Tuesday, June 30, 2009

Court reinstates ID theft charges in email hack case

TheRegister

US judges are grappling with the implications of a workplace email hacking case that led to the suicide of a local official.

Christopher Baron, 33, an emergency medical technician from Wisconsin, allegedly hacked into the email account of EMS Director Mark Fisher back in August 2006. Messages suggesting Fisher was engaged in an extra-marital affair were compiled and distributed to people in the local community of Jefferson, Wisconsin under the subject line "What Mark's Been Up To". Fisher's wife was among those sent copies of the messages. Fisher killed himself the next day, according to local court reports.

Baron faces a slew of charges including computer hacking and identity theft. He admits sending the messages but denies serious felony offences.

More...


Georgian Opposition Party Claims Police Bugged Offices

rferl.org
TBILISI (Reuters) - Opposition leaders in Georgia have accused police of bugging their offices to undermine a street campaign against President Mikheil Saakashvili, a charge the Interior Ministry denied.

The opposition Conservative Party, one of more than a dozen parties involved in a months-long campaign to oust Saakashvili, said "listening devices" had been found at its Tbilisi premises.

"At a minimum, Interior Minister Vano Merabishvili should resign," senior party official Zviad Dzidziguri told a news conference. "He's using all the means he can to put pressure on his political opponents."

Fellow opposition party Georgia's Way said it had also found listening devices at its offices on June 29.

The opposition launched street protests in early April, accusing Saakashvili of monopolizing power and dragging the country into a disastrous war with Russia last August, when Moscow crushed a Georgian assault on the breakaway region of South Ossetia.

The Interior Ministry, which often releases to media secretly-filmed video or audio recordings of alleged criminals, said it had launched a criminal probe into the allegations.

It said police had stopped using similar bugs six years ago.

More...

Deep-Packet Inspection in U.S. Scrutinized Following Iran Surveillance

WIRED

Following a report last week that Iran is spying on domestic internet users with western-supplied technology, advocacy groups are pressuring federal lawmakers to scrutinize the use of the same technology in the U.S.

The Open Internet Coalition sent a letter to all members of the House and Senate urging them to launch hearings aimed at examining and possibly regulating the so-called deep-packet inspection technology.

Two senators also announced plans to introduce a bill that would bar foreign companies that sell IT technology to Iran from obtaining U.S. government contracts, legislation that is clearly aimed at the two European companies that reportedly sold the equipment to Iran.

The Wall Street Journal reported last week that Nokia Siemens Networks, a joint venture between Germany’s Siemens and Finland’s Nokia, recently gave Iran deep-packet inspection equipment that would allow the government to spy on internet users.

More...

Monday, June 29, 2009

The Fake Car Key Security Spy Camera

cg

If you thought that the keychain spy camera wasn’t quite stealthy enough, this car key might work a little bit better. Just close up the key part and it would cover up all of the spots that let on that it’s actually a spy camera in disguise. Closing up the key won’t obstruct the view of the camera itself though. There’s just a small hole at the bottom of the plastic part, that no one would ever suspect is a camera.

This fake key comes from Brando just like the keychain. It’s also extremely similar, the biggest difference is that they are two different shapes. This fake key has 2GB of built-in memory and can shoot at 29 FPS. The color video resolution is at 640 x 480 and then the image resolution is 1280 x 960 pixels.

More...

Secret police wiretaps fly under the radar

CBCNEWS.CA

Bob McMynn knows first-hand how Canada's laws allow police to eavesdrop and use emergency wiretaps without a judge's approval.

He says Section 184.4 of the Criminal Code helped to save his son Graham's life after a group of young men abducted the then 23-year-old university student at gunpoint in April 2006, in what turned out to be a kidnapping for ransom.

"[The emergency wiretap] was paramount in solving where my son was," McMynn told CBC News. "Without that and other fantastic police work, we may never have got him back."

Vancouver police had little time to ask a judge for permission, so they used the Criminal Code provisions to eavesdrop on a group of key suspects without court approval. Eight days later, police moved in to arrest the gang and free the younger McMynn.


More...

Snooping on the snoopers

TheHerald
Can you see your data shadow? A University of Stirling expert is to turn the tables and put surveillance under scrutiny.

Dr William Webster of the Stirling Management School has secured over half a million Euros of funding from the European Science Foundation to study the impact of surveillance on individuals and society over the next four years.

The Living in Surveillance Societies programme sees Webster head up a new Europe-wide network of academics. More than 90 researchers from 15 countries have signed up to the network, which Dr Webster will chair.

He said: "The programme is about facilitating a better understanding of what it is like to live in a society where technologically mediated surveillance is so prevalent - both for the surveyor and the surveyed. It will look at our experiences of the impact of surveillance on people, businesses, technology and governance."

Webster says surveillance is now taking place on an unprecedented scale, with new technology allowing vast amounts of personal data to be collected, analysed, processed and stored.

More...

Ex-Arlington Heights man charged with economic espionage

DailyHerald

A federal grand jury indicted former Arlington Heights resident David Yen Lee on charges he stole trade secrets to divulge to a competitor.

The indictment, which U.S. attorney Patrick Fitzgerald announced Friday, charges Lee with five counts of economic espionage.

