Wednesday, July 29, 2009

Tech gadgets help corporate spying surge in tough times

By Byron Acohido, USA TODAY

Marla Suttenberg had a sinking feeling that a corporate spy was shadowing her.

In March 2008, the owner of Woodcliff Lake, N.J.-based Sapphire Marketing was preparing to give a longtime client a generous price cut on $134,000 worth of audio/videoconferencing equipment.

But before her sales rep could extend the offer, her chief rival, David Goldenberg, then regional vice president of sales for AMX, a Dallas-based conferencing systems maker, sent the client an e-mail disparaging Sapphire and offering a steeper AMX discount.

"I felt sick to my stomach," Suttenberg recalls. To pull that off, someone had to have infiltrated Sapphire's internal e-mail, she thought at the time.

She was right. A few days later, Goldenberg, 48, of Oceanside, N.Y., was arrested. He subsequently pleaded guilty to felony wiretapping for tampering with Sapphire's e-mail. He was sentenced last month to three months probation and ordered to undergo counseling. "There was nothing sophisticated about me getting into their e-mail," he said in an interview. "Honestly, I had no idea that it was illegal."

More...

Tuesday, July 28, 2009

Is Big Brother following you? Government's guide to using Twitter

Guardian UK: Even its author admits that a 20-page strategy paper for government departments on how to use Twitter might be regarded as "a bit of over the top" for a microblogging tool with a limit of 140 characters a message.

Indeed, the 5,382-word official "template",which translates into 36,215 characters and spaces, would need roughly 259 separate tweets to put the word around Whitehall using Twitter.

But its author, Neil Williams, who describes himself as head of corporate digital channels at Lord Mandelson's Department for Business, Innovation and Skills, admits that when he sat down to write a proper plan for his department's corporate Twitter account, "I was surprised by just how much there was to say ‑ and quite how worth saying it is."

More...

Skype singled out as threat to Russia's security


MOSCOW (Reuters) - Russia's most powerful business lobby moved to clamp down on Skype and its peers this week, telling lawmakers that the Internet phone services are a threat to Russian businesses and to national security.

In partnership with Prime Minister Vladimir Putin's political party, the lobby created a working group to draft legal safeguards against what they said were the risks of Skype and other Voice over Internet Protocol (VoIP) telephone services.

VoIP software has used the Internet to let hundreds of millions of people talk long-distance for free, or at far cheaper rates than traditional service providers can offer.

At a meeting of the lobby this week, telecom executives portrayed the most popular VoIP programs like Skype and Icq as encroaching foreign entities that the government must control.

"Without government restrictions, IP telephony causes certain concerns about security," the lobby's press release said. "Most of the service operators working in Russia, such as Skype and Icq, are foreign. It is therefore necessary to protect the native companies in this sector and so forth."

Skype was not immediately available for comment.

More...

Monday, July 27, 2009

From iPhones to smart grids at Black Hat, Defcon

cnet: My favorite security show each year is one at which there are no sales pitches, the speakers favor black T-shirts and dyed hair over suits and ties, and the talks tend to be controversial enough to prompt legal threats and even arrests.

I'm talking about Defcon, which starts Thursday and runs through Sunday. The event turns part of the Las Vegas strip into a geek equivalent of "Animal House" for a three-day weekend every summer.

Started in 1993 by Jeff Moss, aka Dark Tangent, Defcon brings together some of the top security experts from around the world, along with thousands of hacker wannabes whose pranks in previous years--hacking the elevators and ATMs and cementing the toilets, to name a few--have led to bans at certain hotels.

"One good thing about the [economic] downturn is that the Riviera Hotel has been easier to deal with," said Moss, who was recently named to the Homeland Security Advisory Council. "They're letting us have access to the pool, so we'll have pool parties, and they've allowed us to do more social things that we wanted to do."

In addition to being a hacker playground and summer camp, Defcon is a semi-neutral ground where people who blur the lines of legality mingle with federal agents whose job it is to hunt them down.

More...

Sunday, July 26, 2009

Web Services Provider's Accounts Hacked

WASHINGTON (CBS4) ―
Network Solutions, a web services provider, announced on Friday that hackers broke into the company's servers and stole information on over half a million debit and credit card accounts, according to the Washington Post. The account information was stolen over the last three months.

The company, based out of Virginia, found the attacks in early June as hackers accessed servers that provide e-commerce services to around 4,343 small to mid-size online stores. That number translates to about half of Network Solutions customer base, the Post reported.

The hacker would leave malicious code that would spy on and record personal and financial information for users of stores hosted on the servers. The company said it's working with federal authorities to find the cause and source of the hack.

More...

Saturday, July 25, 2009

Hacker Says iPhone 3GS Encryption Is ‘Useless’ for Businesses

WIRED
Apple claims that hundreds of thousands of iPhones are being used by corporations and government agencies. What it won’t tell you is that the supposedly enterprise-friendly encryption included with the iPhone 3GS is so weak it can be cracked in two minutes with a few pieces of readily available freeware.

