REPORT: Corporate Espionage Against Nonprofit Organizations

How common is corporate espionage against nonprofits?
Most of the cases of corporate espionage we know about in recent years have been uncovered by accident. There has been no comprehensive, systematic effort by federal or state government to determine how much corporate espionage is actually occurring, and what tactics are being used. It is likely that corporate espionage against nonprofits occurs much more often than is known. 

Get the "T"

Who actually conducts the espionage?
When a nonprofit campaign is so successful that it may impair a company’s profits or reputation, companies may employ their own in house espionage capabilities, or they may retain the services of an intermediary with experience in espionage...

The intermediary may hire a private investigations firm that either has multiple espionage capacities or that specializes in the particular kind of intelligence needed – such as human intelligence and the infiltration of nonprofits, or electronic or physical surveillance. These private investigations firms may subcontract out espionage to experienced operatives, which gives corporations access to specialized talent while further increasing the level of plausible deny-ability...
 
Corporations may also hire the services of experienced nonprofit infiltrators who may pose as volunteers, to scout out workplaces and to steal documents left unattended or unguarded. Corporate spies may also plant bugs to obtain and transmit verbal communication. Both offices and homes may be targeted for the gathering of physical intelligence. (more)

Security Directors: FREE Security White Paper - "Surreptitious Workplace Recording ...and what you can do about it."   

Corporate Espionage Infographic

Infographic via David Schilling, Industry Tap.

Recent Technological Innovations Have Completely Changed the Game of Espionage

According to the FBI, competitors criminally seek economic intelligence by aggressively recruiting employees and conduct economic intelligence through bribery, cyber attacks, theft of property, dumpster diving and wiretapping.  

They also establish seemingly-innocent business relationships between foreign companies and U.S. industries to gather economic intelligence, including trade secrets. 

Technologies Used for Espionage

Many of the technologies now used for espionage are just updated versions of previous technology: smaller, lighter and orders of magnitude more powerful.

• Spying Equipment
• Spy Cameras
• Lock Picks
• Computer Hacking
• Network Intrusion
• Video Pen Cameras
• Miniature Cameras
• Mobile Phone Spy Gadgets
• Call Recorders
• SIM Card Readers
• Stun Guns Looking Like Cell Phones
• Telebugs
• Bionic Ear Boosters
• Voice Changers
• Audio Jammers
• Wireless Video Cameras
• Pinhole Video Cameras
• Google Glass type sunglasses, or glasses that record video, pictures and sound
• Asset Tracking Devices
• GPS Tracking Devices

Equipment to Protect You from Spies

• Cellphone Detectors
• Bug Detectors
• Thermal Vision
• Surveillance Cameras (more)

And, of course, us.

Audio Surveillance Laws (Party Consent) by State

Click here for statutes.

Click to enlarge.

Mass Surveillance Is Big Business: Corporations Are as Good at Spying as Governments

Data is the currency of surveillance, and it's not just the NSA and GCHQ looking to cash in. As a newly released cache of documents and presentation materials highlights, the private surveillance industry is booming. More shocking is that many firms claim in their own corporate PowerPoints that they've got capabilities that rival that of the government giants.

The document trove, called the Surveillance Industry Index (SII) and released by Privacy International, and contains 1,203 documents from 338 companies in 36 countries, all of which detail surveillance technologies...
 
Of course, that world isn't open to average consumers, which is why SII—and previously, Wikileaks' Spy Files, among others—is eye-opening. What's even more concerning than systems that guarantee "complete data inflow from all networks" is who's buying it. And while all the brochures I've read so far are careful to specify that surveillance tech is only for legal data collection, "legal" is a very fluid term worldwide...

There's a very good reason that the UN High Commissioner called privacy a human right earlier this year: The vast tools available to people with enough money and network access are more capable of accessing private information than ever before...

"There is a culture of impunity permeating across the private surveillance market, given that there are no strict export controls on the sale of this technology, as there on the sale of conventional weapons," Matthew Rice, a research consultant with Privacy International, told The Guardian. (more)

Business Espionage - IKEA Snooping Investigation Continues

French police are questioning top executives of the Swedish furniture chain IKEA after allegations that the company illegally used police files to spy on staff and customers.

The arrests of the chief executive officer of IKEA France, Stefan Vanoverbeke, his predecessor, and the chief financial officer, come after more than a year and a half of investigations.

Police searched the company’s head office outside Paris 11 days ago. (more)

Snooping on Credit Cards with Shopping Carts

Researchers at the University of Surrey, UK have successfully used readily available and inexpensive electronic components, combined with a shopping cart antenna, to eavesdrop on NFC and HF RFID contactless communication.

The shopping cart did not perform as well as a small inductive loop antenna (that could be concealed with the electronics in a backpack) but neither are likely to arouse suspicion. 

