Friday, August 30, 2013

FutureWatch: On the Road to The Corporate State

Tech Companies and Government May Soon Go to War Over Surveillance

via Patrick Gray, wired.com...
On the very day the media dropped detailed documents on the NSA’s X-Keyscore collection program, the Facebook engineering team published a blog post stating that all access to Facebook via apps and web browsers was now SSL encrypted. Given X-Keyscore was a program primarily designed to intercept unencrypted internet traffic, you could be forgiven for interpreting Facebook’s post as a middle finger pointed in NSA’s direction...

You don't need a Weatherman to know...
You want us to execute that warrant for you? Ok, sure, but the user will get a nice big popup warning telling them that their messages are likely being intercepted!

There are new interception hurdles everywhere you look. Even plain old SSL encryption is becoming more difficult to snoop on. Previously, governments could rely on complicit or compromised certificate authorities to provide them with the means to intercept encrypted traffic. Thanks to the Iranian government’s overly enthusiastic use of this technique, Google made changes to the Chrome browser to neuter the practice. Similar updates are expected soon in Internet Explorer. There goes another interception technique for law enforcement!

And it’s only going to get worse for the poor ole G-Men. Technology companies are enabling security features that make certain types of government surveillance extremely difficult, and it’s a trend that’s set to continue. That’s why the U.S. government has long wanted laws that force tech companies to make their products wiretap friendly. (more)


"Knowledge is power." Whoever holds the knowledge, holds the power. (sing-a-long)

Thursday, August 29, 2013

Government and Business Team Up Against Espionage...

Germany - Faced with increasing rates of espionage attempts directed at companies, German government and business leaders have agreed on hammering out a joint protection strategy. Raising awareness is the first objective.

The German government and business organizations agreed on Wednesday that domestic companies needed stronger protection from espionage and cyber crime. They signed a declaration on hammering out a joint defense strategy and pooling resources for the most efficient infrastructure to ward off risks...

The Association of German Chambers of Commerce and Industry (DIHK) added putting an efficient security infrastructure in place should not be viewed by smaller firms as a way of wasting money.

"The costs those firms might incur through espionage and the resulting theft of intellectual property and know-how tend to be much higher than the investment in a good security setup," DIHK President Eric Schweitzer emphasized. (more)



Brilliant! Time for the U.S. to do the same.

Wiretapping Sparks Naked Protest

FEMEN activists shed clothes in front of Ukrainian embassy in Berlin...

Ukraine based feminist movement group, FEMEN has said that they are moving their office out of Ukraine's capital, Kiev after their telephone calls were wiretapped. 

A day prior, the police had alleged that a cache of illegal weapons were discovered from their headquarters.
The group is said to be moving out because of security concerns. The FEMEN group has said that the wiretapping incident has made the place impossible to work. (more)


Imagine what would happen if they were really bugged.

Use of phone-tracking technology in shopping centers set to increase

Australia - We are used to cameras watching our every move, but what about having your phone tracked when you go to the shops or the CBD (Central Business District)?

More and more shopping centers and councils around Australia are already doing it - working out where people are going and how they get there.

Mobile phone  
Photo: Companies can track phones by scanning for WiFi signals 
or by intercepting mobile phone network signals. (ABC News: Simon Brown)

With the technology you do not get to opt in and you do not have to be connected to a WiFi network.

There are two different approaches to tracking the phones. The Inhouse Group system scans WiFi signals given off by smartphones to pinpoint a customer's location.

Another product from the UK - FootPath by Path Intelligence - intercepts mobile phone network signals.

Neither is able to access any content stored on your phone. (more)

Wednesday, August 28, 2013

Millions of Android Users Vulnerable to Security Threats, Say Feds

According to a new document obtained by Public Intelligence, the U.S. Dept. of Homeland Security (DHS) and the Federal Bureau of Investigation (FBI) are increasingly aware of the threats its law enforcement users and officials face at a federal, state, and local level in using older versions of the Android mobile platform.

