UK - British police said Wednesday they have arrested another suspect in their investigation of phone hacking by the News of the World tabloid.
London's Metropolitan police said they arrested a 41-year-old man on suspicion of conspiring to intercept voice-mail messages and pervert the course of justice. The man's name wasn't released. Police said he was being held at a police station in south London. (more)
Wednesday, December 7, 2011
Twitter - The Stool Pigeon
If you were thinking that tweet you just sent would soon disappear into the ether, you couldn't be more wrong.
It will soon be stored alongside Thomas Jefferson's draft of the American Declaration of Independence and a Gutenberg Bible.
That's because every public tweet sent since Twitter was launched five-and-a-half years ago is to be be archived by America's national library.
The Library of Congress announced the deal with Twitter last year, but yesterday its digital initiatives manager shone more light on the project. (more)
I understand the anthropological argument. Perhaps, several centuries from now someone will find value in researching old tweets. I suspect they will view tweets as we view graffiti on the walls of Pompeii. But, given the current economic conditions should we really be spending our tax dollars on archiving moronic celebrity tweets? /Rant
It will soon be stored alongside Thomas Jefferson's draft of the American Declaration of Independence and a Gutenberg Bible.
That's because every public tweet sent since Twitter was launched five-and-a-half years ago is to be be archived by America's national library.
The Library of Congress announced the deal with Twitter last year, but yesterday its digital initiatives manager shone more light on the project. (more)
Tuesday, December 6, 2011
"All Your Shreds Are Belong to U.S." Wins Reconstruct Shreds Contest
via gizmag.com...
At the end of October, DARPA (the Defense Advanced Research Projects Agency) launched its Shredder Challenge contest. The objective: create a system for reconstructing shredded papers, then demonstrate it by piecing together five documents, the shredded remains of which were posted on the contest's website. Although the contest had a December 4th deadline, the "All Your Shreds Are Belong to U.S." team correctly reassembled all five documents with two days to spare.
The San Francisco-based team, which beat out approximately 9,000 competitors, used "custom-coded, computer-vision algorithms to suggest fragment pairings to human assemblers for verification." Members of the team spent approximately 600 man-hours developing algorithms and otherwise working on the challenge, completing everything within 33 days. Because it was able to reconstruct all five documents posted in the contest, the team was able to claim the complete prize of US$50,000.
DARPA hosted the contest both to develop methods of reading shredded documents left behind by enemies in war zones, and to identify ways in which U.S. shredded documents could be read by other parties, so that countermeasures could be developed.
DARPA hosted the contest both to develop methods of reading shredded documents left behind by enemies in war zones, and to identify ways in which U.S. shredded documents could be read by other parties, so that countermeasures could be developed.
Missed the contest?
Security Director Alert: USB Trouble Sticks
• Memory sticks given as gifts or promotional items may contain spy software (possibly unbeknownst to the giver).
• “Found on the ground” USB sticks are risky. They may have been planted for you to find. Never plug one into a computer to see what is on it. It may contain a destructive virus or keystroke logger.
• Unsecured memory sticks are easily stolen or copied. They may still contain valuable information, even if “erased”. Always secure these data storage devices. In a business setting, the data on the device should be password protected and encrypted. The most extreme example of this seen to date is the Cryptek...
• “Found on the ground” USB sticks are risky. They may have been planted for you to find. Never plug one into a computer to see what is on it. It may contain a destructive virus or keystroke logger.
• Unsecured memory sticks are easily stolen or copied. They may still contain valuable information, even if “erased”. Always secure these data storage devices. In a business setting, the data on the device should be password protected and encrypted. The most extreme example of this seen to date is the Cryptek...
An encrypted USB memory stick with Da Vinci Code chastity belt!
This is what you want your executives to carry! (coming soon)
You can also make your own “cryptstick” using Murray Associates instructions.
USB Memory Stick Security Checklist
You can also make your own “cryptstick” using Murray Associates instructions.
USB Memory Stick Security Checklist
• Create a “no USB sticks unless pre-approved” rule.
• Warn employees that a gift USB stick could be a Trojan Horse gift.
• Warn employees that one easy espionage tactic involves leaving a few USB sticks scattered in the company parking lot. The opposition knows that someone will pick one up and plug it in. The infection begins the second they plug it in.
• Don’t let visitors stick you either. Extend the “no USB sticks unless pre-approved” rule to them as well. Their sticks may be infected.
Harassment Stick
The new Devil Drive elevates the office prank to a new level of sophistication. It looks like a regular USB thumb drive, but it’s actually a device of electronic harassment. The Devil Drive has three functions:
• Warn employees that a gift USB stick could be a Trojan Horse gift.
• Warn employees that one easy espionage tactic involves leaving a few USB sticks scattered in the company parking lot. The opposition knows that someone will pick one up and plug it in. The infection begins the second they plug it in.
• Don’t let visitors stick you either. Extend the “no USB sticks unless pre-approved” rule to them as well. Their sticks may be infected.
Harassment Stick
The new Devil Drive elevates the office prank to a new level of sophistication. It looks like a regular USB thumb drive, but it’s actually a device of electronic harassment. The Devil Drive has three functions:
• It causes annoying random curser movements on the screen.
• It types out random phrases and garbage text.
• It toggles the Caps Lock.
Just be aware of it should you hear complaints along these lines.
Chameleon Sticks
Some USB memory sticks have alter egos. They may look like simple memory sticks, but they are actually voice recorders or video cameras. Keep an eye out for these devices at business meetings.
Extra Credit
• It types out random phrases and garbage text.
• It toggles the Caps Lock.
Just be aware of it should you hear complaints along these lines.
Chameleon Sticks
Some USB memory sticks have alter egos. They may look like simple memory sticks, but they are actually voice recorders or video cameras. Keep an eye out for these devices at business meetings.
