FutureWatch - Facebook Phone - Social Notworking Albatrose

via Larry Dignan, zdnet.com

Summary: Your Facebook phone may be the equivalent of having a KGB agent tailing you. Mark Zuckerberg will be in your pocket. You might as well wear one of those ankle bracelets for tracking.

The Facebook phone is in play—again—and it appears we have another 12 to 18 months to go before mobile and social utopia arrives. I can’t wait to see the privacy flaps that emerge from this adventure.

AllThingsD is reporting that Facebook has named HTC to build a phone with the social network at the core. The code name is Buffy because it will allegedly slay the market—or something like that. Sound familiar? The Facebook phone has been rumored forever. TechCrunch reported that Facebook was working to build a phone a year ago. CNET News also reported that Facebook was reaching out to hardware makers...

But do you really want a Facebook phone? If you think the social graph can be overdone today just wait until Facebook starts broadcasting every move to your friends. Every purchase you make. Every app you use. Every time you happen to hit the john with your smartphone in tow your friends will know. I could be exaggerating, but not by much (and you know half of you bring your smartphone to the loo). (more)

Ah ! well a-day ! what evil looks
Had I from old and young !
Instead of the cross, the Albatross
About my neck was hung. ~ Samuel Taylor Coleridge

FutureWatch - New "Baby Monitor" Being Launched

Being tested now...

"The Evoz beta program lets parents use their iPhone and the Evoz baby monitoring service to monitor their babies from anywhere in the world with the touch of a button. 

Evoz has unlimited range and can send smart alerts (call, text, or email) if your baby is crying. Parents can download Evoz from the iTunes Appstore for FREE.

Our beta grants mobile parents early access to the free monitoring service and also offers an extended period of time with advanced capabilities. It is important to note that this is a beta, so we haven’t worked out all the kinks yet. We are counting on our beta users to give us feedback, identify problems, and share ideas with our team as we prepare a full public launch." (more) (more)

FutureWatch - For a lot of people, the cost of this gadget, plus $1.99 per day is a small price to pay for unlimited eavesdropping. Just one more thing your sweep team will need to be aware of.

Security Alert: Check Your Cell Phone

Bit9 researchers has compiled a list of 12 smartphones that pose the highest security and privacy risks to consumers and corporations.

The phones, all Android models, on the "Dirty Dozen" list compiled by Bit9 of Waltham, Mass. are:
Samsung Galaxy Mini
HTC Desire
Sony Ericsson Xperia X10
HTC Wildfire
Samsung Epic 4G
LG Optimus S
Samsung Galaxy S
Motorola Droid X
LG Optimus One
Motorola Droid 2
HTC Evo 4G 

In compiling the list, Bit9 researchers looked at the market share of the smartphone, what out-of-date and insecure software the model had running on it and how long it took for the phone to receive updates.

Read Bit9's full report at http://www.bit9.com/orphan-android/
(more)

Privacy Journal - Your privacy news authority

I just received a free sample of Privacy Journal, an excellent publication by Robert Ellis Smith. He started Privacy Journal back in the 1970's and it continues stronger today than ever. 

Here is just one of the important topics he covers in this month's issue... Should the government need to secure a court warrant before installing continual and long-term electronic monitoring on a person’s motor vehicle, by means of Global Positioning technology (GPS)? That is a question before the U.S. Supreme Court this month in U.S. v. Jones, perhaps the most significant Fourth Amendment case in this new century. 

If you need to keep up with privacy issues, this is your best resource. His web site even offers FREE privacy tips.

In addition to the Journal, Mr. Smith also publishes many books on privacy. One of the most helpful is his Compilation of State and Federal Privacy Laws. This book includes listings for all U.S. laws - more than 700 of them - and federal and provincial laws in Canada.

All his publications are available electronically.

See for yourself. Contact Privacy Journal for a sample issue, and a list of their other publications.

Lee Shoreham, Assistant to the Publisher
PRIVACY JOURNAL
PO Box 28577
Providence RI 02908
Phone: 401/274-7861
Fax: 401/274-4747
orders@privacyjournal.net
www.privacyjournal.net

Security Solution: Managing Wireless Devices in Corporate Environments

Managing wireless devices is a particularly tough chore. Items to be wrangled range from cell phones, to iPods, to tablets, to laptops. Many of these items have photographic capabilities which need to be wrangled as well... not to mention, digital cameras, and attachments with wireless capabilities.