The researchers say that the eavesdropping distance can be as much as 100cm but is dependant on the strength of the magnetic field generated by the victims device. 

Companies like VISA, Mastercard and Google who have already developed platforms for contactless payments can now add eavesdropping to the existing security threats of skimming and relay attacks. Original paper here (PDF).

Seattle, where a java junkie hanging on a light pole won't be alone.

If you're walking around downtown Seattle, look up: You'll see off-white boxes, each one about a foot tall with vertical antennae, attached to utility poles. If you're walking around downtown while looking at a smartphone, you will probably see at least one—and more likely two or three—Wi-Fi networks named after intersections: "4th&Seneca," "4th&Union," "4th&University," and so on.

That is how you can see the Seattle Police Department's new wireless mesh network, bought from a California-based company called Aruba Networks, whose clients include the Department of Defense, school districts in Canada, oil-mining interests in China, and telecommunications companies in Saudi Arabia.

The question is: How well can this mesh network see you? (more)

Vegas, where a drunk hanging on a light pole won't be alone.

What happens in Vegas stays... with the authorities? 
Las Vegas is installing Intellistreets, which are street lights that have many talents -- including the ability to record sound and shoot video. (video report)

Economic Espionage: Competing For Trade By Stealing Industrial Secrets

In September 2012 FBI agents in Kansas City, Missouri, arrested two Chinese nationals, Huang Ji Li and Qi Xiao Guang, after they paid $25,000 in cash for stolen trade secrets pertaining to an American company’s manufacture of cellular-glass insulation, or foam glass.

Huang trespassed onto the company’s flagship plant in Sedalia, Missouri, 3 months prior and asked suspiciously detailed questions about the facility’s manufacturing process for the insulation. It also is believed he approached an employee at the company’s corporate headquarters in Pittsburgh, Pennsylvania, just days before seeking to build a foam-glass factory in China.

A judge sentenced Huang to 18 months in prison and a $250,000 fine in January 2013 and Qi, Huang’s interpreter, to time served, a $20,000 fine, and deportation. During sentencing, company officials estimated the value of the targeted trade secrets at $272 million. 

The threat of economic espionage and theft of trade secrets to U.S.-based companies is persistent and requires constant vigilance. Even after Huang was arrested, pled guilty, and was sentenced, investigators believed the company’s trade secrets still were at risk for targeting by would-be competitors. (more)

Corporate espionage: The spy in your cubicle

Corporate espionage from a German perspective...
At a trade fair, the head of a company discovers a machine developed by his own employees - but at the stand of a competitor, where the new item is proudly displayed. Looking through his company's inventory, he sees four new printers, even though he in fact ordered five. And to top things off, he's having problems with the state prosecutors, who say his firm is implicated in a bribery charge. His company, in short, has fallen victim to industrial espionage - three times over. 

Since 2001, some 61 percent of German companies have fallen prey to these or similar crimes. In 2013, by comparison, just 45 percent of German firms were entangled in such an affair. Those were the conclusions of a study conducted by business consulting giant PricewaterhouseCoopers (PCW) together with Martin Luther University in Halle-Wittenberg (MLU). For the study, more than 600 German companies, each with at least 500 employees, were examined every two years...

...in the areas of "industrial espionage, economic espionage and the leaking of work and business secrets," there have been frighteningly high numbers of suspected cases. And there could be far more, the analyst added, since being spied upon doesn't necessarily mean that you know it's happening. Corruption ends with prosecutors knocking at the door; an inventory check usually clears up theft. But with spying, "Nothing is gone." (more)

Part of the Security Scrapbook's reason for being is that last sentence. Tracking some of the business espionage stories per year indicates the size of the problem. 

Example: If 1% of business espionage is discovered, and 1% of discovered business espionage becomes news, then 50 business espionage news stories equals 500,000 business espionage attacks — 499,950 of which were successful. Adjust the percentages to suit yourself, but you get the idea. 

The point is, you won't know when your intellectual and strategic pockets are being picked. Especially, if you are not checking regularly. 

Call me. I can help.

Private Investigator + Software Firm = Cell Phone Spyware Arrest

India - The Central Crime Branch (CCB) police arrested two persons, who allegedly used a software to collect confidential and personal data of cellphone users, for detective purposes...

The preliminary investigation has revealed that several mobile numbers of clients all over India have been snooped upon over the past year, the police said.

[The] firm was allegedly involved in using snooping software on Android and Blackberry based mobile phones. The firm was allegedly monitoring phone calls and messages of people, on behalf of their clients for detective purposes...

Once the software is installed and whenever user starts using the mobile, all data pertaining to his calls including conversation recordings / messages / e-mails, chats, picture and videos on the mobile phone would be automatically uploaded to a server hosted somewhere else using the target mobile phone’s GPRS data.