Extra Credit
• Lock out USB ports
• More USB security tips
The USB stick problem is only one business espionage vulnerability. There are hundreds more. When you are ready to fight back, contact counterespionage.com
• More USB security tips
Labels:
advice,
business,
computer,
counterespionage,
encryption,
espionage,
FREE,
Hack,
keystroke,
product,
Tips,
USB
Friday, December 2, 2011
Man Allegedly Tracked Woman with Smart Phone Spyware
NY - Town of Crawford police have charged a Middletown man with multiple felonies after they said he installed spyware on a Pine Bush woman's smart phone, accessed all her data and tracked her movements.
Michael Biasi, 44, turned himself in to police Wednesday afternoon and was charged with eavesdropping, computer trespass, unlawful duplication of computer material and criminal possession of computer-related materials – all felonies, according to Crawford police Lt. Dominick Blasko.
Blasko said Crawford police, with the help of the New York State Police Computer Crimes Unit, began looking into the tracking a month or two ago after a woman who previously had known Biasi came to police suspecting the eavesdropping was taking place. Blasko said police believe Biasi had been tracking the woman for “an extended period of time.” (more)
Thursday, December 1, 2011
Phone Bugging and Surveillance by Governments Exposed
Whistleblowing Web site Wikileaks released 287 files it claims detail phone bugging and surveillance of whole populations by governments in what has been described as an "uncontrolled cancerous growth".
Wikileaks founder Julian Assange didn't mince words claiming users of the iPhone, BlackBerry or Gmail are "screwed" and intelligence contractors sell citizens' personal information. He spoke at a London press conference.
"It may sound like something out of Hollywood, but as of today, mass interception systems, built by Western intelligence contractors, including for 'political opponents' are a reality," Wikileaks says on its website. (more)
Wikileaks founder Julian Assange didn't mince words claiming users of the iPhone, BlackBerry or Gmail are "screwed" and intelligence contractors sell citizens' personal information. He spoke at a London press conference.
"It may sound like something out of Hollywood, but as of today, mass interception systems, built by Western intelligence contractors, including for 'political opponents' are a reality," Wikileaks says on its website. (more)
Eavesdropping on voicemails: "perfectly acceptable tool"
UK - A former News of the World journalist made a rare, robust defense of phone hacking, telling Britain's media ethics inquiry that eavesdropping on voicemails was a "perfectly acceptable tool" to help journalists uncover stories.
Paul McMullan said Tuesday that hacking was common at the now-defunct tabloid, describing how journalists traded the phone details of celebrities. (more) (video)
P.S. McMullan now runs a pub in the English port of Dover.
A Computer Screen Only a Spy Can See - Make One!
Finally you can do something with that old LCD monitor you have in the garage.
You can turn it into a privacy monitor! It looks all white to everybody except you, because you are wearing "magic" glasses! All you really have to have is a pair of old glasses, x-acto knife or a box cutter and some solvent (paint thinner) (more)
Keystroke-sniffing software found embedded in Nokia, Android, and RIM devices
A piece of keystroke-sniffing software called Carrier IQ has been embedded so deeply in millions of Nokia, Android, and RIM devices that it’s tough to spot and nearly impossible to remove, as 25-year old Connecticut systems administrator Trevor Eckhart revealed in a video Tuesday.
That’s not just creepy, says Paul Ohm, a former Justice Department prosecutor and law professor at the University of Colorado Law School. He thinks it’s also likely grounds for a class action lawsuit based on a federal wiretapping law...
FutureWatch...“In the next days or weeks, someone will sue, and then this company is tangled up in very expensive litigation,” he adds. “It’s almost certain.”
Over the last month, Carrier IQ has attempted to quash Eckhart’s research with a cease-and-desist letter, apologizing only after the Electronic Frontier Foundation came to his defense. (more) (Note: The accompanying movie is 15+ minutes, but is very revealing.)
That’s not just creepy, says Paul Ohm, a former Justice Department prosecutor and law professor at the University of Colorado Law School. He thinks it’s also likely grounds for a class action lawsuit based on a federal wiretapping law...
Over the last month, Carrier IQ has attempted to quash Eckhart’s research with a cease-and-desist letter, apologizing only after the Electronic Frontier Foundation came to his defense. (more) (Note: The accompanying movie is 15+ minutes, but is very revealing.)
Want a Job as a Spy? Start with a Code Cracking Quiz! (UPDATED)
UK - No longer content with simply approaching the brightest from the universities of Oxford and Cambridge, intelligence agency GCHQ has launched a code-cracking competition to attract new talent.
The electronic surveillance organisation, the UK Government Communications Headquarters, is asking potential applicants to solve a code posted on a website.
It will direct potential candidates to the competition, hosted on an anonymous website, via sites such as Facebook and Twitter.
If the layers of code it has set are cracked, applicants will be presented with a keyword to enter into a form field. They will then be re-directed to the GCHQ website, where hopefuls will find details of the types of roles which could reflect their skills.
The aim is to attract candidates who might not apply through more conventional channels. (more)
UPDATE:
A simple Google search unlocks the supposedly secret completion page to GCHQ's code-cracking competition.
The signals snooping agency launched a codebreaking competition this week, promoted via social networks, that aimed to find would be code breakers that conventional recruitment efforts might miss. The canyoucrackit.co.uk challenge involved making sense of a 16x10 grid of 8-bit hexadecimal numbers to figure out a password, and then developing a virtual machine to execute code that would lead to the final page.
Puzzle-solvers had 10 days to crack the codes. However instead of solving this puzzle, which was not trivial to conquer, at least if some of the emails we've received are any guide, the completion page could be reached via a simple Google search.
Oops.