According to the indictment, the 52-year-old Lee worked as technical director of new product development for the Wheeling branch of Valspar Corp., a Minneapolis-based paint company, from 2006 to March 2009.

According to the indictment, Lee downloaded documents and data from Valspar and its China subsidiary, Huarun Ltd., to an external thumb drive authorities found during a March search of Lee's home on the 400 block of West Rand Road in Arlington Heights.

Lee abruptly resigned from Valspar in mid-March, shortly after purchasing a one-way ticket to Shanghai, authorities say. He was arrested later that month - the day before he was scheduled to leave the United States for China, where he was to begin a new job developing paint products April 1. Free on bond since his arrest, Lee has been living in Great Neck, N.Y.

More...

Who's watching the watchers?

TheGlobeandMail
A silicon chip in your Viagra pack reports back to Pfizer on how much you took, and when. You fetch the last Coke from your chip-tagged fridge and your TV airs a Pepsi ad. Your phone company combs your trash for the chips you've cast off, selling the data it finds to marketers. And when you pick up pricey pasta at the supermarket, a screen on your shopping cart flashes an ad for a high-end sauce to go with it.

Science fiction? Not at all.

The plans to "spy-chip" your fridge belong to Procter & Gamble, which has a second patent pending to track consumers in-store. American telecommunications giant BellSouth has a patent pending on the garbage-picking. NCR is behind the shopping cart ads and also holds a patent on "automated monitoring of shoppers" at grocery stores. As for Viagra, like OxyContin, its manufacturers are already tagging bulk bottles at the pharmacy (packs of Diovan, an antihypertensive, are actually tagged individually). Radio Frequency Identification, or RFID, is surveillance technology at its finest -- cheap, invisible, infallible, ubiquitous -- and privacy advocates abhor it. Silently, without even a bar code beep, RFID reads and records people's behaviour and inventories their possessions.

More...

Saturday, June 27, 2009

Exec who hacked friends for sales gets probation

AssociatedPress

HACKENSACK, N.J. (AP) — A sales executive who used personal information to guess passwords, hack into e-mail accounts and listen in on conference calls at his friends' companies was sentenced to probation Friday — a punishment the victims said was too lenient.

David Goldenberg, 47, of Oceanside, N.Y., was fined $1,000 and sentenced to three years probation Friday for a single count of felony wiretapping. He initially faced five felony charges but was spared jail time under a plea agreement with New Jersey prosecutors.

The victims estimate he cost them more than $10 million in lost business and security-improvement expenses.

Marla Suttenberg, owner of Woodcliff Lake-based Sapphire Marketing, described the sentence as a slap on the wrist that wouldn't deter others. She said both companies continue to suffer.

"Our business has been changed forever," Suttenberg said. "Customers that used to trust us with information are now afraid to tell us anything for fear of being compromised."

More...

Commentary: The government needs to work more closely with industry to ensure workplace theft of sensitive information is treated as the serious threat to the wealth/security of our nation that it truly presents, and the threat it poses to the perpetuation of a technologically superior U.S. private industry infrastructure." This is definitely one area where the govt. and industry need to be working together to stop this and make sure that the wealth of the nation (its trade secret, proprietary, etc.) is not squandered to thieves.

While Goldenberg apologized for his actions, and his defense attorney maintains that "We maintain that there was no financial loss and that no financial loss will be established in any future civil litigation,"

The victimized business estimates he cost them more than $10 million in lost business and security-improvement expenses.

"Our business has been changed forever," Suttenberg said. "Customers that used to trust us with information are now afraid to tell us anything for fear of being compromised."

Now, I ask YOU Dear reader, if you owned this business would you feel that justice was served?

Let me hear from you...

J.D. LeaSure

CEO

ComSec LLc

Friday, June 26, 2009

Paris Denies Room Was Bugged

ahlanlive
PARIS HILTON has finally spoken out over rumours her hotel suite was ‘bugged'.

The rumour surfaced earlier this week with sources claiming a listening device was detected under a chair in Paris' suite, sparking security fears.

The heiress, who is currently in Dubai filming the new series of her reality TV show My BFF, was said to be left ‘shaken' by the discovery.

But posting a comment on her Twitter page, Paris denied the rumours, blasting the media as ‘dumb'.

She said: Another rumor to clear up - My hotel room is Not bugged with listening devices and hidden cameras, another LIE created by the media. Dumb."

Guess that clears that up then.

'Peeping Tom Landlord' pleads guilty

PottsTownMercury
NORRISTOWN — The man prosecutors dubbed the "Peeping Tom Landlord" could be peering from behind prison bars for a long time now that he's admitted to using electronic devices to videotape women who lived in his Norristown apartment buildings.

Thomas Daley, 46, formerly of the 1000 block of Spring City Road, Phoenixville, pleaded guilty in Montgomery County Court on Wednesday to 30 misdemeanor counts of invasion of privacy, seven felony counts of interception of oral communications and five felony counts of possessing an electronic device for the surreptitious interception of oral communications in connection with incidents that occurred between 1989 and September 2008. Daley, wearing a denim shirt and jeans, showed no emotion while admitting to Judge William J. Furber Jr. that he invaded the privacy of no fewer than 30 women who lived in 11 or 12 units of five properties he owned in the borough.