Even the exact geographical movements of the target in terms of latitude and longitude would be recorded and sent to the server in real time. The clients of detective agencies would be provided with a login username and password to view the data and movements of target’s mobile phone on a web browser and Google maps. (more)

More Kinds of Corporate Spies Target More Kinds of Trade Secrets

Efforts to steal trade secrets from U.S. companies continue at a high level and are hitting new targets, in spite of major efforts to stop such industrial espionage. Losing trade secrets hurts the economy by discouraging investments in the research critical to growth. Some new players are getting into the fray, and the attacks hit a huge variety of businesses from high tech to high fashion.

Plans for a fighter jet are an obvious target for corporate and other kinds of spies, but experts say industrial espionage also has been aimed at high fashion designers and toymakers, innovative steel makers, food and beverage companies, clean energy research and wind turbine makers. Corporate spies also are seeking information about the management practices that guide successful businesses. (think boardroom bugging) (more)

Secret Agent Suits - Odds Are You Live to See Tomorrow

"We offer our clients a bullet-proof suit to keep them safe during their travels to dangerous places for work. We wanted to create a lightweight garment that not only looks professional, but can also act as reliable body armor. The idea was to create a stylish and discreet alternative to wearing a bulky bullet proof vest underneath a suit. This way, our clients, wouldn’t have to worry about looking awkward during meetings, and they can travel to work feeling comfortable, safe, and confident.

This past year, Garrison Bespoke worked alongside suppliers for the US 19th Special Forces in developing the custom bulletproof suit. Using nanotechnology, it’s comprised of the same carbon nanotubes designed for the US troops’ uniforms in Iraq. Yet, the patented suit material is a lot thinner and flexible; fifty percent lighter than Kevlar (the material commonly used in bullet-proof gear). The entire suit acts like a shield, with nanotubes in the fabric hardening to block force from penetrating through.

The Garrison Bespoke bullet proof suit was made to fulfill three important expectations: First, to be modern and stylish. Second, to be light and comfortable. And, third, to be reliable and safe. After putting the suit to test, we can proudly say that all expectations have been met." (more)

Prices start around $20,000.00.

Hacker Who Helped Catch Cheating Lovers in FBI's Sights

Among the five people added this week to the FBI's list of "most wanted" cyber criminals is a former San Diego college student who developed an $89 program called "Loverspy" or "Email PI." Sold online from his apartment, the program was advertised as a way to "catch a cheating lover" by sending the person an electronic greeting card that, if opened, would install malicious software to capture emails and instant messages, even spy on someone using the victim's own webcam.

Click to enlarge.

The case of Carlos Enrique Perez-Melara, 33, is noteworthy because he appears to have made relatively little money on the scheme, unlike others on the FBI list who were accused of bilking millions of dollars from businesses and Internet users worldwide. But Perez-Melara, a native of El Salvador who was in the United States on a student visa in 2003 when he sold the spyware, allegedly helped turn average computer users into sophisticated hackers who could stalk their victims...

In addition to hacking-for-hire services, there is an established commercial market for snooping software that domestic violence advocates warn can also be used to stalk victims. Software such as ePhoneTracker and WebWatcher, for example, are advertised as ways to monitor kids' online messages and track their location. For $349 a year, Flexispy of Wilmington, Del., promises to capture every Facebook message, email, text and photo sent from a phone, as well as record phone calls. These services generally would be legal only if the person installing the software also owned the device or were given consent by the owner. (more)

The Current State of Cyber Security in Latin America

Latin America is experiencing tremendous growth—unfortunately the growth in question relates to cyberattacks. “If you look at Peru, you see 28 times as much malware in 2012 as in 2011; Mexico about 16 times; Brazil about 12 times; Chile about 10; and Argentina about seven times,” said Andrew Lee, CEO of ESET. These tremendous growth rates are expected to continue in the coming years, Lee noted.

Tom Kellermann, vice president of cybersecurity at Trend Micro, a network security solutions company. He discussed a report that Trend Micro released jointly with OAS called Latin American and Caribbean Cybersecurity Trends and Government Responses. 

Kellermann noted that while organized crime groups, such as narco-traffickers, have embraced cybercrime, the governments of Latin American countries haven’t been able to keep up in terms of defending against this type of crime. “Only two out of five countries have an effective cybercrime law, let alone effective law enforcement to hunt [cyberattackers],” he said. (more)

NSA Spy Scandal - The Final Word?

Get Over It: America and Its Friends Spy on Each Other

"All history teaches us that today's allies are tomorrow's rivals." John le Carré 

With the French saying they are shocked—shocked!—to discover that America is spying on them, and the long-monitored German chancellor, Angela Merkel, reportedly in a state of outrage, this may be a good time to explain why it is considered so necessary. Why monitoring "foreign-leadership intentions" is a "hardy perennial" in U.S. espionage practice, as National Intelligence Director James Clapper put it during congressional hearings this week. And why most of what is done today, one way or another, is likely to go on. 

