On Paranoia...

“You’re just being paranoid.”

It’s a phrase that intimidates, shames, and scares. Too often, it sentences real victims of electronic surveillance to silent suffering. 

It’s also a phrase that can reveal unflattering things about the speaker, who may simply be ignorant, shallow, or mean, and who sometimes shows a strong tendency to avoid reality. The fact is, other people cannot make your problems go away by telling you that they do not exist—and neither can you.
Life has taught all of us some valuable lessons: An ounce of prevention really is worth a pound of cure. Trust your instincts. And that noise you heard coming from your car’s engine yesterday will not go away tomorrow; it will get worse. Ignoring these lessons has a name: The Ostrich Effect.

Granted, some people really do have paranoia problems. But these people usually do not confess to having a specific fear about specific events. They express their concerns in more general terms, such as “They know everything about me” or “It’s been going on for years.” Regardless, these people need kindness and medical help, not name calling.

If thoughts of eavesdropping or business espionage are new to you, and you have a suspect or a motive in mind, pay attention. Your intuition is telling you that something is wrong. Too many “coincidences” have tipped your inner warning scale. Your subconscious alert is sounding a real alarm, just as surely as the smell of smoke reminds you of the food left burning on the stove.

Trust your judgment. Something is wrong. 

Talk to an independent TSCM security consultant. This will be a person who specializes in electronic surveillance detection and business counterespionage. If TSCM is just another menu item and not the specialty of their house, you haven't found the right person. Keep looking. (Try here for business-related issues, or here for strictly personal issues.)

By the way, there is also hope on the horizon for people with real paranoia problems....
"Results of a preliminary trial, announced today at the Wellcome Trust in London, demonstrated how people with schizophrenia could overcome their auditory hallucinations by conversing with an avatar representation of the voice in their head.

At the start of the trial, 16 people with schizophrenia created an on-screen avatar that best matched what they imagined the voice in their head to look like – much like a police photo-fit. They then chose a male or female voice closely resembling the one they hear.

By conversing with a therapist via the avatar, the volunteers reported reduced levels of distress and higher self-esteem. Three people stopped hearing the hallucinatory voice altogether – including one who had lived with it for 16 years." (more)

Read More

Australia IT Security - More Godfather logic?

Chinese hackers have stolen top-secret blueprints to Australia's new intelligence agency headquarters, a report said Tuesday, but Foreign Minister Bob Carr insisted ties with Beijing would not be hurt.

The Australian Broadcasting Corporation said the documents taken in the cyber hit included cabling layouts for the huge building's security and communications systems, its floor plan, and its server locations. (more)

One can only hope these were the honeypot version of the plans.

Read More

How to Stop The China IT Leach Syndrome – Two Ideas

IDEA #1
If the US wishes to stop Chinese economic cyber-espionage, it will need to increase the costs and reduce the benefits to China of such activities. US government actions are important, but the key players in this game sit in the private sector. A true public-private partnership is needed.

The threat of Chinese cyberspying to US businesses is clear. A report released last week by the Commission on the Theft of American Intellectual Property states that: “China is two-thirds of the intellectual property theft problem, and we are at a point where it is robbing us of innovation to bolster their own industry, at a cost of millions of jobs.”(more)

With President Obama preparing for a first meeting with China’s new president, a commission led by two former senior officials in his administration will recommend a series of steps that could significantly raise the cost to China of the theft of American industrial secrets. If milder measures failed, the commission said, the United States should consider giving companies the right to retaliate against cyberattackers with counterstrikes of their own. (more)

IDEA #2
Espionage Outrage Reaches the Boiling Point ...and a solution. (more)

Please pick either one, or both, Congress—before it is too late. ~Kevin

Read More

U.S. IT Security - Schizophrenia, Bipolar Disorder or Godfather logic?

The Chinese government has been conducting a broad, sustained, and disciplined campaign of cyberattacks against U.S. government agencies, critical infrastructure, private companies, and news organizations.

The public version of a study prepared for the Pentagon by the Defense Science Board now says that Chinese government hackers have also been able to penetrate the computer networks of all the major U.S. defense contractors, stealing the designs and specifications of the most advanced weapon system in the U.S. arsenal, and gaining insights into broad technologies on which U.S. military advances are based. (more)

and then we have...
 
White House National Security Adviser Thomas Donilon called Tuesday for strengthening U.S. military ties with China, despite growing tensions between the two over Beijing’s state-sponsored hacking and maritime territorial claims.

Donilon pushed for increased military cooperation in peacekeeping, fighting piracy and disaster relief.

“An essential part of building a new model for relations between great powers is ensuring we have a healthy, stable and reliable military-to-military relationship,” Mr. Donilon said in brief comments to reporters, Reuters reported. (more)
 
...keep your friends close, but your enemies closer?