According to the roll call release — marked as unclassified but "for official use only," and designed for police, fire, emergency medical services (EMS) and security personnel — upwards of 44 percent of Android users worldwide are still using Android versions 2.3.3 to 2.3.7, which still contain security vulnerabilities fixed in later versions. (more)


Spybusters Tip #492 - The latest version of Android is 4.3. Time to upgrade.

Tuesday, August 27, 2013

Spybusters Tip #972 - Own a Foscam FI9821W Megapixel IP camera? There is a security update waiting for you!

As mentioned here before, many IP surveillance cameras are vulnerable to hack attacks by outsiders. This firmware update notice from Foscam addresses that. 

In order to properly secure your Foscam FI9821W Megapixel IP camera as well as prevent any potential hardware or software failures, it is highly imperative that you please update to the latest stable Firmware version

If you are experienced with configuring your IP cameras please follow the detailed instructions located on our website here (attached hereto for reference as well): http://foscam.us/blog/foscamipcameras/how-to-update-firmware-on-the-fi9821w-v1/ 

If you would like us to assist you in updating the firmware or have us do it for you remotely, please contact us 24/7 at 1-800-930-0959.

This is an urgent matter that requires immediate action.

Firmware download links: 
Mirror 1: https://www.dropbox.com/s/p323grrqkpw0am6/FI9821W-1.1.1.13-20130607.zip 
Mirror 2: http://foscam.us/downloads/FI9821W-1.1.1.13-20130607.zip 
Mirror 3: http://www.foscam.com/Private/ProductFiles/FI9821W-1.1.1.13-20130607.zip 

If you have any questions, please do not hesitate to contact us at Email: sales@foscam.us ' sales@foscam.ca ' sales@foscam.co.uk Phone: US Toll Free: 1-800 930 0949 US/Canada Sales: (+1) 713 893 7869 US/Canada Support: (+1) 713 893 7866 UK Sales/Support: (+44) 203 627 0947

Snoop in the Soup - (You Can't Make This S--- Up)

Kenneth Enlow was arrested in July after Ambra Reynolds and her seven-year-old daughter noticed something moving in the septic tank beneath the toilet they were using at White Water Park in Sand Springs, Oklahoma.

When Ms Reynolds took a closer look, she saw Enlow looking up at her from inside the toilet...

Rescue crews pulled Enlow, who was covered in human waste, from the septic tank and cleaned him off with a fire hose.

He pleaded guilty in Tulsa County District Court to a misdemeanor violation of Oklahoma's peeping Tom statute last Thursday. (more)

Your Boss Won't Stop Spying on You (Because It Works)

No one likes the idea of a workplace in which managers keep a constant eye on employees. Workers find it creepy, and it’s not as if ambitious managers clawed their way up the ladder just to snoop on their underlings all day. Still, much of the surveillance now takes place electronically—in theory, freeing bosses to focus on other matters while monitoring software keeps everyone in line. So office spying isn’t going away.

A study published over the weekend by researchers suggests that electronic surveillance in the workplace is strikingly effective (PDF). An examination of data provided by NCR (NCR), which makes software that examines all activity on restaurants’ point-of-sale systems while looking for suspect patterns, found lower levels of theft under workplace surveillance. NCR even says that employees seem to become more productive in other ways. (more)

Friday, August 23, 2013

Boyfriend Tracker app Booted from Google Play

Yesterday the Associated Press reported that the Boyfriend Tracker app, which had seemed to take Brazil like an overbearing wildfire, was removed by Google from its app store with no explanation.

Both the app’s massive popularity (AP estimates around 50,000 downloads in just two months) and its removal raise questions. The former, of course, speaks to a fundamental problem in the security of relationships in Brazil. To be fair, it is certain that the app — called Rastreador de Namorados — would have just as much popularity elsewhere, but this one happened to be in a country famous for its casual liaisons. “In Brazil, we have this culture of switching partners really quickly, so this is a way of dealing with that,” the app’s maker, Matheus Grijo told the AP. “People really appreciate having a tool to help them find out whether they’re being cheated on.” (more) 

“Boyfriend Tracker” lets users obtain a call history, receive any incoming or outgoing text messages, identify a partner’s location on a map using GPS, and can turn on the phone to listen in to the surrounding environment. The app also lets users know when a phone is turned off or set to Airplane Mode. The app has to be downloaded on the intended individual phone, with their consent, according to Grijo. The individual can then text message codes to turn on the various tracking options. (more) (video)

Girlfriend Tracker app still available!
(No, just kidding.)

