Everything from following instructions in a book to a full forensic inspection.
In the meantime, you can start with this...
You can find a slightly larger version here.
Monday, December 24, 2018
Infographic - Check Your Phone for Spies
There is a lot which can be done to check your phone for spyware.
Everything from following instructions in a book to a full forensic inspection.
In the meantime, you can start with this...
Everything from following instructions in a book to a full forensic inspection.
In the meantime, you can start with this...
Yet another Spy Museum Opens
The KGB Spy Museum (in New York City) features the largest collection of USSR KGB espionage artifacts.
The KGB, an initialism for КГБ Komitet gosudarstvennoy bezopasnosti translated in English as Committee for State Security, was the main security agency for the Soviet Union. During the Cold War, KGB always wanted to compete with the CIA in all possible ways.
Interactive spy museum presents to visitors that era special technique: spy cameras, KGB concealment devices, secret recorders, crypto and cipher machines, spy radios, secure telephones...
The museum exhibition, much of which is only now being made public, presents a never-before-seen collection of items covering the activities of prominent KGB agents and revealing the strategies and methods that underlay many of history’s top secret espionage operations. more
The KGB, an initialism for КГБ Komitet gosudarstvennoy bezopasnosti translated in English as Committee for State Security, was the main security agency for the Soviet Union. During the Cold War, KGB always wanted to compete with the CIA in all possible ways.
Interactive spy museum presents to visitors that era special technique: spy cameras, KGB concealment devices, secret recorders, crypto and cipher machines, spy radios, secure telephones...
The museum exhibition, much of which is only now being made public, presents a never-before-seen collection of items covering the activities of prominent KGB agents and revealing the strategies and methods that underlay many of history’s top secret espionage operations. more
Sunday, December 23, 2018
"Alexa, what’s my neighbor doing?"
Alexa, what’s my neighbor doing? ‘Human error’ allows user to eavesdrop on stranger’s life.
A German Amazon customer was able to access hours of audio files from a stranger‘s Alexa device that included recordings of him in the shower thanks to a “mistake” by one of Amazon‘s human employees.
Amazon sent the customer a link that included 1,700 recordings of another man and his female companion when he asked to play back the recordings from his own Alexa voice assistant.
He reported the anomaly to Amazon, but the company did not immediately reply, except to delete the files. By then, he had already downloaded them. After weeks of no response from Amazon, the customer notified German trade c‘t, worried the company would just cover up the incident otherwise.
Using the information contained in the recordings, which included their first and last name, the name of their partner, where they lived – even audio of the person in the shower – c‘t was able to locate and the victim, who was... more
Yup, like I said two years ago. ~Kevin
A German Amazon customer was able to access hours of audio files from a stranger‘s Alexa device that included recordings of him in the shower thanks to a “mistake” by one of Amazon‘s human employees.
Amazon sent the customer a link that included 1,700 recordings of another man and his female companion when he asked to play back the recordings from his own Alexa voice assistant.
He reported the anomaly to Amazon, but the company did not immediately reply, except to delete the files. By then, he had already downloaded them. After weeks of no response from Amazon, the customer notified German trade c‘t, worried the company would just cover up the incident otherwise.
Using the information contained in the recordings, which included their first and last name, the name of their partner, where they lived – even audio of the person in the shower – c‘t was able to locate and the victim, who was... more
Yup, like I said two years ago. ~Kevin
Happy Birthday World's First Spy Musuem
The Spy Museum in Tampere, Finland opened to the public in the summer of 1998. It was the world's first spy museum dedicated exclusively to espionage. This year, the Spy Museum celebrated its 20th anniversary.
Two years later, in 2000, a sister museum, the International Spy Museum, opened its doors in Washington, D.C. more
The Case of the Eavesdropping Boyfirend - Settled
 |
| "Wonderful fun. Hundreds of practical uses." |
Saturday, December 22, 2018
The Surprising Spy Story Behind Lafayette Radio
by Rich Post KB8TAD
Lafayette's three owners
Sometimes when you look closely at a company, a surprise pops up. Such was the case with Lafayette. The change in corporate names in 1939-40 and the separate catalogs in 1942 as well as the sudden and permanent disappearance of Lafayette from Atlanta and Chicago in 1951 triggered the question of why. Was there a rift among partners?
