KeyTap3 Exploit Knows What You Type Keyboard Eavesdropping

A new KeyTap3 exploit might explain how some websites are able to track and offer recommendations for an item you just searched for. 

Programmer Georgi Gerganov doesn’t use any Bluetooth, WiFi, or RF-based methods to eavesdrop on your keyboards, but rather a normal microphone. That’s right, it essentially captures audio of you typing before using that information to generate a cluster map of clicks with similar sounds.

It then analyzes those clusters and utilizes statistical information about the frequency of the letter n-grams in the supposed language of the text. 

The algorithm realizes that some of these letter combinations are used more frequently in certain languages, like English, and then begins guessing. 

Try it out here if you have a clicky mechanical keyboard. This exploit would most likely not fare well against Samsung’s SelfieType, an AI-powered keyboard. more

Air Force Officer Spycam'ed Kids in Family Member’s Bathroom

An Air Force officer is going to prison after federal prosecutors say he used a hidden spy camera to record children using the bathroom and bathing at his family member’s home, according to the U.S. Attorney’s Office for the District of Maryland...

In October 2020, the Onondaga County Sheriff’s Office in New York was notified by an adult woman, who has not been named, that Ort put a round, “black spy camera in (her) bedroom while visiting (her) home,” the news release said. Ort visited this adult’s home in Syracuse to visit her family, according to the plea agreement. 

This woman found the hidden camera with an SD card, and after reviewing the card, she “discovered a video of a minor female using the bathroom... Then, Ort was seen “entering the bathroom and adjusting the camera.” more

Your Password-less Future

Apple, Google, and Microsoft announce support for passwordless sign-in...

In celebration of 2022 Word Password Day, Apple, Google and Microsoft announced plans to expand support for a sign-in standard from the FIDO alliance and the World Wide Web Consortium (W3C) that aims to eliminate passwords altogether.

The passwordless sign-in involves the use of a FIDO credential called passkey, which is stored on a phone. When signing into a website, users would need to have their phone nearby, as they will have to unlock it for access.

“Once you’ve done this, you won’t need your phone again and you can sign in by just unlocking your computer. Even if you lose your phone, your passkeys will securely sync to your new phone from cloud backup, allowing you to pick up right where your old device left off,” Google explains. more

New Algorithm to Shield Conversations from Eavesdropping AI

The thought that our gadgets are spying on us isn't a pleasant one, which is why a group of Columbia University researchers have created what they call "neural voice camouflage." 

This technology won't necessarily stop a human listener from understanding someone if they're snooping (you can give recordings a listen and view the source code at the link above). Rather, this is a system designed to stop devices equipped with microphones from transmitting automatically transcribed recordings. It's quiet – just above a whisper – but can generate sound specifically modeled to obscure speech in real time so that conversations can't be transcribed by software and acted upon or the text sent back to some remote server for processing...

According to Vondrick, the algorithm his team developed can stop a microphone-equipped AI model from interpreting speech 80 percent of the time, all without having to hear a whole recording, or knowing anything about the gadget doing the listening. more

Man Accused of Hiding Cameras at Gym... again

A Shelby Township man accused two years ago of hiding cameras to spy on people at a tanning salon is at it again, Wayne County prosecutors allege.

Brian Michael Maciborski, 40, allegedly placed a camera in the ceiling grate of a gym's tanning bed area to record a 24-year-old Westland woman on Feb. 23, according to the Wayne County Prosecutor's Office. more

9 Potential Signs of Corporate Espionage

If you suspect that your business has been a target of corporate espionage, it’s essential to take action immediately — from doing an in-house investigation to hiring a private professional. If you see any of the below signs, don’t ignore them, but also take care not to make any unfounded accusations or statements. Keep your thoughts closely held and get the evidence first.

(summary - full text here)
1. Unexplained or sudden changes in practices
2. Changes in business relationships
3. Unusual computer activity
4. Becoming defensive or secretive about work
5. Equipment or files go missing
6. Unexplained drops in sales or profits
7. Employees quitting suddenly
8. Accessing computer files without permission
9. Corporate secrets leaked to the press

Spybuster Tip #823 – Investigative Steps 

1. Hire a competent professional corporate counterespionage consultant. 

2. Have them conduct a Technical Surveillance Countermeasures (TSCM) bug sweep. You need to eliminate the possibility of electronic surveillance before you start accusing people.

3. Follow your consultant's advice about how to proceed. The investigative process will be customized from this point on.

Investigating Corporate Espionage - Quiz & Worksheet

Instructions: Choose an answer and hit 'next'. You will receive your score and answers at the end. (You can take the actual quiz here. Sign-up for an account is required.)

Quiz Question 1 of 3

What is corporate espionage?

A. Using illegal activities to discover proprietary, internal information about a company, its actions, and its products.

B. Using legal activities to discover proprietary, internal information about a company, its actions, and its products.

C. Looking through public records for information about a competitor.

D. Examining federal regulations to find out what a company can legally claim about a product.

Worksheet

1. What is competitive intelligence?

A. Information gained through ethical, legal means about a competitor, the market, and federal regulations

B. Information gained through unethical, illegal means about a competitor, the market, and federal regulations  

C. Any information that can be used against a competitor.

D. Racing competitors to find information.

2. What are trade secrets?

A. All public information about a company's product

B. Information about a company's external procedures

C. Proprietary information about a company's products, processes, and procedures that can only be obtained internally.

D. All answers are correct.

Caught on Camera: ‘Peeping Tom’ Seen Spying into Home

The New Orleans Police Department released footage of a man they suspect was caught on camera spying into a home window.