"All it takes to find the page is to use the site: command in Google, as the 'Can You Crack It?' webmaster seemingly didn't hide the success page from search engines," Graham Cluley of net security firm Sophos explains. (more)
Knowing what this is might help. |
It will direct potential candidates to the competition, hosted on an anonymous website, via sites such as Facebook and Twitter.
If the layers of code it has set are cracked, applicants will be presented with a keyword to enter into a form field. They will then be re-directed to the GCHQ website, where hopefuls will find details of the types of roles which could reflect their skills.
The aim is to attract candidates who might not apply through more conventional channels. (more)
UPDATE:
A simple Google search unlocks the supposedly secret completion page to GCHQ's code-cracking competition.
The signals snooping agency launched a codebreaking competition this week, promoted via social networks, that aimed to find would be code breakers that conventional recruitment efforts might miss. The canyoucrackit.co.uk challenge involved making sense of a 16x10 grid of 8-bit hexadecimal numbers to figure out a password, and then developing a virtual machine to execute code that would lead to the final page.
Puzzle-solvers had 10 days to crack the codes. However instead of solving this puzzle, which was not trivial to conquer, at least if some of the emails we've received are any guide, the completion page could be reached via a simple Google search.
Oops.
"All it takes to find the page is to use the site: command in Google, as the 'Can You Crack It?' webmaster seemingly didn't hide the success page from search engines," Graham Cluley of net security firm Sophos explains. (more)
Monday, November 28, 2011
7 Things You Should Know About Online Passwords
2. Longer passwords are harder to hack.
3. You shouldn’t use a word from the dictionary.
4. Humans tend to choose passwords with personal meanings.
5. Passwords need to be changed regularly.
6. There are guidelines for creating strong ones.
7. Password managers can help you keep track of them all.
Tips for Visiting a Closed Society with Your Electronics
Ken Lieberthal of the Brookings Institution does a lot of work in China. Visiting about 10 times a year...
Like a lot of us these days, Lieberthal carries electronics with him to do his work. However, he takes a bit more precaution than many business travelers, as he tells weekends on All Things Considered guest host Rachel Martin.
"I first of all get a loaner laptop. And the USB that I bring, I clean digitally before I bring it, so it's totally blank," Lieberthal says.
Lieberthal then disconnects the Wi-Fi and Bluetooth functions, sets email filters and a virtual private network, or VPN. That's all before the trip. While in China, he never lets his Blackberry leave his side, never uses a wireless Internet connection while he has his USB drive plugged in, and he also physically hides his fingers when typing passwords.
When he gets home, everything gets digitally wiped and cleaned.
Why take all this precaution? Espionage...
The cloak-and-dagger world of corporate espionage is alive and well, and China seems to have the advantage. Their cyber-espionage program is becoming more and more effective at swiping information from America's public and private sectors. The U.S. government has even blamed China publicly for hacking American industries. (more)
Visiting closed societies on business?
This is good advice.
And, there is more you need to know. Call us.
Like a lot of us these days, Lieberthal carries electronics with him to do his work. However, he takes a bit more precaution than many business travelers, as he tells weekends on All Things Considered guest host Rachel Martin.
"I first of all get a loaner laptop." |
Lieberthal then disconnects the Wi-Fi and Bluetooth functions, sets email filters and a virtual private network, or VPN. That's all before the trip. While in China, he never lets his Blackberry leave his side, never uses a wireless Internet connection while he has his USB drive plugged in, and he also physically hides his fingers when typing passwords.
When he gets home, everything gets digitally wiped and cleaned.
Why take all this precaution? Espionage...
The cloak-and-dagger world of corporate espionage is alive and well, and China seems to have the advantage. Their cyber-espionage program is becoming more and more effective at swiping information from America's public and private sectors. The U.S. government has even blamed China publicly for hacking American industries. (more)
Visiting closed societies on business?
This is good advice.
And, there is more you need to know. Call us.
Ex-Rugby Player Probed for Hard-Ball Spying
South Africa - A millionaire Pretoria businessman is at the center of a criminal investigation over the alleged illegal interception of his estranged wife's private e-mails, SMSes and BlackBerry messages, or BBMs.
The hacking was first suspected when Dr Graham Hefer - a former Natal rugby player - filed divorce proceedings against his wife Denise. Court documents in that case seemed to show that Hefer had access to more than 50 BBMs, over a dozen SMSes and at least five e-mails between Denise and others this year.
The case has revealed that the BBM facility, one of the preferred "secure" methods of communication can be hacked with relative ease.
Hefer, 48, the managing director of a Nigeria-based British company, is accused of installing spyware software on 49-year-old Denise's BlackBerry. This type of spyware is readily available.
This is said to have allowed real-time monitoring of her communication and her whereabouts, and for eavesdropping on her private conversations. These included discussions with her lawyer. (more)
The hacking was first suspected when Dr Graham Hefer - a former Natal rugby player - filed divorce proceedings against his wife Denise. Court documents in that case seemed to show that Hefer had access to more than 50 BBMs, over a dozen SMSes and at least five e-mails between Denise and others this year.
The case has revealed that the BBM facility, one of the preferred "secure" methods of communication can be hacked with relative ease.
Hefer, 48, the managing director of a Nigeria-based British company, is accused of installing spyware software on 49-year-old Denise's BlackBerry. This type of spyware is readily available.
This is said to have allowed real-time monitoring of her communication and her whereabouts, and for eavesdropping on her private conversations. These included discussions with her lawyer. (more)
Cell Phone Spyware's New Market - from cheating spouse to the kids!
The latest smart phone technology allows worried parents to keep tabs on their children and, unlike previous apps, it remains completely hidden.
The technology, which has been criticized as an invasion of privacy, is just the latest weapon for "helicopter" parents keeping a short leash on their children, to ensure they are not sexting or hanging out with the wrong crowd.
