You think about securing your laptop, but what about your desk phone, monitor, or printer?
Ang Cui, who heads up Red Balloon Security in New York City, has a particularly innovative way of hacking these devices. Using a piece of malware called “funtenna,” he’s able to make devices transmit data over radio (RF) signals, and then pick them up with an antenna. He’s basically using software to turn this equipment into bugging devices. more
(If video space is blank, click here.)
This is one reason why businesses conduct regularly scheduled bug sweeps (TSCM) of their offices and conference rooms. If you are not plugging these information leaks yet, call me. I'll help you put a protection strategy in place. ~Kevin
Friday, July 29, 2016
Your Weekend Spy Flick—Bourne... again
‘Jason Bourne’: A welcome return for Matt Damon’s spirited spy.
What with all their international adventures through the years, it seems like only a matter of time before Jason Bourne and Ethan Hunt cross paths, whether it be in a crowded town square in Greece or a winding boulevard in Paris — or maybe while the two of them happen to be involved in crazy high-speed chases at the same time.
Hey man. What are YOU doing here?
Just as Tom Cruise continues to carry the “Mission: Impossible” action franchise in his 50s, the 45-year-old Matt Damon still kicks butt in serious fashion in his fourth appearance (and first since 2007) as Jason Bourne in the film of the same name. more trailer movie times
Hey man. What are YOU doing here?
Just as Tom Cruise continues to carry the “Mission: Impossible” action franchise in his 50s, the 45-year-old Matt Damon still kicks butt in serious fashion in his fourth appearance (and first since 2007) as Jason Bourne in the film of the same name. more trailer movie times
The Cartoon You Won't See in Your Paper Today
"Today's strip that did not run in papers.
Seems harmless to me, but I guess these are sensitive times."
Stephan Pastis
@stephanpastis
Syndicated Cartoonist, Creator of Pearls Before Swine Comic Strip,
Author of Timmy Failure book series
Seems harmless to me, but I guess these are sensitive times."
Stephan Pastis
@stephanpastis
Syndicated Cartoonist, Creator of Pearls Before Swine Comic Strip,
Author of Timmy Failure book series
 |
| Click to enlarge. |
Thursday, July 28, 2016
Stormy Weather, or Subterranean Homesick Blues at the National Weather Service
If it’s on Facebook, can it be secret?
Members of the National Weather Service Employees Organization (NWSEO) thought they had a secret Facebook page that was available only to them.
But not only did National Weather Service (NWS) management officials know about the page, they accessed it and made scornful comments about the postings, according to the union.
That amounts to “illegal surveillance” of union activities, according to the labor organization’s complaint filed Wednesday with the Federal Labor Relations Authority.
In the past six months, Weather Service officials “engaged in the surveillance of internal union communications about and discussions of protected activities” on the labor organization’s “ ‘secret’ (that is, ‘members only’) Facebook page,” according to the complaint. more sing-a-long
Members of the National Weather Service Employees Organization (NWSEO) thought they had a secret Facebook page that was available only to them. But not only did National Weather Service (NWS) management officials know about the page, they accessed it and made scornful comments about the postings, according to the union.
That amounts to “illegal surveillance” of union activities, according to the labor organization’s complaint filed Wednesday with the Federal Labor Relations Authority.
In the past six months, Weather Service officials “engaged in the surveillance of internal union communications about and discussions of protected activities” on the labor organization’s “ ‘secret’ (that is, ‘members only’) Facebook page,” according to the complaint. more sing-a-long
Wednesday, July 27, 2016
Brand-Name Wireless Keyboards Open to Silent Eavesdropping
Wireless keyboards from popular hardware vendors are wide open to silent interception at long distances, researchers have found, without users being aware that attackers can see everything they type.
Bastille Research said the keyboards transmit keystrokes across unencrypted radio signals in the 2.4 GHz band, unlike high-end and Bluetooth protocol keyboards, which transmit data in an encrypted format, making it more difficult for attackers to intercept the scrambled keystrokes.
It means attackers armed with cheap eavesdropping devices can silently intercept what users type at distances of 50 to 100 metres away.
Such interception could reveal users' passwords, credit card numbers, security question replies and other personally sensitive information, Bastille said. Users would have no indication that the traffic between the keyboard and the host computer was intercepted.
Furthermore, attackers could inject keystrokes of their own into the signals, and type directly onto users' computers. Again, the attack would be unnoticeable to users in most cases.
Bastille tested eight keyboards from well-known vendors... more
Longtime Security Scrapbook readers may remember my warnings about this beginning in 2007...
https://spybusters.blogspot.com/2007/12/wireless-keyboard-interception.html
https://spybusters.blogspot.com/2007/12/program-discovers-at-risk-wireless.html
https://spybusters.blogspot.com/2009/01/old-news-still-scary-bugged-keyboards.html
Bastille Research said the keyboards transmit keystrokes across unencrypted radio signals in the 2.4 GHz band, unlike high-end and Bluetooth protocol keyboards, which transmit data in an encrypted format, making it more difficult for attackers to intercept the scrambled keystrokes.