"If you start with the premise that a person's home is his or her castle, a place that you have solace and a place that you can get away from the world, by spying on their most intimate behavior, it would shake a person to their core," said Assistant District Attorney John N. Gradel. "It's really an egregious violation of privacy."

More...

School staffer charged with spying on female coworkers

nj.com

ROBBINSVILLE -- A staff computer technician at Sharon Elementary School was arrested Wednesday after allegedly setting up wireless cameras to spy on female employees, police said.

Carl A. Alb, a 29-year-old Pennington resident, has been suspended without pay and has been barred from setting foot on school grounds, Superintendent John Szabo said.

"Certainly we are very concerned and disturbed something like this would happen with one of our employees," Szabo said yesterday.

Police said that two miniature cameras were placed underneath secretaries' desks in the main office area of the school. The cameras had been there for about one week before a staff member leaning under the desk to plug in a cell phone charger on Wednesday morning noticed something odd.

Chief Martin Masseroni said a third camera had been discovered underneath the desk of a female teacher. Though the camera was inside the classroom, Masseroni said it was facing toward the teacher's chair and away from students.

More...

U.K. Employs ‘Naughty Boys’ to Battle Other Hackers

WIRED
Great Britain has launched a new cyber security command center to help combat network intruders and forge offensive attacks against opponents.

The country has hired a number of former hackers to help staff the new Cyber Security Operations Center, which will begin functioning in September.

“You need youngsters who are deep into this stuff…. If they have been slightly naughty boys, very often they really enjoy stopping other naughty boys,” said Lord West, who was appointed Britain’s first cyber security minister.

Tom Watson, a former Cabinet Office minister, told the BBC that the center was needed because there was a lot of “state-sponsored hacking of key U.K. information networks on an industrial scale and we have to transform GCHQ into a spy school for geeks who are more cunning than their Chinese counterparts.”

The new cyber security center will be based in Cheltenham at Britain’s famed secret eavesdropping facility known as GCHQ (Government Communications Headquarters).

More...

Thursday, June 25, 2009

Defense in spy case: Engineer gave public documents to Chinese

ocregister
SANTA ANA – A former Boeing engineer accused of economic espionage rejected overtures from Chinese officials to pass on technology trade secrets, and provided them only with information that was already public, a defense attorney said in closing statements today.

“Mr. Chung walked an interesting line, and a risky line, but not a line that was criminal,’’ said Thomas Bienert Jr., the attorney for Dongfan “Greg” Chung.

Authorities found more than 250,000 documents at Chung's home – information from Rockwell, Boeing and other aerospace companies, including correspondence with Chinese officials, authorities said. Many documents were found hidden in crawl spaces underneath the residence, authorities said.

Briefings from Chinese officials also were found at the home, authorities said. Bienert explained that Chung has the briefing because he planned to one day write about his work.

“The (space) shuttle was a labor of love,’’ Bienert said. “He’s keeping information for his own use and one day wants to write a book.’’

Chung, who resides in Orange, is accused of giving secrets to China since the late 1970s. He is charged with 10 counts, including six of economic espionage, as well as acting as an agent for China.

More...

Employees' constitutional rights

WorldNetDaily

It's generally accepted, for good reason, that your employer has the right to monitor your Internet use at work. Many employers provide Internet access to those working in office environments because such access is very useful, but the Internet

can be misused and company time can be stolen. There are also many websites to which the employee could go that are inappropriate in a work setting. As a result, acceptable use policies governing time spent and content viewed using company Internet access are a common component of employee handbooks.

In sensitive environments, other pieces of technology may be restricted. Companies whose work could be compromised by corporate espionage, or those firms engaged in work for the United States government, may forbid the use and even the possession, on company property, of digital cameras, recording devices and wireless phones. Some go so far as to forbid certain applications on wireless phones. Because many phones are today mobile Web browsers

, unscrupulous employees could use them to surf the Internet or access their networking sites instead of working. Company policy may regulate these activities, including when and where employees may have personal wireless phone calls during work hours.

More...

Wednesday, June 24, 2009

Security Breach Leaves 45,000 at Risk of Identity Theft

CornellDailySun
This afternoon, Cornell alerted over 45,000 current and former members of the University community that their confidential personal information — including name and social security number — had been leaked when a University-owned computer was stolen. To ensure protection in response to the incident, which has exposed many to possible identity theft, the University will be providing free credit reporting, credit monitoring and identity theft restoration services to those affected by the breach.

Cornell announced that an employee had access to this data to correct transmission errors for troubleshooting purposes. The files storing the sensitive information were being stored on a computer that was not physically secure, violating University policy and subjecting the computer to theft.

When the computer was stolen earlier this month, the incident was reported to law enforcement officials and an investigation to find the perpetrator and locate the computer is currently underway.

According to the University, there has been no indication that the exposed data has been abused, but the incident shines light on the broader issue of security and the vulnerability of private information in the digital age.

More...

Gates approves creation of new cyber command

AssociatedPress

WASHINGTON (AP) — Defense Secretary Robert Gates formally ordered the creation Tuesday of a new military cyber command that will coordinate the Pentagon's efforts to defend its networks and conduct cyberwarfare.