Read More

The Other Train Spotters and the Drones Who Will Catch Them

Germany - Small drones could soon be spying on vandals under plans announced by Germany's national railway company Deutsche Bahn. The idea is to use airborne infrared cameras to film people spraying graffiti and then use the images as evidence in court.

The drones can fly at altitudes of up to 150 metres and travel at up to 54 kilometres per hour.

Deutsche Bahn said it suffered property damage worth 7.6 million euros ($10 million) from people spray-painting its carriages last year.

The rail operator said it would only use the drones over its own depots, not in public areas, in line with German anti-surveillance laws. (more)

Better idea... Take high resolution photos of the best graffiti, make 1:1 prints and sell them at art galleries around the world—"Authentic Deutsche Bahn Train Art". ~Kevin

Read More

Australia - Report on Smartphone Spyware & Hacking

"It's a terrifying prospect, but the era of smart-phones is leaving us more vulnerable to having their phones bugged than ever before..." 

Read More

Where Spy Shops Shop - Know What You Are Up Against

It is amazing just how many spy / eavesdropping gadgets are being sold these days. Some are very clever. Some are very small. All are easily available and affordable. 

For a peek at where Spy Shops shop, visit a Spy Shop Super Distributor. There are many others, but this will give you a good idea of what the average person can buy. 

This is why TSCM (bug sweep) services are so necessary, and worthwhile. ~Kevin

Read More

Laser Beam Eavesdropping - The Trinidad and Tobago Case

Trinidad and Tobago ‎- At the height of the Section 34 controversy, a sophisticated laser spying device was discovered in the Office of the Director of Public Prosecutions (DPP), Roger Gaspard, SC. T&T Guardian (newspaper) investigations revealed the device was detected in November last year inside the conference room of the DPP’s office at the Winsure Building, Richmond Street, Port-of-Spain. Gaspard offered no comment on the matter when contacted by the T&T Guardian on Wednesday. Investigations revealed the device was detected after a search was carried out by both foreign and local information technology (IT) experts on the fifth floor of the building.

The T&T Guardian learned that an invisible infrared beam that is used to transmit conversations was found in the conference room, which is where the DPP normally holds briefings on various high-level cases involving past and former government officials and other matters such as the Calder Hart probe and the Clico enquiry. The conference room is also used when the advice of the DPP is sought by police officers on homicides and other criminal offences. On Monday, Opposition Leader Dr Keith Rowley, during debate of a no-confidence motion laid by him against Prime Minister Kamla Persad-Bissessar and her Government, revealed 31 e-mails, one of which referred to a plan to spy on the DPP during the Section 34 debacle and to offer him a judgeship so as to be able to replace him in the office...

The bug at the DPP’s office was discovered after Gaspard received a tip-off and arranged for his office to be swept for spying and bugging devices by highly-qualified IT experts. The IT experts detected beams that showed a laser was being used to spy on the DPP’s conversations. One of the IT specialists who was part of the exercise revealed, “They detected certain rays that showed a laser was being used to spy on the DPP. “Someone can stay from the Port-of-Spain International Waterfront Centre and once they have a straight line of sight, and using the laser device, the conversations of the DPP can be heard.” The T&T Guardian understands the find sent shockwaves through the DPP’s office and steps have been taken since then to conduct frequent independent security sweeps of the building to ensure it is clean of such devices.

...there have been calls for an independent investigation. (more)

Even though the details are sketchy, I can think of about four good reasons why this particular "find" might be baloney. Laser listening systems have been built and patented, however, physics still makes this type of eavesdropping very difficult in the field. Read up on laser beam eavesdropping here. ~Kevin

Read More

NYC Detective Dials "H" for Hacker... or, The Mission Creep

The FBI has arrested a New York City police detective for stealing the login details of at least 30 people (including 21 NYPD employees, 19 of them officers), across 43 email accounts and one cell phone. He did it by hiring a contract hit man, of sorts.

Edwin Vargas allegedly paid $4,050 via PayPal to a hacking-for-hire service between March 2011 and October 2012, according to Preet Bharara, the US Attorney for the Southern District of New York. Once in possession of the user names and passwords for the accounts, he allegedly set about essentially spying on his fellow police officers.

The motivations for the one-man stalking/espionage effort is not yet known, but Vargas, 42, has been charged with one count of conspiracy to commit computer hacking and one count of computer hacking. Each count carries a maximum sentence of one year in prison. (more)

Read More

StopAStalker App ($5.00) - FREE for next 24 Hours

Spybusters Alert: StopAStalker (mentioned here) is FREE until 5/24 at the iTunes store. Normal selling price $5.00.

Read More

General Dynamics secures commercial smartphones for classified information

(Updated: June 5, 2013)

In February this year, the communications division of defense contractor General Dynamics presented a software platform called GD Protected. This is the first product that secures commercial available Android smartphones in a way that they can be allowed to handle classified information.

