Wednesday, October 27, 2010

Video Baby Monitors Broadcast Images From Inside Homes

justnews.com
Video baby monitors can help parents keep watch over their children, but they also can allow strangers to see what's happening inside of homes.

When Coral Springs parent Allison Lindsey turned on her new video baby monitor, she had to do a double take. Instead of seeing her baby girl, Lindsey saw a boy."I saw my neighbor's boy in his crib," Lindsey said.The wireless camera system pointed at Lindsey's baby's crib was picking up images of 16-month-old Tyler next door.Both systems are on the same frequency. Lindsey said she had no clue when she set up the system that the signal would go beyond the walls of her home.She told Tyler's mom, Stacy Kass, who expressed shock."They don't come with any warnings. It never even crossed my mind," Kass said. "How many times I must have walked in there not dressed appropriately, never thinking for a second that anyone could see what was going on in our home. It's beyond creepy."

More...

Australia warns of iPhone security risk

SYDNEY — A senior Australian crime official has raised serious security concerns over popular smartphones such as Apple's iPhone, which he warned was particularly vulnerable to hacking and information theft.

John Lawler, head of the Australian Crime Commission, said the virtual world had brought "boundless opportunities" for crime gangs and mobile technologies were giving criminals "previously unimaginable" reach.

He singled out the iPhone as especially at-risk, explaining that it was the "third most used system in the world" for businesses and "deployed or piloted by more than 70 percent of Fortune 100 companies".

"Yet IT managers are swimming against the phone?s tide of popularity because they can?t centralise installation and security updates as with other software," Lawler told a criminology conference on Tuesday.

"This overwhelming desire for instant services (comes) at the expense of security safeguards."

More...

Tuesday, October 26, 2010

State official suspended in e-mail spying scheme

dispatch.com

The head of computer-systems security for the Ohio Department of Public Safety was suspended today amid the fallout from an e-mail spying scheme.

David A. Brown, 46, was placed on paid administrative leave from his $94,284-a-year job as the department continues to review employees' roles in a plan to illegally intercept e-mails, said spokeswoman Lindsay Komlanc.

E-mails show that former public-safety lawyer Joshua Engel, who was convicted of illegally intercepting e-mails between department employees and the office of Inspector General Thomas P. Charles, communicated with Brown about the snooping.

Engel was fired and another department lawyer resigned after officials unearthed a scheme set up by Engel to be copied on e-mails between his department and the inspector general's office, Dispatch reporters or former Bureau of Motor Vehicles Registrar Frank Caltrider.

Engel was fined $750 on each of three misdemeanor counts and received 30-day suspended jail sentences on each count Friday.

More...

Google in trouble, acknowledges spying on passwords, emails of users

topinews.com
Things could not have gone worse for the search engine major Google as it has finally acknowledged that it was spying on the emails and passwords of the users across Britain. This is definitely a major security breach and as is to be expected, Google is having a hard time giving proper explanation.

However, Google has already apologized for the reported incident and claimed that it has unwittingly downloaded personal data from wireless networks when its vehicles were driving down residential roads for taking photos for its Street View project. Most of the data, as the company informed, is fragmentary but in a few cases, web addresses, emails and even passwords of users were captured. However, Alan Eustace, Google’s Vice-President of engineering and research said that they were quick to delete those data and thereby they had managed to overcome a serious security related crisis.

More...

Sunday, October 24, 2010

Hotel room security defeated by a piece of wire



This video clip is pretty alarming - it shows how easy it is for a stranger to enter your hotel room, using nothing more than a piece of wire. As you can see in the clip, the wire goes under the door, and is used to open the door from the inside. In all my years of staying in hotels, I never realized how simple it could be.

Saturday, October 23, 2010

De-Bugging Experts Caught Leaving Stroger's Office


myfoxchicago.com - It may sound like cloak and dagger fiction, but FOX Chicago News has learned something very odd happened Wednesday night on the fifth floor of the Cook County building.

The latest bizarre twist in the ongoing corruption scandal in Stroger's office involves high-tech surveillance experts caught leaving the office of Cook County Board President's office.

