Central Railway Station. Police then searched his home at Earlwood, in the city's inner west, where they uncovered more than 1000 such videos on his computer. Chandrahasan pleaded guilty...

His lawyer argued the offenses were relatively minor and said his client suffered from events in Sri Lanka. He said Chandrahasan has been ostracized by the Sydney Tamil community, of which he was a key figure...

Chandrahasan was given a nine-month suspended sentence, which will be followed by a good behavior bond. He has also been ordered to receive medical treatment. (more) (sing-a-long)

SpyCam Story #618 - Keeping Up with The Pervs

Australia - Canberra's Australian Defence Force Academy (ADFA) is at the centre of another sex scandal this morning after a male cadet was arrested for allegedly videoing a female cadet as she took a shower.

Police allege the 21-year-old cadet found the phone hidden in a vent above a shower at her accommodation block last night.

It is alleged the phone was recording video while the woman was showering.

Police arrived at ADFA at 11:50pm, and seized the mobile phone, laptop and a USB memory stick from the 21-year-old male cadet's room.

The arrest came on the same day that Defence Minister Stephen Smith said an independent report into sexual abuse allegations within the ADF had to be delayed because of the sheer volume of complaints. (more)

SpyCam #620 - Not to be outdone by Australia...

OH - An Avon Lake man was formally charged Thursday for allegedly spying on his fellow employees using a pen camera placed in the women’s restroom.

James Mucha, 43, an employee of Catania Medallic, a supplier of metal awards and pins, was arraigned Thursday morning in Avon Lake Municipal Court on three counts of voyeurism, a third-degree misdemeanor, for allegedly putting a pen camera in a restroom at the company.

...someone from the business reported finding the camera. Police Lt. Duane Streator said Mucha could be seen in video from the camera. “He was observed in the camera repositioning it,” Streator said. Analysis of video from the camera revealed three female employees using the restroom. Mucha was also charged with possession of cocaine. (more)

Thursday, August 25, 2011

Implant GPS Tracking Devices - Mexican Standoff

Mexico - “Unfortunately, it’s been good for business but bad for the country,” said Xega executive Diego Kuri, referring to the kidnappings. “Thirty percent of our clients arrive after someone in their family has already experienced a kidnapping,” added Kuri, interviewed at the company’s heavily fortified offices, opposite a tire shop in this industrial city 120 miles north of Mexico’s capital.

Xega calls it the VIP package. For $2,000 upfront and annual fees of $2,000, the company provides clients with a subdermal radio-frequency identification chip (RFID), essentially a small antenna in a tiny glass tube. The chip, inserted into the fatty tissue of the arm between the shoulder and elbow, is less than half an inch long and about as wide as a strand of boiled spaghetti.

The chip relays a signal to an external Global Positioning System unit the size of a cellphone, Kuri said, but if the owner is stripped of the GPS device in the event of an abduction, Xega can still track down its clients by sending radio signals to the implant. The company says it has helped rescue 178 clients in the past decade...

In recent years, all manner of Mexican media reports have featured the chips, with some estimating that as many as 10,000 people are walking around with the implants. Even former attorney general Rafael Macedo told reporters in 2004 that he had a chip embedded “so that I can be located at any moment wherever I am.”

That’s pure science fiction — a sham — say RIFD researchers and engineers in the United States. Any device that could communicate with satellites or even the local cellular network would need a battery and sizable antenna, like a cellphone, they say. (more)

BUSTED!

Are Your Passwords Sardonic Humor Fodder?

Click to enlarge
Look for yours in The Top 100 Most Common Passwords list...
123456
password
12345678
1234
puxxy
12345
dragon
qwerty
696969
mustang
letmein
baseball
master
michael
football
shadow
monkey
abc123
pass
fxxkme
6969
jordan
harley
ranger
iwantu
jennifer
hunter
fxxk
2000
test
batman
trustno1
thomas
tigger
robert
access
love
buster
1234567
soccer
hockey
killer
george
sexy
andrew
charlie
superman
axxhole
fxxkyou
dallas
jessica
panties
pepper
1111
austin
william
daniel
golfer
summer
heather
hammer
yankees
joshua
maggie
biteme
enter
ashley
thunder
cowboy
silver
richard
fxxker
orange
merlin
michelle
corvette
bigdog
cheese
matthew
121212
patrick
martin
freedom
ginger
blxxjob
nicole
sparky
yellow
camaro
secret
dick
falcon
taylor
111111
131313
123123
bitch
hello
scooter
please
*xx - edited for email spam filters

The End of Anonymous SpyCam'ing Has Arrived

Click to enlarge
Australia - The owner of a mobile phone that contains footage of women undressing in a Sydney clothing store is wanted by police for questioning.