“It is kind of like storing all your secret messages right next to the secret decoder ring,” said Jonathan Zdziarski, an iPhone developer and a hacker who teaches forensics courses on recovering data from iPhones. “I don’t think any of us [developers] have ever seen encryption implemented so poorly before, which is why it’s hard to describe why it’s such a big threat to security.”
With its easy-to-use interface and wealth of applications available for download, the iPhone may be the most attractive smartphone yet for business use. Many companies seem to agree: In Apple’s quarterly earnings conference call Tuesday, Apple chief operating officer Tim Cook said almost 20 percent of Fortune 100 companies have purchased 10,000 or more iPhones apiece; multiple corporations and government organizations have purchased 25,000 iPhones each; and the iPhone has been approved in more than 300 higher education institutions.

More...

The Sony Dream Machine Spy Camera


There are all different types of products that hide little cameras within them. Some are as small as keychains and others slightly larger objects like tissue boxes or other random items. Some of which if inspected very closely at all, someone would notice that something wasn’t quite right. Well this Sony Dream Machine Camera might actually keep people plenty fooled. It’s already an electronic, so having a lot of buttons isn’t something that’s out of the ordinary.

Besides being a hidden camera, it also functions as a clock for wherever you need a camera. It will record video both day and night, come night time it will just conveniently switch to night vision all on its own. It can record in real-time and flip on automatically when it senses any motion. It can also take pictures instead of shooting video. You can set it to record on specific days and times or set it to the motion sensor.

Friday, July 24, 2009

How to Surveillance-Proof Your Hotel Room


(CBS) Would you know if your hotel room had hidden cameras?

On "The Early Show" Thursday, the president of Insite Security, Chris Falkenberg, showed how easy it is for cameras, like the one suspected to have taped sportscaster Erin Andrews, to be concealed -- and how people can be proactive in protecting their privacy.

Several devices may be used to secrete cameras. In a hotel set-up, Falkenberg showed "Early Show" co-anchor Maggie Rodriguez how clocks and alarm clocks, smoke detectors cameras and mini cameras may be hidden.

"You would never know," Falkenberg said. "Cameras have become so miniaturized that it's easy to secret them into small, everyday objects."

Clocks, Falkenberg said, may carry cameras inside. If you look closely, Falkenberg said, you can see the camera. And these cameras aren't rigged this way. You can buy them online, and they have nightvision capabilities and motion detection. To avoid being taped with an electronic device like this, Falkenberg suggested bringing your own electronics to hotels and removing as many as you can that you don't need.

More...

iPhone encryption too easy to hack?


The iPhone's current data encryption system is far too easy to crack, claims an iPhone developer familiar with the technology. "It is kind of like storing all your secret messages right next to the secret decoder ring," says Jonathan Zdziarski, who also teaches courses on recovering data from iPhones. "I don’t think any of us [developers] have ever seen encryption implemented so poorly before, which is why it’s hard to describe why it’s such a big threat to security." Using free software, Zdziarksi charges, it is possible to crack even the iPhone 3GS in as little as two minutes. A complete disk image can be created in roughly 45 minutes, using a jailbreaking tool such as redsn0w, which then enables data to be pulled via an SSH client. iPhones appear to decrypt information for an SSH tunnel without any special prompting, Zdziarski comments.

More...

Maintenance man accused of urinating on court worker's chair

JEFFERSONVILLE, IN (WAVE) - A Clark Circuit Court employee contacted a building supervisor after she showed up for work several times to find her chair wet. She was shocked to learn it may have been caused by a maintenance worker who was allegedly urinating in the chair. He was arrested after police reviewed footage from a hidden camera appearing to catch him in the act.

The restrooms in the Clark County government building are clearly marked, but Stephen Thompson allegedly wasn't interested in finding a restroom to relieve himself.

Instead, Clark County Prosecutor Steve Stewart says Thompson, 58, a maintenance man who worked third shift, urinated on a chair.

"This is something that, in my years as a prosecutor, I have never seen," Stewart said.

"I can't say he was doing his job that night," Stewart said. "As I understand it, he felt that he'd been slighted by somebody on the Clark Circuit Court staff."

The employee had noticed her chair was damp on several occasions upon arriving at work. Now Stewart says "she's surprised - disgusted."

More...

Beijing's spies cost German firms billions

GERMANY is under attack from an increasing number of state-backed Chinese spying operations that are costing its economy tens of billions of euros a year, a leading German counterintelligence agent has said.

Walter Opfermann, an expert on espionage protection in the office for counter-intelligence for the state of Baden-Wuerttemberg, said China was stealing industrial secrets using an array of "polished methods" from conventional spies and phone-tapping to the internet

Mr Opfermann said methods had become "extremely sophisticated" to the extent that China was now capable of "sabotaging whole chunks of infrastructure", such as Germany's power grid. "This poses a danger not just for Germany but for critical infrastructure worldwide," he said.

Russia was also "top of the list" of states using internet spying techniques to garner German expertise, which "helps save billions on their own economic research and development".

Russia had only "hundreds of thousands of agents", compared with China's 1 million, but it had "years more experience".

More...

Thursday, July 23, 2009

Etisalat no comment on Blackberry 'bugging'

Emirates Telecommunications Corp (Etisalat) declined to comment on Wednesday on a software update it sent to Blackberry users, which the device's maker said was an unauthorised surveillance application.

Canada's Research in Motion Ltd (RIM) said on Tuesday that software sent by the UAE's largest telecoms operator was not a BlackBerry Software Upgrade.

Etisalat had sent text messages to its Blackberry customers in the UAE in recent weeks prompting them to install software that promised to enhance the device's performance. Instead it led to problems such as heavy draining of the battery.