For decades, General Dynamics has been manufacturing devices for securing top level communications of the US government and armed forces, like the Sectéra voice encryption family. One of those products was a highly secure cell phone for GSM, which was produced from 2002 until 2012.

Securing common cell phones generally requires hardware solutions, but to keep in pace with the fast evolving commercial smartphone technologies, security measures are now being implemented by using software applications. For smartphones there are already quite a number of apps for encrypting voice and data, but GD Protected also secures the Android operating system (OS) in order to meet the requirements for handling classified communications.


Dual systems

To achieve a high security level, the phones need a specific hardware feature called TrustZone. This is a set of security extensions programmed into the ARM processor of the smartphone, which make that a single processor core can run a dual operating system, a secure and a normal one. The specific implementation details of TrustZone are proprietary and have not been publicly disclosed.

Initially, GD Protected comes in two different versions, one for the LG Optimus 3D Max, and one for the Samsung Galaxy S IV smartphone. General Dynamics is looking to converge the two approaches in the future, as well as supporting a broader range of Android devices. The pricing has yet to be disclosed, but the company said it would be licensed on a "very competitive" basis.

Both versions make it possible to use the same smartphone for both accessing commercial phone and internet services as well as making encrypted voice calls, using secure email and even accessing classified networks.


Secure voice and data apps

These secure communications are provided by a number of approved apps from a controlled government or enterprise app store. These include a Secure Voice over IP (SVoIP) app which encrypts voice communications and runs over the data network. Other app offerings, available from the third quarter of this year, will include secure chat and secure video conferencing.

With these apps the (voice) data will be secured using two independent layers of encryption, one at the VoIP layer, and the other at the VPN layer, using IPsec. Finally, these double encrypted data will go through servers of the NSA to be verified, logged, and re-encrypted, before being sent back out to the carrier data network and on to its destination.

For authentication there are a pair of authentication certificates residing on the handsets, as well as users being required to log-in with a password before they can use the SIP server.


GD Protected for the LG Optimus

General Dynamics first presented GD Protected at the Mobile World Congress (MWC), which was held in Barcelona from February 25-28, 2013. For this occasion, the product was installed on an LG Optimus 3D Max smartphone and demonstrated to press and public:

Demonstration of the LG Optimus 3D Max, secured by General Dynamics

For this phone, GD Protected provides two separate copies of the Android operating system, one for personal use and the other for business use. A dedicated hardware button on the phone is used to flip between the two environments. This so-called dual-persona feature allows users to seamlessly switch between personal and secure operating modes, indicated by thin green and red borders, respectively.

The personal side is completely open and acts just like a conventional smartphone, whereas the secure side is more restricted. Data is firewalled between the two sides so, for example, data from the secure side cannot be accessed or copied over to the personal side, and the secure side cannot be tampered with by malware.

This partition of the handset into two separate virtual smartphones is controlled by the OKL4 mobile hypervisor or "microvisor" platform, which was gained by General Dynamics from its acquisition of Open Kernel or OK Labs in September 2012.

Additional security is provided by the Fixmo Sentinel Integrity Services. This offers an integrity verification through advanced monitoring and remediation techniques, proactively detecting and preventing mobile device operating system tampering, policy violations, system-level state changes, and the presence of unverified third party apps. The Fixmo Sentinel Integrity Service was developed as part of an agreement with the NSA and is also used by other governments.

Overview of the GD Protected solution for the LG Optimus smartphone
(source: Engadget.com)

Compared to the solution for the Samsung Galaxy smartphone (see below), the use of a dual Android operating system for the LG Optimus offers slightly less security, but almost complete freedom on the personal side of the phone. The secured LG Optimus 3D Max will be available through General Dynamics from the end of July 2013.


GD Protected for the Samsung Galaxy

For the new Samsung Galaxy S IV smartphone, the GD Protected software comes on top of Samsung's KNOX platform, which was also presented at the Mobile World Congress in February and was developed in cooperation with General Dynamics. KNOX runs a Security Enhanced version of Android, or SE Android, which has been developed by the US National Security Agency (NSA).

The KNOX platform, which is available for government and enterprise users only, protects both data which are stored on the smartphone and data which are sent and received. KNOX creates an isolated and secured container within the memory area, with its own home screen, launcher, applications, and widgets. Applications and data inside the container are separated from applications outside the container. This secured container is created by a TrustZone-based Integrity Measurement Architecture (TIMA).

Stored data are encrypted using an Advanced Encryption Standard (AES) algorithm with a 256-bit key. For secure communications the Samsung KNOX container comes with a FIPS-certified VPN client called "per-app VPN". This supports strong IPSec VPN encryption, including Suite B cryptography, which is suited for the majority of sensitive communications by government agencies.

Overview of the KNOX platform for the Samsung Galaxy S IV
(source: Samsung.com)

With the additional GD Protected the original Android operating system of the Samsung Galaxy S IV will be replaced by a hardened Android version with even more security measures. This replacement is done by simply calling General Dynamics with the IMEI number and then the Android operating system will be replaced via an over-the-air reflash.