It means attackers armed with cheap eavesdropping devices can silently intercept what users type at distances of 50 to 100 metres away.
Furthermore, attackers could inject keystrokes of their own into the signals, and type directly onto users' computers. Again, the attack would be unnoticeable to users in most cases.
Bastille tested eight keyboards from well-known vendors... more
Longtime Security Scrapbook readers may remember my warnings about this beginning in 2007...
https://spybusters.blogspot.com/2007/12/wireless-keyboard-interception.html
https://spybusters.blogspot.com/2007/12/program-discovers-at-risk-wireless.html
https://spybusters.blogspot.com/2009/01/old-news-still-scary-bugged-keyboards.html
The DNC Hack — Worse than Watergate
A foreign government has hacked a political party’s computers—and possibly an election. It has stolen documents and timed their release to explode with maximum damage. It is a strike against our civic infrastructure. And though nobody died—and there was no economic toll exacted—the Russians were aiming for a tender spot, a central node of our democracy...
What’s galling about the WikiLeaks dump is the way in which the organization has blurred the distinction between leaks and hacks. Leaks are an important tool of journalism and accountability. When an insider uncovers malfeasance, he brings information to the public in order to stop the wrongdoing. That’s not what happened here.
The better analogy for these hacks is Watergate. To help win an election, the Russians broke into the virtual headquarters of the Democratic Party. The hackers installed the cyber-version of the bugging equipment that Nixon’s goons used—sitting on the DNC computers for a year, eavesdropping on everything, collecting as many scraps as possible.
This is trespassing, it’s thievery, it’s a breathtaking transgression of privacy. more
What’s galling about the WikiLeaks dump is the way in which the organization has blurred the distinction between leaks and hacks. Leaks are an important tool of journalism and accountability. When an insider uncovers malfeasance, he brings information to the public in order to stop the wrongdoing. That’s not what happened here.The better analogy for these hacks is Watergate. To help win an election, the Russians broke into the virtual headquarters of the Democratic Party. The hackers installed the cyber-version of the bugging equipment that Nixon’s goons used—sitting on the DNC computers for a year, eavesdropping on everything, collecting as many scraps as possible.
This is trespassing, it’s thievery, it’s a breathtaking transgression of privacy. more
Tuesday, July 26, 2016
Judge Flicks Off Uber and its Phony Private Eye
A strange side-show battle over snooping charges came to an end Monday when a judge in federal court ruled that Uber Technologies and its CEO Travis Kalanick could not use background information it dug up on a passenger who brought a price-fixing suit against Kalanick.
Judge Jed Rakoff said Ergo, the Manhattan-based firm Uber hired to conduct the investigation into the plaintiff and his lawyer, "engaged in fraudulent and arguably criminal conduct." Ergo was not licensed to conduct private investigations in New York state and its operative interviewed subjects under phony pretexts. He may also have violated state laws by taping the interviews without subjects' consent.
"It is a sad day," Rakoff began the 31-page opinion, "when, in response to the filing of a commercial lawsuit, a corporate defendant feels compelled to hire unlicensed private investigators to conduct secret personal background investigations of both the plaintiff and his counsel."
Uber declined to comment. more
 |
| Courtesy of Thinkgeek |
"It is a sad day," Rakoff began the 31-page opinion, "when, in response to the filing of a commercial lawsuit, a corporate defendant feels compelled to hire unlicensed private investigators to conduct secret personal background investigations of both the plaintiff and his counsel."
Uber declined to comment. more
Saturday, July 23, 2016
Tristan Payton: Highly touted wide receiver — and criminal hunter?
That seemed to be the case this week after the Central Florida wide receiver chased down a man accused of filming teenaged girls in a bathroom on campus, CBS Sports reported.
The girls were attending a cheerleading camp Wednesday at UCF's basketball facilities on campus when they saw a phone recording them inside a bathroom stall.
They told their coach and staff members, saw the man with the phone and chased him, with UCF police soon joining the pursuit.
The man, identified as 21-year-old Jonathan J. Hui, evaded police and the staff but was soon caught by Payton, who saw the commotion and joined the chase.
Payton quickly snagged Hui's phone before he could delete any information on it. more
The girls were attending a cheerleading camp Wednesday at UCF's basketball facilities on campus when they saw a phone recording them inside a bathroom stall.They told their coach and staff members, saw the man with the phone and chased him, with UCF police soon joining the pursuit.
The man, identified as 21-year-old Jonathan J. Hui, evaded police and the staff but was soon caught by Payton, who saw the commotion and joined the chase.