"RIM confirms that this software is not a patch, and it is not a RIM authorised upgrade. RIM did not develop this software application and RIM was not involved in any way in the testing, promotion or distribution of this software application," the Blackberry maker said in a statement.

Etisalat declined to comment when called by the news agency Reuters.

Hundreds of Blackberry smartphone owners in the UAE reported problems with their phones over the last few weeks after the update patch was sent out.

More...

Wednesday, July 22, 2009

Andy Coulson: my own phone was hacked by private investigator

timesonline

The Conservative Party’s director of communications has been told by police that his voicemail messages were intercepted while he was editor of the News of the World.

Andy Coulson, a close aide to David Cameron, said he was contacted by a detective superintendent two weeks ago who said it appeared likely that his messages had been hacked into by Glenn Mulcaire, a private investigator who was later jailed.

“I clearly didn't know what Glenn Mulcaire was up to,” he told MPs.

The claim, made to the Commons Culture Select Committee, will add weight to the News of the World claim that Mr Mulcaire had other clients than the Sunday tabloid, which was paying him £100,000 a year for his services.

More...

New Technology to Make Digital Data Self-Destruct


NewYorkTimes
A group of computer scientists at the University of Washington has developed a way to make electronic messages “self destruct” after a certain period of time, like messages in sand lost to the surf.

The researchers said they think the new software, called Vanish, which requires encrypting messages, will be needed more and more as personal and business information is stored not on personal computers, but on centralized machines, or servers. In the term of the moment this is called cloud computing, and the cloud consists of the data — including e-mail and Web-based documents and calendars — stored on numerous servers.

More...

BlackBerry Spyware Wasn’t Ready for Prime Time

WIRED
A BlackBerry software upgrade in the Middle East that turned out to be an e-mail interception program was likely a buggy beta version of a U.S.-made surveillance product, according to an analyst who dissected the malicious code.

Sheran Gunasekera, who works as a security consultant in Asia, released a white paper examining the spyware. (.pdf) Gunasekera said the software had no protective measures to obfuscate it, making it easy to decompile and examine — an unusual flaw for a program designed for surreptitious interception. What’s more, command messages sent to the BlackBerry to initiate and halt interception can be transmitted to the device through e-mail or BlackBerry’s proprietary PIN messaging system. But the PIN messages are visible on the handheld’s screen for a fraction of a second when they arrive and a copy of commands sent via e-mail appear in the user’s inbox, which would conceivably alert an observant user to suspicious activity. Gunasekera says the e-mail command function is turned off by default, apparently because of this glitch.

More...

Spy Top Hat Hidden Camera DVR


ubergizmo
The Spy Top Hat Hidden Camera DVR must've been a relic from the past, as spies these days are so much more sophisticated in their work, they won't be wearing top hands or trenchcoats anymore.

Still, for those who want to discreetly capture images around them without being discovered might want to consider the $95 device, where it records video in 352 x 288 resolution in full color using the AVI format.

The 4GB of internal memory can be further augmented by another 4GB thanks to removable flash storage. This USB-rechargeable device has a battery that runs up to 6 or 7 hours, tops, before requiring a quick trip to the nearest charging outlet. On days when you're not out on an espionage session, why not use this as a normal hat instead?

News of the World paid royal phone hackers after convictions

guardian
The News of the World made payments to its disgraced royal editor Clive Goodman and private investigator Glenn Mulcaire after the two men were jailed for phone hacking, MPs were told today .

The newspaper claimed the "arrangements", details of which were not given, were made to comply with employment law, rather than to buy to their silence.

The MPs on the culture, media and sport select committee reopened their inquiry into privacy and press standards after the Guardian revealed that the paper's owner, News Group, had secretly paid £700,000 to Gordon Taylor, chief executive of the Professional Footballers Association, in a confidential settlement.

Today, the MPs pressed executives from News Group to disclose the terms on which Goodman and Mulcaire were dismissed.

More...

O'Brien: Corporate secrecy under the microscope after Twitter leaks

mercurynews

The publication of internal documents about Twitter that were filched by a hacker caused fans across Silicon Valley to express their outrage — before they hunkered down to read them.

For all the controversy, my own gut reaction after reading the notes and financial projections: "Is that it?" These were the great trade secrets that the valley fretted could undermine Twitter's future and send it plunging off a cliff? Hardly.

After covering Silicon Valley for more than a decade, I remain astounded by how companies of all sizes remain obsessed with secrecy. We live in an age of growing transparency. Yet companies are desperately pushing back against the information age they are enabling. Apparently, openness and sharing is good for everyone but them.

Let's be clear. Companies of any size, even large publicly traded companies, are required to share only the tiniest, thinnest bits of information about themselves. Anytime they are asked to make the slightest concession toward more disclosure, expect whining, followed by lobbying.

Twitter didn't ask to be hacked, and certainly didn't deserve it. But whatever internal anxieties it caused, the resulting revelations would hardly quicken anyone's pulse.

More...

Tuesday, July 21, 2009

Deutsche Bank sacks two for spying

TheRegister

Deutsche Bank has sacked two senior executives for spying on its board of directors and two other people.

Prosecutors, data protection officials and financial regulators are all investigating the bank for allegedly spying on its own chief operating officer, a board member, an activist shareholder and a media mogul. The bank is awaiting results of its own investigation into the incidents which took place between 2001 and 2007.