The hardened operating system includes root certificates from General Dynamics that replace those from Samsung. This means that any subsequent changes need to be digitally signed by General Dynamics, ensuring the integrity of the Android operating system.

Compared to the dual Android operating systems on the LG smartphone, the Samsung solution of installing new firmware offers a slightly higher level of security but at the expense of user freedom. The GD Protected platform for the Galaxy S IV will be available from May 2013.

Access to US Department of Defense networks

General Dynamics' GD Protected platform was developed according to the requirements of the program for secure mobile communications, codenamed FISHBOWL, which was presented by the NSA in February 2012. The goal of this program is to provide a secure Voice over IP capability using commercial available devices that can be approved for handling classified information.

In October 2012, the US Department of Defense (DoD) announced that they were looking for industry contractors to develop a secure communications system for at least 162.500 iPhones, iPads and Android systems. This should provide alternatives to the BlackBerry, which was until then the only device approved for secured email access to the Pentagon’s unclassified networks.

An interesting coincedence was, that when General Dynamics presented their GD Protected product last February, DoD published a plan to equip up to 600.000 mobile device users with "secure classified and protected unclassified mobile solutions" based on commercial-off-the-shelf (cots) products. This program may eventually be expanded to handle up to 8 million devices.

For use by the US military, General Dynamics already offers a two-factor sign-on process. This is done by inserting a military Common Access Card (CAC) into a separate card reader, which connects to the smartphone through Bluetooth. When a PIN code is entered on the phone, it will validate the PIN against the CAC. This was also shown in a demonstration at the MWC in Barcelona, using a Samsung Galaxy S III:

Demonstration of the two-factor sign-on process
using a Common Access Card (CAC)

On May 3 it was announced that mobile devices equipped with the Samsung KNOX platform were approved by the US Department of Defense (DoD) for use in DoD networks. The BlackBerry 10 phones, the PlayBook tablet and the BlackBerry Enterprise Service 10 were also approved, and it's expected that Apple's iPhone and iPad should gain DoD approval later this month.

However, these approvals only grant access to unclassified DoD networks (like the NIPRNet), which is often not specifically stated in press reports. Until now, the only mobile devices approved for access to classified networks are General Dynamics' Sectéra Edge and an NSA directed test version of the Motorola Razr Maxx.

When equipped with GD Protected the LG Optimus and Samsung Galaxy S IV will be the first commercial available smartphones to get access to classified networks. At the moment this can only be used for Sensitive But Unclassified (SBU) communications, but General Dynamics is hoping to attain an NSA certification for classified communications (Confidential, Secret or even Top Secret) in the third quarter of this year. Only by then may these phones get access to secure networks like the SIPRNet.


A Boeing alternative?

Early 2012 not only General Dynamics announced the development of a secure smartphone solution, but also the aerospace and defense company Boeing. The announcement of the latter company got most media attention, but this was probably mainly because (secure) phones seemed quite a strange new product for Boeing, which is by most people only known for its civil aircrafts. A preview can be found in this PDF-brochure of the Boeing Secure Mobile Enterprise program.

Unlike General Dynamics, Boeing has no history in making encryption products and as General Dynamics already presented it's software last February, nothing was heard from Boeing anymore. After a request in March, a Boeing spokesperson told this weblog, the company is still developing a trusted mobile device that will serve the US government, defense and security market. When this phone will be launched is not known yet.


Sources and links

- 29-10-2012: Pentagon plans to buy iPhones, Androids in threat to BlackBerry’s market share
- 25-02-2013: General Dynamics secures Samsung and LG Android smartphones
- 25-02-2013: General Dynamics locks down Android
- 28-02-2013: Samsung Takes Low-Key Approach on Cellphones After Reaching the Top
- 28-02-2013: General Dynamics eyes government-level security on smartphones
- 03-05-2013: DoD grants network access to Android, BlackBerry 10 devices

Read More

Every Wonder How Spyware Gets on Phones? Watch the videos...

A smartphone spyware developer has released how-to-install videos for:
Android
iPhone
BlackBerry

Why do I mention it?

So you get a feel for just how quickly it can be done.
Spybusters Tip #342: Password protect your phone. Never let it out of your control. ~Kevin

Read More

Big Data - The End of Privacy. The End of Chance.

FutureWatch - BIG Data Knows All

• "Scientists have figured out that, with the help of our mobile phone geolocation and address book data, they can predict with some certainty where we will be tomorrow or at a certain time a year from now."

• "Some cities even predict the probability of crimes in certain neighborhoods. The method, known as "predictive policing," seems like something straight out of a Hollywood film, and in fact it is. In Steven Spielberg's "Minority Report," perpetrators were arrested for crimes they hadn't even committed yet."