To make matters worse, some of these devices, and some of their apps may be allowed in one room, but not in another. This is getting really complicated. 

Until now, there really hasn't been a non-draconian solution for the mere mortal security director.

Take a look at this. It's called ZoneDefense, made by AirPatrol. Very cool!

Protester Launches Drone to Spy on Police! (AMAZING video)

During protests in Warsaw last weekend, one crafty activist deployed a flying drone to spy on riot police.

YouTube user latajacakamera — or “flying camera” in Polish — uploaded the amazing video that the drone effortlessly captured as it hovered over teargas-filled streets.

In another video, the unmanned aerial vehicle (UAV) floats in front of a formation of police in riot gear as they rush towards demonstrators. None of them appear to notice. (more)

Garbo: The Spy Infiltrates Theaters... today

Filmmaker Edmon Roch's slyly and wryly suspenseful documentary about the real life World War II super spy known as Garbo can give any narrative espionage thriller a real life run for the money! 

It opens theatrically today, November 18, 2011. (more)

Zimbabwe Spy Caper Mysteriously Dropped

A spy caper involving an Ontario telecommunications firm fizzled when authorities in Zimbabwe suddenly dropped espionage charges.

Three Zimbabwean businessmen were accused of using a satellite system supplied by Juch-Tech Inc. of Hamilton to transmit state secrets to Canada, the United States and Afghanistan.

They were charged with running afoul of the country's Official Secrets Act, which prohibits the communication of information useful to an enemy.

However, reports from the African country say the attorney general's office in Harare has decided to withdraw the spying charges. (more)

Hummm, Zimbabwe?!?! 

Might be time to connect the dots.

We're Smiley. Spying Is Sexy Again!

You know what movie profession is in need of serious comeback? The spy. Not the "all flash and explosions of James Bond" spy, but the "shadowy guy on the street corner" spy. It's been too long since we've celebrated the clandestine charm of old-fashioned intelligence agents. It's time we bring them back.

Thankfully, we're in luck. "Tinker Tailor Soldier Spy" is just the movie to do it. The film, which touts an all-British cast of ridiculously high caliber led by Gary Oldman, doesn't hit theaters until December 9, but we have exclusive clips from the movie. (more)

Get More: Movie Trailers, Movies Blog

US - Congress is launching an investigation into whether Huawei Technologies Co. and other Chinese telecommunications firms pose a potential national-security threat as they expand in the U.S... 

The probe by the House intelligence committee marks an intensification of U.S. scrutiny of the potential threat, in particular from Chinese firms like Huawei and ZTE Corp. Intelligence officials have shared with lawmakers concerns that such expansion could give China a foothold for electronic spying in the U.S., according to a congressional aide...

U.S. officials worry the Chinese government could access that equipment and track phone calls or emails, or disrupt or destroy a communications system. It's also possible that such access could provide an avenue for eavesdropping on phone calls or intercepting emails in combination with other technologies, according to an industry specialist. (more)

"Cheaping out on security can cost a lot more than it saves."

via By J.F. Rice, Computerworld...

Cadillac or Kia? 

How much security is enough, and how much is too much?

...I was criticized for proposing "Cadillac" solutions to security challenges -- "Cadillac" being code for "too expensive." ...Our CIO told me that I should start thinking about partial solutions instead of more comprehensive approaches to improving our security. "Instead of trying to solve the whole problem, which is too much for us to handle, just solve a part of it," he told me.

...I've had a lot of time to think about excellence and how it applies to security. Unlike other IT specializations, where partial solutions can be effective, security has a lot more of an all-or-nothing aspect. There are some things we just have to do, or else we risk heavy consequences, up to and including complete failure of the company itself. Security is important to the continuing operation of the company. 

If we try to save a few bucks by cutting our security budget, we might end up with a breach that could have been prevented, leading to loss of customer confidence, bad publicity, lack of compliance with legal regulations, theft of our confidential data by a competitor or worse.