The bank hired a law firm to find out just what spying was carried out on behalf of the firm - it hired private investigators to do the dirty work. As a result of this probe it has sacked its head of corporate security and its head of investor relations, according to the Wall Street Journal.

The bank declined to comment until its own report is completed, which should be within the next few weeks. That document will then go to the board which will decide what further action to take.

More...

Another Israeli spy arrested in Lebanon

presstv.ir
Lebanese intelligence forces have arrested another man on suspicion of spying for Israel amid an anti-espionage crackdown in the country.

The man identified as Kamal Assaf was arrested in the southern region of Bekaa valley on charges of spying for Israel's notorious intelligence agency, Mossad on Saturday, Naharnet reported.

Since the beginning of a major crackdown on spy networks earlier this year, Lebanese security forces have dismantled several Israeli espionage rings and arrested dozens of suspects on charges ranging from providing Israel with information to help its armed forces to visiting "the enemy country" -Israel -- without permission.

Most of the detainees were reportedly equipped with high-tech espionage apparatus.

More...

The affordable USB Fingerprint Security Lock Flash Drive

cg

This isn’t the first USB drive with a little fingerprint security thrown in. It is definitely one of the cheaper versions though. When it comes to extra security though, some might not like that the drive is remarkably cheaper than the rest. That is, since it might be indication of a slightly more inferior product. However, for those that are willing to give the cheaper drive a chance, you might want to check out this USB Fingerprint Security Lock Flash Disk.

It comes with a decent amount of storage packed into it, 8GB to be specific. Which isn’t too shabby when you factor in that the drive is only going to cost you $37.61 a piece. Other than that, it’s a fairly simple drive, it comes with a strap to make it more difficult to lose. To get your data just press your finger to the USB drive.

More...

USB thumb drives hit 256GB mark

DVICE

I remember my first USB thumb drive. It was a 256MB Samsung number, about the size of an old, Pez-dispenser-shaped iPod Shuffle (with the same annoying habit of blocking the USB port right beside the one you plugged it into). That was about six years ago, and in that time solid-state memory has made a lot of progress. As in, three-orders-of-magnitude progress.

Flash-memory purveyor Kingston now sells a thumb drive with a capacity 256 gigabytes: the DataTraveler 300. Yep, 256GB, all in single plastic wafer less than 3 inches long. According to the product page, that's the equivalent of 10 Blu-ray Discs, 54 DVDs or 365 CDs. It truly is a new era.

More...

Tony Trout gets year for computer spying

greenvilleonline
SPARTANBURG — A federal judge sentenced former Greenville County councilman Tony Trout to one year in prison on computer spying charges on Wednesday, telling the former police officer that he violated the public's trust and should be held to a higher standard.
In a tearful apology, Trout told U.S. District Judge Henry Floyd that he was wrong to implant a bug on County Administrator Joe Kernell's computer that allowed him to access Kernell's personal emails.
Trout told the judge that while he had researched state laws on computer surveillance, he hadn't versed himself on federal laws until now.

“I'm guilty, and I'm sorry, and I was wrong,” said Trout, who was uncharacteristically quiet as he left the courthouse with no comment following his sentencing. “It's all because of me … nobody else but me.”

A jury convicted Trout in April on four counts of computer spying and wiretapping after Trout testified in his own defense that he didn't know that it was illegal to intercept Kernell's personal e-mails through the administrator's computer and private Yahoo account.

More...

A.R.M.S. Inc. Wins Trade Secret and Breach of Fiduciary Duty Lawsuit

earthtimes
WEST BRIDGEWATER, Mass. - (Business Wire) A federal court jury awarded A.R.M.S. Inc., a designer of accessories and attachments for small arms weapons for 30 years, in excess of $1.8 million in damages in a lawsuit alleging theft of trade secrets and breach of fiduciary duty against Stephen P. Troy, Jr. and his company, Troy Industries, Inc., of Lee, MA.

In the lawsuit, originally filed on August 23, 2007, A.R.M.S. alleged that its former employee of seven months, Stephen Troy, who had held a position of trust and confidence with the company, had stolen A.R.M.S.’s trade secrets for a proprietary handguard system for use on M-4/M-16/AR-15 rifles and incorporated those trade secrets in a competing modular, free-float railed handguard system that attached to the barrel nut and that was being offered and sold by Troy Industries, commencing after he was fired from A.R.M.S. On June 26, 2009, after a two-week trial in the Massachusetts Federal District Court, a nine member federal jury returned a verdict against Stephen P. Troy and Troy Industries, finding them liable for misappropriation of trade secrets and breach of fiduciary duty.


More...

ESPN Sportscaster Erin Andrews Videotaped Nude Through Hotel Room Peephole

FoxNews
Sexy ESPN sportscaster Erin Andrews was the target of a peephole pervert who surreptitiously shot a video of her walking around her hotel room naked -- and posted it on the Internet.

The sideline siren wants the creepy cameraman brought to justice, both for herself and to keep other victims from having to go through the same nightmare.

Andrews' lawyer, Marshall B. Grossman, confirmed yesterday she was "surreptitiously videotaped" while "in the privacy of her hotel room."

"Although the perpetrators of this criminal act have not yet been identified, when they are identified, she intends to bring both civil and criminal charges against them and against anyone who has published the material," Grossman said.

More...