A deputy sheriff patrolling the building stopped a group of five men leaving Todd Stroger's office around 9:30 p.m. Wednesday.

One of the men identified himself as the county's Homeland Security Director David Ramos. The other four men were asked to provide identification.

They did, and at least three of them have experience in surveillance and counter-surveillance. Two of the men were identified as Jim Salp and Mike Dennis, former FBI agents who own a Chicago company specializing in "countermeasures and electronic surveillance," according to their website.

More...

Thursday, October 21, 2010

Eavesdropping Threat: CamBall rolls into the US

cg
Personal video camcorders have certainly come a long way since their introduction many years ago, and technologies in such devices have also progressed by leaps and bounds that High Definition recording capability was already achieved a few years back on a pocket-sized device. Well, what else can manufacturers do to up the ante? CamBall, as you can tell by its name, could very well be the next step of evolution for personal video camcorders. After all, it measures roughly the size of a mere golf ball (!) and yet is able shoot video virtually anytime, anywhere. Sure, it will not be able to do High Definition video recording, but that is all right considering the rather minuscule size of the device.

More...

Tuesday, October 19, 2010

Mobile to VoIP anti-tapping solution launched by PrivateWave


scmagazineuk.com

PrivateWave has introduced a mobile phone anti-tapping solution.

Designed to combat the threat of industrial espionage and the implications to businesses in terms of cost due to loss of confidential data through unprotected conversations, the Enterprise VoIP Security Suite (EVSS) is designed to secure phone conversations between landline, VoIP phones and mobile devices.

According to PrivateWave, the integrated system guarantees full protection of voice communications from intrusions, securing all PBX conversations from landline phones to mobile devices and vice versa, resulting in privacy of all employee conversations.

The software is compatible with Nokia, iPhone and Blackberry mobile devices and will soon be fully compatible with devices based on Android.

More...

US wants to ease telecom wiretapping: report

economictimes.indiatimes.com
WASHINGTON: An Obama administration taskforce is seeking to overhaul a federal law requiring telephone and broadband carriers to ensure their networks can be wiretapped, The New York Times reported Tuesday.

Law enforcement and counterterrorism officials from the Justice and Commerce Departments, the FBI and other federal agencies told the Times tougher legislation was necessary because some telecommunications firms have launched new services and system upgrades that impede surveillance.

As part of their draft legislation to expand and strengthen the 1994 law, the officials want more legal incentives and penalties to push AT&T, Comcast, Verizon and other carriers to make sure any changes to their networks will not disrupt efforts to conduct wiretaps, the report added.

More...

Sunday, October 17, 2010

U.S. Companies Are at Risk of Spying by Their Own Workers

nytimes.com
Huang Kexue, federal authorities say, is a new kind of spy.
For five years, Mr. Huang was a scientist at a Dow Chemical lab in Indiana, studying ways to improve insecticides. But before he was fired in 2008, Mr. Huang began sharing Dow’s secrets with Chinese researchers, authorities say, then obtained grants from a state-run foundation in China with the goal of starting a rival business there.

Now, Mr. Huang, who was born in China and is a legal United States resident, faces a rare criminal charge — that he engaged in economic espionage on China’s behalf.

Law enforcement officials say the kind of spying Mr. Huang is accused of represents a new front in the battle for a global economic edge. As China and other countries broaden their efforts to obtain Western technology, American industries beyond the traditional military and high-tech targets risk having valuable secrets exposed by their own employees, court records show.

More...

Monday, October 11, 2010

Caught Spying on Student, FBI Demands GPS Tracker Back


wired
A California student got a visit from the FBI this week after
he found a secret GPS tracking device on his car, and a
friend posted photos of it online. The post prompted wide
speculation about whether the device was real, whether the
young Arab-American was being targeted in a terrorism
investigation and what the authorities would do.
It took just 48 hours to find out: The device was real, the
student was being secretly tracked and the FBI wanted its
expensive device back, the student told Wired.com in an
interview Wednesday. More...