Searching on the names of the three owners as stated in the Federal Trade Commission action against Wholesale Radio in 1935 turned up nothing until... A search on the correctly-spelled names of Samuel J. Novick and Max H. Krantzberg came up with Krantzberg as the Executive Vice President of Lafayette with stock holdings just a bit less than President and Chairman Abraham Pletman in a Securities and Exchange Commission report in 1961. Each owned roughly a third of the outstanding shares...
The communist connection
Novick was not actually the author of "A Plan for America at Peace" but his company sponsored and paid for the publication. He had immigrated to the US from Czarist Russia in 1914 at age 17. One of his early jobs in the US was radio telegrapher. He became an excellent business man. He was also an avowed communist who allegedly paid the bills for radio commentators from the American Communist Party on the Blue radio network. He supported a variety of organizations later deemed to be underground communist groups according to FBI reports. Some labor unions at the time were also controlled by communists allegedly including the one that had honored him. Of course, in free speech America, this was allowed.
Spies and Lies
However, it was after the FBI uncovered a Russian spy that Samuel Novick came to their attention.
Arthur Adams was a high-ranking undercover GRU (Soviet Military Intelligence) operative under the code named "Achilles" and was assigned along with others in the NKVD (forerunner of the Russian KGB) to obtain US corporate and military technology secrets.
In 1937 Novick had written a letter to the US Immigration and Naturalization Service vouching that Adams was a highly skilled radio engineer who had worked for him for 10 years at Wholesale Radio as its Canadian representative and was needed in the US. It was a lie. more
Extra Credit: Explore old Lafayette catalogues here, and later ones here. Old issues of Monitoring Times may be obtained here.
Lafayette's three owners
Sometimes when you look closely at a company, a surprise pops up. Such was the case with Lafayette. The change in corporate names in 1939-40 and the separate catalogs in 1942 as well as the sudden and permanent disappearance of Lafayette from Atlanta and Chicago in 1951 triggered the question of why. Was there a rift among partners?
Searching on the names of the three owners as stated in the Federal Trade Commission action against Wholesale Radio in 1935 turned up nothing until... A search on the correctly-spelled names of Samuel J. Novick and Max H. Krantzberg came up with Krantzberg as the Executive Vice President of Lafayette with stock holdings just a bit less than President and Chairman Abraham Pletman in a Securities and Exchange Commission report in 1961. Each owned roughly a third of the outstanding shares... The communist connection
Novick was not actually the author of "A Plan for America at Peace" but his company sponsored and paid for the publication. He had immigrated to the US from Czarist Russia in 1914 at age 17. One of his early jobs in the US was radio telegrapher. He became an excellent business man. He was also an avowed communist who allegedly paid the bills for radio commentators from the American Communist Party on the Blue radio network. He supported a variety of organizations later deemed to be underground communist groups according to FBI reports. Some labor unions at the time were also controlled by communists allegedly including the one that had honored him. Of course, in free speech America, this was allowed.
Spies and Lies
However, it was after the FBI uncovered a Russian spy that Samuel Novick came to their attention.
Arthur Adams was a high-ranking undercover GRU (Soviet Military Intelligence) operative under the code named "Achilles" and was assigned along with others in the NKVD (forerunner of the Russian KGB) to obtain US corporate and military technology secrets.
In 1937 Novick had written a letter to the US Immigration and Naturalization Service vouching that Adams was a highly skilled radio engineer who had worked for him for 10 years at Wholesale Radio as its Canadian representative and was needed in the US. It was a lie. more
Extra Credit: Explore old Lafayette catalogues here, and later ones here. Old issues of Monitoring Times may be obtained here.