...the NSA may be reined in. But one way or another, the spying will go on.  (more)

This story was written by, Michael Hirsh, chief correspondent for National Journal. Alternate ends to the NSA story don't seem plausible. Think back to the Church Committee hearings and Secretary of War, Henry L. Stimson... "Gentlemen do not read each other's mail." 

Stimson's views on the worth of cryptanalysis had changed by the time he became Secretary of War during World War II, before and during which he, and the entire US command structure, relied heavily on decrypted enemy communications. (wikipedia)

Security Director Alert - Draft a 'No Recording' Policy for Your Company

IMPORTANT 
Here's why... 

by Philip L. Gordon, Littler Mendelson P.C.
With audio recording applications (“apps”) often standard issue on ubiquitous smart phones, employees are now armed with a relatively inconspicuous way to capture their supervisor’s every gaffe.  

Signs available here.

In September, a $280,000 jury verdict in favor of an employee on race and sex discrimination claims demonstrated just how damaging an audio recording can be in employment litigation. In that case, the plaintiff, who is African American, caught her supervisor, who is Hispanic, using the “N” word on tape, and the judge admitted the recording into evidence. Putting aside the risk of employees collecting damaging evidence for anticipated litigation, the ever-present specter of audio recording can undermine the type of corporate culture that so many employers are trying to encourage nowadays, one that thrives on collaboration and candid discussion among colleagues.

In 13 states — California, Connecticut, Delaware, Florida, Illinois, Maryland, Massachusetts, Michigan, Montana, Nevada, New Hampshire, Pennsylvania and Washington — anti-wiretap laws generally prohibit the recording of face-to-face communications without the consent of all parties to the communication. However, in the remaining 37 states and under federal law, audio recordings, whether surreptitious or not, are legal so long as the person making the recording participates in the recorded conversation. In these states, secret recordings by one of the participants not only are legal, but the former Acting General Counsel (“Acting GC”) of the National Labor Relations Board (NLRB) recently took the position that workers have a legally protected right to record their co-workers and managers. In a decision published on October 30, 2013, an administrative law judge (ALJ) flatly rejected the Acting GC’s position and upheld the employer’s general prohibition on all audio recordings in the workplace without prior management approval.

The employer in that case, Whole Food Markets, promulgated the prohibition to thwart the “chilling effect” of workplace audio recording. More specifically, Whole Foods’ policy explains that concern about audio recording “can inhibit spontaneous and honest dialogue especially when sensitive or confidential matters are being discussed.” Although not stated in the policy, Whole Foods’ head of human resources testified that the policy applied to all employees, whether management or non-management; to all devices that captured voice; and in all areas of the store, including the store’s parking lot and entrance area; but only during working time. (more)

Ask Philip Gordon about drafting a "no recording in the workplace" policy for you. 
Be sure to add video, too.

Security Directors: FREE Security White Paper - "Surreptitious Workplace Recording ...and what you can do about it."   

The Wall of Sound Meets its Match - Sono - An Acoustical Wall Filter Idea

Austrian industrial designer Rudolf Stefanich has created a concept device that is capable of filtering outside noise from entering your room.

Called ‘Sono’, it transforms any window into an “active noise canceling system”, allowing users to eliminate and filter the sounds that pass through their windows.

By turning a knob, the device filters out disruptive noises like car horns and construction works, but allows pleasant sounds like birds chirping or the sound of the wind through.
“In our loud and busy world, a moment of silence has become a scarce and almost luxurious experience,” said Stefanich. “Sono lets you reclaim that silence for your home.” (more)

FutureWatch - The same concept could be used to prevent eavesdropping via acoustical leakage from rooms.

A Brief Spy Technology Retrospective

Government surveillance is nothing new. The United States started tracking telegraphic information entering into and exiting the country in 1945. The technology associated with spying, however, has become much more advanced. History shows a steady evolution of the ways governments secretly gather information.

More info about The Thing.

"Spying has gone on throughout history," says Peter Earnest, a former Central Intelligence Agency officer and executive director of the International Spy Museum. "Since globalization, spying has increased because countries want to know what other countries are doing.The discipline of intelligence has already increased a great deal in the post-Cold War world."

Briefcase recorders in the 1950s led to transmitters hidden in shoes in the 1960s. By the early 1970s, bugs hidden in tree stumps intercepted communication signals. Devices continued to become more compact. In the 1980s, tiny transmitters with microphones were hidden in pens.

The advent of the Internet ushered in the Web bug, which tracked who viewed websites or e-mails and provided the IP address of an e-mail recipient. In 2013, drones and computer programs continue to develop as surveillance tools.

So how does the future look for spying?