Saturday, July 18, 2009

‘Spyshop toys’ enable hidden audio and video recordings

LastWatchDog.com
Spyshop toys. That’s what J.D. LeaSure, a Virginia Beach-based counter surveillance specialist, calls the trove of eavesdropping and peeping-Tom digital gadgetry readily for sale online.

LeaSure is the go-to guy CEOs call in to do security sweeps when they suspect someone is listening in and/or viewing strategic discussions that are meant to be kept behind closed doors. He says business has been booming in the past year and half.

Some of the devices available for purchase, simply by Googling “spy bug,” would impress Q, 007’s gadgets guy.

More...

Friday, July 17, 2009

Former Boeing engineer convicted of spying for China

CNN
LOS ANGELES, California (CNN) -- A former engineer for Rockwell International and Boeing was convicted Thursday of economic espionage and acting as an agent of China, authorities said.
Dongfan "Greg" Chung, 73, was accused of stealing restricted technology and Boeing trade secrets, including information related to the space shuttle program and the Delta IV rocket.

U.S. District Judge Cormac J. Carney convicted him on charges of conspiracy to commit economic espionage; six counts of economic espionage to benefit a foreign country; one count of acting as an agent of the People's Republic of China; and one count of making false statements to the FBI, according to a statement from federal prosecutors.

Carney presided over Chung's three-week bench trial last month. In a bench trial, there is no jury and the judge decides whether to convict a defendant after hearing testimony. Chung was free on bond after his arrest by FBI agents and NASA investigators in February 2008. He was taken into custody after Carney's ruling was read.

More...

Thursday, July 16, 2009

Who do you TRUST?

Corporate Espionage

Who do you Trust?

With the ever available use of the internet and the secrets it can subsequently reveal, major corporations are becoming more reclusive when giving away the secrets of the trade to new employees. Even large companies like the Hilton Hotel are being subpoenaed for stealing trade secrets from rival hotel companies which indicates no company large or small is in the clear of corporate espionage. While many trade secrets have become well known, there are still many companies that hide their secret recipes, fabric methods, or even technological advances so that they can dominate their own industry. There is therefore a high price to pay if anyone happens to steal their specific “recipe” to sell to a rival company.

In modern society, stealing from a rival company has become almost commonplace but the social stigma attached to this has not changed. It is difficult to keep any secret in such a digital age wherein hackers can access your files from an obscure location, which makes it even more important to large companies to secure their trade secrets in locations that cannot be breached. Additionally, hiring employees that are seemingly trustworthy (which is difficult to discover) while still keeping them at a distance until they have proven their worth is an important step to take when replacing staff members. It is also important to keep your staff happy at all times; the moment they get denied a pay raise or get extra work for no commission they will begin to get lured away by rival companies who are anxious to hear all about their exclusive interaction with your company. Even the most dedicated employees can get angry about a lack of pay raise and opt to instead get paid heartily for their simply knowledge of the company.

Corporate espionage does not have to be entirely about corporate spies “sneaking” into your building after hours to invade your files but instead typically revolve around the disgruntled employee. Large corporations like McDonalds do not have to hide any trade secrets because they employ so many individuals around the nation that it would be difficult to hide such a secret from rival fast food chains. Rather, in the beginning of the industry’s arrival, many companies shared secrets that guaranteed success while still making individualized food. Sometimes, however, an employee from an entirely unrelated industry will manage to steal important documents and attempt to sell them to a rival firm. This happened in 2001 after a catering company employee stole an undisclosed plan for a $1 billion alliance between MasterCard and Disney in an attempt to sell it to Visa. It therefore becomes obvious that corporate espionage can happen in the most obscure ways which is why companies need to protect their finances and strategies from outside sources.

This post was contributed by Britney Wilkins, who writes about the online college. She welcomes your feedback at BritneyWilkins81 at yahoo.com


Police wiretapping probed in Portsmouth

seacoastonline

PORTSMOUTH — For four or five months, a microphone recorded conversations of civilian employees working inside the police department's records office without their knowledge.

Digital recordings of their conversations were fed to a supervisor's computer, allowing the supervisor to listen to everything said inside the records office from a different floor in police headquarters and in real-time. When employees realized their conversations were being recorded, they complained to police brass, prompting an internal investigation, then a review by the county attorney's office, which ruled no law was broken.

Those and other conclusions are revealed in a three-page report by County Attorney Jim Reams, who wrote that state wiretapping law — punishable with jail time and $100-a-day fines — was not broken because the police employees who installed the bug and listened to the conversations thought "the recording system was lawful and would serve the public good by (ensuring) that the interactions of employees with the public were professional."

More...

FBI charges satellite descramblers under DMCA

arstechnica
The people behind the Viewsat satellite receiver have been arrested and charged with conspiring to violate the Digital Millennium Copyright Act thanks to their not-so-undercover efforts to crack DISH Network's latest encryption scheme.

The FBI has set its sights on satellite descramblers, charging three individuals behind the Viewsat satellite receiver with conspiracy to violate the Digital Millennium Copyright Act (DMCA). The indictment was unsealed this week after Viewtech owner Jung Kwak was arrested in San Diego, where he is currently being held without bail. Several associates were also arrested. The group faces up to five years in prison and a $250,000 fine each.