Saturday, October 2, 2010

Why Take a Preventive Approach to TSCM?

Why Take a Preventive Approach to TSCM?
All too often corporations or individuals hire a professional Technical Surveillance Countermeasures (TSCM) or "bug sweep" service provider only after they have a strong suspicion they are a victim of illegal eavesdropping. While it may seem like a logical approach to verify your suspicions first, the choice to delay can be an irresponsible and costly choice. Every minute an illegal eavesdropper maintains access to your information is valuable to the eavesdropper -- and costly to you. The longer you wait, the more opportunity the eavesdropper has to gather enough competition sensitive, company proprietary or damaging personal information to cause your company, or you, irreparable harm.

Why do corporations and/or executives hesitate to hire a TSCM/Bug Sweep provider quickly? Fear is a key reason executives delay hiring a professional TSCM service provider. It could be a fear that competitors or employees will recognize the company, or its executive(s), suspect they are vulnerable to illegal spying. Simply acknowledging the company or its executives are exposed and/or having to obtain authorization from owner(s), Board Members, etc. can be difficult. The need to obtain authorization from corporate counsel and/or financial decision makers is another key reason for delaying. And, the executive(s) who make a decision to proceed with a Bug Sweep may also be discredited as paranoid by coworkers. Who wants their coworkers to think they are paranoid? But, no matter what the motivation for a decision to delay, the perceived vulnerability is not going to "just go away." And, a failure to take action quickly and decisively can be the beginning of the end for the corporation and/or the executive(s). Is it responsible to forego taking action because you are fearful of the ramifications? If indeed your company or your executive(s) are the victim of illegal eavesdropping it is negligent to allow the exposure to continue.

Is this a dramatic statement? What if the illegal eavesdropper planted an audio listening device in the Sales Director's and the Accounting Director's offices? Each word spoken in these two offices, whether by two or more individuals or while these executives are engaged in corporate or personal phone calls, can be heard and/or recorded by the eavesdropper. If the batteries in a small, voice activated listening device work for two weeks or more, how much valuable information would the eavesdropper be able to steal? The eavesdropper could learn the names of existing customers, potential customers, suppliers, financial information, pricing strategies, collections information, confidential product order specifications, marketing plans, etc. How much valuable information is shared in just these two Directors' offices within a two week time span? To an illegal eavesdropper, it's a gold mine! And, if you work in a highly competitive industry, or manage valuable or highly regulated technology the ramifications can be escalated dramatically. Now consider that the illegal eavesdropper may have hacked into the executives email account(s) and/or installed key loggers on the executive(s) computers. The potential exists for simply devastating results! And, if these executives manage customer confidential or proprietary information that they are bound to hold confidential (i.e. via a Confidentiality Agreement), or if they handle information subject to strict government control (i.e. munitions list products, other highly regulated industries/products, patent pending technology, etc.) you have a duty and obligation to ensure your corporate information is not shared with restricted companies, countries and/or person(s).

Isn't electronic eavesdropping a federal crime? Yes! 18 USC Sec. 2512 states the manufacture, distribution, possession, and advertising of wire, oral, or electronic communication intercepting devices is prohibited. And, it does not matter whether the illegal eavesdropping activity is perpetrated on a company, an executive, an inventor or an individual. It's all illegal. Unfortunately, the likelihood that an eavesdropper can be identified and prosecuted effectively may be lower than you would think.

What do I do if I discover illegal electronic devices? One of the most important things you can do once you suspect you are bugged, is to act as "normal" as possible in the area of concern, so the eavesdropper is not "tipped off". Then, contact a professional TSCM provider outside your physical area of concern using a phone that you believe is not bugged! This means making contact with the TSCM provider from an area outside of your office, car or home. A professional eavesdropper will target locations/places where he/she expects you will feel comfortable to discuss information freely. That means your office, elevator, car, cell phone; purse, wallet, bedroom, etc. are all choice bugging targets for an eavesdropper. Where you feel comfortable, you will discuss confidential, proprietary or personal information that is valuable to an eavesdropper. You must also consider that the eavesdropper may expect a local TSCM company will be called in to handle your assignment. So, hiring a TSCM service provider who is located outside of your geographical area, who operates in a covert manner, may be your best option. And, you must consider that if an illegal eavesdropper has your company or executives under electronic audio surveillance, they may also be performing some degree of visual surveillance of your company or executives as well. Nothing can sound an alarm to an illegal eavesdropper like a van with a TSCM company logo arriving at your office or home. Discreet is best!