According to the report, the alleged ‘Peeping Tom’ was captured on video surveillance taking photographs/ and/or video of the inside of an occupied residence in the 3000 block of Robert Street with his cellular device.The video, which appears to be from a ‘Ring’ doorbell camera, is time-stamped at 11:19 p.m. on Wednesday, April 6.

The NOPD is seeking the public’s help in identifying the accused suspect. more

Google Searches for Eavesdropping Up 47% in Past Week

Google searches for eavesdropping up 47% in past week - Worldwide
Wednesday, April 6, 2022 - Tuesday, April 12, 2022. 

Videoconferencing Apps May Listen Even When Mic is Off

Kassem Fawaz's brother was on a videoconference with the microphone muted when he noticed that the microphone light was still on—indicating, inexplicably, that his microphone was being accessed...

Fawaz and graduate student Yucheng Yang investigated whether this "mic-off-light-on" phenomenon was more widespread. They tried out many different videoconferencing applications on major operating systems, including iOS, Android, Windows and Mac, checking to see if the apps still accessed the microphone when it was muted.

"It turns out, in the vast majority of cases, when you mute yourself, these apps do not give up access to the microphone," says Fawaz. "And that's a problem. When you're muted, people don't expect these apps to collect data."...

Turning off a microphone is possible in most device operating systems, but it usually means navigating through several menus. Instead, the team suggests the solution might lie in developing easily accessible software "switches" or even hardware switches that allow users to manually enable and disable their microphones. more

Professional Dealing With Illegal Electronic Surveillance

Not so long ago surveillance has been considered a government or spy agency priority. However a lot has changed.  

The rapid research and development in information technologies and electronic devices, along with their shrinkage in size has made surveillance obtainable to each of us. All you have to do is Google for GSM tracker, spy camera, hidden voice recorder. Don’t be surprised to see hundreds of thousands or even millions of espionage gear offers... 

Detecting the bugging devices is not an easy and simple work. The term describing this type of activity is TSCM which is the abbreviation of Technical Surveillance Counter Measures. TSCM survey is a service provided by qualified personnel to detect the presence of technical surveillance devices and hazards and to identify technical security weaknesses that could aid in the conduct of a technical penetration of the surveyed facility. 

A TSCM survey normally consists of a thorough visual, electronic and physical inspection inside and outside of the surveyed facility. In conducting surveillance protection one has to be familiar with the tapping methods; hardware and software products; engineering solutions used for this purpose as well as their unmasking signs. Without this knowledge it is not possible to detect a well hidden bug. more

China Could Turn its Commercial Satellites into Espionage Platforms

China is reportedly developing an advanced artificial intelligence (AI) system that could turn low-cost commercial satellites, already orbiting the Earth, into powerful espionage platforms. Reports suggest it could have a success rate roughly seven times higher than existing technology.

The new system is being developed by Chinese military researchers, who say it is capable of tracking moving objects as small as a car with extraordinary precision... more

Spy Games: Russian Intelligence Personnel Expelled from Western Embassies

As part of the multi-layered response to Russia’s aggression in Ukraine, Western nations have expelled personnel from Russian embassies in their respective countries. 

Estimates of the number of Russian diplomatic personnel booted from EU and NATO member states range from 120 to nearly 400.  

Foreign Policy reports that at least 394 officials have been expelled since the February invasion began. Germany alone has expelled 40 members of the Russian delegation, a significant number and a substantial action by a country, like many others, that imports Russian natural gas. The stated reason for these expulsions is to protest Russia’s war in Ukraine, though the expulsions will do little to impact the war. more

Wiretap Suit: Law firm's Managing Partner had a 'Fixation' with Employee Surveillance

The managing partner of a Chicago law firm apparently monitored his employees with video cameras and a telephone system that allowed recording of phone calls, according to a lawsuit filed last week in federal court in Chicago.

The April 7 suit claims that the law firm’s managing partner, Edward “Eddie” Vrdolyak Jr., had a “fixation with audio and video surveillance.”

The suit cites “information and belief” that the firm’s offices in Chicago and Nashville, Tennessee, were equipped with a network of audio and surveillance cameras that Vrodyak monitored from several video screens in his office. more

When New York City Was a Wiretapper’s Dream

by Brian Hochman, Director of American Studies and Associate Professor of English, Georgetown University

On February 11, 1955, an anonymous tip led two New York Police Department detectives and two New York Telephone Company investigators to an apartment on the fourth floor of a residential building at 360 East 55th Street in midtown Manhattan. 

In the back bedroom of the unit, the group discovered a cache of stolen wiretapping equipment that turned out to have direct lines into six of New York City’s largest telephone exchanges: PLaza 1, 3, and 5; MUrray Hill 8; ELdorado 5; and TEmpleton 8. 

The connections blanketed an area of Manhattan running from East 38th Street to East 96th Street, a swath of the city’s most expensive real estate.

“There wasn’t a single tap-free telephone on the east side of New York,” professional wiretapper Bernard Spindel remarked of the arrangement. (Spindel was in all likelihood the source of the anonymous tip.) News of the discovery made the front page of the New York Times a week later. more