The red phone that was NOT on the Hotline

Today, it's exactly 50 years ago that the famous Washington-Moscow Hotline became operational. Allthough this link has always been for written communications only, many people think there are red telephones on the Hotline, as this is often depicted in popular culture.

One wide-spread image is from the article about the Hotline on the online encyclopedia Wikipedia. It shows a non-dial red telephone which is on display in the Jimmy Carter Library and Museum in Atlanta, Georgia:

(photo uploaded to Wikimedia by user Piotrus under CC-BY-SA)

Much of the confusion about the real purpose of this phone was due to the fact that in this picture, the text on the plate below the phone wasn't readable. But now, upon request of this weblog, the curator of the Jimmy Carter Library and Museum kindly provided the text, which reads as follows:

RED PHONE
During Jimmy Carter’s presidency, the “red phone” was a hotline to the Kremlin in Moscow. A U.S. president could pick up the phone and speak directly to Soviet leaders in times of crisis.
Reproduction

The text is about a red phone used for the Hotline, but more important is the fact that the telephone which is on display, is just a reproduction. This is also confirmed by the curator, who said that this phone is a prop that the exhibition designer wanted to use.


Now it's clear that the actual red phone in the picture was never used on the Hotline between Washington and Moscow, nor on any other secure telephone network (allthough red phone sets were regularly used for predecessors of the Defense Red Switch Network, which is the main secure voice network of the US military).

The picture on Wikipedia shows just an ordinary phone set, like the ones that are quite commonly used for emergency telephone lines of any kind which don't require a dialing capability. Probably because the designer of the exhibition at the Jimmy Carter Museum also thought there were red telephones on the Hotline, such a common phone set was used to represent this.

For people visiting the museum it must have looked like a confirmation of their idea of the red phone hotline. When someone uploaded a picture of this phone to Wikipedia in March 2011, it soon found its way to articles about the Washington-Moscow Hotline in eleven languages, most of them erroneously saying the Hotline also having a voice capability. It was only after research done for this weblog, which resulted in an extensive article about the Hotline last year, that some of the Wikipedia articles were corrected.

What the Washington-Moscow Hotline looks nowadays: the terminal room
at the Pentagon showing the secure computer link equipment
(photo: www.army.mil, 2013)

Read More

Researchers Grow Human Brains in a Lab

A team at the Institute of Molecular Biotechnology of the Austrian Academy of Sciences has succeeded in growing miniature human brains...
The team, led by Dr. Jürgen Knoblich, started by analyzing human stem cells – a cell type that has the capacity to change into any other type of cell found in the body. Specifically, the scientists were interested in discovering what growth conditions are required for such cells to differentiate into various types of brain tissue cells.

Once those conditions had been identified, stem cells were used to create neuroectoderm, a layer of cells which is the “starting material” from which all components of the nervous system (including the brain) are derived...

After spending 15 to 20 days in the reactor, the neuroectoderm fragments had formed into a piece of continuous brain tissue, known as a cerebral organoid. (more)

Read More

Snapchat Not So Private and Secure

According to a "Snapchat Security Advisory" published by Australian researchers,
Snapchat names, aliases and phone numbers can be discovered and harvested via the Snapchat Android and iOS API - even if the Snapchat account is private.

Gibson Security discovered a range of disturbing security holes when it reverse-engineered the popular photo and video sharing app, including what it believes to be unsecure encryption practices (two encryption keys across all users) and code for in-app ads.

Gibson Security has informed ZDNet that "The API reversed isn't just used for Android, but iOS too. Both platforms are vulnerable." (more)

Read More

FutureWatch: On the Road to The Corporate State

Tech Companies and Government May Soon Go to War Over Surveillance

via Patrick Gray, wired.com...
On the very day the media dropped detailed documents on the NSA’s X-Keyscore collection program, the Facebook engineering team published a blog post stating that all access to Facebook via apps and web browsers was now SSL encrypted. Given X-Keyscore was a program primarily designed to intercept unencrypted internet traffic, you could be forgiven for interpreting Facebook’s post as a middle finger pointed in NSA’s direction...

You don't need a Weatherman to know...

You want us to execute that warrant for you? Ok, sure, but the user will get a nice big popup warning telling them that their messages are likely being intercepted!

There are new interception hurdles everywhere you look. Even plain old SSL encryption is becoming more difficult to snoop on. Previously, governments could rely on complicit or compromised certificate authorities to provide them with the means to intercept encrypted traffic. Thanks to the Iranian government’s overly enthusiastic use of this technique, Google made changes to the Chrome browser to neuter the practice. Similar updates are expected soon in Internet Explorer. There goes another interception technique for law enforcement!

And it’s only going to get worse for the poor ole G-Men. Technology companies are enabling security features that make certain types of government surveillance extremely difficult, and it’s a trend that’s set to continue. That’s why the U.S. government has long wanted laws that force tech companies to make their products wiretap friendly. (more)

"Knowledge is power." Whoever holds the knowledge, holds the power. (sing-a-long)

Read More

Government and Business Team Up Against Espionage...

Germany - Faced with increasing rates of espionage attempts directed at companies, German government and business leaders have agreed on hammering out a joint protection strategy. Raising awareness is the first objective.

The German government and business organizations agreed on Wednesday that domestic companies needed stronger protection from espionage and cyber crime. They signed a declaration on hammering out a joint defense strategy and pooling resources for the most efficient infrastructure to ward off risks...