Why not let the eavesdropper know you are onto them?If the eavesdropper suspects you are aware of the illegal activity, they are likely to remove the spying devices at the first perceived "safe" opportunity -- particularly if the perpetrator is an employee, part of the cleaning crew, etc. who has routine access to the office(s) and/or executive(s) home. Sure, you want the device(s) removed so the surveillance stops, but your goal should be to learn who bugged you, who authorized the bugging operation and/or what potential damage they can do with the information they have taken. The best case scenario would be that the illegal eavesdropper(s) are prosecuted, but the odds this will occur are lower than you may think. Damage control is most important for any company or individual who has been the subject of an illegal eavesdropping attack. That must be your focus!

What motivates an illegal eavesdropper?It is really a matter of how valuable your information is! An illegal eavesdropper is a risk taker who is willing to risk being discovered when they install the devices and/or after their bugging operation is in progress. Their goal is to get access to the right kind of information, and to steal as much of this valuable information as possible. They are your adversary and will do what is necessary to win. The more damaging the information, the more useful it is to the illegal eavesdropper and/or the company or person who hired them to put you under surveillance.

Why hire a professional TSCM provider? When you begin to price your professional bug sweep assignment, you may be surprised by the cost. It's not a minor expense, but it is a very necessary expense. Bargain shopping for a professional TSCM bug sweep is not the best approach. With a TSCM bug sweep, you get what you pay for! Don't be fooled by a private investigator who provides you with the low quote; it's not the bargain you think it is. A TSCM Bug Sweep performed by a competent, skilled, trained and well equipped TSCM professional is what you need. Most have decades of experience developing their interviewing, visual inspection and electronic detection skills, and they are knowledgeable of the most common and new, emerging threats and proper detection methods. They live and breathe TSCM and their opponent is the illegal eavesdropper. Private investigators have their talents and skills, and with the exception of a very few, TSCM most often is not their area of expertise. Hire a professional TSCM service provider!

Why leave your very valuable corporate information exposed? Take a proactive approach to corporate security by hiring ComSec LLC to perform preventive TSCM bug sweeps today!

ComSec, LLc. provides professional Technical Surveillance & Eavesdropping Countermeasures services to Fortune 500 corporations to small businesses, non-profits, celebrities, executives and select individuals. Headquartered in Virginia Beach, VA | Northern VA-DC-MD. Serving the Continental United States, and select International clients abroad.

Copyright 2010 To The Present By ComSec, LLc. All Rights Reserved

http://www.ComSecLLc.com

Encryption Won't Protect Your BlackBerry Now

PCWorld

A pair of Russian software developers have teamed on a password-cracking program for the BlackBerry.

Did you think your BlackBerry data was safe because it's encrypted on the phone, over the airwaves, and in its backup form? Think again. Russian software developer ElcomSoft, which, with its Russian competitor AccentSoft, has developed effective password-cracking programs for most common desktop encryption formats, is at it again. Now, it's targeted the BlackBerry with a Phone Password Breaker that was previously limited to Apple mobile devices.

More...

Charlie Wilson’s Warrior Becomes Top Pentagon Spook

wired
Remember that nerdy-yet-lethal kid from the Tom Hanks biopic about the U.S.’s proxy fight in 80s-era Afghanistan, Charlie Wilson’s War? That’s Michael Vickers, a longtime Special Forces and CIA guy. Last night, President Obama quietly nominated him to one of the Pentagon’s highest offices. Call it a trend: in the last few months, architects and advocates of stealth wars against terrorists have risen to the highest levels of the intelligence community.

More...