As one program's website warns: "Are your kids involved with texting dangers? What are they secretly texting about? Are they visiting porn sites on the phone? You have the right to know."
The latest programs to hit the market, Spyera Software and Mobile Spy, offer stealth GPS tracking and the abilities to read text messages, read emails and view photos.
Spyera even promises to turn the phone into a "remote bugging device" so parents can listen to conversations wherever the phone is left. (more)
The technology, which has been criticized as an invasion of privacy, is just the latest weapon for "helicopter" parents keeping a short leash on their children, to ensure they are not sexting or hanging out with the wrong crowd.
As one program's website warns: "Are your kids involved with texting dangers? What are they secretly texting about? Are they visiting porn sites on the phone? You have the right to know."
The latest programs to hit the market, Spyera Software and Mobile Spy, offer stealth GPS tracking and the abilities to read text messages, read emails and view photos.
Spyera even promises to turn the phone into a "remote bugging device" so parents can listen to conversations wherever the phone is left. (more)
Slovakia: Defence minister fired over wiretapping scandal
Slovakia - Ľubomír Galko, a nominee of the Freedom and Solidarity (SaS) party, has been fired as the country’s defence minister. Slovak Prime Minister Iveta Radičová asked president Ivan Gašparovič to dismiss Galko on the heels of a scandal over the Military Defence Intelligence (VOS), which operates under the Ministry of Defence, and its interception of the telephone calls of journalists. (more)
Very clever, not using the phone cord. That would have been suspicious.
(It appears the reporter got this information from (dumb-de-dumb-dumb) ...the sheriff's deputies.)
FL - A Verizon worker who was able to listen in on his wife's phone calls has been accused of trying to strangle her, Polk County sheriff's deputies said.
Robert L. Rutledge, 51, of Lakeland, works at Verizon as a repair technician, deputies said.
He used his knowledge from his job to listen in on his wife's phone calls Monday, deputies said.
He disconnected the telephone line after hearing a call between his wife and an unknown man, deputies said.
It isn't clear whether Monday was the only time that Rutledge had listened to his wife's calls, deputies said.
Rutledge went home Monday night and removed the phone within his wife's reach. He choked her with a rope until she passed out, deputies said. (more)
He used his knowledge from his job to listen in on his wife's phone calls Monday, deputies said.
He disconnected the telephone line after hearing a call between his wife and an unknown man, deputies said.
It isn't clear whether Monday was the only time that Rutledge had listened to his wife's calls, deputies said.
Rutledge went home Monday night and removed the phone within his wife's reach. He choked her with a rope until she passed out, deputies said. (more)
Wednesday, November 23, 2011
Spy History: The Spy Queen Was A Nympho!"
(Feb. 1958) She is Martha Eccels Dodd, daughter of the late Ambassador to Germany William E. Dodd, wife of a Chicago millionaire, Alfred Kaufmann Stern, himself an undercover agent of the Soviet Union...
FLIRTS WITH NAZISM
Nazism meant good-looking, tall, blond men to her and she liked what she saw. She was painting the Nazi capital red, but in a social way. She went out on the town every night, flirting, drinking and dancing, mostly with young men who happened to be Nazis She gained a dual reputation. Insiders described her as a nymphomaniac in her sex life and a Nazi sympathizer in her politics. (more)
...thus verifying what we feared all along about about media espionage.
Illegal eavesdropping was widely practiced by Britain's tabloid journalists, producing stories that were both intrusive and untrue, a lawyer for several phone hacking victims said Wednesday.
Mark Lewis told a U.K. media ethics inquiry that phone hacking was not limited to Rupert Murdoch's News of the World tabloid, which the media mogul shut down earlier this year as outrage grew over the hacking scandal.
Lewis claimed that listening in on voice mails was so easy that many journalists regarded it as no more serious than "driving at 35 mph in a 30 mph zone." (more)
Mark Lewis told a U.K. media ethics inquiry that phone hacking was not limited to Rupert Murdoch's News of the World tabloid, which the media mogul shut down earlier this year as outrage grew over the hacking scandal.
Lewis claimed that listening in on voice mails was so easy that many journalists regarded it as no more serious than "driving at 35 mph in a 30 mph zone." (more)
...of course, sometimes it's 'The Man' bites 'Dog' story...
Only a day and a half after media reports were published about several journalists being wiretapped by the Military Intelligence Service (VOS), Prime Minister Iveta Radičová moved to dismiss Ľubomír Galko as defense minister, the SME daily reported. (more)
Camerman Leaves Wireless Mic Behind. Eavesdropping or Innocent Mistake?
Police in New Zealand have executed search warrants to obtain material from media organisations as part of their investigation over the so-called teapot tape scandal.
The saga began a week-and-a-half ago when the media were invited to film prime minister John Key having a cuppa with ACT candidate John Banks, whose party is the second largest in Mr Key's centre-right coalition government.
When media were ushered outside a cameraman left a microphone on the cafe table. Some media outlets now have that recording... Mr Ambrose says he left his radio microphone in a pouch on the cafe table by accident. (more)
The saga began a week-and-a-half ago when the media were invited to film prime minister John Key having a cuppa with ACT candidate John Banks, whose party is the second largest in Mr Key's centre-right coalition government.
When media were ushered outside a cameraman left a microphone on the cafe table. Some media outlets now have that recording... Mr Ambrose says he left his radio microphone in a pouch on the cafe table by accident. (more)
FutureWatch Quote
Judge: Accident? If it was in a pouch, not being used, it would have been turned off, right?
Tuesday, November 22, 2011
FutureWatch - Facebook Phone - Social Notworking Albatrose
via Larry Dignan, zdnet.com
Summary: Your Facebook phone may be the equivalent of having a KGB agent tailing you. Mark Zuckerberg will be in your pocket. You might as well wear one of those ankle bracelets for tracking. The Facebook phone is in play—again—and it appears we have another 12 to 18 months to go before mobile and social utopia arrives. I can’t wait to see the privacy flaps that emerge from this adventure.
