Become A Spy Fast... in Slovenia

Slovenia's spy agency on Tuesday published its first ever public advert to recruit new agents "to strengthen and refreshen" the former Communist country's intelligence services.

"We call on those interested in the intelligence and security fields, motivated by challenges and prepared to adjust to the agency's specific line of work," the Slovenian Intelligence and Security Agency (SOVA) said in an ad in the daily Delo and other newspapers.

One major requirement, however: candidates must be Slovenian citizens. more

The Story Behind the Story
December 8, 2017

Workers from the Slovene Intelligence and Security Agency (SOVA) have reportedly gone on strike, demanding higher wages and better working conditions...

Just like their work, Slovenian intelligence workers kept their strike secret, but details have gradually leaked to the media. As local weekly Reporter wrote, “Slovenian spies are on strike so secretly no one knows they are on strike.” more

Travel Security Tip from Smart Mexicans - Dummy Phones & Wallets

Armed robberies have gotten so common aboard buses in Mexico City that commuters have come up with a clever if disheartening solution: Many are buying fake cellphones, to hand over to thieves instead of their real smartphones.

Costing 300 to 500 pesos apiece — the equivalent of $15 to $25 — the "dummies" are sophisticated fakes: They have a startup screen and bodies that are dead ringers for the originals, and inside there is a piece of metal to give the phone the heft of the real article.

There were an average of 70 reported violent muggings every day in Mexico City in the first four months of 2019. About two-thirds were committed against pedestrians, with the rest split almost evenly between bus passengers and assaults on motorists stopped at lights or caught in traffic jams. Between 2017 and 2018, such assaults rose by about 22 percent. more

41 Smartphone Security Tips

How to make a fake mugger's wallet. 

Fake cell phone

Click to enlarge.

Make your fake cell phone look real...

Click to enlarge.

Snapple "Real Fact" #726 – Polar Bears v. Infrared Cameras v. TSCM

I had a Snapple tea the other day and found this "Real Fact" #726 under the cap.

We use infrared cameras in our work, and know how they work. This "Real Fact" struck all of us here as odd. An IR camera would not detect a polar bear because its fur was transparent?!?!

Oxymoron? No, just sensationalism. The mixing of two unrelated facts to manufacture an unexpected outcome designed to surprise... aka Fake News.

The real "Real Fact" reason... 

• Yes, a polar bear's fur is mostly transparent, and hollow too! 
• Yes, IR cameras would have a difficult time detecting a polar bear.

Polar bears live in a cold climate. Retaining body heat is important. Fur and a thick layer of fat provide insulation. Insulation prevents heat from escaping their bodies, and heat is what IR cameras detect.

Insulation is the "Real Fact"
It's not that the fur is mostly transparent, or that polar bears alone have super-powers. IR invisibility is also true for the Arctic fox and other mammals living in cold environments.

The Technical Surveillance Countermeasures field (TSCM) is also riddled with "Real Facts", like inflated bug-find claims, and pervasive laser beam eavesdropping fearmongering.

It always pays to scratch the surface.
Examine the science.
Apply some common sense.
Visit us for the Real Facts about TSCM. ~Kevin

San Francisco Prohibits Deployment Of ‘Secret Surveillance’ Technologies

Although the facial recognition aspects of the ordinance have been the most publicized, it also targets a long list of other products and systems.

According to the ordinance, "Surveillance Technology" means “any software, electronic device, system utilizing an electronic device, or similar device used, designed, or primarily intended to collect, retain, process, or share audio, electronic, visual, location, thermal, biometric, olfactory or similar information specifically associated with, or capable of being associated with, any individual or group.” Broadly interpreted, that’s a lot of devices.

The ban only applies to city departments and agencies, not to private businesses or the general public. Therefore, San Franciscans can continue to use facial recognition technology every day when they unlock their smart phones.