The Association of German Chambers of Commerce and Industry (DIHK) added putting an efficient security infrastructure in place should not be viewed by smaller firms as a way of wasting money.

"The costs those firms might incur through espionage and the resulting theft of intellectual property and know-how tend to be much higher than the investment in a good security setup," DIHK President Eric Schweitzer emphasized. (more)


Brilliant! Time for the U.S. to do the same.

Read More

Wiretapping Sparks Naked Protest

FEMEN activists shed clothes in front of Ukrainian embassy in Berlin...

Ukraine based feminist movement group, FEMEN has said that they are moving their office out of Ukraine's capital, Kiev after their telephone calls were wiretapped. 

A day prior, the police had alleged that a cache of illegal weapons were discovered from their headquarters.
The group is said to be moving out because of security concerns. The FEMEN group has said that the wiretapping incident has made the place impossible to work. (more)

Imagine what would happen if they were really bugged.

Read More

Use of phone-tracking technology in shopping centers set to increase

Australia - We are used to cameras watching our every move, but what about having your phone tracked when you go to the shops or the CBD (Central Business District)?

More and more shopping centers and councils around Australia are already doing it - working out where people are going and how they get there.

 

Photo: Companies can track phones by scanning for WiFi signals 

or by intercepting mobile phone network signals. (ABC News: Simon Brown)

With the technology you do not get to opt in and you do not have to be connected to a WiFi network.

There are two different approaches to tracking the phones. The Inhouse Group system scans WiFi signals given off by smartphones to pinpoint a customer's location.

Another product from the UK - FootPath by Path Intelligence - intercepts mobile phone network signals.

Neither is able to access any content stored on your phone. (more)

Read More

The 50th anniversary of the Washington-Moscow Hotline

(Updated: September 16, 2013)

This Friday, August 30, it's exactly 50 years ago that a direct communication link between the United States and Russia became operational. This Washington-Moscow Hotline is one of the most famous top level communications systems in modern history.

Many people think the Washington-Moscow Hotline uses red phone sets, but that's a myth. The Hotline never was a telephone line as it started with teletype terminals, later replaced by facsimile equipment. Since 2008 the Hotline uses secure e-mail, as can be seen in this most recent picture of the Hotline terminal in the Pentagon:

The Washington-Moscow Hotline terminal room at the Pentagon, 2013
Presidential communicator Navy Chief Petty Officer John E. Kelley (seated) and
senior presidential translator Lt. Col. Charles Cox man the hotline terminal
(photo: www.army.mil)

For the full history and more unique historical pictures of the Hotline, see our updated story from last year: The Washington-Moscow Hotline


A small event to celebrate the 50th anniversary will be held this Thursday, August 29, at Fort Detrick in Maryland, where the satellite ground station of the American end of the Hotline is situated. The event includes as guest speakers: the former American ambassador, Jack Foust Matlock, Jr. and a son of the former Soviet Premier Nikita Khrushchev, Dr. Sergei Khrushchev.

An entirely edible, satellite dish-shaped cake
to celebrate the 50th anniversary of the Hotline
(photo: USAG VI)

There seems to be no commemoration involving the American and Russian presidents. Maybe this is due to the fact that the relationship between both countries has troubled after Edward Snowden, who leaked many top secret documents from the NSA, was granted asylum in Russia recently.


Links
Some articles about the 50th anniversary of the Hotline:
- Detrick.army.mil: World Leader Hotline At Fort Detrick Celebrates 50 Years
- Army.mil: Hotline, now 50 years old, continues to promote dialog with Russians
- FoxNews.com: 50 years later, hotline to Washington-Moscow hotline still relevant
- RussianReport: Washington – Moscow “hotline” turns 50 years old this month
- Itar-tass.com: "Горячая линия" связи между Москвой и Вашингтоном отметила полувековой юбилей
- Redstar.ru: На связи – Белый дом

Read More

Millions of Android Users Vulnerable to Security Threats, Say Feds

According to a new document obtained by Public Intelligence, the U.S. Dept. of Homeland Security (DHS) and the Federal Bureau of Investigation (FBI) are increasingly aware of the threats its law enforcement users and officials face at a federal, state, and local level in using older versions of the Android mobile platform.

According to the roll call release — marked as unclassified but "for official use only," and designed for police, fire, emergency medical services (EMS) and security personnel — upwards of 44 percent of Android users worldwide are still using Android versions 2.3.3 to 2.3.7, which still contain security vulnerabilities fixed in later versions. (more)

Spybusters Tip #492 - The latest version of Android is 4.3. Time to upgrade.

Read More

Spybusters Tip #972 - Own a Foscam FI9821W Megapixel IP camera? There is a security update waiting for you!

As mentioned here before, many IP surveillance cameras are vulnerable to hack attacks by outsiders. This firmware update notice from Foscam addresses that. 

In order to properly secure your Foscam FI9821W Megapixel IP camera as well as prevent any potential hardware or software failures, it is highly imperative that you please update to the latest stable Firmware version. 

If you are experienced with configuring your IP cameras please follow the detailed instructions located on our website here (attached hereto for reference as well): http://foscam.us/blog/foscamipcameras/how-to-update-firmware-on-the-fi9821w-v1/ 

If you would like us to assist you in updating the firmware or have us do it for you remotely, please contact us 24/7 at 1-800-930-0959.