• "Google predicted a wave of flu outbreaks on the basis of user searches."

• "American data specialist Nate Silver predicted the outcome of the last US presidential election well in advance and more precisely than all demographers."

• "TomTom, a Dutch manufacturer of GPS navigation equipment, had sold its data to the Dutch government. It then passed on the data to the police, which used the information to set up speed traps in places where they were most likely to generate revenue -- that is, locations where especially large numbers of TomTom users were speeding."

• "The more data is in circulation and available for analysis, the more likely it is that anonymity becomes "algorithmically impossible," says Princeton computer scientist Arvind Narayanan. In his blog, Narayanan writes that only 33 bits of information are sufficient to identify a person."

• "Is it truly desirable for cultural assets like TV series or music albums to be tailored to our predicted tastes by means of data-driven analyses? What happens to creativity, intuition and the element of surprise in this totally calculated world?"

• "A dominant Big Data giant once inadvertently revealed how overdue a broad social and political debate on the subject is. Google Executive Chairman Eric Schmidt says that in 2010, the company toyed with the idea of predicting stock prices by means of incoming search requests. But, he said, the idea was discarded when Google executives concluded that it was probably illegal. He didn't, however, say that it was impossible." (more)

Read More

Federal 1st Circuit Court of Appeals - Police can't search your cell phone when they arrest you without a warrant.

III. Conclusion
Since the time of its framing, "the central concern underlying the Fourth Amendment" has been ensuring that law enforcement officials do not have "unbridled discretion to rummage at will among a person's private effects." Gant, 556 U.S. at 345; see also Chimel, 395 U.S. at 767-68. Today, many Americans store their most personal "papers" and "effects," U.S. Const. amend. IV, in electronic format on a cell phone, carried on the person. Allowing the police to search that data without a warrant any time they conduct a lawful arrest would, in our view, create "a serious and recurring threat to the privacy of countless individuals." Gant, 556 U.S. at 345; cf. United States v. Jones, 132 S. Ct. 945, 950 (2012) ("At bottom, we must 'assur[e] preservation of that degree of privacy against government that existed when the Fourth Amendment was adopted.'" (quoting Kyllo v. United States, 533 U.S. 27, 34 (2001))). We therefore reverse the denial of Wurie's motion to suppress, vacate his conviction, and remand for further proceedings consistent with this opinion. (more)

Next stop, Supreme Court. ~Kevin

Read More

Fight Back Against Stalkers - New iPhone App

Empower yourself to stop being a victim, and take action against a stalker. 

(FREE until 5/24)
Collect information, collate it, and report to authorities in a simple app made for victims of stalking. Made in conjunction with leading criminologists and victim support forums, StopaStalker is your tool to start fighting back.

• Record suspect, vehicle, witness and location details.
• Link to photos in your photo roll, or take photos in-app.
• Record court orders, with iOS calendar reminders.
• Produce PDF reports for authorities, friends and family, and email or AirPrint.
• Backup/Restore from Dropbox so trusted people can access.
• Setup emergency contacts and police numbers to call or SMS from within the app.
• Quick 'Victim Guide' with tips for surviving stalking.

($5.99) (more) 

Many of the requests for eavesdropping detection help I receive have their roots in stalking and harassment. 

Spybuster Tip #092: If stalking and harassment are part of the problem, a search for bugs and taps is not the best first step. Tie the criminal to the crime first. Collect and document your evidence. Talk to an attorney. Then, look for the surveillance devices.

Read More

Your Smartphone - The Quickest Route to Your Bank Account

Many consumers simply don't realize how vulnerable their Androids, iPhones and other devices can be. 

An April study by the Federal Reserve Bank of Atlanta said threats are proliferating, ranging from "phishing" -- where consumers click a phony email or text message and are tricked into handing over personal information -- to consumers' reluctance to use security protections they normally have on home computers, like a password...

Organized crime operations see smartphones as the most vulnerable entry point into the electronic financial system, according to the Federal Reserve...

Vikram Thakur, principal security response manager for security software giant Symantec, said attackers can get complete control of a phone simply by getting people to click on a link. Without actually having the phone in their hands, the hackers can access messages, phone calls and personal information. (more)

Spybusters Tip #734: 
• Password protect your phone. Keep it turned on.
• Don't click on anything 'iffy'.
• Keep Bluetooth and Wi-Fi turned off unless needed.
• Avoid sensitive transaction over public Wi-Fi hot spots.

Read More

Bug Eyed Drone Used 368 iPhone 4S Cameras

Everyone marveled when the iPhone 4S came equipped with a full high definition video camera. Little did they know that the race to miniaturize cell phone cameras led to quite possibly the spookiest surveillance camera on earth.

Autonomous Real-Time Ground Ubiquitous Surveillance Imaging System, or ARGUS-IS, which we recently covered, is the result of a low budget and 368 cannibalized cell phone cameras, slammed together to create the largest, finest surveillance camera in the world.