AllThingsD is reporting that Facebook has named HTC to build a phone with the social network at the core. The code name is Buffy because it will allegedly slay the market—or something like that. Sound familiar? The Facebook phone has been rumored forever. TechCrunch reported that Facebook was working to build a phone a year ago. CNET News also reported that Facebook was reaching out to hardware makers...
But do you really want a Facebook phone? If you think the social graph can be overdone today just wait until Facebook starts broadcasting every move to your friends. Every purchase you make. Every app you use. Every time you happen to hit the john with your smartphone in tow your friends will know. I could be exaggerating, but not by much (and you know half of you bring your smartphone to the loo). (more)
Ah ! well a-day ! what evil looks
Had I from old and young !
Instead of the cross, the Albatross
About my neck was hung. ~ Samuel Taylor Coleridge
Had I from old and young !
Instead of the cross, the Albatross
About my neck was hung. ~ Samuel Taylor Coleridge
FutureWatch - New "Baby Monitor" Being Launched
Being tested now...
"The Evoz beta program lets parents use their iPhone and the Evoz baby monitoring service to monitor their babies from anywhere in the world with the touch of a button.
Evoz has unlimited range and can send smart alerts (call, text, or email) if your baby is crying. Parents can download Evoz from the iTunes Appstore for FREE.
Our beta grants mobile parents early access to the free monitoring service and also offers an extended period of time with advanced capabilities. It is important to note that this is a beta, so we haven’t worked out all the kinks yet. We are counting on our beta users to give us feedback, identify problems, and share ideas with our team as we prepare a full public launch." (more) (more)
Security Alert: Check Your Cell Phone
Bit9 researchers has compiled a list of 12 smartphones that pose the highest security and privacy risks to consumers and corporations.
The phones, all Android models, on the "Dirty Dozen" list compiled by Bit9 of Waltham, Mass. are:
Samsung Galaxy Mini
HTC Desire
Sony Ericsson Xperia X10
HTC Wildfire
Samsung Epic 4G
LG Optimus S
Samsung Galaxy S
Motorola Droid X
LG Optimus One
Motorola Droid 2
HTC Evo 4G
In compiling the list, Bit9 researchers looked at the market share of the smartphone, what out-of-date and insecure software the model had running on it and how long it took for the phone to receive updates.
Read Bit9's full report at http://www.bit9.com/orphan-android/
(more)
The phones, all Android models, on the "Dirty Dozen" list compiled by Bit9 of Waltham, Mass. are:
Samsung Galaxy Mini
HTC Desire
Sony Ericsson Xperia X10
HTC Wildfire
Samsung Epic 4G
LG Optimus S
Samsung Galaxy S
Motorola Droid X
LG Optimus One
Motorola Droid 2
HTC Evo 4G
In compiling the list, Bit9 researchers looked at the market share of the smartphone, what out-of-date and insecure software the model had running on it and how long it took for the phone to receive updates.
Read Bit9's full report at http://www.bit9.com/orphan-android/
(more)
Monday, November 21, 2011
Privacy Journal - Your privacy news authority
I just received a free sample of Privacy Journal, an excellent publication by Robert Ellis Smith. He started Privacy Journal back in the 1970's and it continues stronger today than ever.
Here is just one of the important topics he covers in this month's issue... Should the government need to secure a court warrant before installing continual and long-term electronic monitoring on a person’s motor vehicle, by means of Global Positioning technology (GPS)? That is a question before the U.S. Supreme Court this month in U.S. v. Jones, perhaps the most significant Fourth Amendment case in this new century.
If you need to keep up with privacy issues, this is your best resource. His web site even offers FREE privacy tips.
In addition to the Journal, Mr. Smith also publishes many books on privacy. One of the most helpful is his Compilation of State and Federal Privacy Laws. This book includes listings for all U.S. laws - more than 700 of them - and federal and provincial laws in Canada.
All his publications are available electronically.
See for yourself. Contact Privacy Journal for a sample issue, and a list of their other publications.
Lee Shoreham, Assistant to the Publisher
PRIVACY JOURNAL
PO Box 28577
Providence RI 02908
Phone: 401/274-7861
Fax: 401/274-4747
orders@privacyjournal.net
www.privacyjournal.net
PRIVACY JOURNAL
PO Box 28577
Providence RI 02908
Phone: 401/274-7861
Fax: 401/274-4747
orders@privacyjournal.net
www.privacyjournal.net
Security Solution: Managing Wireless Devices in Corporate Environments
Managing wireless devices is a particularly tough chore. Items to be wrangled range from cell phones, to iPods, to tablets, to laptops. Many of these items have photographic capabilities which need to be wrangled as well... not to mention, digital cameras, and attachments with wireless capabilities.
To make matters worse, some of these devices, and some of their apps may be allowed in one room, but not in another. This is getting really complicated.
Until now, there really hasn't been a non-draconian solution for the mere mortal security director.
Until now, there really hasn't been a non-draconian solution for the mere mortal security director.
Take a look at this. It's called ZoneDefense, made by AirPatrol. Very cool!
Friday, November 18, 2011
Protester Launches Drone to Spy on Police! (AMAZING video)
During protests in Warsaw last weekend, one crafty activist deployed a flying drone to spy on riot police.
YouTube user latajacakamera — or “flying camera” in Polish — uploaded the amazing video that the drone effortlessly captured as it hovered over teargas-filled streets.
In another video, the unmanned aerial vehicle (UAV) floats in front of a formation of police in riot gear as they rush towards demonstrators. None of them appear to notice. (more)
YouTube user latajacakamera — or “flying camera” in Polish — uploaded the amazing video that the drone effortlessly captured as it hovered over teargas-filled streets.
