Wednesday, July 4, 2018

Without Spies There May Have Been No 'Fourth of July'

By Nina Strochlic, for National Geographic magazine.

In 1777, the American colonies were badly losing their fight for independence from Great Britain. The British Army had captured New York City’s crucial port. Expecting further advances, the Continental Congress was evacuated from Philadelphia. It seemed that the war was lost.
Then George Washington, then Commander-in-Chief of the Continental Army, wrote a letter that changed the course of the war.

Washington was desperate to discover what was happening inside New York, but military scouts couldn’t get close enough. The general needed someone to penetrate enemy lines, but when he asked for volunteers, few of his troops raised their hands.

“Spying wasn’t seen as gentlemanly,” says Vince Houghton, resident historian at the International Spy Museum in Washington, D.C.

Finally, a young army captain named Nathan Hale volunteered for the dangerous assignment. He was caught a week later and hanged, the first known American spy to be executed on the job. (He’s memorialized with a statue outside CIA headquarters.)

Washington realized that the mission was too big for untrained volunteers, so he set about building an espionage organization.

John Jay, later the first Chief Justice of the Supreme Court, had been running counterintelligence as head of the New York State Committee and Commission for Detecting and Defeating Conspiracies. One of Jay’s operatives, a merchant named Nathaniel Sackett, had experience in secret writing and codes. 

In February 1777, Washington wrote a letter to Sackett in which he offered him $50 a month—out of his own pocket—to establish the first formal apparatus for the “advantage of obtaining the earliest and best Intelligence of the designs of the Enemy.” “Without the organization that Sackett set up, it would have been very difficult for us to win the war,” says Houghton. “We had a ragtag army and [the British] had the greatest army, greatest navy, and greatest economy in the world. We had no real business winning this war.”

But America’s spy service got off to an inglorious start. Most of Sackett’s agents failed at their jobs—including Sackett himself, who was fired after just six months.

Fortunately for the infant nation, Sackett’s replacement, 26-year-old Benjamin Tallmadge, created what is considered one of America’s greatest espionage operations: the Culper Spy Ring. Comprised of childhood friends from Long Island, the group included a shop owner inside New York City who gathered information, a traveling trader who smuggled it out of the city, and a whale boat captain who delivered it to Washington’s camp.

Employing the tools and tricks of the 18th-century spy trade—hiding secret messages in hollow feather quills, using “dead drops” to transport letters—the Culper operatives unmasked enemy spies, busted a money counterfeiting plan, and stopped the British from sabotaging a French aid mission to the colonies.

After important letters were lost during an enemy raid, Tallmadge invented a “numerical dictionary” code that matched 763 cities, names, and words to numbers. (Washington’s code name was Agent 711.) Washington also asked physician James Jay (brother to John) to invent an invisible ink that could be revealed only with another chemical and would “relieve the fears of such persons as may be entrusted in its conveyance.

Washington’s espionage experiment paid off. In 1781 the British surrendered, thanks in part to the intelligence gathered by the Culper Ring and their networks. “Washington didn’t really out-fight the British. He simply out-spied us,” a British intelligence officer allegedly said after the war.

None of the Culper spies were ever caught, and even Washington himself never learned exactly who was in the group. The ring’s very existence wasn’t discovered until the 1900s, and to this day no one knows for certain how many members it had.

After the war Washington asked Congress to reimburse him $17,000—nearly half a million dollars today—for his espionage expenses. The lawmakers obliged.

Tuesday, July 3, 2018

Washington Policymakers Bluster About High-Tech Foreign Surveillance (again)

Washington policymakers are growing increasingly worried about the threat of high-tech foreign surveillance, a development complicated by U.S. spy agencies' use of similar technologies.

Lawmakers are stepping up their demands for more information from the Trump administration about foreign efforts to spy on Americans' cellphones. more

Facebook Promises Not to Use Tech in Phone Eavesdropping Patent

In an attempt to assuage concerns raised by Facebook's filing for a patent for software that could turn the mics of smartphones on in order to record secret messages in TV ads, the social networking giant has ruled out using the technology in any of its products.