Attached to a predator drone, the camera records approximately 1 trillion gigabytes of information in a single day. (more)

Read More

Cautionary Tale - Employees Bug Boss for Promotions

China - Three public officers, who allegedly placed hidden cameras in a Party chief's office and then tried to blackmail him, have been held for illegal wiretapping and photographing in Huaihua City in central China's Hunan Province...

Prosecutors said the trio plotted to secretly videotape violations by Hu Jiawu, the local Party chief, and blackmail him for promotions, when they dined in early February 2012. They installed spy gadgets on a water dispenser, replacing the previous dispenser in Hu's office. Between March and October 2012, Li illegally monitored Hu and stored the footages in a removable disk, Southern Metropolis Daily reported yesterday.
Li and Yang again sneaked into Hu's office during the National Day holidays in 2012 and returned the original water dispenser. After Li edited the video, he showed it to Hu on October 17 and threatened to expose him if he did not promote them. (more)

Don't think this couldn't happen to you. This is one reason why periodic inspections for electronic surveillance devices (known as TSCM) are a standard business practice.

Read More

Retailers sniffing cell phone Wi-Fi signals at the mall... and future uses.

Technology that allows retailers to track the movement of shoppers by harvesting Wi-Fi signals within their stores is spreading rapidly. 

Giant U.S. retailers including Nordstrom and Home Depot are already using it, as does one of the most popular malls in Singapore. Indeed, Euclid Analytics, one of the better-known companies selling the technology, boasts that it has tracked some 50 million devices in 4,000 locations. (more)

Also, check out Y-Find and TheRetailHQ.

So who cares if Home Depot knows what aisle you are in?

Think ahead...

"We are excited to be working with YFind to help them realize their vision of creating Location-Intelligent cities..." Pete Bonee, Partner at Innosight Ventures

Cities!?!?  
WTF? 
Oh, right. 
The government marketplace is huge, worldwide even.

Read More

Spybuster Tip # 845 - Don't Plug Your iPhone/Pad into Hotel Docking Stations

“Apple accessories, especially dock stations and alarm clocks become more and more popular. Nowadays, it is common to find such devices in hotel rooms,” wrote French security consultant and pentester Mathieu Renard. But can we really trust them? What if an alarm clock could silently jailbreak your iDevice while you sleep? “Wake up, Neo,” warned Renard. “Your phone got pwnd!”

At Hackito Ergo Sum 2013, an international security and hacking conference recently held in Paris, Renard presented iPown: Hacking Apple accessories to pwn iDevices. He started by looking at what an attacker would consider to be the most interesting Apple services before describing “how they can be exploited in order to retrieve confidential information or to deploy the evasi0n jailbreak.” (more)

Especially true when visiting countries with reputations for spying on foreign visitors. ~Kevin

Read More

Big Week for Spy News - Seems Everyone is Being Caught

A U.S. diplomat disguised in a blond wig was caught trying to recruit a Russian counterintelligence officer in Moscow, Russia's security services announced Tuesday, claiming the American was a CIA officer. (more)

In an outraged letter to U.S. Attorney General (AG) Eric Holder, the Associated Press, one of the nation's largest news organizations, accuses the U.S. Department of Justice (DOJ) of a potentially serious violation of freedom of the press. According to the letter from Gary Pruitt, records from 20 phone lines -- including personal phones of AP editors/columnists and AP business phone numbers in New York; Hartford, Connecticut; and Washington -- were subpoenaed in a "massive and unprecedented" attempt to monitor on the press. (more)

In a new twist of the Bloomberg spying scandal a former company employee has revealed journalists allegedly spied on the Federal Reserve chairman Ben Bernanke and former Treasury Secretary Tim Geithner through the news terminals. (more)

Designed to steal intellectual property, cyber espionage and attacks increased 42 percent in 2012 compared to the prior year, reveals a new report entitled, 'Internet Security Threat Report' (ISTR) of Symantec Corporation (more)

Top IRS Officials Knew of Tea Party Spying Months Before Denial (more)

Read More

Private Investigators Convene in Atlantic City Next Month

On June 26th, private investigators from across the country will be on their way to Atlantic City for the East Coast Super Conference, presented by PI Magazine and hosted by the New Jersey Licenced Private Investigators Association (NJLPIA). 

The conference includes 17 presentations from guest speakers Diane Dimond, Joe Pistone, F. Lee Bailey, and more, including a presentation on the real undercover life of Donnie Brasco. A full exhibitor hall and many activities for attendees and their families will be available. Located at the Tropicana Casino and Resort, the conference will also have door prizes, including 1 week in Aruba! (more) (video)

Read More

CONTEST (ENDED) - Who Is This Man?

We have a winner! Congratulations!!
Answer below.