And technologies such as facial recognition currently used at the San Francisco airport and ports are not impacted because they are under federal jurisdiction. more

FutureWatch: New Mobile App Fends off Espionage Attacks

Innovative technology from the Karlsruhe Institute of Technology (KIT) and the FZI Research Center for Computer Science can put an end to espionage on our cell phones.....

For example, it is possible to give apps wrapped in AVARE access to the contacts in the address book, but not to all of the stored information...

In addition, AVARE can extend the location information to a radius of several kilometers and disguise the exact location. Thus, a weather app can continue to provide reliable forecasts without knowing the exact location of the user...

The AVARE code is available as open source software on the AVARE website and the scientists hope that their program will be taken up by other developers who will help to extend the current beta version to a version 1.0. more  video (cartoon)

Spycam Brings Down Austrian Leader - A Cautionary Tale

Austrian Chancellor Sebastian Kurz called Saturday for an early election after his vice chancellor resigned over a covertly shot video that showed him apparently promising government contracts to a prospective Russian investor.

Two German publications, the daily Sueddeutsche Zeitung and the weekly Der Spiegel, published extracts Friday of a covert video purportedly showing Strache during an alcohol-fueled evening on the Spanish resort island of Ibiza offering Austrian government contracts to a Russian woman, purportedly the niece of a Russian oligarch and interested in investing large amounts of money in Austria.

In his resignation statement Saturday, Strache apologized but said he was set up in a “political assassination” that illegally used surveillance equipment. more

Hey Politicos. Better learn how to detect spycams.

The ASML Case - Trade Secret Theft - Sometimes the Good Guy Wins

Following a jury verdict rendered months earlier, a California court entered a final judgment for $845 million in favor of semiconductor maker, ASML, in its suit against rival, XTAL, for stealing trade secrets related to ASML’s lithography technology.

This judgment followed a jury award last year, which had included the potential for punitive damages because the jury found XTAL’s conduct to be malicious. The final judgment, which also reimbursed AMSL for costs relating to its investigation of XTAL’s theft...

AMSL will receive most, if not all, of XTAL’s intellectual property under a settlement agreement... more

Congratulations, ASML! ~ Kevin

FLIR Black Hornet - US Army Mini-Drones Deployed - Flying Binoculars

• US Army soldiers are, for the first time, getting personal reconnaissance drones small enough to fit on a soldier's utility belt.
• A soldier could send one of these little drones out to get a view of the battlefield all while staying put in a covered, concealed position.
• This awesome technology is a potential game changer, one that is expected to save lives by significantly reducing the risk soldiers take in battle. more  Early promo video.  Want one for your desk. Check eBay.

Military mini-drones have been a holy grail since the 1970's. Since 2009 they have developed rapidly. In 2019 they are a practical reality and are being deployed. 

FutureWatch: Expect many additional capabilities over a short period of time. Poisonous mosquitoes, self-planting eavesdropping bugs, anyone?

Mini-Drone History
Early 2014 Army version.
The British Army version from 2013. 
2009 DARPA version.
1970's CIA version.
For all of our drone posts, click here.  
Enjoy. ~Kevin

Office Spying – The Coworking Vulnerability – Part 1

Stratfor Chief Security Officer Fred Burton said...countries like Russia and China deploy spies to work with or around startups in places like Silicon Valley and Austin to get an edge on the future pipeline of tech, either copying those systems or designing resistance measures to them.

The way they pry into targets may have little to do with hacking...

Spies have been known to moonlight as office cleaners, roaming around a floor after hours and using iPhones to take pictures of workstations and documents, Burton said.

“I don't have to hack into your system. I just have to have someone work next to you who knows what you're doing. It is just that simple sometimes. It is basic agent 101.” more

Office Spying – The Coworking Vulnerability – Part II

Open office spaces and coworking are designed to help companies foster communication and collaboration, not only among their own employees, but also with workers from other firms.

But the intermingling also has a dark side — the risks of losing talent or intellectual property and corporate spying. And as coworking has skyrocketed in popularity over the last few years, the risks have escalated...