Payton quickly snagged Hui's phone before he could delete any information on it. more
Professor Accused of Spying on Students Found Dead
An NYIT professor accused of spying on students in the bathroom has been found dead days after his arrest.
Law enforcement sources tell News 12 the body of Professor Jackie Conrad was found in his Harlem home last night.
The 39-year-old had been arrested last week after police say a camera was found hidden inside a handicapped stall at the school’s health care center in Old Westbury. more
An autopsy will determine his cause of death, but police suspect he killed himself, according to sources.
Conrad, a professor at New York Institute of Technology, planted a camera disguised as a pen in a handicapped-accessible bathroom at the school’s Old Westbury campus in Nassau County on July 13, according to a criminal complaint. more
Law enforcement sources tell News 12 the body of Professor Jackie Conrad was found in his Harlem home last night.The 39-year-old had been arrested last week after police say a camera was found hidden inside a handicapped stall at the school’s health care center in Old Westbury. more
An autopsy will determine his cause of death, but police suspect he killed himself, according to sources.
Conrad, a professor at New York Institute of Technology, planted a camera disguised as a pen in a handicapped-accessible bathroom at the school’s Old Westbury campus in Nassau County on July 13, according to a criminal complaint. more
The Complete Guide to Facebook Privacy
The Techlicious folks have the tips on how to keep your privacy on Facebook...
Privacy concerns and privacy controls on Facebook are ever changing. When you post a picture of your kids at a family gathering, which one of your Facebook friends can share it? What private information are those Facebook game apps collecting on you for "third-party uses"? How do you make sure that live video stream is seen only by people you choose? Every action you take on Facebook has privacy and sharing implications that need to be considered before you upload that next selfie.
Fortunately, thanks to vocal demands for transparency from both Facebook users and government regulators around the world, Facebook has been making the process of managing your privacy easier. Below is our step-by-step guide to taking full control of your Facebook privacy settings... more
Privacy concerns and privacy controls on Facebook are ever changing. When you post a picture of your kids at a family gathering, which one of your Facebook friends can share it? What private information are those Facebook game apps collecting on you for "third-party uses"? How do you make sure that live video stream is seen only by people you choose? Every action you take on Facebook has privacy and sharing implications that need to be considered before you upload that next selfie. Fortunately, thanks to vocal demands for transparency from both Facebook users and government regulators around the world, Facebook has been making the process of managing your privacy easier. Below is our step-by-step guide to taking full control of your Facebook privacy settings... more
Summer Reading: Gulity Minds, by Joe Finder
New York Times bestselling author Joseph Finder delivers an exhilarating and timely thriller exploring how even the most powerful among us can be brought down by a carefully crafted lie and how the secrets we keep can never truly stay buried in Guilty Minds.
Nick Heller is a private spy—an intelligence operative based in Boston, hired by lawyers, politicians, and even foreign governments. A high-powered investigator with a penchant for doing things his own way, he’s called to Washington, DC, to help out with a delicate, potentially explosive situation.
The chief justice of the Supreme Court is about to be defamed, his career destroyed, by a powerful gossip website that specializes in dirt on celebs and politicians. Their top reporter has written an exposé claiming that he had liaisons with an escort, a young woman prepared to tell the world her salacious tale. But the chief justice is not without allies and his greatest supporter is determined to stop the story in its tracks.
Nick has just forty-eight hours to disprove the story about the chief justice. But when the call girl is found murdered, the case takes a dangerous turn, and Nick resolves to find the mastermind behind the conspiracy before anyone else falls victim to the maelstrom of political scandal and ruined reputations predicated upon one long-buried secret.
(The story may be fiction, but the technical surveillance/security details are accurate. Joe consults with several well-known specialists, including: Kevin D. Murray, and Adam Hernandez, to give his novel the ring of authenticity. This attention to detail is just one of the things that sets Joe Finder apart from other authors... not to mention his gripping plots.)
Nick Heller is a private spy—an intelligence operative based in Boston, hired by lawyers, politicians, and even foreign governments. A high-powered investigator with a penchant for doing things his own way, he’s called to Washington, DC, to help out with a delicate, potentially explosive situation.The chief justice of the Supreme Court is about to be defamed, his career destroyed, by a powerful gossip website that specializes in dirt on celebs and politicians. Their top reporter has written an exposé claiming that he had liaisons with an escort, a young woman prepared to tell the world her salacious tale. But the chief justice is not without allies and his greatest supporter is determined to stop the story in its tracks.
Nick has just forty-eight hours to disprove the story about the chief justice. But when the call girl is found murdered, the case takes a dangerous turn, and Nick resolves to find the mastermind behind the conspiracy before anyone else falls victim to the maelstrom of political scandal and ruined reputations predicated upon one long-buried secret.