This is an urgent matter that requires immediate action.

Firmware download links: 
Mirror 1: https://www.dropbox.com/s/p323grrqkpw0am6/FI9821W-1.1.1.13-20130607.zip 
Mirror 2: http://foscam.us/downloads/FI9821W-1.1.1.13-20130607.zip 
Mirror 3: http://www.foscam.com/Private/ProductFiles/FI9821W-1.1.1.13-20130607.zip 

If you have any questions, please do not hesitate to contact us at Email: sales@foscam.us ' sales@foscam.ca ' sales@foscam.co.uk Phone: US Toll Free: 1-800 930 0949 US/Canada Sales: (+1) 713 893 7869 US/Canada Support: (+1) 713 893 7866 UK Sales/Support: (+44) 203 627 0947

Read More

Snoop in the Soup - (You Can't Make This S--- Up)

Kenneth Enlow was arrested in July after Ambra Reynolds and her seven-year-old daughter noticed something moving in the septic tank beneath the toilet they were using at White Water Park in Sand Springs, Oklahoma.

When Ms Reynolds took a closer look, she saw Enlow looking up at her from inside the toilet...

Rescue crews pulled Enlow, who was covered in human waste, from the septic tank and cleaned him off with a fire hose.

He pleaded guilty in Tulsa County District Court to a misdemeanor violation of Oklahoma's peeping Tom statute last Thursday. (more)

Read More

Your Boss Won't Stop Spying on You (Because It Works)

No one likes the idea of a workplace in which managers keep a constant eye on employees. Workers find it creepy, and it’s not as if ambitious managers clawed their way up the ladder just to snoop on their underlings all day. Still, much of the surveillance now takes place electronically—in theory, freeing bosses to focus on other matters while monitoring software keeps everyone in line. So office spying isn’t going away.

A study published over the weekend by researchers suggests that electronic surveillance in the workplace is strikingly effective (PDF). An examination of data provided by NCR (NCR), which makes software that examines all activity on restaurants’ point-of-sale systems while looking for suspect patterns, found lower levels of theft under workplace surveillance. NCR even says that employees seem to become more productive in other ways. (more)

Read More

NSA also has arrangements with foreign internet providers

(Updated: October 11, 2013)

Last Tuesday, August 20, the Wall Street Journal came with a big story with new details about the NSA surveillance programs. The article claims that NSA has the capacity to reach roughly 75% of all US internet traffic that flows through domestic fiber-optic cables. However, this was strongly denied by the NSA

The 75% claim got a lot of attention, but most media apparently oversaw a section later on in the article, which reveals a far more sensitive NSA collection method:

"The NSA started setting up Internet intercepts well before 2001, former intelligence officials say. Run by NSA's secretive Special Services Office, these types of programs were at first designed to intercept communications overseas through arrangements with foreign Internet providers, the former officials say. NSA still has such arrangements in many countries, particularly in the Middle East and Europe, the former officials say."

Documents which were recently leaked by Edward Snowden already confirmed that the NSA collects internet data from telecommunication cables going through the United States. But now we learn that also foreign internet providers are cooperating with NSA in order to intercept foreign communications.

For Americans it may be embarrassing that NSA is tapping into domestic internet cables, but for people elsewhere in the world it must be even more embarrassing that their telecommunications provider might have some secret agreement with a foreign intelligence agency.

Here we will combine this with a number of other recent stories and this shows us that NSA and its British counterpart, the Government Communications Headquarters (GCHQ), have arrangements with a number of big American and British telecommunications companies, and also with an unknown number of foreign internet providers. These are cooperating because they are required by law and both NSA and GCHQ are paying them for the expenses. The result is a global internet surveillance network.

The doughnut-shaped building of GCHQ in Cheltenham, Gloucestershire.

Cooperating with GCHQ

The names of the companies cooperating with GCHQ were published on August 2 by the German newspaper Süddeutsche Zeitung and the NDR television channel. As these are smaller regional media, it seems that The Guardian didn't dare to publish these names themselves. Both media were given access to some top secret GCHQ documents from 2009, partly from an internal system called GC-Wiki, which mention the following telecommunications providers (meanwhile some have merged) and their codenames:

- Verizon Business (DACRON)
- British Telecom (REMEDY)
- Vodafone Cable (GERONTIC)
- Global Crossing (PINNAGE)
- Level 3 (LITTLE)
- Viatel (VITREOUS)
- Interoute (STREETCAR)

GCHQ has clandestine agreements with these seven companies, described in one document as "intercept partners", in order to give the agency access to their network of undersea cables. The companies are paid for logistical and technical assistance and British Telecom even developed software and hardware to intercept internet data. At GCHQ this collection effort is conducted under the "Mastering the Internet" component of the TEMPORA program.

The identity of the participating companies was regarded as extremely sensitive, in official documents referred to as "Exceptionally Controlled Information" (ECI), with the company names replaced with the codewords. Disclosure of the names would not only cause "high-level political fallout", but would also be very damaging for the trustworthiness of the companies.

One of the doors of room 641A in the building of AT&T in San Francisco,
where the NSA had a secret internet tapping device installed,
which was revealed by an AT&T technician in 2006.

In reaction to these disclosures, Vodafone and Verizon said that they comply with the laws of all the countries in which they operate cables and that they won't disclose any customer data in any jurisdiction unless legally required to do so. This is the same kind of reply some of the US internet companies gave regarding to their alleged involvement in the PRISM program.