The discovery has prompted a warning for people to be on the lookout for any recording devices when they use change rooms in retail shops.

Police have released sections of the footage that also depicts a young man they have failed to identify during their two-month investigation. Police have examined the phone and found video recordings of three women undressing and trying on clothes in a change room.

Superintendent Philip Flogel, commander of the Hills Local Area Command, said his detectives have exhausted all means to determine who owns the phone and are now asking for help from the public. "We're hoping the public will come forward; it is very clear footage." (more)

Philip, allow me to introduce you to associate professor Alessandro Acquisti from Carnegie Mellon University, in the next posting. I think he can help you. ~Kevin 

All kidding aside, the "Acquisti ID Technique" is the next big thing in the world of policing tools. 

Note to bad guys... If you're on The Net, you're in The Net.

The End of Anonymous On-Line Dating Has Arrived

Science fiction writers have long imagined a future in which facial recognition technology makes anonymity in public obsolete. A research study at Carnegie Mellon University suggests that this Minority Report future has already arrived, thanks to facial recognition products now commercially available, combined with the 750-million-person identity database called Facebook.

A CMU research team led by associate professor Alessandro Acquisti took candid photos of 93 random students on campus using a $35 webcam. Within seconds the researchers were able to determine the identities of a third of their photogenic guinea pigs, using off-the-shelf facial recognition software from PittPatt, a software company recently acquired by Google, and publicly available profile photos from Facebook. The researchers had an even higher rate of success using the same technology to identify more than 100,000 Pittsburgh singles with otherwise pseudonymous accounts on a dating site, adding yet more complexity to the world of online dating. (more)

Wednesday, August 24, 2011

The Top Twenty Information Security Tips for Business Travelers to Closed Society Countries

Foreign travel always brings security questions. For many countries the advice is mild, like "don't carry too much cash," and "don't drink the water".

Some countries are far different. They want your information. These are usually, but not always, "closed society countries".

The following is General Information Security Awareness & Advice to keep in mind while traveling in (or through) closed society countries. You may not be able to employ every bit of advice, in every situation. but everything that you can do will help. Security is a "how high can we build the wall" effort. 

Awareness
1. Assume your communications can be monitored by the government. This includes hotel, meeting room, business office bugging, and all forms of electronic communications.

2. The use of communications encryption is generally illegal. Certain exceptions may be available to financial industry transactions. Encryption of data on your personal devices is usually allowed, though if seized you will be asked for the decryption key or password.

3. Conducting a full Technical Surveillance Countermeasures (TSCM) inspection in a closed society country is problematic. Most of the instrumentation required is not allowed to be imported, or requires a special permit. The answer or approval you receive from one government official may not be honored by another government official. Equipment may be confiscated without remuneration. This type of activity could be classified (mistakenly or intentionally) as spying, thus subjecting the participants to imprisonment, and the company to fines, loss of business, etc.

4. Anything left unattended may is subject to retrieval of information from it. This includes: computers, cell phones, USB sticks, external hard drives, and written items.

5. Spyware may be introduced onto computers, cell phones, and other devices which can hold computer instructions. This may be accomplished while the device is unattended, or via unintentional download from email or web sites.

6. Gifts may contain surveillance electronics (bugs, tracking, etc.).

7. Electronic surveillance devices may be planted in your transportation (rental car, corporate aircraft, etc.)

8. Personal surveillance and social engineering tactics may be used against you. Tactics may include: location tracking, to "the friendly stranger" who wants to help or talk, to engineering compromising positions for blackmail purposes.

9. Be aware that foreign nationals employed by your company may also be employed by, or under obligation to, the host government.

10. Provide business travelers a copy of: Staying Safe Abroad: Traveling, Working & Living in a Post-9/11 World by Edward L Lee II

Advice
11. Bring only "isolated" electronics (cell phones, cameras, laptops, USB sticks – electronics only to be used on the trip, and which are never connected to other systems (like the company LAN, computer back-ups, or even computer-stored cell phone address books and back-ups).

12. Bring as few of these electronics as possible. If everything can be accomplished with a smartphone, just bring that.

13. Keep the amount of information on these electronics as small as possible.

14. Password protect your electronics. Encrypt the contents. A password alone will not prevent the theft of unencrypted information.