Friday, December 21, 2018
This Month in... Bots Gone Wild
Sneaky parrot uses Amazon Alexa to shop while owner is away. more
GPS signals across far northern Norway and Finland failed. Civilian airplanes were forced to navigate manually, and ordinary citizens could no longer trust their smartphones. more
Virgin Australia is under investigation after two engines on one of its aircraft "flamed out" during descent and had to be manually re-ignited before the aircraft hit the tarmac. more
Drone shatters passenger jet’s nosecone and radar during landing. more
Uber manager in March: “We shouldn’t be hitting things every 15,000 miles.” "They told me incidents like that happen all of the time," whistleblower wrote. more
New Zealand courts banned naming Grace Millane’s accused killer. Google just emailed it out. more
She'd just had a stillborn child. Tech companies wouldn't let her forget it. A woman pleads with tech companies like Facebook and Twitter to stop serving her ads to intensify her grief. more
Microsoft is sending users who search for Office 2019 download links via its Bing search engine to a website that teaches them the basics about pirating the company's Office suite. more
Delivery robot bursts into flames at UC Berkeley. more
Rudy Giuliani Says Twitter Sabotaged His Tweet (not true) more
Mystery Drone Still on the Loose at Gatwick Airport, But Flights Resume Anyway more
Thousands of people trusted Blind, an app-based "anonymous social network," as a safe way to reveal malfeasance, wrongdoing and improper conduct at their companies. But Blind left one of its database servers exposed without a password, making it possible for anyone who knew where to look to access each user's account information and identify would-be whistleblowers. more
...and a cautionary tale.
GPS signals across far northern Norway and Finland failed. Civilian airplanes were forced to navigate manually, and ordinary citizens could no longer trust their smartphones. more
Virgin Australia is under investigation after two engines on one of its aircraft "flamed out" during descent and had to be manually re-ignited before the aircraft hit the tarmac. more
Drone shatters passenger jet’s nosecone and radar during landing. more
Uber manager in March: “We shouldn’t be hitting things every 15,000 miles.” "They told me incidents like that happen all of the time," whistleblower wrote. more
New Zealand courts banned naming Grace Millane’s accused killer. Google just emailed it out. more
She'd just had a stillborn child. Tech companies wouldn't let her forget it. A woman pleads with tech companies like Facebook and Twitter to stop serving her ads to intensify her grief. more
Microsoft is sending users who search for Office 2019 download links via its Bing search engine to a website that teaches them the basics about pirating the company's Office suite. more
Delivery robot bursts into flames at UC Berkeley. more
Rudy Giuliani Says Twitter Sabotaged His Tweet (not true) more
Mystery Drone Still on the Loose at Gatwick Airport, But Flights Resume Anyway more
Thousands of people trusted Blind, an app-based "anonymous social network," as a safe way to reveal malfeasance, wrongdoing and improper conduct at their companies. But Blind left one of its database servers exposed without a password, making it possible for anyone who knew where to look to access each user's account information and identify would-be whistleblowers. more
...and a cautionary tale.
Wednesday, December 19, 2018
FutureWatch: 2019 - Stricter Privacy Regulation (we hope)
After decades of complacency, the regulatory tide is finally turning against the unchecked personal data collection that powers the ad-revenue machines at Google, Facebook, and other big tech firms. In Europe, the General Data Protection Regulation (GDPR) is an unprecedented leap forward in privacy regulation, with strict rules and harsh penalties designed to limit personal data collection.
Though the US has been slower to act, there is a growing demand for an Internet Dodd-Frank, a sweeping federal legislation designed to protect the privacy of US citizens.
The recently passed California Protection Act (AB 375) is one potential, though imperfect, template for a federal consumer privacy law. This new law affords California residents new privacy rights that entitle them more insight into, and more control over, the personal data companies collect on them...
Google already commented that they "...look forward to improvements to address the many unintended consequences of the law," which could easily translate to prioritizing the protection of the practices that have allowed these companies to make billions at the expense of consumer privacy. more
Government Spying... Outsourced
New Zealand - The State Services Commission delivered a damning report
into the use of companies like Thompson and Clark (Investigations Limited) to carry out
surveillance on protestors, activists and other members of the public,
as well as inappropriately close relationship between investigators and
some public servants.
The Commissioner described the way some agencies allowed some New
Zealanders to be targeted by investigators as an affront to democracy.
The report has already claimed its first casualty.
Ross Butler quit as chair of the government insurance agency Southern Response last night before his meeting with the Greater Christchurch Regeneration Minister Megan Woods.