(The story may be fiction, but the technical surveillance/security details are accurate. Joe consults with several well-known specialists, including: Kevin D. Murray, and Adam Hernandez, to give his novel the ring of authenticity. This attention to detail is just one of the things that sets Joe Finder apart from other authors... not to mention his gripping plots.)
Compilation of State and Federal Privacy Laws (US & Canada)
The 2016 Supplement to Privacy Journal's "Compilation of State and Federal Privacy Laws" (2013) has been published, adding 30 more laws enacted by states and provinces in the past 12 months.
The Compilation of State and Federal Privacy Laws (ISBN 978-0-930072-56-8) cites and describes more than 700 state, provincial, and federal laws affecting the confidentiality of personal information and electronic surveillance. The laws are listed by state, grouped in categories like medical, credit, financial, security breaches, tracking technologies, employment, government, school records, Social Security numbers, marketing, telephone privacy and many more. Canadian laws too.
PRIVACY JOURNAL
PO Box 28577
Providence RI 02908
Phone: 401/274-7861
Fax: 401/274-4747
www.privacyjournal.net
The Compilation of State and Federal Privacy Laws (ISBN 978-0-930072-56-8) cites and describes more than 700 state, provincial, and federal laws affecting the confidentiality of personal information and electronic surveillance. The laws are listed by state, grouped in categories like medical, credit, financial, security breaches, tracking technologies, employment, government, school records, Social Security numbers, marketing, telephone privacy and many more. Canadian laws too. PRIVACY JOURNAL
PO Box 28577
Providence RI 02908
Phone: 401/274-7861
Fax: 401/274-4747
www.privacyjournal.net
Friday, July 22, 2016
Amazon Mute on Echo Eavesdropping
We may never know if the feds have hijacked Amazon Echo.
Amazon has so far issued two transparency reports since it began declaring how many government data demands and wiretap orders it receives.
Both reports outlined how many subpoenas, search warrants, and court orders the company received to cloud service Amazon Web Services. While its cloud makes up a significant portion of the data that it gathers, the company also collects vast amounts of data from its retail businesses, mobile services, book purchases, and requests made to Echo.
But an Amazon spokesperson wouldn't comment on whether the company will expand its transparency report. more
Amazon has so far issued two transparency reports since it began declaring how many government data demands and wiretap orders it receives.Both reports outlined how many subpoenas, search warrants, and court orders the company received to cloud service Amazon Web Services. While its cloud makes up a significant portion of the data that it gathers, the company also collects vast amounts of data from its retail businesses, mobile services, book purchases, and requests made to Echo.
But an Amazon spokesperson wouldn't comment on whether the company will expand its transparency report. more
Kim Kardashian Could Get a Swift Kick for Eavesdropping
Kim Kardashian was apparently bluffing when she said that she has a video of Taylor Swift approving the lyric “I made that bitch famous,” even if the reality star had released a video on Sunday night on her Snapchat.
A legal expert said that the turn of events could lead to a major legal battle between Swift on one hand, and Kanye West and Kim Kardashian on the other hand.
For releasing the recording of West’s conversation with Swift – even minus the alleged approval by Swift of the controversial lyric – because the singer was unaware their conversation was being recorded, West and Kardashian breached California’s law on eavesdropping, noted E! News. more
A legal expert said that the turn of events could lead to a major legal battle between Swift on one hand, and Kanye West and Kim Kardashian on the other hand.For releasing the recording of West’s conversation with Swift – even minus the alleged approval by Swift of the controversial lyric – because the singer was unaware their conversation was being recorded, West and Kardashian breached California’s law on eavesdropping, noted E! News. more
North Korea Revives Coded Spy Numbers Broadcasts
In an era of sophisticated spycraft, North Korea appears to be returning to the days of shortwave radio.
The North broadcast a series of seemingly random numbers on Pyongyang Radio twice recently, an eerie reminder of the days when the North encrypted messages to its spies in South Korea.
In the latest episode last Friday, an announcer read what she described as “a mathematics review assignment for investigative agent No. 27,” engaged in a “distance learning” program.
“Turn to Page 459, No. 35; Page 913, No. 55; Page 135, No. 86,” she said, continuing to cite numbers for 14 minutes.Decades ago, it was not unusual for late-night radio listeners in the South to hear mysterious numbers arriving on static-filled signals from the North. more
 |
| Click to enlarge. |
In the latest episode last Friday, an announcer read what she described as “a mathematics review assignment for investigative agent No. 27,” engaged in a “distance learning” program.
“Turn to Page 459, No. 35; Page 913, No. 55; Page 135, No. 86,” she said, continuing to cite numbers for 14 minutes.Decades ago, it was not unusual for late-night radio listeners in the South to hear mysterious numbers arriving on static-filled signals from the North. more
Subscribe to:
Posts (Atom)