Some of our readers may be familiar with the Viewsat—it's a free-to-air (FTA) satellite receiver box that claims to provide users with access to free satellite programming, such as religious and cultural content. However, as most Viewsat customers also know, the device is engineered in such a way that makes it simple for users to grab what is otherwise designated as for-pay satellite programming. All that's required is for the FTA boxes to spoof DISH's smartcards so that the DISH Network can see that the boxes are authorized.

More...

How to use electrical outlets and cheap lasers to steal data

NetworkWorld

If attackers intent on data theft can tap into an electrical socket near a computer or if they can draw a bead on the machine with a laser, they can steal whatever is being typed into it.

How to execute these attacks will be demonstrated at the Black Hat USA 2009 security conference in Las Vegas later this month by Andrea Barisani and Daniele Bianco, a pair of researchers for network security consultancy Inverse Path.

“The only thing you need for successful attacks are either the electrical grid or a distant line of sight, no expensive piece of equipment is required,” Barisani and Bianco say in a paper describing the hacks.

More...

UBS Charges 3 Ex-Employees With Code Theft


SecuritiesIndustry
Goldman Sachs is not the only Wall Street firm taking an ex-employee to court with the charge of theft of trade secrets in the form of valuable, proprietary trading code.

Swiss bank UBS AG confirmed Monday that it filed papers in March charging three ex-employees with “misappropriation of trade secrets.” The “misappropriation” included 25,000 lines of source code used in UBS’s “trade secret algorithmic trading programs,” according to documents submitted with the New York State Supreme Court.

The bank is charging three former employees in the firm’s algorithmic trading group of having “collectively coordinated and planned together” to move to new jobs at New York-based Jefferies & Company while still technically in the employee of UBS, taking with them UBS trade secrets, breaching their employment contracts and fiduciary duties and resulting in unfair competition.

More...

First iPhone 3GS Spy software rolled out

cg
Retina-X Studios, LLC, was first off the blocks with a spy software for the iPhone, and has recently announced the immediate availability of Mobile Spy version 3.0 for the recently released Apple iPhone 3GS. Apparently, there is no other spy software that is currently compatible with the iPhone 3GS, so let’s keep our fingers crossed that Retina-X Studios’ efforts will not be in vain, but will instead be able to be all it is meant to be.

This unique spy software is able to enable users to silently track GPS locations, SMS messages and calls of children or employees using a secure online control panel. Sounds as though one’s privacy has been violated, but then again parents ought to have better control and keep tabs on their kids instead of leaving them to the nanny, TV and peers throughout the formative years. Mobile Spy will operate in complete stealth mode and there won’t be any mention of the program whatsoever on the iPhone 3GS. The software will quietly run in the background behind all other applications. The moment the software is set up, it will get to work straightaway without the need for any prompting, silently recording the entire text of all SMS text messages, information about each call and actual GPS positions.

More...

Wednesday, July 15, 2009

BlackBerry update bursting with spyware


TheRegister
Official snooping suspected in UAE.

An update pushed out to BlackBerry users on the Etisalat network in the United Arab Emirates appears to contain remotely-triggered spyware that allows the interception of messages and emails, as well as crippling battery life.

Sent out as a WAP Push message, the update installs a Java file that one curious customer decided to take a closer look at, only to discover an application intended to intercept both email and text messages, sending a copy to an Etisalat server without the user being aware of anything beyond a slightly excessive battery drain.

It was, it seems, the battery issue that alerted users to something being wrong. Closer examination (as reported by itp.net) seems to indicate that all instances of the application were expected to register with a central server, which couldn't cope with the traffic - thus forcing all the instances to repeatedly attempt to connect while draining the battery. A more phased reporting system might have escaped detection completely.

More...

Tuesday, July 14, 2009

A DANGEROUS BETRAYAL: The Case of the Cash Hungry Contractor

fbi.gov

Two hundred thousand dollars—not a huge sum of money in return for betraying one’s country. But that’s exactly how much money Roy Lynn Oakley asked for when he attempted to sell stolen parts of uranium enrichment equipment to someone he thought was an agent of a foreign government.

Oakley’s contact was an “agent” all right, but not from a foreign country—it was an undercover agent from the FBI.

More...

China's dragon stirs in spy tale

CanberraTimes
When the Bureau of State Security arrested Rio Tinto's Shanghai executive Stern Hu, Prime Minister Kevin Rudd pointed out that this was a ''complex consular case'', and this was time to be ''working calmly and methodically ... on the basis of the advice as it unfolds''. In reality, the events represent the first, seismic, stirrings of the newly emergent economic Chinese dragon, a creature that will determine our future, in its own way.

China's laws are not our laws; politics and business are intermingled in a way that we would find abhorrent. Ever since the First Opium War in 1839, the West has dictated terms of trade to China. At that time the Qing Dynasty was attempting to stop what had become a flourishing trade in the drug. British East India Company merchants were becoming wealthy, producing the drug cheaply in northern India and using it to get around the Chinese insistence that all trade be conducted in silver. A small, but technologically advanced British force quickly shattered opposition, wreaking havoc and capturing the empire's tax revenue, forcing the Imperial Court to capitulate.

More...

Wiretapping Dolce & Gabbana Flack's Weak Defense

gawker.com
A lawyer for Dolce & Gabbana flack Ali Wise—who was arrested last week on charges of eavesdropping and computer trespass—says it's not illegal to hack into someone else's voicemail without permission. Really?