Clues...
• Born 1897.
• Died 1973.
• Expert wiretapper. 
• Good high speed driver. 
• Sharpshooter.
• Last known occupation: Security Officer, National Airlines, Miami, FL.
• Initials: PWR
• Co-author of a book about the part of his career for which he is famous. Claimed his boss was portrayed on TV as too flattering.

Excellent prize of our choice from the Spybusters Countermeasures Compound vault. ~Kevin 

This is Paul Wenzel Robsky, the last of The Untouchables.

Birth: Oct. 16, 1897, Illinois, USA
Death: Nov. 1, 1973, Miami-Dade County, Florida, USA
 

Paul was the only child of Theodore and Martha (Ellis) Robsky. He grew up in Galesburg, Illinois. Martha died when Paul was just a child. He married Louise B Bargeron and they had a daughter, Ena. Paul and Louise were later divorced and he married Helene R. Frame in Jan 1956.
 
Paul served in the military from Nov 7, 1917 until March 22, 1927. By 1928, he was a Prohibition Agent hunting bootleggers in the hills around Greenville, South Carolina. He was well known for his fast driving and sharpshooting skills. He made such an impression that in 1930, he was handpicked to join a band of lawmen in Chicago who became known as The Untouchables. He was an expert at wire-tapping and Elliot Ness called him "a good man to have around when more than ordinary courage was needed." Paul spent his last years in Florida and was the last living of The Untouchables.

His news photo, shown above, is available here...
http://www.tribunephotos.com/HJS-617-BS-Photo-Robsky-Wire-Tapping-Expert/dp/B00CD5URR6

His book, The Last of the Untouchables is also still available, as is the 1957 edition of The Untouchables, by Eliot Ness and Oscar Fraley.

Read More

Privacy Journal Book - Compilation of State and Federal Privacy Laws 2013

Privacy Journal announced their Compilation of State and Federal Privacy Laws 2013 is now available for sale. This new book replaces the 2002 book and all subsequent supplements in one consolidated hard copy edition, 80 pages, ISBN is 9780930072568.

This new book includes new privacy laws on demands for social-media passwords by employers and universities, use of credit reports by employers, new tracking technologies, new state restrictions on use and disclosure of Social Security numbers, plus updated chapters on credit reporting, medical, financial, testing in employment, insurance, government information, and much more, grouped by categories and listed alphabetically by states. Descriptions of state, federal, and Canadian laws are included.

There is an electronic edition that you may store it in your computer and search later by key words and states. $51 for both hard copy and pdf version ordered at the same time. Pdf only, $26.50. Hard copy only, $35 (includes shipping). Or, Discounts for five or more units ordered at one time.

Read More

The NSA Spy's Guide to Searching the Internet - DECLASSIFIED

Want to learn how to search like a spy? 
This 600+ page tome will help you do it.

Untangling the Web, A Guide to Internet Research – has just been declassified, to satisfy a Freedom of Information Request. Download the irony here.

Read More

Government Surveillance Ratchets Up

The Obama administration, resolving years of internal debate, is on the verge of backing a Federal Bureau of Investigation plan for a sweeping overhaul of surveillance laws that would make it easier to wiretap people who communicate using the Internet rather than by traditional phone services, according to officials familiar with the deliberations. (more)

Meanwhile...

Is the government recording and listening to your every phone call and probing every email for dangerous ideas? 

Probably—if certain insiders are to be believed. According to one former FBI agent, the US government may indeed keep a massive database where all domestic communications are recorded and stored....

From CNN interview transcripts:
 
(Ex-FBI) CLEMENTE: …We certainly have ways in national security investigations to find out exactly what was said in that conversation. 

(CNN) BURNETT: So they can actually get that? We can know what people are saying, that is incredible. 

(Ex-FBI) CLEMENTE: …Welcome to America. All of that stuff is being captured as we speak whether we know it or like it or not. (more)
And, where would you store all that chit-chat?

"The Utah Data Center, code-named Bumblehive, is the first Intelligence Community Comprehensive National Cyber-security Initiative (IC CNCI) data center designed to support the Intelligence Community's efforts to monitor, strengthen and protect the nation... NSA is the executive agent for the Office of the Director of National Intelligence (ODNI) and will be the lead agency at the center." (more)

The heavily fortified $2 billion center should be up and running in September 2013. Flowing through its servers and routers and stored in near-bottomless databases will be all forms of communication, including the complete contents of private emails, cell phone calls, and Google searches, as well as all sorts of personal data trails—parking receipts, travel itineraries, bookstore purchases, and other digital “pocket litter.” (more)

Read More

Emergency Wristwatch for Spies... and Maybe Your CEO

Traveling in dangerous places? 
No cell phone service?
You may want one of these...

The Emergency II is equipped with a microtransmitter alternately operating on two separate frequencies over a 24-hour period. It transmits a first digital signal on the 406 MHz frequency intended for satellites and lasting 0.44 seconds every 50 seconds; as well as a second analog signal on the 121.5 MHz homing and rescue frequency, lasting 0.75 seconds every 2.25 seconds.