A three-page memo signed by Gates orders U.S. Strategic Command to begin plans to set up a subcommand and be prepared to provide an implementation plan by Sept. 1, and begin initial operation no later than October.

Officials have said the new command would be located at Fort Meade in Maryland, and would be fully ready to go by the end of next year. Gates said in his memo that he is recommending that the director of the National Security Agency — currently Lt. Gen. Keith Alexander — be tapped to lead the command, in a dual role with his current responsibilities. That job would be upgraded to a four-star general slot.

"Our increasing dependency on cyberspace, alongside a growing array of cyber threats and vulnerabilities, adds a new element of risk to our national security," said Gates in the memo, which was obtained by The Associated Press.

He added that the new command "must be capable of synchronizing warfighting effects across the global security environment as well as providing support to civil authorities and international partners."

More...

Gathering phone users’ personal info a tough task: Vietnam telcos

VietNamNet

The Ministry of Information and Communications (MIC) has ordered all prepaid subscribers to register their SIM cards by providing their name, date of birth and ID card or passport number by Tuesday, June 30. The move is part of an effort to track down companies and individuals who send out large volumes of unsolicited text messages and to hold them accountable.

Network providers have been sending text messages and calling customers to inform them of the registration guidelines.

Nguyen Viet Dung, deputy director of military-owned Viettel Telecom that provides Viettel network service, said the company will complete registration of all its users by the deadline. Officials from the MobiFone network, under the Vietnam Post and Telecommunications Group, have said they too will make the deadline.

Meanwhile, representatives of Vinaphone, also under the Vietnam Post and Telecommunications Group, report 600,000 of their prepaid subscribers have not registered their SIM cards and are “unsure” about meeting the deadline.

More...

Note: let us know how that works out for you! :)

Free Speech vs. Surveillance in the Digital Age

TruthDig
A Wall Street Journal report this week claimed that the “Iranian regime has developed, with the assistance of European telecommunications companies, one of the world’s most sophisticated mechanisms for controlling and censoring the Internet, allowing it to examine the content of individual online communications on a massive scale.” The article named Nokia Siemens Networks as the provider of equipment capable of “deep packet inspection.” DPI, according to the Electronic Privacy Information Center, “enables Internet Service Providers to intercept virtually all of their customers’ Internet activity, including Web surfing data, e-mail and peer-to-peer downloads.”

Nokia Siemens has refuted the allegation, saying in a press release that the company “has provided Lawful Intercept capability solely for the monitoring of local voice calls in Iran.” It is this issue, of what is legal, that must be addressed. “Lawful intercept” means that people can be monitored, located and censored. Global standards need to be adopted that protect the freedom to communicate, to dissent.

More...

Iran accuses CNN of training hackers

mxlogic
Iran's foreign ministry spokesman accused the cable network CNN of "officially" training people to "hack government and foreign ministry" websites on Monday, citing a CNN.com article that explained how hackers were launching distributed denial-of-service (DDOS) attacks on Iranian government sites.

"They officially trained the people to come and hack Iran's government websites," spokesman Hassan Qashqavi said during a press conference, according to CNN.com. "This is a cyber war. This, with, isn't it a cyber war of the media with an independent government? They asked people to use the DOS system to hack our websites."

The network responded on its website Monday in a statement, calling the accusations "completely false" and stating that "CNN is beholden to no government in its reporting."

Some Iranians had been using Twitter to launch DDOS attacks on Iranian websites. Richard Stiennon, a network security consult, said he had seen messages on Twitter that included links that could directly launch DDOS attacks, which can overwhelm a website with repeated requests.

Many commentators on Twitter and blogs are cautioning that participating in cyberattacks could end up backfiring and hurting Iranian dissidents by slowing down or disabling the country's internet connections.

One Twitterer posted a message Monday that said: "Please, surgically hack bad sites in Iran, NO DDOS! DDOS only harms freedom fighter bandwidth."

Tuesday, June 23, 2009

Maybe the Pen Really Is Mightier Than the Sword


NRO

From Reuters:

Los Angeles-based satellite station Channel One TV, which is run by expatriate Iranians, has made contributions — some of them not so old, either, as one might think from an “old media” provider of satellite TV coverage. Shahram Homayoun, the president of Channel One TV, said that before the demonstrations – although not in preparation for exactly that occurrence – it mailed out thousands of camera pens to citizens in Iran to help them document events the government wants to keep quiet. The pens pull apart to reveal a flash drive for plugging into a computer and uploading video.

Officials with Channel One said they do not know how widely the James Bond-style pens are being used in the current demonstrations in Iran. But the fact that the station even shipped them out is an indication of how much pressure stations like Channel One are putting on the Islamic Republic’s government, which has worked to block their satellite signals.

Beware spycam may be watching you work

BusinessDay

If you have a webcam and a microphone on your computer and a broadband connection to the internet, as many now do to chat with their friends around the world, a hacker could be watching you - maybe, if your PC is in your bedroom, just when you really needed privacy.

Computer security experts warned last week that a series of Windows viruses released to the internet are capable of taking control of the audio and video accessories to spy directly on people at home or work.