The insurer broke its code of conduct, and possibly the law, when it used security firm Thompson and Clark to secretly record meetings of earthquake victims. more & more
 |
| https://amzn.to/2SaAd8i |
The report has already claimed its first casualty.
Ross Butler quit as chair of the government insurance agency Southern Response last night before his meeting with the Greater Christchurch Regeneration Minister Megan Woods.
The insurer broke its code of conduct, and possibly the law, when it used security firm Thompson and Clark to secretly record meetings of earthquake victims. more & more
When Technical Surveillance Countermeasures Warnings Are Met With a Shrug
Hackers infiltrated the European Union’s diplomatic communications network for years, downloading thousands of cables that reveal concerns about an unpredictable Trump administration and struggles to deal with Russia and China and the risk that Iran would revive its nuclear program...
The cables were copied from the secure network and posted to an open internet site that the hackers set up in the course of their attack, according to Area 1, the firm that discovered the breach...
Asked on Tuesday about the hack, the National Security Agency said it was still examining the discovery of the European trove. But the former senior intelligence official said that the European Union had been warned, repeatedly, that its aging communications system was highly vulnerable to hacking by China, Russia, Iran and other states.
The official said the warnings were usually received with a shrug...
The Europeans appear, belatedly, to be waking up to the threat. Its senior staff members increasingly use encrypted telephones, and isolated “speech rooms” of Lucite are being installed in key posts... more
The cables were copied from the secure network and posted to an open internet site that the hackers set up in the course of their attack, according to Area 1, the firm that discovered the breach...
The official said the warnings were usually received with a shrug...
The Europeans appear, belatedly, to be waking up to the threat. Its senior staff members increasingly use encrypted telephones, and isolated “speech rooms” of Lucite are being installed in key posts... more
When Customs and Border Protection Wants to See Your Cell Phone
Last Thursday's post: Your Mobile Device Could Spill Its Guts (and worse) Get You Arrested
Today: Man sues feds after being detained for refusing to unlock his phone at airport
A Southern California man has become the latest person to sue the federal government over what he says is an unconstitutional search of his phone at the Los Angeles International Airport.
According to his lawsuit, which was recently filed in federal court in Los Angeles, Haisam Elsharkawi had arrived at LAX on February 9, 2017 and was headed to Saudi Arabia to go on a hajj, the Muslim religious pilgrimage...
Officer Rodriguez, began searching Elsharkawi’s pockets and discovered his phone. Rodriguez asked Elsharkawi to unlock his phone, which he declined to do. He then also refused to answer further questions without having an attorney present...
Elsharkawi was taken to a holding cell...
Yet another officer entered the scene, identified in the civil complaint as "Officer Jennifer," who again began questioning Elsharkawi. Eventually, after some back-and-forth, Elsharkawi "felt he had no choice but to acquiesce and unlocked his phone."
Officer Jennifer began searching his phone and asked Elsharkawi about his eBay and Amazon accounts, and "where he got merchandise for his e-commerce business, and what swap meets he frequents. more
Today: Man sues feds after being detained for refusing to unlock his phone at airport
A Southern California man has become the latest person to sue the federal government over what he says is an unconstitutional search of his phone at the Los Angeles International Airport.
According to his lawsuit, which was recently filed in federal court in Los Angeles, Haisam Elsharkawi had arrived at LAX on February 9, 2017 and was headed to Saudi Arabia to go on a hajj, the Muslim religious pilgrimage...
Officer Rodriguez, began searching Elsharkawi’s pockets and discovered his phone. Rodriguez asked Elsharkawi to unlock his phone, which he declined to do. He then also refused to answer further questions without having an attorney present...Elsharkawi was taken to a holding cell...
Yet another officer entered the scene, identified in the civil complaint as "Officer Jennifer," who again began questioning Elsharkawi. Eventually, after some back-and-forth, Elsharkawi "felt he had no choice but to acquiesce and unlocked his phone."