...a successful security program requires excellence. Otherwise, the gaps and holes we don't close will be the ones that ultimately cause our downfall. ...Cheaping out on security can cost a lot more than it saves. ...we really do need the Cadillac. (more)

Mr. Rice is a brave man to stand by his principles under economic pressure. The fact that 'right' is on his side helps, of course. Having been called a Cadillac by a budget-bleeding client once, I feel his pain. I have also seen "complete failure of the company itself" for lack of a Cadillac-level business espionage countermeasures security program.

BTW, I own a Cadillac (five of them, over the past 15 years). Why? Basically, for its rock solid dependability. I have never lost a dime due to a breakdown keeping me from an appointment. Cadillacs are cost-effective assurance against failure. A long time ago, I had an Olds Cutlass (gurrr). Don't get me started. I learned my lesson.

Encrypted Spyware Foils Antivirus Programs

via James Mulroy, PCWorld 

Attackers in Brazil have found a way to sneak around antivirus programs by using cryptography.... the virus writers behind this particular attack publishes new mirrors and new variants of the malware about every 2 days, though the encryption code has remained the same so far. This is certainly scary for anyone out there that values their private information, and I just hope that the antivirus software companies can keep up. (more)

Today in Eavesdropping History...

On Nov. 17, 1973, President Nixon told an Associated Press managing editors meeting in Orlando, Fla., that "people have got to know whether or not their president is a crook. Well, I'm not a crook.''

Kennedy "I have never had Addison’s disease."
Johnson "We still seek no wider war"
Nixon SEE ABOVE
Carter "I would not use military force to free the hostages"
Reagan "We did not -- repeat did not -- trade weapons or anything else for hostages nor will we."
GHW Bush "Congress will push me to raise taxes...and I'll say read my lips, no new taxes!"
Clinton "I did not have sexual relations with that woman Miss Lewinsky"
GW Bush "We have found Weapons of Mass Destruction in Iraq"

Security Alert: Check Your Computer for Ghost Click DNS Settings (FREE)

Trend Micro and the FBI announced the dismantling of a criminal botnet, in what is the biggest cybercriminal takedown in history. 

This concerted action against an entrenched criminal gang is highly significant and represents the biggest cybercriminal takedown in history. Six people have been arrested through multinational law enforcement cooperation based on solid intelligence supplied by Trend Micro and other industry partners. more than 4 million victims in over 100 countries have been rescued from the malign influence of this botnet and an infrastructure of over 100 criminal servers has been dismantled with minimal disruption to the innocent victims.

If you are worried that you might have been a victim of this criminal activity, the FBI have made an online tool available which will allow you to check if your DNS server settings have been tampered with.

First you will need to discover what your current DNS server settings are:

On a PC, open the Start menu by clicking the Start button or the Windows icon in the lower left of your screen, in the Search box type “cmd” and hit return (for Windows 95 users, select “Start“, then “Run“).This should open a black window with white text. In this window type “ipconfig /all” and hit return. Look for the entry that reads “DNS Servers” and note down the numeric addresses that are listed there.

On a Mac (yes they can be victims too), click on the Apple icon in the top left of your screen and select “System Preferences“, from the Preferences panel select the “Network” icon. Once this window opens, select the currently active network connection on the left column and over on the right select the DNS tab. note down the addresses of the DNS servers that your computer is configured to use.

FREE: You can check to see if these addresses correspond to servers used by the criminals behind Operation Ghost Click by using this online tool provided by the FBI, simply enter the IP addreses, one by one and click the “check ip” button. (more)

Worth checking. I did. Fortunately, no problems. ~Kevin

How to Control Wireless Devices in a Corporate Environment

Wireless poses a persistent threat to corporations today and all devices (laptops, smart phones, tablets, etc) must be integrated within a consistent enterprise security policy framework. In addition, an enterprise mobility solution must continuously monitor all mobile devices and dynamically adapt their capabilities for every situation. 

McAfee and AirPatrol are hosting a FREE webinar showing how-to protect your mobile assets and enhance employee productivity.

(An education if you are trying to solve this problem.)

Date: Tuesday, Nov 29, 2011 
Time: 1:00 pm US Eastern Time 
Sign up for the FREE webcast.