"It looks good," Earnest said. (more, with photos of spy gear)

How a Slight Movement Can ID Your Smartphone

One afternoon, security researcher Hristo Bojinov placed his Galaxy Nexus phone face up on the table in a cramped Palo Alto conference room. Then he flipped it over and waited another beat. And that was it. In a matter of seconds, the device had given up its "fingerprints."

Code running on the website in the device's mobile browser measured the tiniest defects in the device's accelerometer — the sensor that tracks movement — producing a unique set of numbers that advertisers could exploit to identify and track most modern smartphones.

The accelerometer enables, among other things, the browser to shift from landscape to vertical as a user tilts the phone. It turns out every accelerometer is predictably imperfect, and slight differences in the readings can be used to produce a fingerprint. Marketers could use the ID the same way they use cookies — the small files that download from websites to desktops — to identify particular users, monitor their online actions and target ads accordingly.

It's a novel approach that raises a new set of privacy concerns: Users couldn't delete the ID like browser cookies, couldn't mask it by adjusting app privacy preferences — and wouldn't even know their device had been tagged. (more)

When Paranoids Collide they Blow the Whistle on Tea Kettles

Customs agents in Russia found tea kettles and irons bugged with tiny Spyware chips that exploit WiFi connections, reports a local news outlet coming out of St. Petersburg.

According to Gizmodo, the microchips are capable of spreading spam and malware to WiFi-enabled devices within 200 meters.  Specific details of the dodgy shipments remain shady...

Simon Sharwood of The Register reports that it is indeed possible to build a spambot small enough to fit inside of a kettle, as the necessary components are small and cheap enough...

One question remains unanswered, however: why would China send bugged tea kettles to spy on the ordinary tea-drinkers of Russia?

Gizmodo suggests that perhaps local authorities were mistaken about their findings, pointing out that WiFi tea kettles already exist.

Business Insider speculates that if the kettles are bugged, it could very well be a test for larger operations to plant such microchips.

We'll let you weave your own intricate conspiracy theory. (more)

Last Week on Halloween

This Judge is a Surveillance Expert. He has Cred.

James G. Carr ’62, a senior judge on the U.S. District Court for the Northern District of Ohio and a former member of the Foreign Intelligence Surveillance Court (FISC), described the process through which the federal government conducts electronic surveillance and railed against National Security Agency (NSA) whistleblower Edward Snowden in a talk in the Gund Gallery’s Community Foundation Theater...

Carr told his audience “every one of us in this room probably has been overheard under a FISA warrant... It’s a general search,” Carr said, “that which the Fourth Amendment most directly and most clearly, unequivocally prohibits. Nobody can dispute that.”...

In July, Carr wrote an op-ed in The New York Times calling for Congress to reform the court. He suggested judges be allowed to appoint outside lawyers to “represent the interests of the Constitution and the public” in cases where a novel issue, such as new surveillance technology, is present in the warrant application. Government agents are required to inform the court if their application raises that kind of issue...

Carr had harsh words for Edward Snowden, the former NSA contractor who provided documents about NSA surveillance procedures to journalists before fleeing to Hong Kong and then Russia. He asked audience members how many of them thought Snowden’s actions were worthwhile, and upon seeing hands raise, said, “I want to try and disabuse you of that view.”

Snowden, he said, had been “in the hands of the Chinese and the Russians for months, and if anybody in this room thinks for a moment that they don’t know everything he learned … c’mon now.” 

The NSA, Carr said, “does a crucially important job,” whereas Snowden, whom he mockingly called “the great American patriot,” had done “irredeemable” damage.

In the Q & A after the talk, one student asked Carr, “Why bother protecting our lives if you don’t first protect our rights?” Carr responded, “Because if we have no lives, we have no rights.” (more)

Why is Carr the expert? 
Because he wrote the book. (more)

10 Most Audacious Eavesdropping Plots

Operation Ivy Bells
At the height of the cold war, the National Security Agency, CIA and the US Navy collaborated to tap into underwater communication lines used by the Soviet Union. 

Operation Stopwatch
This joint operation between the CIA and the British Secret Intelligence Service was again an attempt to tap into communications by the Soviet Military.

The Cambridge Spies
Rather than relying on modern eavesdropping, this operation used old fashioned infiltration.

Click to enlarge.

The Gunman Project
During 1976, the KGB managed to install miniaturized eavesdropping equipment and transmitters inside 16 IBM Selectric Typewriters used by staff at the US embassy in Moscow and consulate in Leningrad. 

The Bundesnachrichtendienst Trojan Horse Affair
Germany may have been the victim off NSA eavesdropping, but its own Federal Intelligence Service, the Bundesnachrichtendienst, has also engaged in such activities.

The MI6 Spy Rock
In a modern version of the dead letter drop, British spies working out of the embassy in Russia used a transmitter concealed in an artificial rock to pass classified data. 