Officer Jennifer began searching his phone and asked Elsharkawi about his eBay and Amazon accounts, and "where he got merchandise for his e-commerce business, and what swap meets he frequents. more
Tuesday, December 18, 2018
El Chapo Got Wiretapped Because the IT Guy Screwed Up
It only took five weeks, but jurors in the trial of Joaquín “El Chapo” Guzmán finally got hear the infamous drug lord speak. Chapo's voice filled the courtroom Thursday as prosecutors played a taped phone call between the alleged Sinaloa cartel leader and members of the FARC guerrilla group. The two sides could be heard negotiating a six-ton cocaine deal. The exchange was damning...
It’s still unclear exactly how U.S. authorities obtained the recording, but witness Jorge Cifuentes seemed to have a pretty good idea. He blamed the cartel’s IT guy...
Cifuentes appeared to be vigilant about digital security. Prosecutors showed the jury his detailed accounting records, which included items like "cellular inhibitors" and "microphone searchers" among his expenses. "You turn it on during a meeting and there's no way anyone can tape it or send out anything," Cifuentes said, describing one of the devices...
The irony was that authorities were only able to obtain the call because the men were forced to use conventional cellphones while their secure network was down. Cifuentes called Cristián "an irresponsible person," and said the engineer screwed up by forgetting to renew the license on the software they had purchased. more
Note: This also reveals what can happen when someone with a little knowledge (Jorge Cifuentes) tries to play TSCM expert... "You turn it on during a meeting and there's no way anyone can tape it or send out anything,"
Be careful who you hire to advise you on corporate technical counterespionage.
It’s still unclear exactly how U.S. authorities obtained the recording, but witness Jorge Cifuentes seemed to have a pretty good idea. He blamed the cartel’s IT guy...Cifuentes appeared to be vigilant about digital security. Prosecutors showed the jury his detailed accounting records, which included items like "cellular inhibitors" and "microphone searchers" among his expenses. "You turn it on during a meeting and there's no way anyone can tape it or send out anything," Cifuentes said, describing one of the devices...
The irony was that authorities were only able to obtain the call because the men were forced to use conventional cellphones while their secure network was down. Cifuentes called Cristián "an irresponsible person," and said the engineer screwed up by forgetting to renew the license on the software they had purchased. more
Note: This also reveals what can happen when someone with a little knowledge (Jorge Cifuentes) tries to play TSCM expert... "You turn it on during a meeting and there's no way anyone can tape it or send out anything,"
Be careful who you hire to advise you on corporate technical counterespionage.
Quote of the Week
"It’s generally the government’s view that corporations are as
responsible for their own information technology security as they are
for their own physical security." — Dick Fadden, former national security adviser to Stephen Harper and past
director of the Canadian Security Intelligence Service (CSIS)
National Security Agency (NSA) - 136 issues of its internal Cryptolog periodical spanning 1974 through 1997.
Five years ago, the National Security Agency (NSA) released 136 issues of its internal Cryptolog periodical spanning 1974 through 1997. The collection offered a look into the some of the discussions being held within one of America’s most secretive intelligence agencies. Today the GWU-based National Security Archive is providing a complete index of all 1,504 items in the declassified collection, including but not limited to articles, interviews, and puzzles. more
Man's IoT Security Camera Starts Giving Him Advice
An Arizona real estate agent was shocked when a voice started broadcasting from his Nest security camera recently, addressing him directly.
Andy Gregg was in his backyard when he heard the voice, belonging to someone who claimed to be a “white hat hacker” from Canada, Gregg told the Arizona Republic. A white hat hacker is a hacker who exposes security vulnerabilities for the greater good, rather than their own benefit.
Gregg recorded the conversation that followed. In the video, a voice can be heard over the speaker telling Gregg that he was contacting him in the creepiest way possible to warn him about the security risks of his internet-connected camera. more
Andy Gregg was in his backyard when he heard the voice, belonging to someone who claimed to be a “white hat hacker” from Canada, Gregg told the Arizona Republic. A white hat hacker is a hacker who exposes security vulnerabilities for the greater good, rather than their own benefit.
Gregg recorded the conversation that followed. In the video, a voice can be heard over the speaker telling Gregg that he was contacting him in the creepiest way possible to warn him about the security risks of his internet-connected camera. more
Subscribe to:
Posts (Atom)