The worm, dubbed W32/Rbot-GR, is "the equivalent to a peeping tom . . . peering through your curtains", said Graham Cluley, at Sophos, the British-based antivirus company.

Worms such as Rbot-GR can be neutralised by any of the several anti-virus software packages available but these must be regularly updated. "And if you are not using your webcam, unplug it," said Mr Cluley.

While spying on people at home probably fell into the nasty-prank category, in the workplace worms of this kind could be used for industrial espionage, Mr Cluley said.

Security experts say hackers who once developed viruses to demonstrate their cleverness with computer code are being recruited by criminal fraudsters.

More...

Cyber Security Czar Front-Runner No Friend of Privacy


WIRED
Former Republican Congressman Tom Davis, reportedly President Barack Obama’s top candidate for cyber security czar, voted repeatedly to expand the government’s internet wiretapping powers, and helped author the now-troubled national identification law known as REAL ID.

But an examination of Davis’ record in Congress shows that he’s been on the wrong side of key privacy issues, including the controversial REAL ID Act, which aims to turn state driver’s licenses into a de factonational identification card linked by shared databases and strict federal authentication standards.

“Given his role in REAL ID, Tom Davis would not be a good choice for privacy, which is something that President Obama specifically promised to protect in his remarks on the cyber security strategy,” says Jim Harper, the director of information policy studies at the libertarian Cato Institute. “Many cyber security planners refer obliquely to ‘authentication’ and ‘identity management’ programs that would devastate privacy, anonymity and civil liberties. Davis would probably work to roll past these issues rather than solve them.”

More...

Domestic Surveillance Panel: 2009 National Whistleblower Assembly

PogoWasRight.org

This one-hour panel discussion served as the centerpiece event of the 2009 National Whistleblower Assembly. The presentation, entitled Domestic Surveillance: The Next Steps, focused on privacy rights, featuring key whistleblowers and leaders who have challenged warrantless wiretapping scandal since 2005 when it was first exposed.

Moderated by Government Accountability Project Homeland Security Director (and Justice Department whistleblower) Jesselyn Radack, the panel will touched on: Then-current FISA provisions; lawsuits against the Justice Department regarding Office of Legal Counsel memos justifying the use of domestic surveillance; the Obama administrations public stance on the matter; and what interested citizens, groups and politicians can do to ensure privacy rights. Panelists included:

Thomas Tamm, a former Department of Justice attorney whose whistleblowing disclosure has revealed the full scope of surveillance;

Marc Rotenberg, Executive Director of the Electronic Privacy Information Center, and

Michael MacLeod-Ball, Chief Legislative and Policy Counsel for the ACLU.

More...

Monday, June 22, 2009

WSJ: Nokia and Siemens Help Iran Spy on Internet Users

WIRED

How do you say “Operation Pinwale” in Farsi?

According to a somewhat confusing Wall Street Journal story, Iran has adopted NSA-like techniques and installed equipment on its national telecommunication network last year that allows it to spy on the online activities and correspondence — including the content of e-mail and VoIP phone calls — of its internet users.

Nokia Siemens Networks, a joint venture between Germany-based Siemens and Finland-based Nokia, installed the monitoring equipment late last year in Iran’s government-controlled telecom network, Telecommunication Infrastructure Co., but authorities only recently engaged its full capabilities in response to recent protests that have broken out in the country over its presidential election.

More...

Paris' Room Bugged!


PARIS HILTON was said to be furious today after her security team found a bugging device in her hotel suite.
The transmitter was found under a chair in her private suite.The device was spotted by one of Paris' security team who then searched the rest of her rooms.It is not yet known what the device picked up or recorded, or who it was transmitting to.
Sources say Paris security has been stepped up since the incident and the Hilton Camp have demanded hotel staff investigate.
Note: Poor Paris! You need a Counter Surveillance Specialist! Contact: ComSec LLc Today! I can help...

Top German spy says more Russian snooping on firms


BERLIN (Reuters) - Russian spies are targeting the German energy sector to help Russian firms gain commercial advantages, the head of Germany's domestic counter-espionage unit said Sunday.
"The Russian intelligence services, keeping up with their government's changing information needs, have intensified efforts in recent years to investigate German firms illegally," Burkhard Even, told Die Welt am Sonntag newspaper.
The director of Counter-Intelligence at the Federal Office for the Protection of the Constitution, said the spying was aimed mostly at information on alternative and renewable energy and efforts to increase efficiency. European energy interests, diversification plans, and Germany's economic situation were also espionage targets.
Last month Interior Minister Wolfgang Schaeuble also noted, when presenting his ministry's 2008 security report, that Russia and China were stepping up espionage efforts and Internet attacks on German companies.

Sunday, June 21, 2009

Chief of Colombia's domestic spy agency fires 11 more in eavesdropping scandal

washingtonexaminer

Associated Press
06/20/09 8:30 PM EDT

BOGOTA — Colombia's domestic intelligence agency has fired another 11 people in a scandal over illegal eavesdropping of judges, journalists and politicians.

That brings to 33 the total number of people dismissed from the Department of Administrative Security since the scandal broke in February.