In another video, the unmanned aerial vehicle (UAV) floats in front of a formation of police in riot gear as they rush towards demonstrators. None of them appear to notice. (more)
Garbo: The Spy Infiltrates Theaters... today
Filmmaker Edmon Roch's slyly and wryly suspenseful documentary about the real life World War II super spy known as Garbo can give any narrative espionage thriller a real life run for the money!
It opens theatrically today, November 18, 2011. (more)
It opens theatrically today, November 18, 2011. (more)
Zimbabwe Spy Caper Mysteriously Dropped
A spy caper involving an Ontario telecommunications firm fizzled when authorities in Zimbabwe suddenly dropped espionage charges.
Three Zimbabwean businessmen were accused of using a satellite system supplied by Juch-Tech Inc. of Hamilton to transmit state secrets to Canada, the United States and Afghanistan.
They were charged with running afoul of the country's Official Secrets Act, which prohibits the communication of information useful to an enemy.
However, reports from the African country say the attorney general's office in Harare has decided to withdraw the spying charges. (more)
Three Zimbabwean businessmen were accused of using a satellite system supplied by Juch-Tech Inc. of Hamilton to transmit state secrets to Canada, the United States and Afghanistan.
They were charged with running afoul of the country's Official Secrets Act, which prohibits the communication of information useful to an enemy.
However, reports from the African country say the attorney general's office in Harare has decided to withdraw the spying charges. (more)
Hummm, Zimbabwe?!?!
Might be time to connect the dots.
We're Smiley. Spying Is Sexy Again!
You know what movie profession is in need of serious comeback? The spy. Not the "all flash and explosions of James Bond" spy, but the "shadowy guy on the street corner" spy. It's been too long since we've celebrated the clandestine charm of old-fashioned intelligence agents. It's time we bring them back.
Thankfully, we're in luck. "Tinker Tailor Soldier Spy" is just the movie to do it. The film, which touts an all-British cast of ridiculously high caliber led by Gary Oldman, doesn't hit theaters until December 9, but we have exclusive clips from the movie. (more)
Get More: Movie Trailers, Movies Blog
Thursday, November 17, 2011
US - Congress is launching an investigation into whether Huawei Technologies Co. and other Chinese telecommunications firms pose a potential national-security threat as they expand in the U.S...
The probe by the House intelligence committee marks an intensification of U.S. scrutiny of the potential threat, in particular from Chinese firms like Huawei and ZTE Corp. Intelligence officials have shared with lawmakers concerns that such expansion could give China a foothold for electronic spying in the U.S., according to a congressional aide...
U.S. officials worry the Chinese government could access that equipment and track phone calls or emails, or disrupt or destroy a communications system. It's also possible that such access could provide an avenue for eavesdropping on phone calls or intercepting emails in combination with other technologies, according to an industry specialist. (more)
The probe by the House intelligence committee marks an intensification of U.S. scrutiny of the potential threat, in particular from Chinese firms like Huawei and ZTE Corp. Intelligence officials have shared with lawmakers concerns that such expansion could give China a foothold for electronic spying in the U.S., according to a congressional aide...
U.S. officials worry the Chinese government could access that equipment and track phone calls or emails, or disrupt or destroy a communications system. It's also possible that such access could provide an avenue for eavesdropping on phone calls or intercepting emails in combination with other technologies, according to an industry specialist. (more)
"Cheaping out on security can cost a lot more than it saves."
via By J.F. Rice, Computerworld...
Cadillac or Kia?
How much security is enough, and how much is too much?
...I was criticized for proposing "Cadillac" solutions to security challenges -- "Cadillac" being code for "too expensive." ...Our CIO told me that I should start thinking about partial solutions instead of more comprehensive approaches to improving our security. "Instead of trying to solve the whole problem, which is too much for us to handle, just solve a part of it," he told me.
...I've had a lot of time to think about excellence and how it applies to security. Unlike other IT specializations, where partial solutions can be effective, security has a lot more of an all-or-nothing aspect. There are some things we just have to do, or else we risk heavy consequences, up to and including complete failure of the company itself. Security is important to the continuing operation of the company.
If we try to save a few bucks by cutting our security budget, we might end up with a breach that could have been prevented, leading to loss of customer confidence, bad publicity, lack of compliance with legal regulations, theft of our confidential data by a competitor or worse.
...a successful security program requires excellence. Otherwise, the gaps and holes we don't close will be the ones that ultimately cause our downfall. ...Cheaping out on security can cost a lot more than it saves. ...we really do need the Cadillac. (more)
Mr. Rice is a brave man to stand by his principles under economic pressure. The fact that 'right' is on his side helps, of course. Having been called a Cadillac by a budget-bleeding client once, I feel his pain. I have also seen "complete failure of the company itself" for lack of a Cadillac-level business espionage countermeasures security program.
BTW, I own a Cadillac (five of them, over the past 15 years). Why? Basically, for its rock solid dependability. I have never lost a dime due to a breakdown keeping me from an appointment. Cadillacs are cost-effective assurance against failure. A long time ago, I had an Olds Cutlass (gurrr). Don't get me started. I learned my lesson.
BTW, I own a Cadillac (five of them, over the past 15 years). Why? Basically, for its rock solid dependability. I have never lost a dime due to a breakdown keeping me from an appointment. Cadillacs are cost-effective assurance against failure. A long time ago, I had an Olds Cutlass (gurrr). Don't get me started. I learned my lesson.