Tapping the internet backbone

Together, the seven companies operate a huge share of the high-capacity undersea fibre-optic cables that make up the backbone of the internet's architecture. The German media also noted that these companies also run some important internet nodes in Germany, and for example Interoute owns and operates Europe's largest cloud services platform.

We do not know how many of the internet cables and nodes of these providers have collection and filtering devices attached. Former NSA official and whistleblower William Binney gives quite a large number of major points in the global fiber optic networks where there would likely be Narus, Verint or similar intercepting devices. In this article there's a list of the most likely surveillance nodes on the networks of AT&T, Verizon, BT Group and Deutsche Telekom - situated all over the world.

The Guardian confirms that in 2012 GCHQ had tapped more than 200 fibre-optic cables and was able to process data from at least 46 of them at a time. The collected metadata is stored for up to 30 days, while the content of communications is typically stored for three days.

On August 28, new reports by the Italian paper L'Espresso and the international website of the German paper Süddeutsche Zeitung revealed the names of at least 14 undersea fiber-optic internet cables which GCHQ is tapping:

- TAT-14, connecting the United States with the United Kingdom, France, the Netherlands, Germany, and Denmark
- Atlantic Crossing 1, linking the USA and the United Kingdom, the Netherlands and Germany
- SeaMeWe3, which connects Europe, Asia and the Middle East
- SeaMeWe4, linking Europe, North Africa and Asia
- FLAG Europe Asia (FEA), linking Europe to Japan through the Middle East and India
- FLAG Atlantic-1, linking New York with France and England
- Circe North, connecting the United Kingdom with Belgium, France, Germany and the Netherlands
- Circe South, idem
- Solas, between the United Kingdom and Ireland across the Irish Sea
- UK-France 3
- UK-Netherlands 14
- Ulysses 1 and 2, running between Dover and Calais, resp. IJmuiden and Lowestoft
- Yellow/AC-2, connecting New York with Bude in the United Kingdom
- Pan European Crossing (PEC), linking the United Kingdom, Belgium, and France

Overview of the undersea fiber-optic cables
Click for an interactive map!

The existance of internet tapping points outside the US and the UK was confirmed in a report by The Independent from August 23. It says GCHQ runs a secret internet-monitoring station at an undisclosed location in the Middle East to intercept and process vast quantities of emails, telephone calls and web traffic on behalf of Western intelligence agencies.

The station is able to tap into and extract data from the underwater fibre-optic cables passing through the region. All of the messages and data passed back and forth on the cables is copied into giant computer storage buffers and then sifted for data of special interest. These data are then processed and passed to GCHQ in Cheltenham and shared with the NSA.


Network Security Agreements

On July 7, The Washington Post published about a "Network Security Agreement" between the US government and the fiber-optic network operator Global Crossing, which in 2003 was being sold to a foreign company. Global Crossing was later sold to Colorado-based Level 3 Communications, which owns many international fiber-optic cables, and the 2003 agreement was replaced by a new one (pdf) in 2011.

According to the Post, this agreement became a model for similar arrangements with other companies. These ensure that when US government agencies seek access to the massive amounts of data flowing through their networks, the companies have systems in place to provide it securely. The 2011 agreement with Level 3 clearly says that all domestic communication cables shall pas through a facility from which lawful electronic surveillance can be conducted:

The bottom line here is in the word "lawful". As long as information requests by NSA or GCHQ are lawful, the internet providers will assist in gathering the required data. They even have to.


Corporate Partner Access program

Just like GCHQ, NSA is also paying telecommunication companies. This came out when on August 30, The Washington Post published parts of the highly classified US Intelligence Budget. This revealed that NSA’s Special Source Operations (SSO) division runs a project called Corporate Partner Access, which involves major US telecommunications providers to tap into "high volume circuit and packet-switched networks".

For the fiscal year 2013 this program was expected to cost $ 278 million, down nearly one-third from its peak of $ 394 million in 2011. Among the possible costs covered by this amount are "network and circuit leases, equipment hardware and software maintenance, secure network connectivity, and covert site leases". The total of 278 million breaks down as follows for specific programs:

- BLARNEY: $ 65.96 million
- FAIRVIEW: $ 94.74 million
- STORMBREW: $ 46.04 million
- OAKSTAR: $ 9.41 million

A final $ 56.6 million is for "Foreign Partner Access", but according to The Washington Post it's not clear whether these are for foreign companies, foreign governments or other foreign entities.

The article says that telecommunications companies generally charge to comply with surveillance requests from state, local and federal law enforcement and intelligence agencies. This simplifies the government’s access to surveillance and the payments cover for the costs of buying and installing new equipment, along with a reasonable profit, which makes it also profitable for the companies to cooperate with NSA and other agencies.

Some more details about collecting data with the help of foreign facilities came from NSA slides shown in the background of a Brazilian television report on September 8, 2013. These slides mentioned at least three sub-programs of OAKSTAR for collecting phone and internet communications "through a foreign access point":
- MONKEYROCKET
- SHIFTINGSHADOW
- ORANGECRUSH
The latter program is specified as a "Foreign access point through PRIMECANE, and 3rd party partner" (see below).

 

2nd and 3rd party countries

Similar arrangements with telecommunication providers can be expected in Canada, Australia and New Zealand, as the signals intelligence agencies of these countries have a very close information sharing relationship with GCHQ and NSA under the UKUSA-Agreement from 1946. Regarding signals intelligence these countries count as 2nd party allies of the NSA.