DAS director Felipe Munoz did not name the ousted officials in a Tuesday news conference. Nor did he elaborate on their transgressions.

The agency reports directly to President Alvaro Uribe. Uribe's office denies the president or any of his top advisers ordered the illegal interception of phone calls and e-mail.

The chief prosecutor's office has been investigating the case but says it has no information so far on who ordered the interceptions or why.

Font size

Saturday, June 20, 2009

Internet surveillance laws in Canada and around the world

CBCNews

In June 2009, Public Safety Minister Peter Van Loan announced the latest bills intended to modernize the Criminal Code.

"We must ensure that law enforcement has the necessary tools to catch up to the bad guys and ultimately bring them to justice. Twenty-first century technology calls for 21st-century tools," Justice Minister Rob Nicholson said when the bills were announced.

In a reversal from Day's position in 2007, one of the new bills would require internet service providers and cellphone companies to provide police with "timely access" to personal information about subscribers — including names, address and internet addresses — without the need for a warrant.

The government news release announcing these bills said, "Other countries, such as the United Kingdom, the United States, Australia, New Zealand, Germany and Sweden, already have similar legislation in place." Here's the legal situation in those countries.

More...

Peeping landlord rigs hidden camera on tenant

counton2

NBC
Published: June 19, 2009

A Long Island landlord rigged a hidden camera in the bedroom of a teenage tenant, police are saying, and the young girl’s father said he almost took matters into his own hands when he learned what Louis Bosco may have been up to.

“He made me almost lose my freedom,“ the father said. “I was going to kill this man for doing something to my daughter.“

The man said his daughter went into the backyard of the family’s East Patchogue home, where the landlord lives in a separate house on the same property.

“My daughter told me that she went into the backyard where this gentleman lives and saw her room on a monitor in his dwelling,“ the father said. “She went in the house, and looked up in her ceiling tile and there was a camera.“ Police said they found cameras and microphones in the girl’s bedroom and a bathroom.
“Our family is devastated,“ the girl’s mother said.

Bosco has been charged with unlawful surveillance, a crime for which he could get 4 years behind bars if convicted.

Thursday, June 18, 2009

NSA Secret Database Ensnared President Clinton’s Private E-mail

WIRED

A secret NSA surveillance database containing millions of intercepted foreign and domestic e-mails includes the personal correspondence of former President Bill Clinton, according to the New York Times.

An NSA intelligence analyst was apparently investigated after accessing Clinton’s personal correspondence in the database, the paper reports, though it didn’t say how many of Clinton’s e-mails were captured or when the interception occurred.

The database, codenamed Pinwale, allows NSA analysts to search through and read large volumes of e-mail messages, including correspondence to and from Americans. Pinwale is likely the end point for data sucked from internet backbones into NSA-run surveillance rooms at AT&T facilities around the country.

More...

Look Within: The Insider Threat to Trade Secrets

NetworkComputing

When it comes to information security, many organizations rely heavily on a tactical and operational approach. A large portion of budgets and resources are directed toward technical solutions like firewalls and filters to keep out the bad guys – like hackers, spammers and thieves. But the greatest threat to an organization’s information is already inside the firewall.

It’s the organization’s own employees and their daily interaction with critical information assets that create the greatest risk. In fact, 80 percent of all security breaches are committed by those working within an organization. These breaches happen in a variety of ways, like when employees take work home in an effort to be more productive or when they share company information with external people because they don’t realize the information is sensitive.

Protecting a business against insider threats is not a small task. However, there are proactive measures organizations can take to reduce this risk.

More...

Note: Contact me, I can help...

The Eavesdropping Continues


NewYorkTimes
Once again, the country is learning about how the federal government has been exceeding its legal authority and violating Americans’ most basic rights in the name of fighting terrorism.

In a disturbing article in The Times on Wednesday, James Risen and Eric Lichtblau said that Congressional investigations suggest that the National Security Agency continues to routinely collect Americans’ telephone calls and e-mail messages — perhaps by the millions.

These sweeps seem unconnected to specific terrorism investigations, and the communications are entirely domestic. The law does not allow fishing trips through Americans’ communications and only permits the government to read e-mails or listen to phone calls in which one party is “reasonably believed” to be outside the United States.

The government offered its usual response: Oops. A spokesman for the intelligence community said any “overcollection” was inadvertent and “when such errors are identified,” they are quickly corrected.

More...

Kingston’s new Flash Drives go up to 128GB

cg
I’m surprised that no one has covered this already, but Kingston has some new Flash drives that come in 32GB, 64GB, and a whopping 128GB!

I’m told that the DataTraveler 200 is the very first 128GB flash drive on the market. Of course, I always get suspicious when something says “world’s first” on it. Usually it ends up not being the world’s first of anything, but just the company who could spend the most money on promotion.

One of the things that make these flash drives unique is they don’t have any easy-to-lose caps, but the USB end can retract into the housing itself. They also come with Password Traveler security software for Windows computers, and are Windows ReadyBoost compatible.

More...

Wednesday, June 17, 2009

Ex-Foreign Espionage Operative Reveals How People Are Recruited To Undermine U.S.