Acoustic Kitty
Acoustic Kitty was a top secret 1960s CIA project attempting to use cats in spy missions, intended to spy on the Kremlin and Soviet embassies. (more)

Moles in Berlin

In 1956, American and British agents tunneled into East German territory in order to tap a telephone line. This allowed them to eavesdrop on important conversations between Red Army leaders and the KGB. A segment of the tunnel can now be visited. (more)

U2
An international diplomatic crisis erupted in May 1960 when the Union of Soviet Socialist Republics (USSR) shot down an American U-2 spy plane in Soviet air space and captured its pilot, Francis Gary Powers. Confronted with the evidence of his nation's espionage, President Dwight D. Eisenhower was forced to admit to the Soviets that the U.S. Central Intelligence Agency (CIA) had been flying spy missions over the USSR for several years. (more)

Animal Spies
A former CIA trainer reveals, the U.S. government deployed nonhuman operatives—ravens, pigeons, even cats—to spy on cold war adversaries. “We never found an animal we could not train.” (more)

What Corporations Can Learn from the Vatican

Contrary to a widely circulated report, the US National Security Agency (NSA) could not have eavesdropped on the conclave that elected Pope Francis, a veteran Vatican journalist has reported.

Andrea Tornielli of La Stampa writes that the Vatican had deployed sophisticated anti-bugging technology in the Sistine Chapel and throughout the apostolic palace in the days leading up to the conclave. The anti-bugging measures were already in place during the general congregations at which cardinals exchanged ideas prior to the opening of the conclave. Reporters who were in the building testified that internet connections were interrupted and cell-phone signals lost when the system was activated. 

Vatican security experts take pride in their ability to foil espionage, Tornielli reports. (more)

Can a Perv Skirt Privacy Laws by Raising The First Amendment?

MA - An Andover man is hoping to slip past the law by arguing women in skirts are taking a chance when they ride the T (Boston's transit system) because there’s no guarantee of privacy. 

Michael Robertson is appealing to the state’s highest court saying he didn’t commit a crime when he allegedly tried to take cellphone photos up women’s dresses on the Green Line in August 2010.

That “up-skirt” case included an undercover transit cop and another T passenger. The 31-year-old now faces more than two years in jail if convicted of two counts of photographing an unsuspecting nude or partially nude person.

His lawyer argues it’s the outdated law that’s in the wrong — not her (sic) client — and other photographers could have their First Amendment rights trampled, too. (more)

Music to Spy By

via Jason Whiton, SpyVibe.blogspot.com...The UK distributor, Network (the "Criterion Collection" of retro TV/Film), has been tempting us for some time with news of upcoming remastered vinyl soundtracks from spy shows like The Prisoner, Department S, and The Saint. Some lucky collectors in Britain even had a chance to pick up a limited-edition EP of spy tunes during the last Record Store Day.

From Network's On Air newsletter: "It’s a measure of the quality of the music from these series that it can be enjoyed outside of the context of the programmes themselves, as our previous soundtrack releases on CD have demonstrated. 

Now, with the resurgence of interest in that formerly archaic artefact the LP record, we’re proud to present the first in a series of brand-new audiophile releases on 180g virgin vinyl. 

Although high-quality masters were already available from the CD releases, we have returned to the original analogue tapes which have been mastered afresh for vinyl to take advantage of the format’s more subtle dynamic range. Mastering and vinyl cutting have been supervised by one of the very best in the business – Ray Staff of AIR Studios – ensuring that these tracks have never sounded so good since they went down onto tape in the late 1960s." (more)

High School Football Spying?!?! - Four Destrehan Coaches Accused

LA - Five people, including four Destrehan High School assistant football coaches, were booked with unauthorized use of intellectual property Wednesday after they allegedly used a leaked computer password to get a sneak peek at the game plan of their upcoming opponent, South Lafourche. 

Others could still be charged, said Brennan Matherne, public information officer for the Lafourche Parish Sheriff’s Office...

The criminal charges are the latest fallout stemming from an incident in which the coaches allegedly used computers to spy on South Lafourche’s football practices last week.

The scandal already has resulted in a forfeit for Destrehan and sanctions for the coaches involved. (more)

Encryptor's Unite! - From Those Wonderful Folks Who Brought You Lavabit & Silent Circle

Our Mission - To bring the world our unique end-to-end encrypted protocol and architecture that is the 'next-generation' of private and secure email.

As founding partners of The Dark Mail Alliance, both Silent Circle and Lavabit will work to bring other members into the alliance, assist them in implementing the new protocol and jointly work to proliferate the worlds first end-to-end encrypted 'Email 3.0' throughout the world's email providers. 

Our goal is to open source the protocol and architecture and help others implement this new technology to address privacy concerns against surveillance and back door threats of any kind. (more)

In the Days Before Spread Spectrum Communications - Spread Wings Communications

Read all about America's secure communications laboratory, just miles from the Countermeasures Compound, in Ft. Monmouth, NJ... (more)

Mobile Phone Use a Significant Security Risk for Companies

New research suggests that companies are leaving themselves open to potentially serious security and legal risks by employees’ improper use of corporate mobile devices.