Wise allegedly used a Spoofcard, which lets you send fake caller ID info with your calls, to gain access to the voicemails of interior designer Nina Freudenberger. According to the criminal complaint against her, she told the police, "I used the Spoofcard to get into Nina's voicemails."

Now Wise's lawyer, Mark Jay Heller, is telling Women's Wear Daily [sub. req'd] that there's nothing illegal about that:

He said authorities had misapplied new laws governing technology. The eavesdropping charge should be dismissed because, among other reasons, Wise had not overheard or recorded a conversation, Heller said. Of the computer trespass charge, he said authorities had not alleged or proven, "that Ali engaged in any ‘unauthorized' conduct in conjunction with a computer or computer service."

More...

Ex-PM's bureau chief suspected of illegal wiretapping


ynetnews
Former Prime Minister Olmert's confidante Shula Zaken summoned to official Justice Ministry hearing following allegations that she listened in on hundreds of his private conversations over three-year period.

Shula Zaken, former Prime Minister Ehud Olmert's bureau chief, was summoned to a formal Justice Ministry hearing Monday on suspicion of illegal wiretapping of Olmert's phone conversation during his tenure as industry, trade and labor minister. Zaken is suspected of both listening in on Olmert's conversations herself – unbeknown to him – as well as ordering other secretaries in the ministry to do so on her behalf.

"On the occasions when the ministry's secretaries were told to eavesdrop on (Olmert's) conversations, Zaken ordered them to report on their content, and in some cases, she had them transcribe the conversations," said a State Prosecutor's Office statement.

More...

Israeli spy memorial hides more than it reveals

AssociatedPress

GLILOT JUNCTION, Israel (AP) — Near a multiplex cinema and a nondescript highway junction outside Tel Aviv is the place where Israel's secrets go when they get old.

The names and stories are carved into limestone walls and arranged in binders at a sleepy clump of buildings known by a misleadingly dull name — the Israel Intelligence Heritage and Commemoration Center. They offer a unique, if fragmentary, glimpse into the exploits of the Mossad agents and intelligence operatives who have waged this country's shadow wars.

Here, on a memorial wall, you can encounter names like Shalom Dani, a Holocaust survivor who became the Mossad's master forger. Dani honed his skills under cover in North Africa, taking part in the Mossad's effort to spirit thousands of Moroccan Jews to Israel before being dispatched to Argentina in 1960. There, he counterfeited the documents that allowed a team of agents to smuggle Adolf Eichmann, one of the architects of the Nazi genocide, to his trial and eventual hanging in Israel.

More...

Monday, July 13, 2009

Chips in official IDs raise privacy fears

apnews.myway
Climbing into his Volvo, outfitted with a Matrics antenna and a Motorola reader he'd bought on eBay for $190, Chris Paget cruised the streets of San Francisco with this objective: To read the identity cards of strangers, wirelessly, without ever leaving his car.

It took him 20 minutes to strike hacker's gold.

Zipping past Fisherman's Wharf, his scanner downloaded to his laptop the unique serial numbers of two pedestrians' electronic U.S. passport cards embedded with radio frequency identification, or RFID, tags. Within an hour, he'd "skimmed" four more of the new, microchipped PASS cards from a distance of 20 feet.

More...

'Big Brother' hospital plan angers doctors

TheAge

THE State Government has a secret plan to track the movement of staff around the new Royal Children's Hospital using radio tags, which has outraged unions and raised fears of setting a precedent in employee surveillance.

Doctors say the plan smacks of Big Brother, and they will refuse to wear the tags when the hospital opens in 2011.

Documents obtained by The Age reveal that, in January last year the project control group for the $1 billion hospital discussed a "comprehensive patient and staff radio frequency identification tracking system".

Despite the fact that the system was specified in the hospital's design and contract more than a year ago, the Government played down the issue when asked about it last week by The Age. A spokesman for Health Minister Daniel Andrews said only that the idea was "still under consideration".

More...

Rudd urged to step in as spy row deepens

abc
Prime Minister Kevin Rudd is facing mounting calls to personally intervene in the case of Rio Tinto executive Stern Hu, amid reports the Chinese President authorised the investigation that led to his detention.

Chinese diplomats will meet with Australian officials later today as the Government continues to push for more information about the case against Mr Hu, who has been accused of commercial espionage in relation to iron ore agreements.

Today's Fairfax newspapers are reporting that Chinese President Hu Jintao personally approved the Ministry of State Security investigation which led to Stern Hu's detention.

The issue could become a diplomatic and political nightmare for Mr Rudd, with China insisting the evidence against Mr Hu is strong.

Neither Mr Rudd - who has today returned from a week-long overseas trip - nor Foreign Minister Steven Smith have spoken to their counterparts about Mr Hu, who has been accused of bribing Chinese steel companies during iron ore price negotiations this year.

More...

Sunday, July 12, 2009

US govt review questions effectiveness of wiretaps

AFP
CIA officials said much of the reporting received thanks to the program "was vague or without context."

WASHINGTON (AFP) — A US government probe has concluded that a secret wiretap program launched after the September 11, 2001 attacks had a "limited role" in preventing fresh strikes.

The report found that most intelligence officials "had difficulty citing specific instances" when the National Security Agency?s covert wiretapping in the country contributed to successes against terrorists.

Many senior intelligence community officials, the document said, believed that the program "filled a gap in intelligence collection" thought to exist.