The patent had been filed "to prevent aggression from other companies," Facebook Vice President and Deputy General Counsel Allen Lo told Engadget in a statement this week. The technology in this patent has not been included in any of Facebook's products, "and never will be", Lo said. more

No Formal Process for Protecting a Trade Secret in Canada ?!?!

Canada - At the annual Uniform Law Conference of Canada in 1989, there was proposed legislation drafted that was called the Uniform Trade Secrets Act.

It provided for potential civil remedies against anyone who acquired a trade secret improperly, including through commercial espionage or electronic means. Courts could grant injunctions, award damages and determine who could make future use of the trade secret.

The proposed legislation was put forward one year after the Supreme Court of Canada issued its ruling in R. v. Stewart on the issue of whether “confidential information” can be the subject of theft under the Criminal Code. The court, in a unanimous decision, concluded that it could not, since confidential information on its own is not property...

Three decades later, there are still no criminal offences specific to this area and the Uniform Trade Secrets Act was never enacted into law by any province. In fact, the current website of the federal Canadian Intellectual Property Office states flatly that there is “no formal process” for protecting a trade secret. more

Meanwhile... Australia has passed new laws to get tough on spying. more

Monday, July 2, 2018

Sign Up - Hackers On Planet Earth (H.O.P.E.) - 3 Days & Nights in NYC

The Circle of HOPE will take place on July 20, 21, and 22, 2018 at the Hotel Pennsylvania in New York City. H.O.P.E. stands for Hackers On Planet Earth, one of the most creative and diverse hacker events in the world. It's been happening since 1994.

Three full days and nights of activities, including more of the provocative and enlightening speakers that the HOPE conferences are known for. In addition, they will have access to a massive amount of space to put together all sorts of hacker projects and assorted fun stuff.

In the past they've had huge hackerspace villages, film festivals, Segway rides, lock picking villages, a wide variety of vendors, art installations, live video, vintage computers, robots, an amateur/ham radio station, electronics workshops, book signings, and the country's biggest supply of Club-Mate.

All of that happening right in the middle of New York City, across the street from Penn Station and down the block from the Empire State Building. more

Be sure to check out the amazing list of speakers and topics!

Ah, Gee. Not LTE.

Vulnerabilities have been discovered in LTE that would make it possible for an attacker to tap into 4G networks for the purposes of spying on and hijacking 4G browsing sessions.

Security researchers from Ruhr-Universität, Bochum and New York University, Abu Dhabi show how three different attacks can be launched on the second layer of LTE -- also known as the data link layer. Two passive attacks allow for identity mapping and website fingerprinting, while the active cryptographic aLTEr attack allows for DNS spoofing and network connection redirection.

The researchers, David Rupprecht, Katharina Kohls, Thorsten Holz, and Christina Pöpper, are due to share their findings at the 2019 IEEE Symposium on Security & Privacy next year, but has published a paper in the meantime. Their findings mean that all three protocol layers of LTE (physical, data link, and network) have been found to be problematic.

Current 4G networks are vulnerable, and it is thought that 5G networks could be as well. In the name of responsible disclosure, the group informed the likes of the GSM Association (GSMA), the 3rd Generation Partnership Project (3GPP), and telephone companies of its findings. more

Whataburger - Toilet Spycam - 13 Unidentified Victims

TX - The man accused of placing a video camera in the restroom of a Whataburger restaurant has now been arrested, according to Abilene police...

Abilene police released footage of the suspect placing the camera inside a bathroom stall.

Last Friday, a woman called police after finding the device inside the toilet lid at a south Abilene Whataburger.

A woman, who said she wishes to remain anonymous, told KTAB/KRBC that when she went to the restroom, she flushed the toilet and noticed an unusual small circle under the rim of the toilet lid. She said she looked closer and found what appeared to be a camera lens. The woman said she then followed the camera to 'a bunch of wires connected to the device' under the lid of the tank.

The woman said she then ripped the device out of the tank and and ran to her car where she called police...

Whataburger said it had launched its own investigation... more

Abilene police are seeking information about potential victims from last week's Whataburger video voyeur case.