Buy them the Cone of Silence.

Experts from the University of Glasgow looked at a sample of mobile phones returned by the employees from one Fortune 500 company and found that they were able to retrieve large amounts of sensitive corporate and personal information. The loss of data such as this has potential security risks, inviting breaches on both an individual and corporate level.

A University of Glasgow release reports that the data yielded by this study on thirty-two handsets included a number of items that could potentially cause significant security risks and, lead to the leakage of valuable intellectual property or exposed the company to legal conflicts. (more)

Kremlin Alledegly Slipped Spy Gadgets into G20 Summit Gift Bags

Russian hosts of the Group of 20 summit near St. Petersburg in September sent world leaders home with gifts designed to keep on giving: memory sticks and recharging cables programmed to spy on their communications, two Italian newspapers reported Tuesday.

A Kremlin spokesman denied the allegations reported by Il Corriere della Sera and La Stampa, both of which attributed their stories to findings of technical investigations ordered by the president of the European Council and carried out by German intelligence.

The USB thumb drives marked with the Russia G20 logo and the three-pronged European phone chargers were "a poisoned gift" from Russian President Vladimir Putin, Turin-based La Stampa said in its report.

“They were Trojan horses designed to obtain information from computers and cellphones,” the paper said.

The bugging devices were included in gift bags given to all delegates who attended the Sept. 5-6 summit at the palace in Stelna, outside of St. Petersburg, the newspapers said. (more)

Too obvious to be true? 
You decide.

Do You Have an IT Spy Guy?

Two tales to get you thinking...

Old tech equipment rarely dies, it just finds a new home -- and sometimes, that home is with your IT employees... The problem with taking equipment bound for the scrap heap or the recycling bin is that it often still contains sensitive data, which if lost could result in massive liability for the company that owns the equipment. Think... It is more than just theft, much more.

"There are no secrets for IT," says Pierluigi Stella, CTO for managed security service provider Network Box USA. "I can run a sniffer on my firewall and see every single packet that comes in and out of a specific computer. I can see what people write in their messages, where they go to on the Internet, what they post on Facebook. In fact, only ethics keep IT people from misusing and abusing this power. Think of it as having a mini-NSA in your office." Also think... "The scariest thing is that the same people who present the greatest risk are often the very people who approve access." (more)

Business Espionage in America - We Lose More Than We Take in Taxes

The United States has known for sometime that it has been victimized by economic espionage mounted by other countries, especially China and Russia. According to a counterintelligence expert hired by companies to help them counter this threat, the toll for these crimes is far, far higher than what has been officially reported.

Economic espionage represents “the greatest transfer of wealth in history,” said General Keith Alexander, NSA director and commander of U.S. Cyber Command, at the American Enterprise Institute in 2012...

Due to the nature of the business, it is often difficult to place solid numbers on the cost of economic espionage. To protect their investors, companies rarely want to announce breaches by spies or hackers to the public, and government agents often find gathering enough evidence to charge an insider with espionage difficult.

The lack of transparency on economic espionage makes it a difficult problem to tackle.

The FBI estimates that economic espionage costs the U.S. $13 billion a year, yet their numbers are based only on current FBI cases where spies have been caught and charged. It does not include the majority of theft that was not reported, or the scale of breaches that are unknown to the companies...

During his speech, General Alexander said investigations by the FBI and other agencies find that for every company that detects a cyberattack there are 100 others that are unknowingly being hacked...

Nonetheless, U.S. companies are still largely on their own when it comes to defending against economic espionage, and the threat is very real. When the “Economic Espionage Penalty Enhancement Act of 2011″ was passed, former U.S. Senator Herb Kohl said in a press release “As much as 80 percent of the assets of today’s companies are intangible trade secrets.” (more)

You don't have to be on your own. Help is available. Call me.

Ankle Bracelets Have Criminals Bugged

Ankle bracelets featuring GPS tracking technology can do more than allow authorities to follow the whereabouts of criminals ordered to wear them. They also can be used to eavesdrop on conversations without the wearer knowing what’s going on.

In Puerto Rico, defense lawyer Fermín L. Arraiza-Navas learned about the bracelet’s expanded surveillance capabilities after meeting with clients fitted with the technology. He told the Puerto Rico Center for Investigative Reporting (CPIPR) that clients noticed the bracelets would vibrate when having conversations with lawyers and others.

One client said authorities spoke to him through a hidden phone feature included in the bracelets, which are manufactured by a Utah-based company, SecureAlert. (more)

A Brilliant Halloween Costume, More LED Fun, and a tip of the tin foil hat to the ultimate paranoid!

It's Friday. 
Oddball time!