One step below, there's a group of around 30 countries that are considered to be 3rd party partners. According to the Snowden-leaks Germany, France, Austria, Denmark, Belgium and Poland are among them.* Probably Norway, Malaysia, Singapore, Japan, South Korea, Israel, Taiwan and South Africa are 3rd party partners too.*

As the Wall Street Journal article says that the foreign internet providers are "particularly in the Middle East and Europe", this reminds of a special relationship the United States has with a number of countries in particularly these regions. We know them by the fact that they have a so-called Defense Telephone Link with the US:

- In Europe: Albania, Austria, Bulgaria, Czech Republic, Estonia, Latvia, Lithuania, Macedonia, Poland, Romania, Slovenia and Slovakia.
- In the Middle East: Bahrein, Israel, Kuwait, Oman, Qatar, Saudi Arabia, and the United Arab Emirates.

Most of these countries are small, dependent on US military support and therefore often willing to cooperate with US intelligence agencies. Of course this doesn't necessarily mean that in all of these countries the NSA has agreements with local internet providers, but the list may give an indication of where we can expect cooperating companies. Having secret arrangements with a foreign intelligence agency is a highly sensitive and tricky business, so internet providers have to be covered by their government.


The new way of intercepting

For the NSA these arrangements with foreign internet providers make good sense. Before the Internet-age, NSA could intercept many communications on its own, for example by placing taps at underwater telephony cables and intercepting satellite transmissions and microwave links. These were the long-distance connections for the public switched telephone network, which also carried most of the early internet traffic.

The 20 feet/6 meter and 6 tons tapping device for a Soviet cable in
the Sea of Okhotsk, which was placed in the 1970's under operation Ivy Bells
and was discovered and removed by the Soviets in 1981.

With the rapid expansion of the internet after the year 2000, the copper cables and satellite and microwave links have been replaced by fiber-optic cables, which are far more difficult to intercept. NSA is reportedly capable of placing taps at underwater fiber cables, but these are of course very cumbersome and costly operations.

Therefore, the way to go was to place taps at locations where the fiber-optic communications are switched. For the internet, much of the switching occurs at relatively few sites, but here intercepting has to be done with the help, or at least the knowledge, of the companies who are operating these sites.

Before 2001, NSA was only authorized to intercept communications with both ends being foreign. So the first internet providers to cooperate with had to be outside the US. But due to the very nature of the internet, NSA soon found out that it was increasingly difficult to keep foreign and domestic communications separated.

For that reason president George W. Bush secretly authorized NSA to also wiretap international communications where just one party is believed to be affiliated with terrorism. Under this new authority NSA could now also involve American telecommunication providers, first those providing hardware transmissions (AT&T, Verizon, etc) and later companies offering the software for today's communications (Microsoft, Google, Apple, etc).


Nothing really new

Now, NSA and its UKUSA partners are cooperating with a range of national and foreign internet providers, which gives them access to the main internet cables and switching points all around the world. This is just like they operated the ECHELON network with listening stations worldwide, intercepting the former satellite communications.

For some people all this may sound like Snowden's claim about the NSA being able to eavesdrop on every conversation of everyone in the world, but there's no evidence for that. NSA does want access to as many communication channels as possible, but only for gathering information about enemies of the United States, not about ordinary people. Given the enormous amount of data traffic, NSA will just do everything to gather that info as focussed and efficiently as possible - more about that next time.

(This article was updated with info about the Level 3 agreement, the British base in the Middle East, the names of the fiber-optic cables and the budget for cooperation of telecom providers)


Links and Sources

- NY Times: N.S.A. May Have Penetrated Internet Cable Links
- Wall Street Journal: New Details Show Broader NSA Surveillance Reach
- Süddeutsche Zeitung: Snowden enthüllt Namen der spähenden Telekomfirmen
- The Guardian: BT and Vodafone among telecoms companies passing details to GCHQ
- The Washington Post: Agreements with private companies protect U.S. access to cables’ data for surveillance
- Süddeutsche Zeitung: British Officials Have Far-Reaching Access To Internet And Telephone Communications
- Wikipedia listing: List of international submarine communications cables

Read More

Boyfriend Tracker app Booted from Google Play

Yesterday the Associated Press reported that the Boyfriend Tracker app, which had seemed to take Brazil like an overbearing wildfire, was removed by Google from its app store with no explanation.

Both the app’s massive popularity (AP estimates around 50,000 downloads in just two months) and its removal raise questions. The former, of course, speaks to a fundamental problem in the security of relationships in Brazil. To be fair, it is certain that the app — called Rastreador de Namorados — would have just as much popularity elsewhere, but this one happened to be in a country famous for its casual liaisons. “In Brazil, we have this culture of switching partners really quickly, so this is a way of dealing with that,” the app’s maker, Matheus Grijo told the AP. “People really appreciate having a tool to help them find out whether they’re being cheated on.” (more) 

“Boyfriend Tracker” lets users obtain a call history, receive any incoming or outgoing text messages, identify a partner’s location on a map using GPS, and can turn on the phone to listen in to the surrounding environment. The app also lets users know when a phone is turned off or set to Airplane Mode. The app has to be downloaded on the intended individual phone, with their consent, according to Grijo. The individual can then text message codes to turn on the various tracking options. (more) (video)

Girlfriend Tracker app still available!
(No, just kidding.)