Thursday, August 22, 2013

Homes Hacked Through Wireless Devices - There Really is a Boogeyman

Sleep tight...

CEO Pleads Guilty to Wiretapping Charge

ID - Louis Kraml, the Chief Executive Officer of Bingham Memorial Hospital in Blackfoot, entered a plea of guilty today to a misdemeanor charge of stalking in the second degree...

A Bingham County grand jury indicted Kraml, and former hospital Information Technology Department employees Jack York, Chris Behunin and Tyler Lassen, with various violations of the Idaho wiretap statute...

According to the indictments, the defendants intercepted and recorded phone calls made by and to former hospital doctor Robert Rosin and his staff between June 2009 and August 2010. (more)

FutureWatch: Eavesdropping via Mind Reading

We continue to keep tabs on the next really big thing in eavesdropping - mind reading. Still way off in the future, advances are being made every year.  

Here is the latest...

By analyzing MRI images of the brain with an elegant mathematical model, it is possible to reconstruct thoughts more accurately than ever before. In this way, researchers from Radboud University Nijmegen have succeeded in determining which letter a test subject was looking at. The journal Neuroimage has accepted the article, which will be published soon. A preliminary version of the article can be read online.
‘In our further research we will be working with a more powerful MRI scanner,' explains Sanne Schoenmakers, who is working on a thesis about decoding thoughts. ‘Due to the higher resolution of the scanner, we hope to be able to link the model to more detailed images. We are currently linking images of letters to 1200 voxels in the brain; with the more powerful scanner we will link images of faces to 15,000 voxels.'  (more)

Laser Beam Eavesdropping - In the News Again

Since the 1970's, stories about laser listeners have periodically popped up in the news. The common thread is their magical ability to eavesdrop from far away using only an invisible beam of light. Fear mongering is the next element, closely followed by, "very expensive, only the government can buy one."

The reporters are either clueless or haven't done any decent research. Their information sources have vested interests: like governments spreading disinformation; or "de-bugging experts" and spyshop owners hoping the publicity will boost their business. Funny, a working device is never demonstrated, and nobody even claims first-hand knowledge.


Today, the BBC fell victim. Here is the story they published...
Not true.
The UK government has warned the Guardian newspaper that foreign agents could use laser technology to eavesdrop on them, in the wake of recent surveillance leaks. What are laser listening devices and are they effective? (more)

The theory is sound. CD / DVD players use it on a small scale. YouTube is full of videos demonstrating the technique... under very controlled conditions, with less than sterling results. But, is it really a practical surveillance tool? Click here for our research.

Spybusters Tip #948 - Android Device Manager Allows Remote Locate, Signal & Erase Security for Android Devices

Access the settings by opening the Google Settings app from your Android app drawer and tapping the option for Android Device Manager.
From there you can choose whether to enable remote location or wiping. This lets you login to the Android Device Manager website and find your phone on a map, cause your device to ring so you can find it if it’s in your other pants pocket or lost in couch cushions, or perform a factory reset if the phone’s been lost or stolen. (more)

Wednesday, August 21, 2013

Last of the Nixon Tapes Go Online

Forty years after President Richard M. Nixon turned off his secret tape recorder, the federal government on Wednesday finally released the last of the historic recordings that have provided an unparalleled insight into the workings of one of the nation’s most dramatic presidencies...

The 94 tapes released on Wednesday cover conversations from April 9 to July 12, 1973, after which the secret taping system was dismantled when a Nixon aide, Alexander Butterfield, disclosed its existence to Congress. (more)

Get yer hot Tricky Dicky tapes. 
Get yer hot tapes here.