Weekend Electronics Project
Extreme LED Throwies

Click to enlarge.

LED throwies are cheery glow-dots you can make in seconds from simple components and stick to any ferro-magnetic surface. But that’s just the beginning — click link to learn how to hack and modify them. Easy to make!

...and an anti-NSA home... (just kidding)

Encryption Infographic

Every wonder how good your encryption is?

Citing "Terrifying" Surveillance Tactics, Yet Another U.S. Privacy Service Shuts Down

Yet another American Internet privacy service has bitten the dust, prompted by fears about broad government surveillance demands.

San Francisco-based CryptoSeal, a provider of virtual private networks that can be used to browse the Internet anonymously, has closed its doors to users of its private VPN service. 

In a statement posted online, CryptoSeal announced that a key factor in the closure was the government’s recently revealed attempt to force email provider Lavabit to turn over its private encryption keys. Lavabit shut down in August as part of an effort to resist a surveillance demand believed to involve NSA whistle-blower Edward Snowden, who was a Lavabit customer. Lavabit was ordered to turn over its master encryption keys in a way that could have potentially compromised thousands of users’ private data. (more)

Court Rules: NO GPS for LEOs w/o CO

A federal appeals court has ruled that law enforcement officials must obtain a warrant before attaching a GPS unit to a suspect’s car and tracking them... 

“Today’s decision is a victory for all Americans because it ensures that the police cannot use powerful tracking technology without court supervision and a good reason to believe it will turn up evidence of wrongdoing,” American Civil Liberties Union attorney Catherine Crump said in a statement. “These protections are important because where people go reveals a great deal about them, from who their friends are, where they visit the doctor and where they choose to worship.”

The three-judge panel determined that installing GPS technology was a violation of the Fourth Amendment to the US constitution, which prohibits unreasonable searches and seizures. The judges’ final decision said the actions of the police were “highly disconcerting.” (more)

Rental Company Settles Spyware Case

The Federal Trade Commission says Atlanta-based furniture renter Aaron's Inc. has agreed to a settlement over allegations that it helped place spyware on computers that secretly monitored consumers by taking webcam pictures of them in their homes.

The FTC said in a Tuesday news release that Aaron's will be prohibited from using spyware that captures screenshots or activates the camera on a consumer's computer, except to provide requested technical support.

Aaron's officials previously blamed individual franchisees for the spyware. But the FTC said Aaron's knowingly played a direct role in the use of the spyware. (more)

No Jail for Skype Sex Scandal Cadets

Australia - The two men at the centre of the Australian Defence Force Academy Skype scandal have avoided jail time.

Daniel McDonald, 21, secretly filmed himself having sex with a female cadet and streamed it live to Dylan Deblaquiere, 21, in a nearby dorm room at ADFA in Canberra in 2011.

Earlier this year a jury found the pair guilty of sending offensive material over the internet without consent. McDonald was also found guilty of an act of indecency.

In sentencing today in the ACT Supreme Court, Acting Justice John Nield rejected jail time... Instead he handed McDonald two 12-month good behaviour bonds, to be served concurrently, and Deblaquiere a single 12-month good behaviour bond. He warned they will go to jail if they breach their orders... "General deterrence has been achieved," he said...

The Department of Defence has confirmed it will take action in relation to McDonald. (more)

Bugging Boss for a Raise Lands Three Employees in Jail

China - Three public officials were each sentenced to 20 months in jail for illegally wiretapping a county Communist Party chief of central China's Hunan Province, according to a local court ruling on Tuesday.
 
Li Yi, an official with the supervision office of the Mayang Miao Autonomous County Committee of the Communist Party of China (CPC), Yang Fan, a Mayang court officer and Liu Yang, a police officer, were guilty of illegal wiretapping and secretly filming a county Party chief, according to the ruling of the district people's court of Hecheng, Huaihua City, which administers Mayang County.

They were guilty of placing hidden cameras in the office of Hu Jiawu, secretary of the CPC Mayang Miao Autonomous County Committee, spying on Hu and storing video footage on a removable disk between March 13 and Oct. 2 in 2012. They used the footage to try and blackmail Hu for promotion, according to the ruling. (more)

Landlord, Tenant, SpyCam - What Could Possibly...

I stopped posting these stories a while back, simply because there were so many of them. This is just a reminder. The SpyCam is the Number One illegal eavesdropping tool in use today.

Canada - An employee at a major Canadian broadcaster is facing charges of voyeurism, mischief and defamatory libel. 56-year-old David Sealey was arrested Saturday after a man saw a woman he knew secretly filmed in an online video. He notified the victim, who reported the incident to police.

A search warrant was issued and over 150 voyeuristic videos of women were found on a computer inside Sealey’s home, along with recording devices.

The female victim rented a room from Sealey in the Richmond Ave. and Spadina Ave. area and police believe there could be more victims. (more)