Read More

Homes Hacked Through Wireless Devices - There Really is a Boogeyman

Sleep tight...

Read More

CEO Pleads Guilty to Wiretapping Charge

ID - Louis Kraml, the Chief Executive Officer of Bingham Memorial Hospital in Blackfoot, entered a plea of guilty today to a misdemeanor charge of stalking in the second degree...

A Bingham County grand jury indicted Kraml, and former hospital Information Technology Department employees Jack York, Chris Behunin and Tyler Lassen, with various violations of the Idaho wiretap statute...

According to the indictments, the defendants intercepted and recorded phone calls made by and to former hospital doctor Robert Rosin and his staff between June 2009 and August 2010. (more)

Read More

FutureWatch: Eavesdropping via Mind Reading

We continue to keep tabs on the next really big thing in eavesdropping - mind reading. Still way off in the future, advances are being made every year.  

Here is the latest...

By analyzing MRI images of the brain with an elegant mathematical model, it is possible to reconstruct thoughts more accurately than ever before. In this way, researchers from Radboud University Nijmegen have succeeded in determining which letter a test subject was looking at. The journal Neuroimage has accepted the article, which will be published soon. A preliminary version of the article can be read online.

‘In our further research we will be working with a more powerful MRI scanner,' explains Sanne Schoenmakers, who is working on a thesis about decoding thoughts. ‘Due to the higher resolution of the scanner, we hope to be able to link the model to more detailed images. We are currently linking images of letters to 1200 voxels in the brain; with the more powerful scanner we will link images of faces to 15,000 voxels.'  (more)

Read More

Laser Beam Eavesdropping - In the News Again

Since the 1970's, stories about laser listeners have periodically popped up in the news. The common thread is their magical ability to eavesdrop from far away using only an invisible beam of light. Fear mongering is the next element, closely followed by, "very expensive, only the government can buy one."

The reporters are either clueless or haven't done any decent research. Their information sources have vested interests: like governments spreading disinformation; or "de-bugging experts" and spyshop owners hoping the publicity will boost their business. Funny, a working device is never demonstrated, and nobody even claims first-hand knowledge.

Today, the BBC fell victim. Here is the story they published...

Not true.

The UK government has warned the Guardian newspaper that foreign agents could use laser technology to eavesdrop on them, in the wake of recent surveillance leaks. What are laser listening devices and are they effective? (more)

The theory is sound. CD / DVD players use it on a small scale. YouTube is full of videos demonstrating the technique... under very controlled conditions, with less than sterling results. But, is it really a practical surveillance tool? Click here for our research.

Read More

Spybusters Tip #948 - Android Device Manager Allows Remote Locate, Signal & Erase Security for Android Devices

Access the settings by opening the Google Settings app from your Android app drawer and tapping the option for Android Device Manager.

From there you can choose whether to enable remote location or wiping. This lets you login to the Android Device Manager website and find your phone on a map, cause your device to ring so you can find it if it’s in your other pants pocket or lost in couch cushions, or perform a factory reset if the phone’s been lost or stolen. (more)

Read More

Last of the Nixon Tapes Go Online

Forty years after President Richard M. Nixon turned off his secret tape recorder, the federal government on Wednesday finally released the last of the historic recordings that have provided an unparalleled insight into the workings of one of the nation’s most dramatic presidencies...

The 94 tapes released on Wednesday cover conversations from April 9 to July 12, 1973, after which the secret taping system was dismantled when a Nixon aide, Alexander Butterfield, disclosed its existence to Congress. (more)

Get yer hot Tricky Dicky tapes. 
Get yer hot tapes here.

Read More

Do You Know Your NSA History? (Pop Quiz - no prize)

When was this published in The New York Times?

"A Federal Court of Appeals recently ruled that the largest and most secretive intelligence agency of the United States, the National Security Agency, may lawfully intercept the overseas communications of Americans even if it has no reason to believe they are engaged in illegal activities. The ruling, which also allows summaries of these conversations to be sent to the Federal Bureau of Investigation, significantly broadens the already generous authority of the N.S.A. to keep track of American citizens."

A. 2013
B. 2003
C. 1993
D. 1983
E. 1973
(Answer)

Read More

Who Gets the Bill for Government Wiretaps?

Is a major telephone company issuing a surcharge to its customers for legal government wiretapping in what it's calling a "lawful interception recovery fee"? 

A Facebook post that went viral, which showed an apparent copy of an AT&T bill with a section reading "Lawful Interception Recovery Fee" under "Surcharges and Other Fees."

Text that accompanied the post, attributed to a Facebook user Kallie Snyder, read: "I called and they said it's a new fee for the ... cost incurred from the government. I don't have anything to hide so if they want to tap my phone go ahead ... but why should I have to pay for it??!!! This is ridiculous, please share this so we can get the word out there. Oh, and check your bills people!!" (more)

100% urban legend hoax.
Phone companies charge the government.
So... if you are a taxpayer, you do pay.
It just doesn't show up as a tapped-line item on your 1040 form.

Read More

Spy Drone Pisses Off Dr. Wee

KUALA LUMPUR - The two men, who allegedly spied on the home of MCA Youth chief Datuk Dr Wee Ka Siong (Deputy Minister of Education Malaysia) using a hexacopter, claimed that they were only testing the machine and not spying...