Some experts are raising alarm that the open, collaborative work world may be detrimental to corporate secrecy, competitiveness and intellectual property security. After all, corporate espionage is big business....

Eavesdropping is one of the biggest risks in open office environments, whether intentional or not... more

If You're a Slack'er, Patch the Hacker

A security researcher has uncovered a flaw in Slack that could've been exploited to steal files over the business messaging app and potentially spread malware.

The flaw involves Slack's Windows desktop app, and how it can automatically send downloaded files to a certain destination—whether it be on your PC or to an online storage server...

"Using this attack vector, an insider could exploit this vulnerability for corporate espionage, manipulation, or to gain access to documents outside of their purview," David Wells, a researcher at the security firm Tenable said...

Slack has patched the flaw in version 3.4.0 of the Windows desktop app. more

To Catch a Spy - The Art of Counterintelligence

Longtime Central Intelligence Agency operative and former CIA chief of counterintelligence James “Jim” Olson delivered a talk on his career experiences and challenges Tuesday night to a near-capacity crowd at the Annenberg Presidential Conference Center.

Earlier this year, Olson released a book, To Catch a Spy: The Art of Counterintelligence, which he said is rooted in his three decades in the arena of counterintelligence. It offers “a wake-up call,” in Olson’s words, for the American public about why counterintelligence matters, and why America must protect its trade and national security secrets.

Olson said 50 countries are known to be spying against the U.S. currently. “The worst culprit, by far, is China — followed by Russia, Cuba and Iran,” he said.

“In my 31-year career in the CIA, I saw evil face-to-face more often than I care to remember,” Olson said. “People I knew and trusted — people I considered friends — betrayed us, and their treachery was close to me. It was personal, and indescribably painful. The damage that these traitors did to our country was devastating.” more

Q: "You'll be using this Aston Martin DB5."

James Bond: Ejector seat? You must be joking.

Q: I never joke about my work 007.

If Goldfinger’s henchman Oddjob is coming after you, Aston Martin has just the car you need. It will cost a lot, though.

Ten months ago Aston Martin announced it would build a limited number of 1964 Aston Martin DB5s, just like the one Sean Connery, as James Bond, first drove in the movie “Goldfinger.” Twenty-five of these cars will be sold at a price of £2.75 million, or about $3.5 million. Each car will include a host of dangerous-sounding options, just like the one in the movie, Aston Martin said.

Aston Martin has finally announced what some of those gadgets will be. The cars will have, among other things, rotating license plates that can show three different tags and replica machine guns that poke out from behind the turn signals. Other clever features will include a “smoke screen” device to hide the car from pursuers and... more

Cautionary Tale: Why Scheduled Bug Sweeps (TSCM) Protect You

Consider this recent event...

NY - In the annals of jaw-dropping East Hampton political miscalculation, the bugging of the town trustees office is a new low. 

As indicated by an edited version now circulating, someone or multiple conspirators were able to make illegal secret recordings of conversations beginning in the early fall or perhaps earlier.

The technology and those responsible have not been discovered, but from the way the recordings and an associated partial transcript were organized there is a sense that it was aimed at particular trustees and not the nine-person board as a whole. more

Regularly scheduled TSCM inspections for electronic eavesdropping devices work. Here's why... 

• Intelligence collection is a leisurely process. 
• The bugging itself is harmless. 
• The harm happens after the information is collected, and is then used against you. 

TSCM inspections catch bugs during the intelligence collection phase, before your information can be used against you. ~Kevin

Typical GSM bug. Easily planted. Call it from anywhere to listen in.

Spying - That's WhatsApp

WhatsApp users are being urged to update their apps, after it emerged that hackers are exploiting a software flaw to wiretap people's phones.

The flaw reportedly allows attackers to install malicious code, known as "spyware", on iPhones and Android phones by ringing up the target device. ​

The code can be transmitted even if the user does not answer the phone and a log of the call often disappears, the Financial Times reported. more

Not sure if WhatsApp is spying on your Android phone? Check here.