PostChronicle

U.S. universities are important recruiting grounds for foreign spies, according to a former intelligence operative who has defected to the United States, and issued a report giving a rare glimpse into the intelligence operations of one of America's most determined espionage foes.

Jose Cohen Valdes was a Cuban intelligence officer employed in several areas of information acquisition and analysis in Havana, and has documented his nation's penetration of U.S. universities in a report which has yet to be translated into English. Jose Cohen's original report can be accessed online.

The recent arrest of former State Department official Walter Kendall Myers and his wife, Gwendolyn, on charges of spying for Cuba for the past 30 years gives further immediacy to Jose Cohen's report.

The intended purpose of the spy recruits is not only to gather information, but to become agents of influence - individuals who can shape U.S. policy to assist a foreign nation and work against the best interests of the United States. Cuba has one of the world's most effective espionage organizations in the world, and the tropical gulag remains on the U.S. State Department's list of state sponsors of terror. Cuba has one of the world's most effective espionage organizations in the world, and the tropical gulag remains on the U.S. State Department's list of state sponsors of terror.

More...

Keykeriki, universal wireless keyboard sniffer


RemoteExploit.org
(Via Mfg's Website)
Description:Now 1.5 years after releasing our whitepaper "27Mhz Wireless Keyboard Analysis Report" about wireless keyboard insecurities, we are proud to present the universal wireless keyboard sniffer: Keykeriki. This opensource hardware and software project enables every person to verify the security level of their own keyboard transmissions, and/or demonstrate the sniffing attacks (for educational purpose only). The hardware itself is designed to be small and versatile, it can be extended to currently undetected/unknown keyboard traffic, and/or hardware extensions, for example, a repeating module or amplifier. Keyboard Sniffer Keykeriki Video

More...


Note: Now attackers may be able to steal your wireless keyboard keystrokes without even installing software on your PC. Beware!

E-Mail Surveillance Renews Concerns in Congress

NewYorkTimes
WASHINGTON — The National Security Agency is facing renewed scrutiny over the extent of its domestic surveillance program, with critics in Congress saying its recent intercepts of the private telephone calls and e-mail messages of Americans are broader than previously acknowledged, current and former officials said.

The agency’s monitoring of domestic e-mail messages, in particular, has posed longstanding legal and logistical difficulties, the officials said. Since April, when it was disclosed that the intercepts of some private communications of Americans went beyond legal limits in late 2008 and early 2009, several Congressional committees have been investigating. Those inquiries have led to concerns in Congress about the agency’s ability to collect and read domestic e-mail messages of Americans on a widespread basis, officials said.
Supporting that conclusion is the account of a former N.S.A. analyst who, in a series of interviews, described being trained in 2005 for a program in which the agency routinely examined large volumes of Americans’ e-mail messages without court warrants. Two intelligence officials confirmed that the program was still in operation.

More...

Chewing Gum Wrapper Sized Mini Spy Camera

walyou

Spying gadgets are getting smaller and interesting, such as can be seen in this Chewing Gum Wrapper Sized Mini Spy Camera. This thin small gadget can record both audio and video and has some amazing features such as micro SD card slot with up to 8 GB memory.

Chewing Gum Wrapper Sized Spy camera can record with a digital resolution of 640×480 in AVI format. One can use it on a sly for all kinds of spying and even surveillance. In fact it can be hidden right inside chewing gum wrapper itself.

Geeky spies can also try Spy Camera Hidden in a Cap or Spy Cam Tie. Spying seems to be in vogue. Just get hooked on to this new hobby and record the world around you on a sly. The world would look different and interesting. You can be new geeky James Bond out to unravel some hidden truths.

More...

Tuesday, June 16, 2009

Dutch court orders Google to reveal Gmail user

TheRegister

Google Netherlands has agreed to hand over the IP addresses of a Gmail user in an alleged spy case.

The CEO of Dutch internet incubator company iMerge suspected that a former disgruntled employee, who also acted as a system administrator, had secretly created an auto-forward rule in one of the company's mail servers. Several mails, including business conversations and a romantic discourse which led to a divorce, were forwarded to a Gmail address.

Because Gmail doesn't reveal someone's IP address in outgoing mail headers, iMerge couldn't take legal action against the former employee.

Google initially declined to provide iMerge with requested IP addresses on the grounds that "disclosing the user's identity violated rulings on the balance between freedom of expression and a person's right to his reputation."

However, a Dutch court believed the offence was serious enough and forced Google to reveal all the log files it had on the account. Immediately after the ruling, Google provided the required data, including a list of IP addresses.

More...

Companies jockey for piece of $30 billion spy market

WallStreetJournal

PARIS (MarketWatch) -- L-3 Communication Holdings Inc. and Hawker Beechcraft Corp. on Tuesday unveiled an exportable version of their King Air 350, which already is being used by the U.S. military for intelligence, surveillance and reconnaissance in Afghanistan.
The move, announced at the Paris Air Show, seeks to tap into one of the few growth markets for aviation during the global recession.

L-3 /quotes/comstock/13*!lll/quotes/nls/lll (LLL 71.75, -0.93, -1.28%) and Hawker Beechcraft said they expect to sell 150 of the surveillance planes over the next 10 years for about $2.5 billion, including after-market services. In the United States, the market could demand as many as 75 planes for a total of $1.3 billion.