Both men have denied that they are members of a political party...

Dr Wee, when contacted, said the excuses given by the two men were ridiculous and urged police to investigate the matter further.

“Why would a photographer from Kluang come all the way to Cheras to take aerial photographs of my housing area and test the machine?” he said, adding that the footage in the camera showed it to be zooming in on only one or two houses.

He urged the authorities to push for more stringent rules and regulations on the use of such devices.

It was reported that the remote-controlled hexacopter, which had been allegedly spying on his bungalow in Bukit Tiara, Cheras on Aug 8, had fallen on the roof of the balcony of Dr Wee’s neighbour after hitting the lightning arrester. (more)

The Back Story
His neighbour’s 14-year-old son found the vehicle and informed his parents but his parents did not suspect anything amiss and told him to just throw it away.

However, the boy removed a chip attached to a tiny video camera from the vehicle and, together with his 15-year-old sister, played it on the computer. They made the shocking discovery and the family quickly informed Dr Wee.

Dr Wee collected the craft from his neighbor only on Thursday.

Dr Wee, who showed five short video clips extracted from the chip and recorded on Aug 5, said the hexa­copter was aimed in the direction of his house and his neighbour’s.

The video clip showed two men handling the hexacopter in its initial clip (Darwin Award!). In another, the camera screen paused when a security guard was going on his patrolling rounds and resumed when the guard moved away. (more)

Read More

IKEA Store Union's Covert Video Allowed

Canada - Two different panels of the BC Labor Relations Board have made findings in favor of a union’s covert video surveillance at the IKEA store in Richmond, BC. The store has operated behind a picket line since May 13.

With over 300 unionized employees on the outside looking in, and only 27 who have decided to cross the picket line, most store operations have continued. The kids’ ballroom is closed, and the 600 seat cafeteria isn’t serving up Swedish meatballs (or anything else), but otherwise the store is open and sales are being made. That has made the union suspicious that IKEA is getting work done in violation of the law against using replacement workers: - section 68 of the Labor Relations Code.

The union hired private investigators to covertly videotape activity inside the store. It then sought to rely on still pictures taken from the video of certain individuals alleged to be working in violation of section 68.

Both panels rejected IKEA’s argument that the covert video surveillance was in violation of the Privacy Act and the Personal Information Protection Act (“PIPA“) and therefore should not be admitted into evidence. The panels, deciding the cases before them independently, reached similar conclusions for similar reasons. (more)

Read More

Intel's IT Computer Network PanOptiCop - Code Name "SANTA"

Intel has created a Hadoop-based rig that analyses just about every network event in the company – four to six billion of them on business days - in close to real time so it can spot threats including industrial espionage.

Intel officials declined to name the tool, saying it would not be "productive" to disclose its name, but said it was created by an 80-strong team of big data specialists working from its Israel offices and makes extensive use of Apache Hadoop. Ron Kasabian, Chipzilla's general manager of Big Data, said the tool was developed because conventional malware detection tools – even those from Intel's security-focused subsidiary McAfee – can't find the especially novel or subtle attacks Intel fears.

Kasabian described the tool as analyzing “every access request by every employee, every time they access a file, sharepoint, email or ERP”. Watching all those activities is important because Intel's intellectual property like product designs and manufacturing processes must be very closely guarded. (more)

Snooping A Network Tells All (SANTA)
Oh come on, what else would you call it?

Read More

Some Stuff Around the House Which Might Be Spying on You

For Americans concerned about their privacy, the NSA data grabs are daunting, but what about the data grabs happening inside your own home, perpetrated not by the government, but by your coffee machine?

Consider every appliance and every piece of home electronics that you own. Does it gather data about how you use it? Does it connect to the Internet? If so, it could be used to spy on you. Your mobile devices, your TV, and now various other types of home appliances can be wired into a network that can track you. If those networks are hacked, information about your habits and behaviors could be available to people with nefarious goals. The same technological innovation that empowers us also makes us vulnerable to those who would exploit such advances against us.

Here are nine appliances and other systems inside your house that may be spying on you right now, or used to spy on you in the future... (more)

FutureWatch: The "Internet of Things" is in its infancy now. The problem of having more back doors to your home than one is only going to worsen.

Read More

Spybusters Tip # 723 - Be Smart - Use a Dumb Phone to Thwart Spyware

Sometimes you just need a dumb phone that can't spy on you. 

inKlien Global's tiny phone

6.5mm Ultra Thin AIEK M3 Cool Card Cell Phone

One that can't hold spyware. 
One that can't GPS track you. 
One that can't bite you with Bluetooth. 

Dumb phones are not always easy to find.  

Your local cell phone store wants you to buy smartphones with data plans. Your significant other isn't going to gift you a dumb phone. (A smartphone, maybe, but don't trust it.)

If you are in the market for a spybusting phone, or just a secret second phone, try looking at these...

inKlien Global "The world slimmest card size phone." (turn off Bluetooth)
johnsphones.com "The world's most basic cell phone."
Kyocera Marbl K127  (Virgin Mobile) Cellular Phone
Motorola W260g  Prepaid Phone (Tracfone)
Motorola C139  Prepaid Phone (Tracfone)


More Spybusters Tips:
• If you suspect your phone is spying on you, don't completely stop using it until you can collect evidence to prove your case. 
• Pick up a cheap, dumb, unblocked secret phone.
-- Don't give out the number.
-- Don't tell anyone you have it.
-- Use a pre-paid SIM card.
-- Use it for very confidential calls only, Let a little information leak via your smartphone. You don't want to tip off your spy that you have gone dark.
-- Completely turn off your smartphone when using your secret phone.
• Block your phone number from being sent. Press *67 before entering the number you want to call. Remember, calls to toll-free numbers like 700, 800, and 900 numbers (and their variants) can not be blocked.
• Rather text than phone? Return to those thrilling days of yesteryear... rent a pager. 