Police said 13 unidentified victims need to be identified.
Anyone who was at Whataburger at 4241 South 1st Street on Friday, June 22 between 8:50 a.m. and 1:18 p.m. and used the women's restroom as asked to call police at 325-676-6610. more

Sunday, July 1, 2018

Could Your Smartphone Battery Spy on You? (unlikely, but...)

Most batteries in today’s smartphone are intelligent enough to detect how people use their phones and employ power-saving technologies that result in longer battery life. That advantage sounds excellent all around, but...

The researchers who authored a paper [PDF] on the subject of smartphone batteries capable of spying on people pointed out that this hack would be quick to implement and difficult to detect. They say smartphone owners may even participate in helping the hacks happen by installing malicious batteries themselves.

It could happen in a scenario where a hacker sets up an online store and entices users with promises of extra-long battery life and low prices, sends a purchaser the battery and waits for it to become installed in the phone to begin the tracking segment of the hack.

Plus, the battery could be capable of continuous monitoring, giving hackers the opportunity to see almost all the things the targets do with their phones, whether that’s browsing the internet, typing on the phone’s keyboard or receiving calls. more

A bug made to look like a cell phone battery...

The Search Engine That Didn't Snitch... and other disasters

Hey gang, it's almost Independence Day here in America. Yup, July 4th is just around the corner.

Fireworks are in America's bloodstream... but, did you know your on-line curiosity could get you in trouble with the terrorist chasers? Your fireworks search engine inquires might start popping red flags...

"Ludlow Kissel and the Dago Bomb That Struck Back"
"What is a Dago Bomb?"
"How can I build a Dago Bomb?"
"Dago Bomb ingredients"
"What was blown up by the Dago Bomb?"

(Knock, Knock)
"We're from Homeland Security..."


"Excelsior, you fathead!" Next time, don't use a search engine that captures your IP address. Search privately. Go to https://www.ixquick.com
ixquick is the only search engine which gives you anonymity.

Oh, and Ludlow... he had his 15 minutes of fame... about 2:17 into this Great American Fourth of July video. ~Kevin

UPDATE - NEW URL. Startpage.com

Friday, June 29, 2018

Corporate Espionage Heats Up as “Made in China 2025” Nears

Corporate espionage is an extremely serious charge in the American technology market. There have been several prominent occasions in which AMD and Intel or AMD and Nvidia have cooperated when an employee was suspected to have engaged in IP theft, precisely because the consequences of bringing a product to market that’s tainted by another company’s IP rights could be so catastrophic.

But in China, there’s a very different system in place — and the way this has played out could be driving China’s investigation of Micron and Samsung’s DRAM pricing.

Here’s what we know. Micron alleges that the United Microelectronics Corporation (UMC), a Taiwanese foundry, cooperated with Fujian Jinhua Integrated Circuit Company to steal Micron secrets.

Jinhua may have been attempting to steal secrets from Micron in a manner similar to that used by the Yangtze Memory Technology Company, or YMTC, which is now building chips that the New York Times reports look suspiciously like Samsung devices.

The Chinese companies are collectively under tremendous pressure to deliver on an initiative China calls “Made in China 2025.”

Made in China 2025 is a comprehensive Chinese effort to increase domestic production of core materials by up to 40 percent by 2020 and 70 percent in 2025.

The impact this would have on existing semiconductor manufacturing can only be described as seismic. more

Important... Made in China 2025 should be a red flag to ALL businesses in the U.S. 
Make sure you understand the impact of this initiative. Make sure you get a competent Technical Information Security Consultant on your team, soon. There won't be enough to go around once the penny drops.

Yet Another Reason for SpyCamDetection.Training


FL - A Keys man was arrested Wednesday after police said he was spying on people using the bathroom at his job.

Ray Gallegos, 32, of Big Pine Key, admitted to having planted a camera in the men's bathroom at the Walgreens, 30351 Overseas Hwy., sometime in August 2017 so he could watch men, according to the Monroe County Sheriff's Office.