Encrypted Spyware Foils Antivirus Programs
via James Mulroy, PCWorld
Attackers in Brazil have found a way to sneak around antivirus programs by using cryptography.... the virus writers behind this particular attack publishes new mirrors and new variants of the malware about every 2 days, though the encryption code has remained the same so far. This is certainly scary for anyone out there that values their private information, and I just hope that the antivirus software companies can keep up. (more)
Today in Eavesdropping History...
On Nov. 17, 1973, President Nixon told an Associated Press managing editors meeting in Orlando, Fla., that "people have got to know whether or not their president is a crook. Well, I'm not a crook.''
Security Alert: Check Your Computer for Ghost Click DNS Settings (FREE)
Trend Micro and the FBI announced the dismantling of a criminal botnet, in what is the biggest cybercriminal takedown in history.
If you are worried that you might have been a victim of this criminal activity, the FBI have made an online tool available which will allow you to check if your DNS server settings have been tampered with.
First you will need to discover what your current DNS server settings are:
On a PC, open the Start menu by clicking the Start button or the Windows icon in the lower left of your screen, in the Search box type “cmd” and hit return (for Windows 95 users, select “Start“, then “Run“).This should open a black window with white text. In this window type “ipconfig /all” and hit return. Look for the entry that reads “DNS Servers” and note down the numeric addresses that are listed there.
On a Mac (yes they can be victims too), click on the Apple icon in the top left of your screen and select “System Preferences“, from the Preferences panel select the “Network” icon. Once this window opens, select the currently active network connection on the left column and over on the right select the DNS tab. note down the addresses of the DNS servers that your computer is configured to use.
FREE: You can check to see if these addresses correspond to servers used by the criminals behind Operation Ghost Click by using this online tool provided by the FBI, simply enter the IP addreses, one by one and click the “check ip” button. (more)
Worth checking. I did. Fortunately, no problems. ~Kevin
This concerted action against an entrenched criminal gang is highly significant and represents the biggest cybercriminal takedown in history. Six people have been arrested through multinational law enforcement cooperation based on solid intelligence supplied by Trend Micro and other industry partners. more than 4 million victims in over 100 countries have been rescued from the malign influence of this botnet and an infrastructure of over 100 criminal servers has been dismantled with minimal disruption to the innocent victims.
If you are worried that you might have been a victim of this criminal activity, the FBI have made an online tool available which will allow you to check if your DNS server settings have been tampered with.
First you will need to discover what your current DNS server settings are:
On a PC, open the Start menu by clicking the Start button or the Windows icon in the lower left of your screen, in the Search box type “cmd” and hit return (for Windows 95 users, select “Start“, then “Run“).This should open a black window with white text. In this window type “ipconfig /all” and hit return. Look for the entry that reads “DNS Servers” and note down the numeric addresses that are listed there.
On a Mac (yes they can be victims too), click on the Apple icon in the top left of your screen and select “System Preferences“, from the Preferences panel select the “Network” icon. Once this window opens, select the currently active network connection on the left column and over on the right select the DNS tab. note down the addresses of the DNS servers that your computer is configured to use.
FREE: You can check to see if these addresses correspond to servers used by the criminals behind Operation Ghost Click by using this online tool provided by the FBI, simply enter the IP addreses, one by one and click the “check ip” button. (more)
How to Control Wireless Devices in a Corporate Environment
Wireless poses a persistent threat to corporations today and all devices (laptops, smart phones, tablets, etc) must be integrated within a consistent enterprise security policy framework. In addition, an enterprise mobility solution must continuously monitor all mobile devices and dynamically adapt their capabilities for every situation.
McAfee and AirPatrol are hosting a FREE webinar showing how-to protect your mobile assets and enhance employee productivity.
(An education if you are trying to solve this problem.)
Date: Tuesday, Nov 29, 2011
Time: 1:00 pm US Eastern Time
Sign up for the FREE webcast.
McAfee and AirPatrol are hosting a FREE webinar showing how-to protect your mobile assets and enhance employee productivity.
(An education if you are trying to solve this problem.)
Date: Tuesday, Nov 29, 2011
Time: 1:00 pm US Eastern Time
Sign up for the FREE webcast.
21st Century Black Adders (Do You Trust Your IT People?)
NJ - A former Hoboken municipal employee is accused of breaking into Mayor Dawn Zimmer's e-mail account and forwarding them to other city officials.
Patrick Ricciardi is scheduled to be arraigned in federal court in Newark this afternoon.
Ricciardi was employed by Hoboken as an IT specialist. Prosecutors allege Ricciardi used his position and administrative privileges to break into Zimmer's e-mail account and forward e-mails to at least three city officials. (more)
Patrick Ricciardi is scheduled to be arraigned in federal court in Newark this afternoon.
Ricciardi was employed by Hoboken as an IT specialist. Prosecutors allege Ricciardi used his position and administrative privileges to break into Zimmer's e-mail account and forward e-mails to at least three city officials. (more)
It is not like I haven't warned you...
(from 2008) A new survey released this week shows nearly all company computer gurus say they wouldn’t hesitate to screw over their place of employment if they lost their jobs. A whopping 88 percent of IT professionals admit they’d happily hack everything from high-ranking passwords to customer info and sensitive R&D plans on their way out the door. A third of them say they already look through corporate data and know how much everyone’s making — and that’s just an average afternoon activity. (more)
(from 2008) A new survey released this week shows nearly all company computer gurus say they wouldn’t hesitate to screw over their place of employment if they lost their jobs. A whopping 88 percent of IT professionals admit they’d happily hack everything from high-ranking passwords to customer info and sensitive R&D plans on their way out the door. A third of them say they already look through corporate data and know how much everyone’s making — and that’s just an average afternoon activity. (more)
Wednesday, November 16, 2011
Norway Suffers Largest Case of Industrial Espionage in its History
National security officers in Norway have uncovered what they say is the most wide-ranging theft of industrial data in the country’s history.