Read More

Before you snicker, review your spy service's history

The recent revelations by the whistleblower Edward Snowden were fascinating. But they - and all the reactions to them - had one enormous assumption at their heart. 

That the spies know what they are doing. 

It is a belief that has been central to much of the journalism about spying and spies over the past fifty years. That the anonymous figures in the intelligence world have a dark omniscience. That they know what's going on in ways that we don't.

It doesn't matter whether you hate the spies and believe they are corroding democracy, or if you think they are the noble guardians of the state. In both cases the assumption is that the secret agents know more than we do. 

But the strange fact is that often when you look into the history of spies what you discover is something very different... (more)

Read More

The Latest Holiday Season Spy Toy Rolls Out... and records!

...from the seller...
"The I Spy Tank uses all of the latest technology so that you are able to see what the I Spy Tank sees. 

With the Wi-Fi transmitter you are able to control the I Spy Tank with your iPhone, iPad or iPod.

Because of the built in Live Streaming Video Camera you are able to have battles with other I Spy Tanks. Why not see what your friends and neighbors are up to from your very own arm chair while your I Spy Tank goes and finds out. Why not use several I Spy Tanks to arrange war games with your friends? The possibilities are limitless!"

SPECIFICATIONS
WiFi Controlled
4 Channel
Use With Your iPhone / iPad / Android device to control vehicle
Records Video and Sound Up To 20 Metres Away
Records Straight To Your Device
Play Time : 60 Minutes
Charge Time : 120 Minutes
Distance Control : 30 Metres
Batteries Required : 6 x AA (not included)
Dimensions : L230 x W190 x H115mm
For ages 8 and up - Warning! Choking hazard due to small parts. 
iPad, iPhone, and iPod not included

Read More

"Paranoia is our friend."

The quote is from a legend in the corporate counterespionage business.  

The movie Paranoia - which opens today - is from a terrific novel written by Joe Finder. Joe is a stickler for accuracy and detail; part of the reason he is a New York Times bestselling author. 

If you want a peek under the skirt of business espionage see Paranoia this weekend.


Sign up here to win an autographed copy of the book. Movie times.

"Privacy is a myth."
#CHANGETHEGAME

Read More

FutureWatch: Powerless Bugs or Teslabestiola

Ambient Backscatter research is in its infancy. 
Imagine the possibilities.
Technical espionage could see its biggest advancement since the transistor.

Read More

Man Bugs his Ex's Home for Over Three Years

UK - A woman has been left terrified in her home and was turned against her closest friends after her ex-partner bugged her house for three and a half years, a court has heard.

The victim said she suspected her ex had planted a listening device in her Darlington home after he started talking about things which she did not believe he should know...

The man, who cannot be identified for legal reasons, said he installed the device to check on his young daughter.

As near as we can tell from the report, the bug looked like this one.

The device, which the man bought in London for £180 ($280.00), was installed behind a plug socket in the living room in November 2009, and could be accessed through his mobile phone...

In a statement read to the court by Ms Milson, the victim said she had nearly suffered a mental breakdown after finding out she had been bugged.

She said: “I feel sick to the pit of my stomach that he has been listening to me for over three years, he has always known too much about my life.

“He made me question myself and used what he heard against me. I am scared every single day, I am totally distraught and it has left me feeling differently about my home.” (more)

The price on these has dropped since 2009. 
The one shown above is now $79.95. 
The economy of scale, perhaps?

Read More

Baby Cam Hackers Can See You, Hear You, and Talk to You... and Your Kids

A hacker was able to shout abuse at a two-year-old child by exploiting a vulnerability in a camera advertised as an ideal "baby monitor".

ABC News revealed how a couple in Houston, Texas, heard a voice saying lewd comments coming from the camera, made by manufacturer Foscam.


Vulnerabilities in Foscam products were exposed in April, and the company issued an emergency fix.

Foscam said it was unable to provide a statement at this time.

However, a UK-based reseller told the BBC it would contact its entire customer database to remind them "the importance in setting a password to their cameras".

The spokesman added that it would be urging Foscam's head office - based in Shenzhen, China - to send out a memo to all its resellers suggesting they too contact their customers.

The BBC has found evidence of hackers sharing information on how to access insecure Foscam cameras via several widely-used forums. Using specialist search engines, people can narrow their results by location...
 
Foscam is not the only company to find itself the target of hackers. Last year, camera company Trendnet had to rush out an update to fix a security hole that left thousands of cameras exposed. (more) 

This is not a new problem. Manufacturers have been slow to respond. (Security Scrapbook warnings from 2/12 and 7/13). Why?

Espionage Idea: Imagine your country is the top manufacturer of surveillance cameras. You build in a back-door capability to monitor each one, and hope no one notices. Salt the Earth with your product. Target the units placed in sensitive areas. Wow, what power! And, then some hackers blow it for you. Damn hackers.

Example

Read More