15. Do not purchase electronics while in a closed society country.

16. Keep electronic communications short, dull, boring and devoid of critical information.

17. Create alternate wording for sensitive or confidential information to use when communicating with the home office. Practice using the wording before leaving on the trip. You want to be low-key, but not sneaky.

18. Conduct TSCM inspections which are specially modified to conform with local restrictions. (The common mistake is giving up and deleting inspections from the security strategy.) There is still much that can be done. People other than the government also want your company's information. You can thwart them. Contract with an experienced specialist to accomplish this portion of your information security strategy.

19. Upon returning home, have the IT department check all electronics for spyware, wipe-erase all storage, and store the electronics for use on the next trip. Keep them isolated. Do not connect them to anything.

20. Upon returning home, have a Technical Surveillance Countermeasures (TSCM) inspection conducted of corporate aircraft, and all items brought back: gifts, meeting materials, audio-visual equipment, luggage, etc.

~Kevin

"Try this one on. It broadcasts you!" -R.F. Burns, Haberdasher

Antenna clothes help phone signal
Radio antennas that can be sewn directly onto clothes have been developed by US researchers. The team from Ohio State University created a prototype using plastic film and metallic thread.

The scientists reported in an IEEE journal that the system's range is four times greater than that of a conventional antenna worn on the body.

The technology could potentially be applied in a number of fields, but is primarily designed for military use. (more)

In Honor (and awe) of Hurricane Andrew Day...

"Be prepared." 


 

FREE FEMA Publications
On Aug. 24, 1992, Hurricane Andrew smashed into Florida, causing record damage; 55 deaths in Florida, Louisiana and the Bahamas were blamed on the storm.

Google v. Facebook - Parry for Privacy

The rivalry between Google Inc. and Facebook Inc. has a new front: privacy.

Facebook said it would roll out new controls for sharing personal information on the social network on Thursday, giving its more than 750 million users new tools to manage who can see information about them. The company plans to move a number of privacy controls—which previously required navigating to a separate settings page—to users' homes pages and profile pages, next to where they view and post content.

Facebook and other social networks have at times been criticized for designs that lead users to inadvertently share information with a wider audience than they intended. Many Facebook users have hundreds or thousands of friends, and some have have urged the company to make it easier to target smaller groups when posting information. (more)

Tuesday, August 23, 2011

Your Life is an Open Book - Opt Out

advice from Violet Blue...
So-called “people search” sites like PeopleFinders, WhitePages and many more all buy, sell and trade your private information for profit. Few people are happy to know how any stranger - or marketing company - can obtain their home address for a few dollars, and that it’s challenging to stop.

But not impossible.

As we learned in How To Remove Yourself from People Search Websites, “peoplefinder” sites are giant databases that make money by selling your profile to anyone with a credit card. See also: our gallery: How people search sites get your information - and what you can do about it...

What You Can Do To Protect Yourself

There isn’t much we can do to stop people finder sites from getting public record information about us and making a profit off of it. Opting out of people finder sites will get your private life off the public market.

After you opt-out, there are a number of things you can do to prevent your info from being re-populated to people search sites:
• Only give out your information when you have to. If it’s optional, don’t do it. Facebook continually prompts me to give them my phone number for “better security” but I’m not falling for it.
• Look at your privacy settings on all your social networks; change them or lock them down if you can.
• When you do have to give info out for a profile or signup, consider giving the minimum of information, and be strategic about whether or not you give them your actual information. Only give them what’s absolutely necessary for site membership.
• Be wary of sites that make you register to use them. They’re not “free” to use if you give them something of yours they can - and will - sell.
• Don’t make it easy for sites to make an accurate profile about you, and know that your email address is in the hands of anyone you give it to. Use an alias or a pseudonym, and consider using an anonymous email that forwards to your real inbox to avoid getting spammed.
• Think twice before putting content on sites that want you to make a profile, like dating sites.
• Know that your likes, check-ins and and +1’s are public - not just public, but also profitable for the companies that made the buttons. Think twice about “liking,” “digging,” “upvoting,” and especially “checking in” using Foursquare and other location-based check-in services.
• Do what you can to block online tracking; it won’t hurt to use browser add-ons that block targeted advertising cookies and trackers.
• When you see a people search site being deceptive or feel you’ve been tricked by them, use this form to report them to the Federal Trade Commission. (more)