The two companies already have signed an agreement with the U.S. Defense Department to supply the military with 37 planes for about $1 billion. The first ISR King Air 350 for the United States entered service last week in Afghanistan.

More...

Britain names Sawers as new espionage agency chief


Reuters

LONDON (Reuters) - Britain named high-profile ambassador John Sawers on Tuesday as the new head of its Secret Intelligence Service (SIS), also known as MI6, saying he was rejoining the espionage agency after years as a diplomat.

Prime Minister Gordon Brown's spokesman said Sawers -- Britain's ambassador to the United Nations -- would take up the post in November when incumbent John Scarlett is due to retire.

Sawers, who is in his early 50s, is a former ambassador to Egypt and political director of the Foreign Office (Ministry). He was a member of SIS early in his career and was now rejoining it, an official said.

Foreign Secretary David Miliband said he welcomed the apointment and looked forward to working with him.

More...

Review Of The Covert Key Chain Hidden Camera And Digital Video Recorder

AGORAVOX
The Covert Key Chain Hidden Camera And Digital Video Recorder is a new hidden video camera with audio, which is contained inside something that looks like a regular 21st century automobile ignition key.

The Key Chain DVR is the latest breakthrough in digital video technology. A tiny video camera that records video to micro SD cards for up to fifty minutes is now hidden inside something that looks like your car alarm activator.

No matter if you are in Law Enforcement, a Private Investigator, a concerned parent or spouse, or just like the latest gadgets, this is the latest high tech device that you have to have.

The Covert Key Chain Hidden Camera video camera records high-resolution 640 x 480 videos at 30 fps, with clear audio. With an internal lithium ion battery, the manufacturer claims you can record video for up to 3 hours. In our tests, we were able to record for about 50 minutes.

The keychain DVR is also a 1.2 megapixel digital camera that will also take up to 4,000 high-resolution photographs at 1280 x 1024.

More...

Feingold Asks Obama to Clarify Position on Warrantless Wiretapping

TheWashingtonIndependent

Responding to the controversial assertion by Director of National Intelligence Dennis Blair on June 8 that warrantless wiretapping “wasn’t illegal,” Senator Russ Feingold (D-Wis.) today sent a letter to President Obama asking him to make clear that he is not claiming that extraordinary executive authority to disregard the Foreign Intelligence Surveillance Act, or FISA.

“As a United States Senator, you stated clearly and correctly that the warrantless wiretapping program was illegal,” writes Feingold. “Your Attorney General expressed the same view, both as a private citizen and at his confirmation hearing.”

More...

Monday, June 15, 2009

TSA names spy agency vet as CIO

fiercegovernmentit
A veteran of the tech-savvy, super spying National Security Agency has been named as chief information officer for the Transportation Security Administration. Emma Garrison-Alexander, a former senior official at the NSA, will head TSA's Office of Information Technology and manage a budget of about $400 million.

"She will provide vision and leadership for developing and implementing IT initiatives across TSA," said Gale Rossides, TSA's Acting Administrator in a news release. "Her experience in signals intelligence and information technology systems will be a strategic asset. We are fortunate to have her with us and her skills will no doubt continue to set the standard for excellence in transportation security."

More...

Pentagon Official Charged With Spying For China

AllHeadlineNews

Washington, DC (AHN) - A Defense Department official gave U.S. secrets to the Chinese for four years, according to a federal grand jury indictment.

Federal prosecutors say James Wilbur Fondren Jr., the deputy director, Washington Liaison Office, of U.S. Pacific Command, gave classified and unclassified information to Tai Shen Kuo, a naturalized U.S. citizen from Taiwan. Kuo had close ties with a top Chinese official, and the FBI says Fondren, 62, knew of this relationship, yet continued to provide the information from November 2004 to Feb. 11, 2008.

Fondren faces up to 60 years in prison if convicted on all the charges against him.

The FBI said in a press release that Fondren provided the information to Kuo under the guise of a consulting service in which Kuo's business was the only client. Fondren would incorporate the information into "opinion pieces" he sold to Kuo, according to the indictment. He also provided what the FBI describes as sensitive, but unclassified Defense Department publications to Kuo.

Saturday, June 13, 2009

Instead of Zen Dens, Starwood Builds an Espionage Case Against Hilton

TheWashingtonPost

Earlier this year, Hilton Hotels shipped eight boxes to Starwood Hotels and Resorts. Companies don't typically send much mail to their competitors, and Starwood's general counsel discovered something odd in the boxes: thousands of Starwood documents and electronic files.

Lawyers from Hilton, which is moving to Tysons Corner from Beverly Hills this summer, included a letter saying they found the material in the homes and offices of star employees the firm had recruited from Starwood. The material, according to the letter, had been reviewed and didn't seem all that sensitive. Hilton was returning it "in an abundance of caution."

Starwood's attorneys did not agree. They hit Hilton with a 91-page lawsuit alleging "the clearest imaginable case of corporate espionage," saying that "the sheer volume of theft is extraordinary, and may be unprecedented.

More...

Feds Bust International Telephone Hacking Conspiracy


eweek