Ten serious cases of industrial espionage are being investigated, say officers of the Police Security Service, or PST, and the National Security Authority.
Ten serious cases of industrial espionage are being investigated, say officers of the Police Security Service, or PST, and the National Security Authority.
...The Local has received suggests some industrial data has been stolen by simply inserting malicious memory sticks into the laptops of travelling company representatives.
“Whenever we go abroad, the whole hard disc has to be cleansed of spyware,” an IT worker in one of the industries targeted told The Local.
...The ten instances of computer espionage are just the tip of the iceberg, said Eiliv Ofigsbø of Norwegian Computer Emergency Response Team, or NorCERT, who also leads the NSM’s industrial espionage department.
“Whenever we go abroad, the whole hard disc has to be cleansed of spyware,” an IT worker in one of the industries targeted told The Local.
...The ten instances of computer espionage are just the tip of the iceberg, said Eiliv Ofigsbø of Norwegian Computer Emergency Response Team, or NorCERT, who also leads the NSM’s industrial espionage department.
...The attacks were said to occur at the point in contract negotiations when email exchanges reached fever pitch. Key people were then identified and their computer links to company databases hacked, in some cases for months.
“We have to assume they have taken large amounts of information,” Ofigsbøe told The Local. “Anything else would be naïve.” (more)
“We have to assume they have taken large amounts of information,” Ofigsbøe told The Local. “Anything else would be naïve.” (more)
Hiding Secret Data in VoIP Phone Calls
Researchers have devised a new scheme for hiding secret data within VoIP packets, making it possible to carry on legitimate voice conversations while stolen data piggybacks on the call undetected, making its way to thieves on the outside.
Click to enlarge. |
Called transcoding steganography or TranSteg, the method calls for setting a larger-than-necessary payload space in VoIP packets and using the extra room to carry covert messages. In their experiment the researchers could send 2.2MB of covert data in each direction during an average seven-minute phone call.
As with all steganography, the objective is to deliver covert data without raising suspicions that a secret message even exists. (more)
As with all steganography, the objective is to deliver covert data without raising suspicions that a secret message even exists. (more)
IN PICTURES: A brief history of steganography
Labels:
computer,
data,
FutureWatch,
Hack,
leaks,
steganography,
VoIP
Monday, November 14, 2011
NZ PM Discovers News Reporter's Bug
New Zealand prime minister John Key has filed a complaint with the police about an alleged secret recording made during the country's national election campaign.
Mr Key was having a cup of tea on Friday with a candidate for the ACT Party which is part of the governing coalition.
The event was organised as a picture opportunity, but after recording inside the cafe media were told to shoot from outside.
A radio microphone was left on the table in a pouch and discovered later by Mr Key.
A freelance cameraman says he left it there by mistake but handed a copy of the recording to the Herald On Sunday newspaper. (more)
Mr Key was having a cup of tea on Friday with a candidate for the ACT Party which is part of the governing coalition.
The event was organised as a picture opportunity, but after recording inside the cafe media were told to shoot from outside.
A radio microphone was left on the table in a pouch and discovered later by Mr Key.
A freelance cameraman says he left it there by mistake but handed a copy of the recording to the Herald On Sunday newspaper. (more)
Most free Android anti-malware scanners 'near to useless'
Summary: Most products achieved 0% detection rate.
Free anti-malware apps for the Android operating system are ‘near to useless’ according to anti-malware testing specialists AV-Test.org.
The results of the testing [PDF download] were quite shocking, with most products achieving 0% detection rate. The best product, Zoner Antivirus Free, scored a miserable 32% in a manual scan and a more respectable 80% when it came to a real-time scan. And remember, this is the best of the free apps! (more)
http://tinyurl.com/BuyTheShirt |
The results of the testing [PDF download] were quite shocking, with most products achieving 0% detection rate. The best product, Zoner Antivirus Free, scored a miserable 32% in a manual scan and a more respectable 80% when it came to a real-time scan. And remember, this is the best of the free apps! (more)
Sunday, November 13, 2011
AAA Rolls Out Free Program to Spy on Teen Drivers
Erica Solum, a senior at Garces Memorial High School, didn't know she was being tracked. When she drove, her every movement was recorded, from her speed to location.
It wasn't until the 17-year-old was driving home from school Thursday that she noticed a small device, about the size of the palm of her hand, plugged into the Cadillac DeVille she drives.
When her father, Eric Solum, sat her down in front of the computer Thursday night, Erica connected the dots.
"He showed me the website page that said AAA Onboard," Erica Solum said. "(I said) 'Dad, is this a tracking device for teenagers?'" (more)
It wasn't until the 17-year-old was driving home from school Thursday that she noticed a small device, about the size of the palm of her hand, plugged into the Cadillac DeVille she drives.
When her father, Eric Solum, sat her down in front of the computer Thursday night, Erica connected the dots.
"He showed me the website page that said AAA Onboard," Erica Solum said. "(I said) 'Dad, is this a tracking device for teenagers?'" (more)
Wow, a 17-year old with a Cadillac De Ville?!?! All I ever got was my mom's dorky Rambler station wagon with a leaky head gasket (and was happy to get to borrow it). Hope she doesn't complain about the monitoring. I would have agreed to a 24/7 alien anal probe to monitor my "every movement" in a Cadillac De Ville!
/rant ~ Kevin
Subscribe to:
Posts (Atom)
Johnson "We still seek no wider war"
Nixon SEE ABOVE
Carter "I would not use military force to free the hostages"
Reagan "We did not -- repeat did not -- trade weapons or anything else for hostages nor will we."
GHW Bush "Congress will push me to raise taxes...and I'll say read my lips, no new taxes!"
Clinton "I did not have sexual relations with that woman Miss Lewinsky"
GW Bush "We have found Weapons of Mass Destruction in Iraq"