Deputies and agents from Homeland Security on Wednesday searched Gallegos' home, where they said they found pictures and video depicting a bathroom stall later identified as the one located in the pharmacy at the Big Pine Walgreens. more

Facebook's Patent Called Creepy

If you’re a Facebook user, you’ve likely heard stories of people becoming convinced that the company uses the microphones that are everywhere these days (such as ones on a smartphone or laptop) to spy on its users. While those fears might just be the result of an overactive imagination, a new patent filing is fueling concerns that Facebook might actually be equipped to do just that someday soon...

The patent filing itself is densely packed with information, but the technology at the center of it would use high-pitched audio signals that are inaudible to humans and hidden within advertisements or other “broadcast content.” That audio signal could be used to activate a “client device” to record the ambient audio in the room and log an impression – which makes this sound like a system for tracking how many individual impressions an advertising campaign receives.

The abstract of the patent explains the system relies on client devices that are associated with each individual in a household, which has led many to believe that the patent is talking about activating the mic on your smartphone. The patent filing also features a number of images that depict the “client devices” as smartphones, which leaves little to the imagination. All of that, as you can imagine, has resulted in quite a few negative headlines accusing Facebook of once again overreaching when it comes to user privacy. more


California Passes Sweeping Data-Privacy Bill

California lawmakers gave consumers unprecedented protections for their data and imposed tough restrictions on the tech industry, potentially establishing a privacy template for the rest of the nation.

The law, which was rushed through the legislature this week and signed by Gov. Jerry Brown on Thursday, broadens the definition of what constitutes personal information and gives California consumers the right to prohibit the sale of personal data to third parties and opt out of sharing it altogether. The bill applies to internet giants such as Facebook Inc. and Alphabet Inc.’s Google but also will affect businesses of any size that collect data on their customers.

Ashkan Soltani, a digital researcher and former chief technologist for the Federal Trade Commission, said the regulations are the first of their kind in the U.S. more sing-a-long

Wednesday, June 27, 2018

The Kid is Recording with His Cell Phone - Quick, Call the Cops!

A sad Middle School Civics Lesson...

One of Illinois' most-abused laws continues to be abused. For years, cops used the state's eavesdropping laws to arrest citizens who attempted to record them. This practice finally stopped when three consecutive courts -- including a federal appeals court -- ruled the law was unconstitutional when applied to target citizens recording public servants.

This may have led to the end of bullshit arrests from cops who didn't like being observed while they worked, but it's still being used by government officials to punish people they don't like. Illinois Policy reports a 13-year-old student is facing felony charges for recording a meeting between him and two school administrators.
On Feb. 16, 2018, [Paul] Boron was called to the principal’s office at Manteno Middle School after failing to attend a number of detentions. Before meeting Principal David Conrad and Assistant Principal Nathan Short, he began recording audio on his cellphone.

Boron said he argued with Conrad and Short for approximately 10 minutes in the reception area of the school secretary’s office, with the door open to the hallway. When Boron told Conrad and Short he was recording, Conrad allegedly told Boron he was committing a felony and promptly ended the conversation.
Principal Conrad sure knows his local statutes. He turned Boron in to law enforcement, which apparently decided to go ahead and process the paperwork, rather than tell Conrad to stop acting like a child. This led to prosecutors being just as unwilling to be the adults in the room.

For a 13-year-old, this is a huge problem. This places his recording of his conversation with school officials on the same level as aggravated assault and stalking. It comes with a minimum prison sentence of one year. more 

Murray's Surreptitious Workplace Recording — and what to do about it

Air-Gapped Computers to be Ticked-off via USB Tick-Sticks

A cyber-espionage group is targeting a specific type of secure USB drive created by a South Korean defence company in a bid to gain access to its air-gapped networks. 

According to a blog post by researchers at Palo Alto Networks, this attack was carried out by a group called Tick which carries out cyber-espionage activities targeting organisations in Japan and Korea.

Researchers said that weaponisation of a secure USB drive is an uncommon attack technique and likely done in an effort to spread to air-gapped systems, these networks are normally not connected to the internet. more

Murray's USB Stick Warnings