The report was compiled by the inspectors general of five government agencies, including the Central Intelligence Agency, and the Departments of Defense and Justice.

It admitted that FBI agents, CIA analysts and officers and other officials "had difficulty evaluating the precise contribution" of the program "to counterterrorism efforts because it was most often viewed as one source among many available analytic and intelligence-gathering tools."

More...

Murdoch papers paid £1m to gag phone-hacking victims

Guardian

. News of the World bugging led to £700,000 payout to PFA chief executive Gordon Taylor
• Sun editor Rebekah Wade and Conservative communications chief Andy Coulson – both ex-NoW editors – involved
• News International chairman Les Hinton told MPs reporter jailed for phone-hacking was one-off case

Rupert Murdoch's News Group News­papers has paid out more than £1m to settle legal cases that threatened to reveal evidence of his journalists' repeated involvement in the use of criminal methods to get stories.

The payments secured secrecy over out-of-court settlements in three cases that threatened to expose evidence of Murdoch journalists using private investigators who illegally hacked into the mobile phone messages of numerous public ­figures as well as gaining unlawful access to confidential personal data, including tax records, social security files, bank statements and itemised phone bills. Cabinet ministers, MPs, actors and sports stars were all targets of the private investigators.

More...

Friday, July 10, 2009

Calvin Klein USB Sunglasses

cg
Sure, we have seen USB memory devices on objects that probably shouldn’t have USB memory devices, and so why not put one on a pair of sunglasses? And if you are going to put it on sunglasses, then put it on Calvin Klein sunglasses.

As you can see, the sunglasses come with a detachable right arm that houses the memory device itself. What you don’t see is that it has a 4GB capacity.

So the next time you are on a secret mission with your netbook, feel free to make a backup of your files on your sunglasses.

More...

Business spies on the rise


stuff.co.nz

Industrial espionage is on the rise in New Zealand as companies look for ways to gain advantage over competitors in a tight economy, say employment fraud experts.

In a recent case, an overseas retailer planning to move into the New Zealand market was found to have placed a spy in a rival operation.

Paragon managing director Ron McQuilter, who investigated the case, says the spy worked in a senior role for the rival retailer for six months. He would not name the companies involved.

The staff member took the company's intellectual property, pricing structures, records and strategies.

''This guy had systematically taken everything from the company and set up almost a duplicate business. [The overseas retailer] would have come in with arguably an inferior product, but it would have looked the same and clients might or might not have known.''

More...

Chinese Spying Claimed in Purchases of NSA Crypto Gear

WIRED

A Chinese national was indicted this week for conspiring to violate U.S. export law, following a nearly three-year investigation into his alleged efforts to acquire sensitive military and NSA-encryption gear from eBay and other internet sources.

Chi Tong Kuok, of Macau, told Defense Department and Customs investigators that he had been “acting at the direction of officials for the People’s Republic of China,” according to a government affidavit in the case. “Kuak indicated he and PRC officials sought the items to figure out ways to listen to or monitor U.S. government and military communications.”

Kuok was arrested at the Atlanta International Airport last month en route from Paris to Panama, where he allegedly planned to meet an undercover federal agent he believed was going to provide him with military radios. He was transferred to California, where he was indicted (.pdf) Tuesday for money laundering, conspiracy, smuggling and one count of attempting to export a defense article without a license.

More...

Thursday, July 9, 2009

Berlusconi accused of bugging talks

TheIndependent
The Italian Prime Minister Silvio Berlusconi was at the receiving end of an unusual allegation yesterday when a senior Italian official claimed the Italian delegation had been secretly bugging the deliberations at the G8 summit – which protocol dictates are kept firmly off the record – to help Mr Berlusconi keep up.

The Financial Times reported on its website that the official, who wished to remain anonymous, had reported that aides to the Italian team had been listening to the proceedings through headphones in rooms near the conference rooms.

The confidentiality of the discussions is upheld each year. The only recent breach to have come to the media's attention occurred when the then US president, George Bush, greeted the then British prime minister with the immortal words: "Yo Blair, how you doing?" at the St Petersburg G8 summit in July 2006.

More...

News of the World 'bugging' claim

BBC

The publisher of the News of the World paid £1m in court costs after its journalists were accused of involvement in phone tapping, it has been claimed.

The Guardian says three cases were settled out of court after journalists allegedly hired private investigators who obtained the information illegally.

It claims News Group paid £700,000 in damages and costs to the head of the professional footballers' association.

News International told the paper the case "means nothing to anyone here".

A spokesman said: "This particular case means nothing to anyone here, and I've talked to all the people who would be involved." The BBC has yet to receive a response from News International.

The Guardian claims up to 3,000 high-profile figures were targeted including model Elle Macpherson, former deputy prime minister John Prescott and the publicist Max Clifford.

More...

Report: State Department can't keep track of its laptops

mcclatchydc.com

WASHINGTON — The State Department does not have an accurate accounting of its laptop computers, including ones meant for classified use, and has failed to encrypt machines as it is supposed to do to protect sensitive information, according to a new report by the department's inspector general.

Inspectors found that 27 laptops, worth $55,000 were missing out of a sample of 334 from four State Department bureaus.

"Because the content and the encryption status of the missing laptop computers are unknown, there is a risk that PII (Personally Identifiable Information) and other sensitive Department information may be susceptible to unauthorized access and use," it says.

More...