The development of this dual frequency transmitter specifically designed for the Emergency II was a major technical challenge, essentially due to its dimensions that had to be adapted to the wrist. Conducted in cooperation with an institute specializing in aerospace, defense and industry, it notably involved creating a new circuit exclusively dedicated to this instrument in order to be able to transmit on two frequencies and to do so within an extremely compact volume. 

The result is a record in terms of both miniaturization and guaranteed reliability, which lays down new benchmarks reaching well beyond the sphere of watchmaking. (more)

Price?
About US$18,600.00, if you go for the titanium bracelet instead of a rubber strap.
Hey, how much is your life worth?

Read More

FutureWatch - The Latest in TSCM-ware

A Princeton University team has successfully merged electronics and biology to create a functional ear that can “hear” radio frequencies. The tissue and antenna were merged via the use of an “off-the -shelf” 3D printer, and the results have the potential to not only restore but actually enhance human hearing in the future...

 

The ear itself consists of a coiled antenna within a cartilage structure, with two wires leading from the base and winding around the helical “cochlea” – the area of the ear that senses sound. The signal registered by the antenna could be connected to a patient's nerve endings in a similar way to a hearing aid, restoring and improving their ability to hear. (more & more)

Read More

New York Times - Quote of the Day - Tapped Out On Taps

"I'm so jaded at this point that I'm not surprised. And from my perspective, let them all wear wires. Let's catch everybody. Maybe if we clean out the whole system, we can move forward." 
~STATE SENATOR TONY AVELLA, a Queens Democrat, on the disclosure that a second state legislator had been secretly recording conversations with colleagues.

Read More

Secrets of The Dead - Uncensored recordings of Nazi elite

Sixty years after an MI19 bugging operation of German POWs, Secrets of The Dead brings hours of chilling and totally uncensored recordings of Nazi elite to life through intense, full-dialogue dramatic reconstructions.



Hearing these shocking conversations will be like taking a time machine back into psyche of Hitler's Germany. For more, visit http://www.pbs.org/wnet/secrets/

Read More

Jam Da Cam - Stick it to Da Hacker Man

CamJAMR is a reusable plastic film sticker that fits over camera lenses installed on computers, tablets and smart phones. Web developer Josh Luft, 24...

To thwart any unwanted spying, Luft, who creates websites in Somers, first put Post-It notes over his computer’s web camera. The sticky papers kept falling off, so Luft began researching materials until he settled on a plastic film similar to the removable plastic films that cover screens on new cellphones.

Luft’s website, CamJAMR.com, sells the sticker packages of 12 lens covers for $4.99. The covers have various sizes to fit computer and cellphone cameras. The stickers leave no residue on the lenses, he said.

Read More

Today: Hackers 2, FBI 0

A federal magistrate judge has denied (PDF) a request from the FBI to install sophisticated surveillance software to track someone suspected of attempting to conduct a “sizeable wire transfer from [John Doe’s] local bank [in Texas] to a foreign bank account.”

Back in March 2013, the FBI asked the judge to grant a month-long “Rule 41 search and seizure warrant” of a suspect’s computer “at premises unknown” as a way to find out more about these possible violations of “federal bank fraud, identity theft and computer security laws.” In an unusually public order published this week, Judge Stephen Smith slapped down the FBI on the grounds that the warrant request was overbroad and too invasive. In it, he gives a unique insight as to the government’s capabilities for sophisticated digital surveillance on potential targets. 

According to the judge’s description of the spyware, it sounds very similar to the RAT software that many miscreants use to spy on other Internet users without their knowledge. (more)

Read More

Google Glass Hacked - Everything You See and Hear Transmitted to Anyone

Google's Glass wearable computer have been hacked so video and audio can be transmitted online to anyone.

Hackers have been able to remotely watch and hear everything a wearer does, and today warned 'nothing is safe once your Glass has been hacked.'

Although Glass does not go on sale to the public until next year, the attack raises major security and privacy questions over Google's plans for the device. (more)

Read More

Computer Expert Hacked Neighbors’ Wi-Fi - Spied on Hundreds

Spain - A pedophile computer expert spied on hundreds of his neighbors by hacking into their Wi-Fi and taking control of their webcams, Spanish police said. 

The 34-year-old is accused of recording thousands of hours’ worth of intimate material — which included numerous sexual encounters of his unsuspecting victims. 

He then posted some of the footage online. (Darwin Award)

Police say he cracked modem passwords to access PCs. He then installed a Trojan virus — letting him watch via the webcam exactly what the laptop owner was doing. (more)

Read More

"When spycam hits your eye, like a big pizza pie, that's-a-boring..."

Yet another strange use for spycams...

...or...
New from the Science Channel... if you like "How It's Made", you'll love "Watch It Made!"

Read More